Archive (Page 7) • the grugq's newsletter

January 14, 2023

January 14, 2024

January 14, 2023 This is interesting in that it has taken a year for cybercriminals to convert a public PoC into a working exploit. Not sure what it means,...

January 13, 2024

January 13, 2024 Our AppSec team is sharing things they wish they'd known before using Semgrep. Follow our seven-step plan for bootstrapping this static...

January 12, 2024

January 12, 2024 Holy cow! New debugger just dropped 👀!https://t.co/AwHhxEPQdp— j j (@mistymntncop) January 12, 2024 I threw together a quick blog post...

January 11, 2024

January 11, 2024 "My" CVE-2024-20692 has just been fixed by Microsoft. TLDR: Network secrets can be stolen from the Local Security Authority Subsystem...

January 10, 2023

January 10, 2024

January 10, 2023 Exploit dev/bug hunting friends: what are your favourite vuln write-ups from the past few years? The more the merrier =) (Across any...

January 9, 2024

January 9, 2024 Visualising ext4 Visualizing ext4 What does ext4 look like? Big Tech has already made enough money in 2024 to pay all its 2023 fines Big Tech...

January 8, 2024

January 8, 2024 Quick test of Safari JavaScript WASM RCE bug from Operation Triangulation (CVE-2023-32435) pic.twitter.com/UPEvTLab41— Alisa Shevchenko...

January 7, 2024

January 7, 2024 Exploiting Google Chrome extensions for privilege escalation Interesting blog post by @deryilzhttps://t.co/6ow4vsiW8o#chrome #infosec...

January 6, 2024

January 6, 2024 i was trying to explain what a capybara was to my gf’s french aunt last night, so googled “french for capybara” and the first thing that came...

January 5, 2024

January 5, 2024 Decompiling History A better history of decompilation, curtesy of Dr Eugene Spafford. This includes work done since the 1960s, and is really...

December 4, 2023

January 4, 2024

December 4, 2023 30 Years of Decompilation and the Unsolved Structuring Problem: Part 1 30 Years of Decompilation and the Unsolved Structuring Problem: Part...

January 3, 2023

January 3, 2024

January 3, 2023 On the outside, it's just any old briefcase. 💼 But on the inside, it's a secure telephone system used for delivering top secret messages to...

January 2, 2024

January 2, 2024 Communist spy at the heart of the BBC: 'Agent Vora' was the 'attractive and voluptuous' churchgoer who was a dead ringer for Cilla Black that...

January 1, 2024

January 1, 2024 Happy New Year It’s the 20th anniversary of the release of userland exec(). I’m still quite happy with the write up for this, and the code....

December 31, 2023

December 31, 2023 Happy New Years! They were worthless the entire time https://t.co/yCsHnXbujL— Charles J. Moore (@charles270) December 28, 2023 NFTs died a...

December 30, 2023

December 30, 2023 Administrivia: Billing Issues I know a number of people have contacted me about a link to update billing information. Here is that link:...

December 29, 2023

December 29, 2023 Follow up on Triangulation’s hardware bypass Hector Martin: "So some fun stuff was just presented at 37C3, and…" - Treehouse Mastodon So...

December 28, 2023

December 28, 2023 New details on Triangulation, the iPhone hacking campaign against Russian government officials. Operation Triangulation: The last...

December 27, 2023

December 27, 2023 There was no update for a while and the reason being a massive bug fixes, feature checking and a new feature (fun fact: it is the 23th...

December 26, 2023

December 26, 2023 merry christmas I got the literal same shirt I was already wearing pic.twitter.com/lYVFOIrHCU— alex furlin (@thefurlinator) December 25,...

December 25, 2023

December 25, 2023 Happy Holidays SPY NEWS: 2023 — Week 51. Summary of the espionage-related news… | by The Spy Collection | Dec, 2023 | Medium Summary of the...

December 24, 2023

December 24, 2023 Happy Holidays! Expect slower smaller newsletters from now through the new year. DOS leads to Windows, Windows leads to suffering.— @mikko...

December 23, 2023

December 23, 2023 Holiday gift for you. Ghidra 11.0 released! New BSim feature can find structurally similar functions in (potentially large) collections of...

December 22, 2023

December 22, 2023 CVS, Rite Aid, Walgreens hand out medical records to cops without warrants | Ars Technica Lawmakers want HHS to revise health privacy law...

December 21, 2023

December 21, 2023 The Embers of Autoregression paper is a must read if you're working in any domain where low probability outputs are often the correct...

