Daniel Romero

Excited to share my latest research paper on DigiMesh security best practices, providing practical hardening guidance for deployments across industrial, agricultural, smart cities, and critical infrastructure environments: nccgroup.com/research/scali…

Our research paper by @daniel_rome covers the attack surface with practical hardening guidance for XBee module deployments nccgroup.com/research/scali… #IoTSecurity #DigiMesh #OT #CyberSecurity

I am starting a new project BoxPwnr, using LLMs to solve HackTheBox machines autonomously 🤖 So far it solves 6 out of 9 of the very easy boxes from Starting Point. github.com/0ca/BoxPwnr/bl…

Just tried Gemini 2.5 Pro on BoxPwnr against all the HackTheBox StartingPoint machines. It solved 15/25 in one shot! First time solving Tactics, Bike & Base 🦾🤖 Super interesting how it solved Base, it's the longest exploration I have seen with 112 turns...🧵

CVE-2025-24071> Windows Explorer automatically initiates an SMB authentication request when a .library-ms file is extracted from a .rar archive, leading to NTLM hash disclosure. The user does not need to open or execute the file... github.com/0x6rss/CVE-202…

Espressif Systems - ESP32 BluFi Reference Application Vulnerabilities nccgroup.com/us/research-bl…

In-depth technical analysis of the Bybit hack (more than $1.4 billion assets): nccgroup.com/us/research-bl… Awesome work @Grifo!!

Behind the hype, missteps, and marketing buzz, there’s great work with USB Bluetooth (github.com/antoniovazquez…) and the research that supports it! Congratulations @antonvblanco

Today I'm releasing a new minor version of Monkey365. This new version adds some fixes and a new ruleset (CIS Benchmark 4.0) for Microsoft 365 was added. github.com/silverhack/mon… #azure #EntraID #microsoft365 #cloudsecurity

🚀 Introducing binaryninja-ollama-plus! A fork of the original Binary Ninja Ollama plugin, now with: • requests replacing ollama for easier integration • Function explanations • Basic vulnerability analysis • Optimized AI interactions @vector35 🔗 github.com/dan1t0/binaryn…

I'm thrilled to share that a new release of #Monkey365 is out! With many improvements, including the incorporation of the entire list of CIS controls github.com/silverhack/mon… #cloudsecurity #azuresecurity #microsoft365security #AzureAD #EntraID #CSPM #microsoft365

I'm thrilled to announce a new release of #Monkey365! This new release contains a lot of improvements and fixes. For example new flags were added to list collectors and CIS benchmarks for both Azure and M365 were updated to 3.0 version. Check it now! github.com/silverhack/mon…

Excited to announce the release of a new version of Monkey365. Multiple bug fixes were fixed and feature enhancements were added. Enjoy! github.com/silverhack/mon… #cloudsecurity #azuresecurity #microsoft365security #office365security #hardening #PenTest #AzureAD #EntraID #CSPM

@m4tt_lewis Congratulations Matt! I am sure it is not going to be another cybersecurity company if you founded it! Best luck mate! :)

#Monkey365 dev branch has been updated, introducing a batch of fixes & improvements across the various modules. #Security #Microsoft365 #Office365 #Azure #Compliance #CSPM github.com/silverhack/mon…

#OffensiveCon23 recordings are now live! Hope you enjoy :) youtube.com/playlist?list=…

Today I'm releasing a new major version of Monkey365. This new version adds a bunch of fixes and include a lot of new improvements to the core module. github.com/silverhack/mon… #cloud #azure #azuread #microsoft365 #cloudsecurity #compliance

Just published details of 5x SMM vulnerabilities in Insyde Software. The bugs span several SMI handlers including a fun parsing bug when performing a BIOS Guard Update. research.nccgroup.com/2023/04/11/ste…

I reported a SMM TOCTOU vuln to Intel, but unfortunately it was a dupe of an internally discovered issue. Intel's advisory was vague, so I decided to publish my own detailed analysis. Check it out: research.nccgroup.com/2023/03/15/a-r…

Working on the new version of #Monkey365. There will be a lot of new features like new rules, support for CIS 1.5 benchmarks, bug fixes and much more. Actually using it right now for bug fixes and other improvements. github.com/silverhack/mon… #Azure #AzureAD #Office365