ash

Spyware-maker NSO ordered to pay $167 million for hacking WhatsApp A jury ordered huge punitive damages against NSO, the Israel-based maker of spyware already banned from use in the U.S.

A fascinating development for the offensive industry:

www.washingtonpost.com/technology/2...

This esp32 "bluetooth backdoor" doesn't sound very different from what @naehrdine.bsky.social + crew found in bcm43xx to develop github.com/seemoo-lab/i...

A watched fuzzer never boils...

I got Linux running in a PDF file using a RISC-V emulator.

PDFs support Javascript, so Emscripten is used to compile the TinyEMU emulator to asm.js, which runs in the PDF. It boots in about 30 seconds and emulates a riscv32 buildroot system.

linux.doompdf.dev/linux.pdf
github.com/ading2210/li...

Positive Technologies has developed a new attack that exploits the SD Express standard to gain access to a device's memory through its SD card reader

The DaMAgeCard attack exploits the fact that the new SD Express standard can operate in both SDIO and NVMe

swarm.ptsecurity.com/new-dog-old-...

I should write a bittorrent client

Heh, cool amanita.us-east.host.bsky.network/xrpc/com.atp...

Reverse Engineering iOS 18 Inactivity Reboot Wireless and firmware hacking, PhD life, Technology

How does the new iOS inactivity reboot work? What does it protect from?

I reverse engineered the kernel extension and the secure enclave processor, where this feature is implemented.

naehrdine.blogspot.com/2024/11/reve...

Looking at this list of 2023 routinely exploited issues It's always interesting to look at the split between memory safety issues and bug classes. https://www.cisa.gov/news-events/cybersecurity-advisories/aa24-317a

A brief history of Cyrix https://www.abortretry.fail/p/a-brief-history-of-cyrix

Anyone got a sample?

Gotcha, yeah, definitely not a hermetic build :)

When then I think it's compile time evaluated, not runtime, right?

HEXACON 2024 - YouTube

Talks from the Hexacon 2024 security conference, which took place earlier this month, are available on YouTube

www.youtube.com/playlist?lis...

Great presentation on macOS sandbox escapes https://github.com/jhftss/jhftss.github.io/blob/main/res/slides/A%20New%20Era%20of%20macOS%20Sandbox%20Escapes.pdf

Is it actually building malware.rs or is it just retrieving the contents of a text file? Sorry, I don't know rust but it seems to be the latter?

You can do some magical things with paths on Windows. If you haven’t seen it before JonasLyk’s work on “webdav based reflective loader/per process devicemap based dll injector POC” is a work
of art. Search his handle + webdav on X for some commentary
github.com/jonaslyk/tem...

Inside a Firewall Vendor's 5-Year War With the Chinese Hackers Hijacking Its Devices Sophos went so far as to plant surveillance “implants” on its own devices to catch the hackers at work—and in doing so, revealed a glimpse into China's R&D pipeline of intrusion techniques.

I remember when we only had to worry about Dr Watson :) www.wired.com/story/sophos...

New here but I'm feeling optimistic that this might actually replace what infosec twitter used to be