odyssey

Straight gas…none of this woke bullshit

Good news everyone Shai-Hulud, that spoopy Git worm thingy everyones been yapping about, has been open-sourced. What does this mean? TeamPCP, or someone else, has released the fully weaponized worm for you. github.com/hmoreirar/Shai…

Fuck around and find out

@CFCDaily @MsiDouglas warra joke

🚨JUST IN: Xabi Alonso has emerged as the front-runner for the Chelsea job in a move that indicates the club are willing to cede more power to the manager over recruitment. [@MsiDouglas] inews.co.uk/sport/football…

🚨 EXCLUSIVE: Spygate 2.0! 🕵️‍♂️ Middlesbrough catch suspected Southampton 1st-team analyst hiding in bushes at training ground! 👇 Full details 👇 dailymail.com/sport/football…

@gammaroneus @sith_lord_bane @vxunderground Procdump runs on my security context (CU) - which is trusted the same as Edge, so it can open it with PROCESS_VM_READ and read memory via normal APIs. But in enterprise world it would be like SOC Christmas if someone dumps memory.

@CFCOdyssey @sith_lord_bane @vxunderground Why is that something a regular process can do tho

The initial proof-of-concept was released in C-sharp. Using this method to dump credentials is iffy because it requires administrative access and some security access tokens which can raise some flags. First, Edge is Chromium based. This is a Chromium thing but (if my memory serves me correctly) a unique attribute to Edge exclusively. However, because it is Chromium based this may impact other Chromium bases. It requires more investigation. Edge is a primary target because it's the default Windows browser and used in enterprise environments. Secondly, as far as malware goes, this is yet another method to potentially dump credentials on a home users machine. There are a few different ways. This method doesn't surprise me. However, successfully using this method is an enterprise environment would be difficult to use. It would require administrative access and some security access tokens which would immediately raise some flags. In other words, this method is interesting, I like the research performed, however it isn't something super super critical. If you're using this method in an enterprise environment then that company has been completely compromised down to the bone and they've got much larger issues. The code and research is really cool though. I just wish it wasn't written in C-sharp (I have an irrational disdain to .NET, especially lately).

@gammaroneus @sith_lord_bane @vxunderground with procdump (or some other tool) you can dump msedge.exe memory using current user, admin access is not required

@sith_lord_bane @vxunderground Right, but that's task manager, malware would need to do it itself and to do that, it would require admin rights I guess that's how I understand it

New season. Same Ferrari.

@h4x0r_dz 🕊️

NVIDIA's GeForce got owned by Shiny Hunters.

@LickshotLippy no way you falling for this

They’ve got down Manny. When I saw the dm I got gassed, I thought I was playing in one of those matches

It's beginning to look a lot like Christmas

I miss last night already.

.

PS5 Linux loader goes public, turning ‘Phat’ consoles into full Linux PCs — build script includes bootable Ubuntu 24.04 image, can output 4K games at 60 FPS tomshardware.com/software/linux…

NPM packages mbt@1.2.48 and @\cap-js@2.2.2 got popped chat

@MaxFSport When did he get on the payroll?

I'm burning premium requests like there's no tomorrow until June 1st 😎

Tosin, Trev and GarNeto. Strap in folks.

You couldn’t write this!! It’s the whole Kinetic setup!! 🤣🤣🤣🤣🤣 They’re not even hiding this!