Reflective loading of an unsigned Windows driver.
This may be useful for red teaming and game cheating, but also to reclaim ownership of your computering device.
Yay, you don't need a cloud services account to do it!
This may be useful for red teaming and game cheating, but also to reclaim ownership of your computering device.
Yay, you don't need a cloud services account to do it!
Finding a buggy driver is one thing, abusing it is another🧠
In his latest blog post, Luis Casvella shows you how BYOVD can be used as a Reflective Rootkit Loader ! 🚀
➡️ blog.quarkslab.com/exploiting-l...
In his latest blog post, Luis Casvella shows you how BYOVD can be used as a Reflective Rootkit Loader ! 🚀
➡️ blog.quarkslab.com/exploiting-l...
October 9, 2025 at 4:30 PM
Reflective loading of an unsigned Windows driver.
This may be useful for red teaming and game cheating, but also to reclaim ownership of your computering device.
Yay, you don't need a cloud services account to do it!
This may be useful for red teaming and game cheating, but also to reclaim ownership of your computering device.
Yay, you don't need a cloud services account to do it!
Reposted by 4Dgifts
BYOVD is a well-known technique commonly used by threat actors to kill EDR 🔪
However, with the right primitives, you can do much more.
Find out how Luis Casvella found and exploited 4 vulns (CVE-2025-8061) in a signed Lenovo driver.
👇
blog.quarkslab.com/exploiting-l...
However, with the right primitives, you can do much more.
Find out how Luis Casvella found and exploited 4 vulns (CVE-2025-8061) in a signed Lenovo driver.
👇
blog.quarkslab.com/exploiting-l...
September 23, 2025 at 5:01 PM
BYOVD is a well-known technique commonly used by threat actors to kill EDR 🔪
However, with the right primitives, you can do much more.
Find out how Luis Casvella found and exploited 4 vulns (CVE-2025-8061) in a signed Lenovo driver.
👇
blog.quarkslab.com/exploiting-l...
However, with the right primitives, you can do much more.
Find out how Luis Casvella found and exploited 4 vulns (CVE-2025-8061) in a signed Lenovo driver.
👇
blog.quarkslab.com/exploiting-l...
Reposted by 4Dgifts
It's not clear who cut the cables or why.
Microsoft says Azure affected after cables cut in the Red Sea | TechCrunch
It's not clear who cut the cables or why.
techcrunch.com
September 7, 2025 at 3:24 PM
It's not clear who cut the cables or why.
Reverse engineering of the patch for a (remote?) code execution vuln recently fixed by Apple, allegedly used in attacks ITW.
They "improved bounds checking" at an infinite rate, from 0 to actually checking.
This is the kind of simple bug that a fuzzer would catch so it is puzzling that it wasn't.
They "improved bounds checking" at an infinite rate, from 0 to actually checking.
This is the kind of simple bug that a fuzzer would catch so it is puzzling that it wasn't.
The two bytes that make size matter:
Reverse engineering Apple's iOS 0-click CVE-2025-43300 improved bounds checking fix, by Madimodi Diawara
blog.quarkslab.com/patch-analys...
Reverse engineering Apple's iOS 0-click CVE-2025-43300 improved bounds checking fix, by Madimodi Diawara
blog.quarkslab.com/patch-analys...
September 5, 2025 at 7:14 PM
Reverse engineering of the patch for a (remote?) code execution vuln recently fixed by Apple, allegedly used in attacks ITW.
They "improved bounds checking" at an infinite rate, from 0 to actually checking.
This is the kind of simple bug that a fuzzer would catch so it is puzzling that it wasn't.
They "improved bounds checking" at an infinite rate, from 0 to actually checking.
This is the kind of simple bug that a fuzzer would catch so it is puzzling that it wasn't.
What kind of advise is "We don't know what is going on, disable your VPN server" ?
Also a 0day is not "a security bug that was discovered and exploited before the vendor could patch the issue".
0day is a vuln that is not publicly known.
A known vuln that the vendor did not care to patch isn't 0day.
Also a 0day is not "a security bug that was discovered and exploited before the vendor could patch the issue".
0day is a vuln that is not publicly known.
A known vuln that the vendor did not care to patch isn't 0day.
New: SonicWall is urging customers to disable SSLVPN as researchers report ransomware attacks targeting SonicWall firewalls. Particularly problematic for big companies that rely on these devices. Arctic Wolf and Huntress say it's likely a zero-day under attack but SonicWall is still investigating.
