zh4ck
@zh4ck.bsky.social
Evolve or Die!
Head of Vuln Research Lab at CUJO AI
Volunteer at IoTVillage Hackersuli Meetup Hacktivity @zh4ck@infosec.exchange
NetRunner, Shaper
Head of Vuln Research Lab at CUJO AI
Volunteer at IoTVillage Hackersuli Meetup Hacktivity @zh4ck@infosec.exchange
NetRunner, Shaper
My DEF CON 33 talk about "How Not to IoT:Lessons in Security Failures" is available on YT \o/ www.youtube.com/watch?v=TTdK...
DEF CON 33 - How Not to IoT:Lessons in Security Failures - Zoltan "zh4ck" Balazs
YouTube video by DEFCONConference
www.youtube.com
October 28, 2025 at 1:57 PM
My DEF CON 33 talk about "How Not to IoT:Lessons in Security Failures" is available on YT \o/ www.youtube.com/watch?v=TTdK...
Reposted by zh4ck
With support from Synthient, we've just pushed out a corpus of 183M stealer log victims to @haveibeenpwned.com. We'd never seen 16.4M of those before, either, so there's a lot of new stuff in there, and that's just the first part. More here: www.troyhunt.com/inside-the-s...
Inside the Synthient Threat Data
Where is your data on the internet? I mean, outside the places you've consciously provided it, where has it now flowed to and is being used and abused in ways you've never expected? The truth is that ...
www.troyhunt.com
October 21, 2025 at 7:25 PM
With support from Synthient, we've just pushed out a corpus of 183M stealer log victims to @haveibeenpwned.com. We'd never seen 16.4M of those before, either, so there's a lot of new stuff in there, and that's just the first part. More here: www.troyhunt.com/inside-the-s...
Reposted by zh4ck
(comic) Bedtime story
October 20, 2025 at 7:38 PM
(comic) Bedtime story
Reposted by zh4ck
I'd like to propose that hackers are the opposite, typically the "bringers of bad news". But we need a better word for this.
Given that the Greek word of the same era for "bad/badly" is either δυς/dys or κακο/caco, but predominantly the first.
The word would be 'dysangelist'. Tech Dysangelism.
Given that the Greek word of the same era for "bad/badly" is either δυς/dys or κακο/caco, but predominantly the first.
The word would be 'dysangelist'. Tech Dysangelism.
October 19, 2025 at 5:29 PM
I'd like to propose that hackers are the opposite, typically the "bringers of bad news". But we need a better word for this.
Given that the Greek word of the same era for "bad/badly" is either δυς/dys or κακο/caco, but predominantly the first.
The word would be 'dysangelist'. Tech Dysangelism.
Given that the Greek word of the same era for "bad/badly" is either δυς/dys or κακο/caco, but predominantly the first.
The word would be 'dysangelist'. Tech Dysangelism.
Reposted by zh4ck
October is Cybersecurity Awareness Month! Please be aware of cybersecurity. If you encounter cybersecurity, DO NOT APPROACH IT. Back away slowly. Protect children and pets. Make noises to scare it away.
October 13, 2025 at 3:08 PM
October is Cybersecurity Awareness Month! Please be aware of cybersecurity. If you encounter cybersecurity, DO NOT APPROACH IT. Back away slowly. Protect children and pets. Make noises to scare it away.
Reposted by zh4ck
People who have spent hundreds or even thousands of dollars to equip their home with SoundTouch audio have been frustrated about their gadgets losing some of their most coveted features soon.
Bose SoundTouch home theater systems regress into dumb speakers Feb. 18
Ending support for SoundTouch may help Bose avoid a Sonos situation.
arstechnica.com
October 13, 2025 at 3:39 PM
People who have spent hundreds or even thousands of dollars to equip their home with SoundTouch audio have been frustrated about their gadgets losing some of their most coveted features soon.
New life achievement unlocked - last weekend I presented (a lightning talk) right after the legendary @joegrand.bsky.social a.k.a Kingpin.
Do I have video proof that this happened? No
Do I have witnesses? Yes
Are they gonna testify? No
Do I have circumstantial evidence? Yes
🐊 #HackThePlanet
Do I have video proof that this happened? No
Do I have witnesses? Yes
Are they gonna testify? No
Do I have circumstantial evidence? Yes
🐊 #HackThePlanet
September 15, 2025 at 7:49 AM
New life achievement unlocked - last weekend I presented (a lightning talk) right after the legendary @joegrand.bsky.social a.k.a Kingpin.
