TIL one of my posters helped to find a 0 day.

Dear $website, When you say "I see you're using an ad blocker, whitelist our site" you're missing the point. It's a safety issue first and foremost. If you infect me, I'll be stuck with the cleanup, not you. Control your ad network and I'll think about whitelisting. #Kthxbye

My friend David just had his ID stolen. Now we just call him Dav

spent too long on this

"i downloaded this trainer to reverse it and all i got was a lousy silent miner" torrentfreak.com/epic-games-sue…

even if it means *patching* ntoskrnl/winload/bootmgr so you can debug that pesky protected process :) x.com/matalaz/status…

Chinese skids seem equal to Western skids at coding shitty malware. Haven't laughed this hard in a long time. mastodon.social/@slipstream/98…

#PowerShell display case has a new addition - first hardware to ever run PowerShell on an ARM architecture. Thx Lee Holmes and Angel Calvo

More Chinese malware, and a case of perhaps implementing a crypto specification *too* well? mastodon.social/@slipstream/98…

crunchyrollviewer analysis: mastodon.social/@slipstream/98…

Anyone like exploits for botnet C2s? mastodon.social/@slipstream/99…

Happy Holidays from #Mastodon! 🐘🎄joinmastodon.org

#TwitterEvacuationDay is already tomorrow, 12/31. Join a decentralized, non-profit social network: joinMastodon.org Better anti-harassment tools, approachable moderators who care, custom emojis, animated avatars, no ads, this list is too long to fit.

Getting the PEB pointer for every architecture NT was ported to and where a build was leaked/released for that port: mastodon.social/@slipstream/99…

Decrypting Epson projector firmware images: cybre.space/@Rairii/993335…

Epson projector network firmware update authbypass: cybre.space/@Rairii/993435…

"system-unique tracking identifiers that persist across reinstalls by storing them in the TPM or UEFI firmware variables" mastodon.social/@slipstream/99…

A quick proof-of-concept of clipc!GetOfflineDeviceUniqueID: cybre.space/@Rairii/995134…

And here's some insight on what the "OfflineDeviceUniqueID" is a SHA256 hash *of*: mastodon.social/@slipstream/99…

Technical analysis of FSLabs' Chrome stealer thing. Spoiler alert: C2 comms used plain HTTP. Hope you're not being MITM'd! mastodon.social/@slipstream/99…