SonicWall urges customers to disable SSLVPN amid reports of ransomware attacks | TechCrunch
Security researchers say they have evidence that ransomware gangs are hacking into large companies that rely on fully-patched SonicWall firewalls. The researchers say it's likely the flaw is a "zero-d...
techcrunch.com
August 5, 2025 at 2:01 PM
What kind of advise is "We don't know what is going on, disable your VPN server" ?
Also a 0day is not "a security bug that was discovered and exploited before the vendor could patch the issue".
0day is a vuln that is not publicly known.
A known vuln that the vendor did not care to patch isn't 0day.
Also a 0day is not "a security bug that was discovered and exploited before the vendor could patch the issue".
0day is a vuln that is not publicly known.
A known vuln that the vendor did not care to patch isn't 0day.
30+ years in cybersecurity and I still see these vendor-supported private 0day sharing clubs.
Vendors that tilt the patch and later demand fair play.
We have not learned anything from MAPP have we?
Vendors that tilt the patch and later demand fair play.
We have not learned anything from MAPP have we?
"some vendors...ship...their new phones to Cellebrite 3 months before they’re released, giving Cellebrite...a head start in cracking the devices. It’s a practice that dates back to the company’s original business, selling gear to...carriers that helped their customers migrate contacts" to new phones
June 6, 2025 at 5:38 PM
30+ years in cybersecurity and I still see these vendor-supported private 0day sharing clubs.
Vendors that tilt the patch and later demand fair play.
We have not learned anything from MAPP have we?
Vendors that tilt the patch and later demand fair play.
We have not learned anything from MAPP have we?
Reposted by 4Dgifts
😍Un equipo de la UBA se ubicó entre los 5 mejores (de más de 100) en el mundial de “satélites enlatados”👇en la final del proyecto CanSat, organizado por la Universidad Nacional de México, con un satélite del tamaño de una lata que ellos mismos diseñaron y fabricaron 👇
May 28, 2025 at 6:14 PM
😍Un equipo de la UBA se ubicó entre los 5 mejores (de más de 100) en el mundial de “satélites enlatados”👇en la final del proyecto CanSat, organizado por la Universidad Nacional de México, con un satélite del tamaño de una lata que ellos mismos diseñaron y fabricaron 👇
Reposted by 4Dgifts
"(...) esa línea de crédito es extorsiva, y mientras la mantengan siempre China va a poder extorsionar"
En cambio, el crédito que el FMI por recomendación de los Estados Unidos le otorga a la Argentina... ¡Caramba! ¡qué coincidencia!
En cambio, el crédito que el FMI por recomendación de los Estados Unidos le otorga a la Argentina... ¡Caramba! ¡qué coincidencia!
May 17, 2025 at 3:26 PM
"(...) esa línea de crédito es extorsiva, y mientras la mantengan siempre China va a poder extorsionar"
En cambio, el crédito que el FMI por recomendación de los Estados Unidos le otorga a la Argentina... ¡Caramba! ¡qué coincidencia!
En cambio, el crédito que el FMI por recomendación de los Estados Unidos le otorga a la Argentina... ¡Caramba! ¡qué coincidencia!
Reposted by 4Dgifts
Estados Unidos en el rol del novio violento y golpeador recomendándole a la novia liberarse de las amigas que la bancan cada vez que la faja
www.infobae.com/economia/202...
www.infobae.com/economia/202...
La recomendación a Milei de un funcionario de Trump: “Mientras tenga el swap con China, Argentina no será libre”
Mauricio Claver-Carone, enviado especial de Estado Unidos para América Latina, fue entrevistado en exclusiva por Infobae
www.infobae.com
May 17, 2025 at 3:19 PM
Estados Unidos en el rol del novio violento y golpeador recomendándole a la novia liberarse de las amigas que la bancan cada vez que la faja
www.infobae.com/economia/202...
www.infobae.com/economia/202...
This is *significantly* better than Johnny Mnemonic and yet much less known.
Recommended!
Recommended!
🚨HOLY SHIT! THIS IS NOT A DRILL!🚨
STRANGE DAYS is streaming on Criterion Channel as part of their 3 By Bigalow collection. This movie is ALMOST NEVER available and slaps so hard it'll hurt your mama. A must see for any Sci-fi/Cyberpunk/Neo-Noir fan. Such a great fucking movie.
LET'S FUCKING GOOOO!
