Today we're publishing a detailed technical writeup of FORCEDENTRY, the zero-click iMessage exploit linked by Citizen Lab to the exploitation of journalists, activists and dissidents around the world. googleprojectzero.blogspot.com/2021/12/a-deep…

Analysis of a HP iLO malicious firmware found in the wild - Implant.ARM.iLOBleed.a 👀news.amnpardaz.com/wp-content/upl… (Persian language)

github.com/jonaslyk/temp/… My webdav based reflective loader/per process devicemap based dll injector POC is by now usable. I would really like to have a OOP wrapper for NT- designing such is surprisingly difficult, but this approach shows potential especially considering simple

ChatGPT exploits a buffer overflow 😳

Choose your fighter (Advent of Code)

Lockbit ransomware group has created their first MacOS-based payload. We believe this is the first time a large ransomware threat group has developed a payload for Apple products. We have samples. Intel via MalwareHunterTeam & Brett Callow Download: samples.vx-underground.org/samples/Famili…

Hey Proton! As much as we value your email service, this password manager announcement is so full of bold but untrue statements, it makes you look really bad. No, you are not "raising the bar" by using full encryption like literally almost any other PW manager out there.

Call stacks everywhere! Elastic Endpoint now has procmon like visibility😍. Direct syscalls, unhooking, callback functions, sleep evasions, hollowing, and more easily detected. Sorry not sorry C2 authors 😂 elastic.co/security-labs/…

So I got this job offer, and I am unsure if I am ready to take 5 positions at once - Architect, Domain Admin, Windows Engineer, O365 Engineer, Security Operator - any takers? Or am I just too weak and should just suck it up? 😁

Guide to defeating EDR: 1. Have private methods 2. Don't blog about them

Lol, Microsoft are suggesting rebooting machines 15 times can solve the problem. This. Is. Chaos. #CrowdStrike #CrowdStroke #CrowdStruck

dereferencing null pointer goes brrr