December 20, 2023

December 20, 2023 Follow-up on December 19th 2023, Office of Public Affairs | Justice Department Disrupts Prolific ALPHV/Blackcat Ransomware Variant | United...

December 19, 2023

December 19, 2023 New predatory sparrows attack. So new, in fact, that they used the same everything as last time they disrupted the petrol stations....

December 18, 2023

December 18, 2023 I just bought a 2024 Chevy Tahoe for $1. pic.twitter.com/aq4wDitvQW— Chris Bakke (@ChrisJBakke) December 17, 2023 Any network...

December 17, 2023

December 17, 2023 Great investigation: one of the intriguing takeaways is that the Chinese default to using the same saleable souls in the West that Russia...

December 16, 2023

December 16, 2023 The full clip of the BBC presenter giving the middle finger has been released hahaha pic.twitter.com/kUPglqJXWs— Billy (@_billyreid)...

December 15, 2023

December 15, 2023 The report on the investigation into Jack Teixeira’s unauthorised access of classified documents. Results of Investigation into A1C...

December 14, 2023

December 14, 2023 Ukraine impeding Russian tax collection is just a small piece of what this cyber attack means. Russia has been increasingly relying on its...

December 13, 2023

December 13, 2023 China Launches Security Probe Into Geographic Data Going Abroad https://t.co/C5uBW0YAQw— China Beige Book (@ChinaBeigeBook) December 11,...

Initial Thoughts on the Kyivstar Hack

December 13, 2023

Initial Thoughts on the Kyivstar Hack https://www.reuters.com/technology/cybersecurity/ukraines-biggest-mobile-operator-suffers-massive-hacker-attack-...

December 12, 2023

December 12, 2023 Honestly this was the point I knew it was over pic.twitter.com/BymfwJqboC— Sam Burnstein (@GrumplessGrinch) December 9, 2023 “For every 30...

December 11, 2023

December 11, 2023 Humans tend to fail the Turing Test: “Almost half of our participants (42%) decided that their conversational partner (that was in every...

December 10, 2023

December 10, 2023 Polish train maker denies claims its software bricked rolling stock maintained by competitor...

December 9, 2023

December 9, 2023 Spain expels two US diplomats on charges they tried to buy secrets off Spanish agents everyone has kept this pretty quiet...

December 8, 2023

December 8, 2023 Huge if true. If… ‼️BREAKTHROUGH? First quantum computer with a programmable processor based on encoded 48 logical qubits operating with up...

December 6, 2023

December 6, 2023 You know I even invented a "scoring system" for the attack vectors on Outlook (https://t.co/3tQFrL2Sp2). I'd be disappointed if this is...

December 4, 2023

December 4, 2023 Stop motion + LEGO = delicious and creative blue fin tuna sashimi [📹 ilikehome_stopmotion]pic.twitter.com/MNnQowwyY0— Massimo...

December 3, 2023

December 3, 2023 Even not counting the broken embargo and the lack of proper credit to @binarly_io's work, the part about "requires physical access" is just...

December 2, 2023

December 2, 2023 https://ourbigbook.com/cirosantilli/cia-2010-covert-communication-websites Um pic.twitter.com/kKxxJ2VQOF— Matthew Green (@matthew_d_green)...

December 1, 2023

December 1, 2023 Sounds impossible, but it’s true It’s December! The real question is does this ban LGBT Official, the Provisional LGBT, Old LGBT, LGBT(ML),...

November 30, 2023

November 30, 2023 The legendary Serbcalibur - he who pulls it out of the tree will become the new king of Yugoslavia pic.twitter.com/maSJ8Erppi— Alexander...

November 29, 2023

November 29, 2023 It’s Cyber Monday and as promised, we’re dropping the new ADP 3-13, Information. Get one for you and one for a friend at:...

November 28, 2023

November 28, 2023 This light spot in the middle of the South Pacific is no Google Earth anomaly. This appears exactly at the coordinates where the U.S....

November 27, 2023

November 27, 2023 This is an incredibly awesome development. In the latest release of GrapheneOS, you can now enable hardware memory tagging for all user...

Hilarious Conference Scandal

November 27, 2023

Hilarious Conference Scandal A scandal and dumpster fire happening on Twitter with some guy who is running a conference. I’ll leave the threads here because...

November 26, 2023

November 26, 2023 NVIDIA sued for stealing trade secrets after screensharing blunder showed rival company's code NVIDIA is facing a lawsuit filed by French...