STRANGE DAYS is streaming on Criterion Channel as part of their 3 By Bigalow collection. This movie is ALMOST NEVER available and slaps so hard it'll hurt your mama. A must see for any Sci-fi/Cyberpunk/Neo-Noir fan. Such a great fucking movie.
LET'S FUCKING GOOOO!
May 10, 2025 at 12:01 AM
This is *significantly* better than Johnny Mnemonic and yet much less known.
Recommended!
Recommended!
Reposted by 4Dgifts
OJO con esta nota.
El fondo fiduciario eliminado NO es el FONCYT, que no es un fondo fiduciario.
El eliminado es el FONDOTEC, creado por la Ley N° 23.877, de 1990.
El FONCYT se creó en 1996 con la @agenciaidiar
www.pagina12.com.ar/823318-motos...
El fondo fiduciario eliminado NO es el FONCYT, que no es un fondo fiduciario.
El eliminado es el FONDOTEC, creado por la Ley N° 23.877, de 1990.
El FONCYT se creó en 1996 con la @agenciaidiar
www.pagina12.com.ar/823318-motos...
Motosierra sin fin: el Gobierno eliminó definitivamente el FISU y el Fondo Fiduciario para la Promoción Científica | Luego de subejecutarlos
En una nueva muestra de su desprecio por las políticas públicas, el Gobierno de Javier Milei eliminó dos fondos fiduciarios clave: uno destinado a la ciencia y tecnología, y otro a la vivienda. Esta d...
www.pagina12.com.ar
May 6, 2025 at 2:29 PM
OJO con esta nota.
El fondo fiduciario eliminado NO es el FONCYT, que no es un fondo fiduciario.
El eliminado es el FONDOTEC, creado por la Ley N° 23.877, de 1990.
El FONCYT se creó en 1996 con la @agenciaidiar
www.pagina12.com.ar/823318-motos...
El fondo fiduciario eliminado NO es el FONCYT, que no es un fondo fiduciario.
El eliminado es el FONDOTEC, creado por la Ley N° 23.877, de 1990.
El FONCYT se creó en 1996 con la @agenciaidiar
www.pagina12.com.ar/823318-motos...
Reposted by 4Dgifts
Strange times: CISA employees this morning received a "workforce accountability survey" email requiring them to say whether they were on-site, teleworking, on leave, on travel, or no longer employed at CISA.
Then a few hours later, they got another email saying "no response is needed."
Then a few hours later, they got another email saying "no response is needed."
April 30, 2025 at 5:52 PM
Strange times: CISA employees this morning received a "workforce accountability survey" email requiring them to say whether they were on-site, teleworking, on leave, on travel, or no longer employed at CISA.
Then a few hours later, they got another email saying "no response is needed."
Then a few hours later, they got another email saying "no response is needed."
Reposted by 4Dgifts
There is a small bug in the signature verification of OTA packages in the Android Open Source Framework.
Official builds doing normal double verification of packages are not vulnerable but OEMs and third party apps may be.
Jérémy Jourdois explains it here:
blog.quarkslab.com/aosp_ota_sig...
Official builds doing normal double verification of packages are not vulnerable but OEMs and third party apps may be.
Jérémy Jourdois explains it here:
blog.quarkslab.com/aosp_ota_sig...
A small bug in the signature verification of AOSP OTA packages
A signature verification bypass in a function that verifies the integrity of ZIP archives in the AOSP framework
blog.quarkslab.com
April 8, 2025 at 5:51 PM
There is a small bug in the signature verification of OTA packages in the Android Open Source Framework.
Official builds doing normal double verification of packages are not vulnerable but OEMs and third party apps may be.
Jérémy Jourdois explains it here:
blog.quarkslab.com/aosp_ota_sig...
Official builds doing normal double verification of packages are not vulnerable but OEMs and third party apps may be.
Jérémy Jourdois explains it here:
blog.quarkslab.com/aosp_ota_sig...
PARA PARA PARA VOS ME ESTAS DICIENDO DE QUE PATRISSIA BULLREICH ES UNA ZURDA?
March 28, 2025 at 4:11 PM
PARA PARA PARA VOS ME ESTAS DICIENDO DE QUE PATRISSIA BULLREICH ES UNA ZURDA?
beware of how this plays out..
as in "we cannot do it unless a backdoor is installed..." etc
as in "we cannot do it unless a backdoor is installed..." etc
BREAKING: A federal judge says he will order government agencies to preserve Signal messages about a U.S. military strike against Yemen's Houthi rebels.
