Missed my #BHUSA talk on a security review on Signal E2EE messages ✉️🔒and vulnerabilities 🐞?
The slides are now public!
Big thanks to Signal for their support during review 🙌

www.ibrahim-elsayed.com/pdfs/US-25-E...

Signal Messenger: Speak Freely Say "hello" to a different messaging experience. An unexpected focus on privacy, combined with all of the features you expect.

libsignal (signal.org) ;)

And welcome to London 🇬🇧💂

Let me know how it goes! Would love to try it once but the other way around :)

Positive Technologies published two scenarios they encountered during pentests, where they pivot to the internal network thanks to an Internet-facing Exchange server and its numerous SSRF vectors 💎

Happy birthday 🎈

The court just handed WhatsApp a major win in the case against NSO Group ⚖️ 🎉

NSO was found liable under federal #CFAA & state law for #Pegasus hacking through WhatsApp's servers.

As a lawyer working on surveillance, let me break down the ruling 🧵 1/

storage.courtlistener.com/recap/gov.us...

Many libraries and programmes support this environment variable by default :)

In 2024, we still have trivially exploitable Ubuntu LPE bugs 🤷‍♂️

But one of the disclosed bugs involves the good old pipe character in Perl "filenames" 🤯

Another great investigation by the Qualys Threat Research Unit 💎

admin:admin

Watch the recording of my #ekoparty talk "Advanced #Fuzzing with #LibAFL" here:

youtu.be/FI7C37lz4Rg?...

Thanks @fede-k.bsky.social for this amazing event!