The entire prompt of Microsoft Bing Chat?! (Hi, Sydney.)

Defeating VMProtect’s Latest Tricks cyber.wtf/2023/02/09/def…

Success! starlabs used an uninitialized variable and UAF against VMWare Workstation. They earn $80,000 and 8 Master of Pwn points, pushing the prize total for #P2OVancouver past $1,000,000. #Pwn2Own

Happy Friday everyone! Want a ProcMon for macOS? Ever wish you had your own Endpoint Security client you could task? Want to peer behind the macOS EDR curtain? Have a go and let us know what you think! github.com/redcanaryco/ma…

RE Tip. If you want to decrypt obfuscated .NET strings, just call them from Powershell. E.g. this is xWorm config decryption. File: virustotal.com/gui/file/cb0a5…

Here I am. Me, a human, solving a challenge where I need to spot images 'containing a building'. I'm doing this to prove that I am a human. And the images are DRAWN BY A COMPUTER. Is this the end? Is this what it looks like?

Excellent work by tlansec, Paul Rascagnères, and the rest of Volexity Threat Intelligence Team!! #DFIR #ThreatIntel #infosec

With tlansec, we suspected a 0d and we notified MS few days ago. The infection chain was insane... Instead of a endless tweet Charlie Gardner did a wonderful graphic. 2/4

Today, Mandiant (part of Google Cloud), collaboratively with Google’s TAG, is releasing research on APT29’s increased pace of phishing activity against governments, foreign embassies, and other diplomatic entities in 2023. A few high-level takeaways below: 🧵 mandiant.com/resources/blog…

A few more details on the DreamLand (Kaspersky) or LuaDream (SentinelOne) samples submitted to Virustotal and a related sample: r136a1.dev/2023/09/22/mor…

🔥 New blogpost 🔥 Running PEs inline without a console. You now can, for example, run PowerShell in CobaltStrike and obtain its output without spawning any process (including conhost.exe) coresecurity.com/core-labs/arti…

The iPhone camera uses computational photography, applying software to every snap. This wild photo is an eery example: the subject tries on a wedding dress and each mirror shows her in a different pose. Why? Apple insider says it’s a “mistake” in the computational photography

Ever wished for meaningful variable names in your decompiled code? Meet VarBERT! Excited to share that our paper is accepted at IEEE S&P 2024 (Oakland): atipriya.com/files/papers/v….

It has been a busy December and January! We caught a Chinese APT group exploiting multiple chained 0days in Ivanti Connect Secure (Pulse Secure) to compromise the device and pivot into networks. This is a full unauthenticated RCE and impacts all supported versions! 1/2

We are organising a conference on 26th - 27th June 2024 Attention Speakers: Our 2024 Call for Papers is now open! #OffByOne2024? Learn all about it: offbyone.sg/cfp/

I don't do Windows but here are some (initial) details about why the CrowdStrike's CSAgent.sys crashed Faulting inst: mov r9d, [r8] R8: unmapped address ...taken from an array of pointers (held in RAX), index RDX (0x14 * 0x8) holds the invalid memory address John Hammond

Members of my CTF team & the SPS train repair company will meet NEWAG, the train manufacturer, in court on Wednesday (you might remember the 37C3 talk; link in reply). The lawsuit was initiated by NEWAG, but, according to reporting, counterclaims were filed by SPS as well. 1/3

The detailed version of our #WorstFit attack is available now! 🔥 Check it out! 👉 blog.orange.tw/posts/2025-01-… cc: splitline 👁️🐈‍⬛

capa v9 brings a new scope for dynamic analysis: “span of calls” for matching a sliding window of API calls within a thread. Thank you to so many contributors! github.com/mandiant/capa/…

Hypervisors for Memory Introspection and Reverse Engineering by memN0ps secret.club/2025/06/02/hyp…