@halvarflake Not a cafe, but many of our favourite UK pubs had playgrounds.
English
hex nomad
602 posts
There's one thing that puzzles me as a parent: why aren't there more cafes and restaurants with playgrounds? As a parent, I'd pay premiums *and* frequent such places much more, but they are so rare.
English
hex nomad retweetledi
Introduction to Windows Cryptographic Services RCE CVE-2024-29050 v-v.space/2024/08/23/CVE…
English
hex nomad retweetledi
hex nomad retweetledi
I’m thrilled to share my latest blog post! This one focuses on the bug hunting process: inspiration, approach, and execution. I also provide a retrospective on how the bug was introduced and analyze the insufficient “patch”. Check it out: securityintelligence.com/x-force/little…
English
hex nomad retweetledi
In the wake of the CrowdStrike crash event, some interesting articles have been published that explore some perspectives of security vendors in the Windows kernel. I penned a blog for another perspective.
@Sean_Endicott_ @happygeek @AndrewWrites
fieldeffect.com/blog/the-brass…
English
hex nomad retweetledi
My take on this: “… appears to be starting a conversation about…” is corporate speak for “there’s nothing we can do about this and we’re waiting this out”.
There’s currently no alternative to running Windows EDRs in kernel mode and there’s not going to be one any time soon.
vx-underground@vxunderground
via @verge – due to the recent CrowdStrike incident Microsoft is discussing migrating security products away from the Windows kernel and into other spaces such as VBS Enclaves or Microsoft Azure Attestation CrowdStrike accidentally leveled the playing field for Threat Actors
English
hex nomad retweetledi
After over a decade in cybersecurity I sometimes forget that a lot of tech probably has never heard of Crowdstrike (as is now apparent by all the posts)
You’ve probably also not heard of @fieldeffectsoft so here is your chance (no I don’t work for them)
fieldeffect.com/blog/recoverin…
English
hex nomad retweetledi
Maybe companies shouldn’t have gotten rid of QA teams because “devs can write unit tests and that’s basically the same thing”?
English
hex nomad retweetledi
hex nomad retweetledi
RCE in SSH, this is a thing of beauty qualys.com/2024/07/01/cve…
English
@GabrielLandau @hasherezade @reconmtl @BlueHatIL Great talk and research! Definitely got a lot of ideas after listening to it
English
hex nomad retweetledi
Thanks to everyone who attended my @reconmtl and @BlueHatIL talks! The exploit and slides are here: github.com/gabriellandau/…
If you took any photos during either of the talks, please share them here. Also, please don't hesitate to stop me to say hi!
English
hex nomad retweetledi
When embarking on a new vulnerability research project it is important to perform extensive background research into the area to gather as much info as possible to supplement and guide
@j00ru describes these learning resources for the Windows Registry:
googleprojectzero.blogspot.com/2024/06/the-wi…
English
Sassy, tongue-in-cheek, but honest recounting of the recent Mitre MDR evaluations:
Matt Holland@notnotaspy
Very happy to share some thoughts and an inside look at the Field Effect experience of our first participation in a MITRE Engenuity ATT&CK Managed Services Evaluation. So proud of the team, details here: fieldeffect.com/blog/recoverin…
English
hex nomad retweetledi
The cynic in me is saying that if you are a secret agent on a counterterrorism mission, it's kinda your job not to have your secret equipment confiscated by the mall cop on the segway, so I think the lady doth protest too much.
(Random subtweet)
English
hex nomad retweetledi
New blog post "Google: Stop Burning Counterterrorism Operations"
My reflection on an incident where Project Zero and TAG knowingly shut down an active Western counterterrorism cyber operation, and the real-world harm that could have resulted from it.
poppopret.org/2024/06/24/goo…
English
hex nomad retweetledi
New Project Zero blog post by Sergei Glazunov and Mark Brand: Project Naptime: Evaluating Offensive Security Capabilities of Large Language Models googleprojectzero.blogspot.com/2024/06/projec…
English
Great bug, great talk! I’m sure I’m not the only one who looked at the binder code and missed this :)
Linux Kernel Security@linkersec
Attacking Android Binder: Analysis and Exploitation of CVE-2023-20938 An article by @abc_sup, Gulshan Singh, and @vxradius about exploiting a vulnerability in the Android Binder device driver that leads to a slab use-after-free. androidoffsec.withgoogle.com/posts/attackin…
English
hex nomad retweetledi
@guhe120 This happened. It turns out maintaining consistency at 4x-6x the previous volume is a really hard problem. Honestly, a misc CVE field is the least of my worries- inconsistencies in what's considered an "Important" vulnerability is what keeps me up at night 🥲
English