Do I have video proof that this happened? No
Do I have witnesses? Yes
Are they gonna testify? No
Do I have circumstantial evidence? Yes
🐊 #HackThePlanet
Do I have video proof that this happened? No
Do I have witnesses? Yes
Are they gonna testify? No
Do I have circumstantial evidence? Yes
🐊 #HackThePlanet
Reposted by zh4ck
If you think online age verification mandates are the key to holding Big Tech companies accountable, you need to see what’s happening in Mississippi. www.eff.org/deeplinks/2...
Age Verification Is A Windfall for Big Tech—And A Death Sentence For
If you live in Mississippi, you may have noticed that you are no longer able to log into your Bluesky or Dreamwidth accounts from within the state. That’s because, in a chilling early warning sign
www.eff.org
September 13, 2025 at 4:03 PM
If you think online age verification mandates are the key to holding Big Tech companies accountable, you need to see what’s happening in Mississippi. www.eff.org/deeplinks/2...
Infosec celebrities I met this week 😊
@malwarejake.bsky.social
@liveoverflow.bsky.social
Viktor Gazdag
@nmatt0.bsky.social
@johnhammond.bsky.social
@malwarejake.bsky.social
@liveoverflow.bsky.social
Viktor Gazdag
@nmatt0.bsky.social
@johnhammond.bsky.social
August 11, 2025 at 5:56 AM
Infosec celebrities I met this week 😊
@malwarejake.bsky.social
@liveoverflow.bsky.social
Viktor Gazdag
@nmatt0.bsky.social
@johnhammond.bsky.social
@malwarejake.bsky.social
@liveoverflow.bsky.social
Viktor Gazdag
@nmatt0.bsky.social
@johnhammond.bsky.social
Reposted by zh4ck
Love me some dumb US news in the morning
...sips coffee
...sips coffee
Exclusive: The White House is preparing to step up pressure against big banks over perceived discrimination against conservatives and crypto companies with an executive order.
Exclusive | White House Preps Order to Punish Banks That Discriminate Against Conservatives
The president is expected to sign an executive order as soon as this week that targets so-called debanking of businesses including crypto companies.
on.wsj.com
August 5, 2025 at 8:29 AM
Love me some dumb US news in the morning
...sips coffee
...sips coffee
Reposted by zh4ck
A private hospital in Thailand was fined $37,000 after patient paper records were discovered being repurposed as snack bags
databreaches.net/2025/08/04/t...
databreaches.net/2025/08/04/t...
August 5, 2025 at 9:00 AM
A private hospital in Thailand was fined $37,000 after patient paper records were discovered being repurposed as snack bags
databreaches.net/2025/08/04/t...
databreaches.net/2025/08/04/t...
August 5, 2025 at 9:02 AM
Pig butchering / investment scams are next level recently. This is how my Viber and X DMs looks like
Is the bot problem solved on X? Asking for a friend
Is the bot problem solved on X? Asking for a friend
August 5, 2025 at 7:46 AM
Pig butchering / investment scams are next level recently. This is how my Viber and X DMs looks like
Is the bot problem solved on X? Asking for a friend
Is the bot problem solved on X? Asking for a friend
If you are interested in IoT Security, visit DEF CON Creator Stage 4 this Saturday, LVCC - L2 - W228
defcon.org/html/defcon-...
defcon.org/html/defcon-...
August 4, 2025 at 2:00 PM
If you are interested in IoT Security, visit DEF CON Creator Stage 4 this Saturday, LVCC - L2 - W228
defcon.org/html/defcon-...
defcon.org/html/defcon-...
Reposted by zh4ck
Thumby and Thumby Color: impossibly tiny Game Boys that are actually playable!
Just one inch tall. And yes, they can run Doom.
Just one inch tall. And yes, they can run Doom.
July 31, 2025 at 3:33 PM
Thumby and Thumby Color: impossibly tiny Game Boys that are actually playable!
Just one inch tall. And yes, they can run Doom.
Just one inch tall. And yes, they can run Doom.
