Stijn Volckaert

@hackerfantastic @sev305001538593 sent

@sev305001538593 Thanks, have team member for handling security reports contact me (matthew AT hacker dot house) and I will send bug reports to them. I use games like Quake3 to demo exploit dev as they provide good learning experience for students. I will likely find more. cc @StijnVolckaert

PSA: Unreal Tournament 2004 has been repackaged and re-released for modern PC's, it comes with remote code execution vulnerabilities that can be triggered easily from a hyperlink in webpages or documents. Disable ut2004:// handler to prevent misuse during install.

@hackerfantastic @myhackerhouse We're on it!

Unreal Tournament 2004 Uri Handler Remote Code Execution [0day] @myhackerhouse hacker.house #RCE #0day

The release preview for the updated Unreal Tournament 2004 is out now!

@FATAL1TY We (OldUnreal) are about to release a preview of our UT2004 installers and reboot patch! github.com/OldUnreal/UT20…

Who would like to play some UT2K4 again? Or better yet, let’s get a complete reboot of the franchise! 👾

Happy to receive the @EuroSecWorkshop'25 Best Paper Award for our paper "CUDA, Woulda, Shoulda: Returning Exploits in a SASS-y World" 🎉 Great recognition for @RoelsJonas' hard work! Check the 📜 here: adriaanjacobs.github.io/files/eurosec2…

Happy to share that both our @EuroSecWorkshop papers got accepted! Congrats to Jonas and Anton for producing such great research so early in their PhD. See you in Rotterdam! Also for @EuroSysConf and @ASPLOSConf after :) 📜: adriaanjacobs.github.io/files/eurosec2… 📜: adriaanjacobs.github.io/files/eurosec2…

After an embargo of 8 months, we are glad to finally share our USENIX Security '25 paper! We found more than 4 MILLION vulnerable tunneling servers by scanning the Internet. These vulnerable servers can be abused as proxies to launch DDoS attacks and access internal networks.

I'm in this picture and I like it 😁

We mogen verdorie als land trots zijn op topexperten zoals @bpreneel1 (en COSIC) en de vele andere Europese stemmen die de draak van #ChatControl hebben tegengehouden. Maar je ziet: de nieuwe directeur van Child Focus & BFF Annelies proberen het toch gewoon opnieuw.

Great chatting with @EvanDornbush about bounds checking and how to do it (im)properly, cfr. our recent @wootsecurity paper! The Rochefort was a nice touch :)

Please share this far and wide. As far and wide as you can. NIST Password Guidelines for 2024 are in the process of being updated. This is a HUGE pet-peeve of mine (when vendors in particular are still operating like its 2017 and keep changing passwords every 60 days, STOP DOING THIS, it's outdated and has been shown to put you MORE at risk than less -- NIST explains why it does in this document, meticulously outlining user behavior**) so I'm sharing this in the hopes all of you will pass it along to your bosses. The Special Publication series governing passwords is SP 800-63 "Digital Identity Guidelines". The 2024 version is 800-63-4. Here: pages.nist.gov/800-63-4/ The companion docs are also on that link. They are 800-63A, 800-63B and 800-63C. These are different documents for different scenarios in play at your org. The previous update was in2020. The changes in the 2020 version from the 2017 version were numerous but one of them was that the password verification method should NO LONGER require passwords be changed at specific intervals (i.e. every 60 days) but in the following circumstances instead: 1. After a breach/compromise 2. User request 2024 repeats this and adds a bunch more guidlines but here is a screenshot of page 13 of the new 800-63-4 (note the # 4 after it) which outlines how your systems should now and moving forward, be handling passwords. This goes for Active Directory, too. All your systems which have passwords should align with these guidelines provided there isn't another standard or framework you must adhere to which overrules this. Most frameworks, however, have moved away from arbitrary password resets and complexity rules. **We cybersec researchers and hackers use wordlists from breaches in a variety of different ways. Hackers use them in tooling to crack passwords whereas researchers use breach dumps to see the kinds of passwords users are creating and the psychology behind them. Using complexity rules gets you the user psychology of: Password1 Password2 and so on Use phrasing instead and allow for spaces, which is important. Humans type phrases with spaces. They also mention phish-resistant methods and most vendors are on-board with MS going to be turning off all Legacy Auth next month, across all free accounts and tenancies. I'm so excited for the new changes! Ok I'm off my soapbox. Share the love! Thank you!

Our paper has been accepted for publication at @ACSAC_Conf. Congratulations to André who led this work and my other co-authors Michael Franz and @StijnVolckaert. @DistriNet @UCIrvine @tudelft See you in Hawaii!!!

In addition to doing top-notch research, @a3_jacobs also makes quality memes

Did you think to be safe with store-only bounds checking? Definitely something to reconsider after reading the paper “Not Quite Write: On the Effectiveness of Store-Only Bounds Checking” by @a3_jacobs #woot24

In our latest @wootsecurity paper, @StijnVolckaert and I demonstrate a fundamental weakness of store-only bounds checkers: invalidly-loaded pointers (through unchecked reads) give the attacker a near-arbitrary write primitive! paper: adriaanjacobs.github.io/files/woot24no…

@mer__edith We still have one day to stop this #ChatControl mass surveillance madness, especially if you're from IT, FI, CZ, SE, SV, EST, GR, PT. Act NOW: patrick-breyer.de/en/council-to-…

📣Official statement: the new EU chat controls proposal for mass scanning is the same old surveillance with new branding. Whether you call it a backdoor, a front door, or “upload moderation” it undermines encryption & creates significant vulnerabilities signal.org/blog/pdfs/uplo…

My first PhD student, @Karel_Dhondt , has successfully defended his PhD! Congratulations Karel!

Woke up this morning and, about ten minutes in, got a paper acceptance notification. Excited to talk about it, but will have to wait until the next DL is over. In utmost brevity: We're using DRAM Rowhammer PUFs with software diversity to prevent reverse engineering. 🎉

@gannimo @NDSSSymposium @vu5ec Are they going to publish recordings of the keynotes?

As always, Herbert's @NDSSSymposium #NDSSSymposium2024 keynote blew my mind. Looking at missed opportunities of interactions between hackers and academics, Herbert @vu5ec gave us a whirlwind tour of memory corruption and possible mitigations.