Analyzing data leaks is a very interesting Intel challenge, especially when you’re dealing with a foreign language 🤓 The I-SOON leak, which contains mostly PNG files of screenshots of documents, is a good example 🔎 Last night, I created a Notebook to automatically process and

🔺New on the Apple Security Research blog: introducing PQ3, a groundbreaking post-quantum cryptographic protocol for iMessage. To our knowledge, PQ3 has the strongest security properties of any at-scale messaging protocol in the world. security.apple.com/blog/imessage-…

NEW: Satoshi Nakamoto's earliest collaborator Martii 'Sirius' Malmi just released their entire email history. At 120 pages, its the most significant addition to the archives of #Bitcoin's unknown inventor. Here are the most important new findings ✨

Kali 2024.1 release is now live! Check out all the details at: kali.org/blog/kali-linu… Including: Micro Mirror Free Software CDN 2024 Theme Refresh Other Desktop Environment Changes NetHunter Updates New Tools!

Presented Shadow Stack in Linux userland backed up with Intel CET. Finally, full stack (hardware, kernel, glibc, gcc) is now available!

Here’s Solar Designer presenting Linux kernel remote logging at BSidesZagreb #bsides #bsideszagreb Srce

We Hacked Google A.I. for $50,000 : landh.tech/blog/20240304-… credits Lupin Joseph Thacker Justin Gardner

Researchers create AI worms that can spread from one system to another : github.com/StavC/ComPromp… ComPromptMized : Unleashing Zero-click Worms that Target GenAI-Powered Applications : github.com/StavC/ComPromp… Paper : drive.google.com/file/d/1pYUm6X… credits Ben Nassi

New blog post is out! Extracting the SecOC keys used for securing the CAN Bus on the 2021+ RAV4 Prime. icanhack.nl/blog/secoc-key… Research started all the way in 2022, but took many evenings of reverse engineering to get code execution. PoC: github.com/I-CAN-hack/sec…

Bluetooth vulnerabilities in Android, Linux, macOS, iOS and Windows can be exploited to pair an emulated bluetooth keyboard and inject keystrokes without user confirmation : github.com/skysafe/reblog… credits Marc Newlin Slides : github.com/marcnewlin/hi_… CVE's : CVE-2024-0230

Photos: BSidesZagreb 2024 - helpnetsecurity.com/2024/03/04/bsi… - Bojan Zdrnja INFIGO IS Mackenzie Jackson - GitGuardian Solar Designer kost Diverto security Michel de CREVOISIER zhassulan zhussupov Srce #BSides #BSidesZagreb #cybersecurity #conferences #EU

Btw, you don't need a Flipper Zero to "hack" dumb radio protocols. The piece of wire is enough. Check out how to receive and decode 433MHz radio signal just with a PC sound card.

PoC Exploit Released for 0-day Windows Kernel of Privilege Vulnerability (CVE-2024-21338) : github.com/Nero22k/Exploi… github.com/hakaioffsec/CV… Details : hakaisecurity.io/cve-2024-21338…

A 13 year old coded a botnet control framework that utilizes pastebin and github for control of hosts in red teaming… This makes the hacker in me so hopeful. Check out pastebomb when it’s dropped!

Recommended Hacker wellness!

A great write-up on Linux process name stomping techniques from HaxRob h/t Tor Houghton doubleagent.net/process-name-s…

See you in Zadar this week!

GitHub - cisagov/decider: A web application that assists network defenders, analysts, and researchers in the process of mapping adversary behaviors to the MITRE ATT&CK® framework. github.com/cisagov/decider

The entire 3rd-edition of Ross Anderson's "Security Engineering" is available free as PDFs now! cl.cam.ac.uk/archive/rja14/…

See you at BalCCon !