Judge says he will order government to preserve Signal messages about Houthi military strike
A federal judge says he will order the Trump administration to preserve records of a text message chat in which senior national security officials discussed sensitive details of plans for a U.S. military strike against Yemen’s Houthis.
bit.ly
March 27, 2025 at 10:30 PM
beware of how this plays out..
as in "we cannot do it unless a backdoor is installed..." etc
as in "we cannot do it unless a backdoor is installed..." etc
Agrego que cerraron estaciones d ela línea D durante 3 meses no de sabe para qué carajos. La frecuencia de trenes sigue siendo una mierda, esta llenos todo el tiempo y cada dos por tres se quedan parados varios minutos en los túneles.
Solo hicieron boludeces cosméticas
Solo hicieron boludeces cosméticas
March 26, 2025 at 12:33 PM
Agrego que cerraron estaciones d ela línea D durante 3 meses no de sabe para qué carajos. La frecuencia de trenes sigue siendo una mierda, esta llenos todo el tiempo y cada dos por tres se quedan parados varios minutos en los túneles.
Solo hicieron boludeces cosméticas
Solo hicieron boludeces cosméticas
Reposted by 4Dgifts
Pope Francis made a brief statement from the hospital balcony:
March 23, 2025 at 1:44 PM
Pope Francis made a brief statement from the hospital balcony:
Saw this on the other site but I should comment here:
Can't remember his hacker handle but I think Pad & Gandalf of 8lgm were arrested the same day in 1991.
You may not know it but the entire infosec & software industries owe 8lgm immense gratitude for making vendors accountable for their vulns
Can't remember his hacker handle but I think Pad & Gandalf of 8lgm were arrested the same day in 1991.
You may not know it but the entire infosec & software industries owe 8lgm immense gratitude for making vendors accountable for their vulns
March 17, 2025 at 10:59 PM
Saw this on the other site but I should comment here:
Can't remember his hacker handle but I think Pad & Gandalf of 8lgm were arrested the same day in 1991.
You may not know it but the entire infosec & software industries owe 8lgm immense gratitude for making vendors accountable for their vulns
Can't remember his hacker handle but I think Pad & Gandalf of 8lgm were arrested the same day in 1991.
You may not know it but the entire infosec & software industries owe 8lgm immense gratitude for making vendors accountable for their vulns
This is the new diplomacy?
Leavitt: "It's only because of the United States of America that the French aren't speaking German right now."
March 17, 2025 at 8:31 PM
This is the new diplomacy?
Reposted by 4Dgifts
Excellent Zoolander reference by @wdormann.bsky.social in his video.
You know where to find us if you need help @msftsecresponse.bsky.social
🌺 @lutasecurity.bsky.social 🌺
You know where to find us if you need help @msftsecresponse.bsky.social
🌺 @lutasecurity.bsky.social 🌺
Microsoft wouldn't look at a bug report without a video. Researcher maliciously complied
Microsoft wouldn't look at a bug report without a video. Researcher maliciously complied
Maddening techno loop, Zoolander reference, and 14 minutes of time wasted
A vulnerability analyst and prominent member of the infosec industry has blasted Microsoft for refusing to look at a bug report unless he submitted a video alongside a written…
dlvr.it
March 17, 2025 at 8:12 PM
Excellent Zoolander reference by @wdormann.bsky.social in his video.
You know where to find us if you need help @msftsecresponse.bsky.social
🌺 @lutasecurity.bsky.social 🌺
You know where to find us if you need help @msftsecresponse.bsky.social
🌺 @lutasecurity.bsky.social 🌺
But not the swastitrunk?
The richest man in the world is getting a car sale on the White House lawn as Americans' 401ks plummet
March 12, 2025 at 3:50 AM
But not the swastitrunk?
A deep dive into phishing
I guess there is a pun in there but child[0|1] have banned dad jokes.
sorry
I guess there is a pun in there but child[0|1] have banned dad jokes.
sorry
From classic HTML pages to advanced MFA bypasses, dive in with @atsika.bsky.social in an exploration of phishing techniques 🎣.
Learn some infrastructure tricks and delivery methods to bypass common detection.
👉 blog.quarkslab.com/technical-di...
(promise this one is legit 👀)
Learn some infrastructure tricks and delivery methods to bypass common detection.
👉 blog.quarkslab.com/technical-di...
(promise this one is legit 👀)
March 11, 2025 at 4:10 PM
A deep dive into phishing
I guess there is a pun in there but child[0|1] have banned dad jokes.
sorry
I guess there is a pun in there but child[0|1] have banned dad jokes.
sorry