LibIPC is a simple Crystal Palace shared library for inter-process communication, based on Named Pipes. github.com/pard0p/LibIPC

Slides from Alexander Bluhm (bluhm@)'s talk "Update on #OpenBSD Networking Performance Improvements" today at #EuroBSDcon 2025. www.openbsd.org/papers/eurob...

Netscaler vulnerability was exploited as zero-day for nearly two months (CVE-2025-6543)

New Batavia spyware targets Russian industrial enterprises

Hundreds of GitHub Malware Repos Targeting Novice Cybercriminals Linked to Single User

From over at the Bad Place: There's an interesting NTFS symlink attack outlined here: https://dfir.ru/2025/02/23/symlink-attacks-without-code-execution/ Basically, if an NTFS filesystem is corrupted in a way to provide duplicate file names, Windows will […] [Original post on infosec.exchange]

This is what I personally did back when I was involved in cybercrime. We'd host all our servers in Russia, transfer payments via Russian banks, and route all our traffic through Russian residential ISPs, which typically resulted in most authorities not even bothering to investigate further. 7/?

cybercrime but its bigger and on both sides.

VulnCheck has extracted and made a list of all the CVEs mentioned in a recent leak from the internal Matrix chat server of the BlackBasta ransomware group. The list includes 62 vulnerabilities. VulnCheck says the group focuses on CVEs with already public exploits vulncheck.com/blog/black-b...

I cannot overstate the value of being in community with other activists right now. It is what gives me the strength to get up in the morning and fight fascism.

"Over the course of the GitVenom campaign, the threat actors behind it have created hundreds of repositories on GitHub that contain fake projects with malicious code" Campaign delivers an infostealer, obviously. The threat-du-jour these days securelist.com/gitvenom-cam...

I just finished our #shmoocon talk on container security. Here's my seccomp bpf disassembler and diffing tool. github.com/antitree/sec...

Diving into ADB protocol internals: part 01: www.synacktiv.com/publications... part 02: www.synacktiv.com/en/publicati... #adb #mobile #protocol #informationsecurity #cybersecurity #reverseengineering

These are some really nice blog posts regarding algo confusion bugs in JWT by @pentesterlab.com pentesterlab.com/blog/jwt-alg... & pentesterlab.com/blog/another... nice one @snyff.pentesterlab.com!

Ruble to fall to 200 per dollar: Russian economist warns of approaching catastrophe – media читайте подробнее на сайте "Диалог.UA": www.dialog.ua/business/306...

Wow, a fairly serious auth bypass in Next.js, a super popular frontend framework: "If a Next.js application is performing authorization in middleware based on pathname, it was possible for this authorization to be bypassed." securityonline.info/...

The #OpenBSD Foundation is currently at ~$230,280 (65%) raised of the $350,000 goal for their 2024 Fundraising Campaign, and it's nearly the end of December. 🐡 www.openbsdfoundation.org/campaign2024... www.openbsdfoundation.org/donations.html Donations fund events for developers, infra. costs.

I did a blog instead of working on my projects again. This time a maldev blog talkin' about PE runtime decryption and other ways to be an asshole to the analyst. amethyst.systems/blog/posts/v... #infosec #malware

The #OBTS day 2 livestream is on! www.youtube.com/watch?v=Nm0z...

Decrypting CryptProtectMemory without code injection: blog.slowerzs.net/posts/cryptd... #crypto #decryption #cybersecurity #informationsecurity #rdp #windows #programming

"We can now share that our latest investigation also found links between some of Doppelganger’s activities and individuals associated with MGIMO (Moscow State Institute of International Relations)." via Meta/PDF: scontent.fotp7-2.fna.fbcdn.net/v/t39.8562-6...

NTLM Relaying – Making the Old New Again labs.jumpsec.com/ntlm-relayin...

Great article on ESC15 especially after you realise PKInit won't work to auth but there is a workaround supplied too. medium.com/@offsecdeer/...

XMLRPC npm Library Turns Malicious, Steals Data, Deploys Crypto Miner #cybersecurity #hacking #news #infosec #security #technology #privacy thehackernews.com/20...

despite the world becoming scary i still have a perhaps niave but unwaivering belief that a better world is possible

Cyberattackers may have compromised lots of organizations by exploiting two zero-day vulnerabilities found in widely used Palo Alto Networks systems. unit42.paloaltonetworks.com/cve-2024-001...

Learn how BARK's latest functions enhance adversarial tradecraft research relevant to Azure Key Vault. In his blog post, @andyrobbins.bsky.social shares an example of how a #redteam operator may use these commands over the course of an assessment. Read more 👉 ghst.ly/3CEtXSo

Rust pseudo code 👀 🦀🦀🦀

miss these guys

I'm going to be working on the DNS C2 Profile for Mythic this week (designing it), so if anybody has specific requests, comments, ideas, suggestions, etc, let me know! Also going to track a discussion here: github.com/its-a-featur...

Oh, that’s another handy #r2 #malware triage trick: print out the xrefs to all flagged strings: > axt @@ str* 👌

C++ code designed to easily perform stack spoofing with a fake stack frame after the gadget. This project is based on LoudSunRun, but instead of using the jmp RBX gadget, it utilizes jmp RDI

We’re finally live! You can now watch “Listen to the whispers: web timing attacks that actually work” on YouTube: youtube.com/watch?v=zOPj...

AMD 7000-series graphics cards now work on Raspberry Pi. 4K Doom Eternal. 4K Crysis. OBS hardware video transcoding. It all works!!! It's not perfect, but what graphics card driver is? Here's the video: www.youtube.com/watch?v=7Qx_... (more details on my blog).

All that’s gonna be left on X is bots talking to each other 😂🤣

To solve Axlle from HackTheBox, I'll create and phish with a malicous XLL file, edit a .url file, do some Bloodhound pivots, and abuse StandaloneRunner.exe.

🗑️ The Google Sheet will no longer be updated. Please refer to the website from now on! www.edr-telemetry.com Consider donating to keep this project going 🙏 www.edr-telemetry.co...

Protecting Signal Keys on Desktop cryptographycaffe.sandboxaq.com/posts/protec... #reverseengineering #crypto #infosec #informationsecurity #cybersecurity

Google has rolled out security improvements to its C++ code to protect against spatial memory vulnerabilities. The code is now live in Search, Gmail, Drive, YouTube, and Maps after it was initially tested in Chrome in 2022. Performance impact: 0.3% security.googleblog.com/2024/11/retr...

As there's more people showing up here who are into Web Application Security and I couldn't find an existing starter pack for it, I decided to create one :) If you do webappsec stuff and want added ping me :) go.bsky.app/NB1hgC