Reposted by zh4ck
Going to BlackHat next week and passionate about reverse engineering? Or, wanting to be? Come hang out with Jos Wetzels and I on the 7th at 11.20am to chat about projects, books and tools you really enjoy, let us know if you're hiring or looking for a job in reverse engineering!
August 2, 2025 at 12:52 AM
Going to BlackHat next week and passionate about reverse engineering? Or, wanting to be? Come hang out with Jos Wetzels and I on the 7th at 11.20am to chat about projects, books and tools you really enjoy, let us know if you're hiring or looking for a job in reverse engineering!
Reposted by zh4ck
Tech firms torrented millions of pirated books to train their AI models. Now authors are fighting back.
My story on the front page of today's @washingtonpost.com: www.washingtonpost.com/technology/2...
My story on the front page of today's @washingtonpost.com: www.washingtonpost.com/technology/2...
AI guzzled millions of books without permission. Authors are fighting back.
Authors are appealing for help from Congress and the courts after Meta and Anthropic used millions of books to create AI technology, without seeking consent.
www.washingtonpost.com
July 21, 2025 at 11:39 PM
Tech firms torrented millions of pirated books to train their AI models. Now authors are fighting back.
My story on the front page of today's @washingtonpost.com: www.washingtonpost.com/technology/2...
My story on the front page of today's @washingtonpost.com: www.washingtonpost.com/technology/2...
🚂 I just built the world’s first Matter-secured toy train 😇
You can control the toy train - IoTrain - from any ecosystem that supports Matter, for example, Home Assistant, Apple, Google, Amazon, Samsung, IKEA, Bosch, …
It is open, secure, private (depending on the ecosystem :D ), and cross-platform.
You can control the toy train - IoTrain - from any ecosystem that supports Matter, for example, Home Assistant, Apple, Google, Amazon, Samsung, IKEA, Bosch, …
It is open, secure, private (depending on the ecosystem :D ), and cross-platform.
July 21, 2025 at 11:10 AM
🚂 I just built the world’s first Matter-secured toy train 😇
You can control the toy train - IoTrain - from any ecosystem that supports Matter, for example, Home Assistant, Apple, Google, Amazon, Samsung, IKEA, Bosch, …
It is open, secure, private (depending on the ecosystem :D ), and cross-platform.
You can control the toy train - IoTrain - from any ecosystem that supports Matter, for example, Home Assistant, Apple, Google, Amazon, Samsung, IKEA, Bosch, …
It is open, secure, private (depending on the ecosystem :D ), and cross-platform.
Reposted by zh4ck
PSA: I am not going to Vegas this year, which to be honest I am kinda happy about.
I'm still interested in your talks and research. If you wanna chat about it, hit me up on Signal: @ LorenzoFB.1337
I'm still interested in your talks and research. If you wanna chat about it, hit me up on Signal: @ LorenzoFB.1337
July 16, 2025 at 5:42 PM
PSA: I am not going to Vegas this year, which to be honest I am kinda happy about.
I'm still interested in your talks and research. If you wanna chat about it, hit me up on Signal: @ LorenzoFB.1337
I'm still interested in your talks and research. If you wanna chat about it, hit me up on Signal: @ LorenzoFB.1337
Reposted by zh4ck
Do you want to scan Thread networks with Flipper Zero? If yes, read this post.
If not, you should reconsider, because you really want to play with Thread.
cujo.com/blog/thread-...
Our senior researcher, Andras Tevesz, has already published the first three parts, and one last part is in the queue.
If not, you should reconsider, because you really want to play with Thread.
cujo.com/blog/thread-...
Our senior researcher, Andras Tevesz, has already published the first three parts, and one last part is in the queue.
Thread Support for Flipper Zero, Part 2: Setup
I set out to create a development environment and a working application.
cujo.com
July 15, 2025 at 12:15 PM
Do you want to scan Thread networks with Flipper Zero? If yes, read this post.
If not, you should reconsider, because you really want to play with Thread.
cujo.com/blog/thread-...
Our senior researcher, Andras Tevesz, has already published the first three parts, and one last part is in the queue.
If not, you should reconsider, because you really want to play with Thread.
cujo.com/blog/thread-...
Our senior researcher, Andras Tevesz, has already published the first three parts, and one last part is in the queue.