Ever wanted to debug your microcontroller over USB-C? (I'm talking JTAG/SWD, not just USB!) If you already have a USB-C connector, there's no need to have an additional connector to program (or tag-connect pads, which are super nice) Here's one way to do it: 🧵

Offical 6G logo revealed - let the race begin until 5G SA is fully deployed - 3gpp.org/images/2024/6g…

=============================== 𝐀𝐂𝐌 𝐖𝐈𝐒𝐄𝐂 2024 𝐂𝐚𝐥𝐥 𝐟𝐨𝐫 𝐏𝐚𝐫𝐭𝐢𝐜𝐢𝐩𝐚𝐭𝐢𝐨𝐧 =============================== The 17th ACM Conference on Security and Privacy in Wireless and Mobile Networks (lnkd.in/gmqXFx3F )

Hey, for anyone who wanted to see this slide deck, it was a keynote about the 0day market, but it commented on public research vs saleable products. I have put it here: github.com/mdowd79/presen… // cc chompie Rodrigo Branco

🔺New on the Apple Security Research blog: introducing Private Cloud Compute! We believe this is the most advanced security architecture ever deployed for cloud AI compute at scale. security.apple.com/blog/private-c…

Authors: "10 CVEs: 2 high, 3 medium, and 5 low severity; several bug bounties". Reviewer: "Impact of the vulnerabilities is low." Authors: "Sigh..."

Reminds me of master/PhD days :)

This is very common attack nowadays in India.

Are you curious where cryptographers work around the world? Here is a plot of the affiliations that people have listed in eprint: eprint.iacr.org/geo/index.html I'm guessing that Russia is under-represented in this data set.

This OpenSSH RCE advisory is a classic example of hacker craftsmanship, generosity of spirit, & community contribution - a regression of duke’s 2006 vuln, inspiration from lcamtuf’s 2001 paper, etc. The legacy of @Qualys’ hacker founder Philippe Langlois continues! 🫡 #hackerhistory

Most of Finland's older speed cameras are offline - as modem only supported 3G networks (not in oprations now)yle.fi/a/74-20105886

#GSM security: A5/4 was approved by 3GPP together with A5/3 (2009), but most vendors were lazy to change from 64 to 128bit keys on both UE and network side. A5/2 and A5/1 lessons were not enough to prevent history repeating: iacr.org/cryptodb/data/… iacr.org/submit/files/s…

Fucking wild. OpenAI's new o1 model was tested with a Capture The Flag (CTF) cybersecurity challenge. But the Docker container containing the test was misconfigured, causing the CTF to crash. Instead of giving up, o1 decided to just hack the container to grab the flag inside.

This is the system prompt for Apple Intelligence. Turns out Apple's prompt engineers are as clueless about how LLM work as all the others.

📢The first submission cycle for #WiSec2025 is approaching fast! ⏳ Don’t miss the chance to submit your groundbreaking research on wireless & mobile security. 📅 Deadline: November 21, 2024. Let’s push the boundaries of security together! 🔐✨ #Cybersecurity #Research

"Apple CarPlay: What's Under the Hood" - the newest and most detailed public research on CarPlay I've seen so far. Security analysis and fun memes included! 🚘 📲 🔬 Presentation [PDF]: troopers.de/downloads/troo… Video: youtube.com/watch?v=cHhxJz…

This is hacking. This is bypassing restrictive locks placed by companies on a product where the feature exists but disabled due to regulatory issues in that country. Nicely done and proper WiFi hacking here (location meddling) wired.com/story/apple-ai…

From 10 meters, they can control your bicycle's gears: Multiple attack vectors on Shimano bicycles have been published. Useful for competitions & deadly for safety🛑🚴💥 PDF: "MakeShift: Security Analysis of Shimano Di2 Wireless Gear Shifting in Bicycles" usenix.org/system/files/w…

What would it mean to replace TCP? We've been using TCP for almost 50 years, since it was designed for ARPANET in the late 70's. Back then, network links struggled to send kilobits per second, now, they send gigabits per second--literally a million times more flow. Through all

Toyota shares details on its first public car hacking event in Japan. Here, you can see the testing equipment (PASTA, RAMN) and get a sneak peek into keyfob hacking code.💻 📸 😈 Article: toyotatimes.jp/en/spotlights/…