Now, CiderSecCon stream talks of security researchers online. Now "USB cables and connectors" youtube.com/watch?v=pGqObX…

And an epic insight into USB

CyberCyderSecCon! cidersecuritycon.de/posts/2020/03/… Streaming will continue today, March 15th, 15:45 / 3PM CET / Berlin. Link will be posted here in time! A big thank you goes out to: chris car0 christian sielaff Sascha Hendrik Schmidt @khae Daniel Hauenstein SKi. and @msgpeek

Recon and the OpenSOC.io team are considering running a free OpenSOC Blue Team CTF for folks looking to stay sharp while at WFH Camp COVID! Seats would be limited, but we'll support as many as we can on a first-come basis. Any interest from the #infosec crowd?

Thanks to my brother for the evening program :) youtube.com/watch?v=63iG1X…

Fun bug in git: bugs.chromium.org/p/project-zero…. Newline injection in the credential helper protocol can be used to exfiltrate credentials during a git clone.

Apache 2.4.46 has fixes for three vulnerabilities I reported (httpd.apache.org/security/vulne…) The http2 push diary bug is the most interesting one: Depending on your distris mod_http2 version it is either a wild memmove or a controlled OOB write (bugs.chromium.org/p/project-zero…)

I reported two interesting issues in usrsctp, which are now fixed: bugs.chromium.org/p/project-zero… and bugs.chromium.org/p/project-zero…. Take a look at Natalie Silvanovich amazing blog series on Android messenger exploitation to see why you should care about usrsctp: googleprojectzero.blogspot.com/2020/08/exploi…

I am happy no announce that we are going to launch a global ISAC initiative for Railway Operators, Railway Undertakings (RU) & Railway Infrastructure Manager (IM) in 2021. Our goal is to strengthen practical digital defense for railways worldwide. #ISAC #CSIRT #railway

Node.js patched an easy to trigger UaF in their TLS implementation: bugs.chromium.org/p/project-zero…. Seems very hard to exploit against Current on Linux, but other version-OS combinations might be doable.

You might want to update your F5 Big IP appliances: support.f5.com/csp/article/K0…. bugs.chromium.org/p/project-zero… and bugs.chromium.org/p/project-zero… are two data-plane bugs that got fixed.

A few months ago Cellebrite announced that they would begin parsing data from Signal in their extraction tools. It seems they're not doing that very carefully. Exploiting vulnerabilities in Cellebrite's software, from an app's perspective: signal.org/blog/cellebrit…

AWS fixed a terminal escape injection in AWS CloudShell. The bug could have resulted in a full account compromise if an admin views malicious logs or external data using CloudShell: bugs.chromium.org/p/project-zero…

(1/3) Did you ever wonder how to disable Defender for Endpoint including bypassing the new tamper protection? It's that simple: 1. Run ProcessHacker with the "TrustedInstaller" Plugin (wj32.org/processhacker/…) 2. Run regedit.exe with Trusted Installer Privileges

An EPYC escape: Case-study of a KVM breakout googleprojectzero.blogspot.com/2021/06/an-epy…

It turns out that wireless charging leaks private data. It leaks information about websites visited by the user. " allows accurate website fingerprinting on a charging smartphone". Information leaked depends on the battery level. Cool work! #GDPR #ePrivacy arxiv.org/pdf/2105.12266…

PIC your Katz! Say hello to HandleKatz, our position independent Lsass dumper abusing cloned handles, direct system calls and a modified version of minidumpwritedump() brought to you by thefLink #BruCON0x0D github.com/codewhitesec/H…

I stumbled upon a fun heap overflow in Github's markdown rendering library. RCE via a malicious README 🤔 Demonstrates the risk of memory unsafe dependencies used by scripting languages. github.com/github/cmark-g…

LSASS dumping in 2021/2022 - from memory - without C2 s3cur3th1ssh1t.github.io/Reflective-Dum…

Our offensivecon slides "UEFI Firmware Vulnerabilities: Past, Present, and Future" are now available. New disclosures are coming soon. Stay tuned! /cc Alexander Ermolov Yegor github.com/binarly-io/Res…