Karsten's Avatar

Karsten

@gr4yf0x

VR. Can cook a decent Cacio e Pepe. Physicist in a former life.

113
Followers 174
Following 22
Posts 06.08.2023
Joined
Posts Following

Latest posts by Karsten @gr4yf0x

Post image

The next battleground is in sight, and things are going to move fast. Half-baked tech pitched as transformational will be quickly adopted and thrown in front of children without any validation, but the demos will be amazing!

19.05.2025 12:32 πŸ‘ 6 πŸ” 2 πŸ’¬ 0 πŸ“Œ 0
Firefox Security Response to pwn2own 2025 – Mozilla Security Blog At Mozilla, we consider security to be a paramount aspect of the web. This is why not only does Firefox have a long running bug bounty program but also mature ...

We just published @firefox.com updates to fix the exploits used at the Pwn2Own contest yesterday and today. Both contestants achieved RCE in our content process but did not escape the sandbox.
blog.mozilla.org/security/202...

17.05.2025 21:22 πŸ‘ 24 πŸ” 8 πŸ’¬ 3 πŸ“Œ 1
Post image

It’s only Tuesday but the first night of Lobbycon has already started! 🍻

13.05.2025 20:59 πŸ‘ 7 πŸ” 1 πŸ’¬ 0 πŸ“Œ 0

Well, there is a HofbrΓ€u. Secret takeover? πŸ€”

14.05.2025 09:02 πŸ‘ 0 πŸ” 0 πŸ’¬ 0 πŸ“Œ 0

Because the fix took long or just long process in general?

12.05.2025 09:49 πŸ‘ 0 πŸ” 0 πŸ’¬ 0 πŸ“Œ 0
Post image

the takeover has begun..
trainings start tomorrow morning!

11.05.2025 17:39 πŸ‘ 12 πŸ” 2 πŸ’¬ 0 πŸ“Œ 0
Post image Post image

RUMOURS are TRUE πŸ€·β€β™€οΈ

PHRACK will be releasing a SPECIAL #71.5 πŸ‘‰HARDCOVERπŸ‘ˆ at www.offensivecon.org BERLIN ("The πž…€-Day Edition").

Main #72 release THIS SUMMER at MULTIPLE conferences (main release at WHY2025). ❀️

28.04.2025 10:16 πŸ‘ 13 πŸ” 5 πŸ’¬ 1 πŸ“Œ 0
Post image

2025 agenda is out!

www.offensivecon.org/agenda/2025....

25.04.2025 19:58 πŸ‘ 9 πŸ” 5 πŸ’¬ 0 πŸ“Œ 3
Two photos. In the first, deep in a conifer forest a man in winter clothes holds a reindeer and sprays something from an aerosol can on the antlers. The second photo is of a small town street in the dead of night. Little shops and dim street lights. A deer stands in the middle of the road. It's barely visible, just a feint silhouette. But, its eyes and antlers glow like something ancient and supernatural.

Two photos. In the first, deep in a conifer forest a man in winter clothes holds a reindeer and sprays something from an aerosol can on the antlers. The second photo is of a small town street in the dead of night. Little shops and dim street lights. A deer stands in the middle of the road. It's barely visible, just a feint silhouette. But, its eyes and antlers glow like something ancient and supernatural.

To prevent deer from being hit by cars Finland has tried using reflective paint. (https://www.smithsonianmag.com/smart-news/avoid-deer-strikes-finland-painting-deer-antlers-reflective-paint-180949792/)

File this under "solutions to modern problems that summon the old gods."

20.04.2025 10:11 πŸ‘ 4010 πŸ” 1152 πŸ’¬ 52 πŸ“Œ 105

Very cool, bsky becomes more and more a complete replacement for the dead bird on my topics.

18.04.2025 11:00 πŸ‘ 2 πŸ” 1 πŸ’¬ 0 πŸ“Œ 0

Still adding people as they wash up here

go.bsky.app/EhGFSVj

18.04.2025 05:25 πŸ‘ 12 πŸ” 1 πŸ’¬ 1 πŸ“Œ 0

Karriere als Youtube-DJ? 😁 Sehr cool jedenfalls

13.04.2025 19:23 πŸ‘ 1 πŸ” 0 πŸ’¬ 1 πŸ“Œ 0
Blackhoodie OffensiveCon 2025 Hackers around the globe, listen, BlackHoodie will be at OffensiveCon this year :) For the very first time we’re offering a 1-day free training, for women, by women, at the most prestigious offensive ...

The BlackHoodie training at OffensiveCon has a whole of 2 seats left, and we will have a special give-away with this edition :) blackhoodie.re/Offensivecon...

01.04.2025 20:28 πŸ‘ 6 πŸ” 5 πŸ’¬ 0 πŸ“Œ 0

Don't forget, the CFP for the 40th anniversary issue of Phrack is open until June 15th 2025. You can be someone's favorite article in the future!!

bsky.app/profile/phra...

24.03.2025 23:31 πŸ‘ 7 πŸ” 10 πŸ’¬ 0 πŸ“Œ 0

Save the date - @blackhoodie.bsky.social is partnering with
@offensivecon.bsky.social this year to bring a BlackHoodie training to Berlin! Students will learn how to place compiler backdoors in innocent code. Mark your calendars for May 15th! Registration opens tomorrow, space is very limited ☺️

26.03.2025 21:04 πŸ‘ 7 πŸ” 7 πŸ’¬ 0 πŸ“Œ 0
Preview
GitHub - jduck/bs25-slides: Slides from "Musing from Decades of Linux Kernel Security Research" at BOOTSTRAP25 Slides from "Musing from Decades of Linux Kernel Security Research" at BOOTSTRAP25 - jduck/bs25-slides

Happy to share my slides from BOOTSTRAP25. Unfortunately the bug discussed is still not patched in Linux 6.14.0 despite it being reported explicitly. Slides are in markdown but there's a PDF in "releases" too github.com/jduck/bs25-s...

25.03.2025 19:26 πŸ‘ 14 πŸ” 7 πŸ’¬ 1 πŸ“Œ 0
Post image

We are proud to announce our first keynote for Offensivecon 2025, Perri Adams! @perrib.us

25.03.2025 20:41 πŸ‘ 13 πŸ” 3 πŸ’¬ 0 πŸ“Œ 0
Post image

Our second keynote for Offensivecon 2025 will be Dino Dai Zovi! @ddz.bsky.social

25.03.2025 18:18 πŸ‘ 9 πŸ” 3 πŸ’¬ 0 πŸ“Œ 1

Must be @argp.bsky.social and karl's article on the FreeBSD kernel allocator. The first one I worked really through, introduced me to kernel exploitation, and finally helped me with my first real exploit for
FreeBSD-SA-19:02.fd.

phrack.org/issues/66/8#...

25.03.2025 11:47 πŸ‘ 6 πŸ” 1 πŸ’¬ 0 πŸ“Œ 0

That story gets better and better every year with new details and court cases internationally.

10.03.2025 10:42 πŸ‘ 1 πŸ” 0 πŸ’¬ 0 πŸ“Œ 0

Good analysis by the syzkaller developer, how some of thr latest ITW vulns could have been found.

05.03.2025 13:34 πŸ‘ 1 πŸ” 0 πŸ’¬ 0 πŸ“Œ 0

Pumpkin (@u1f383 on X) does cool work. Here is another cool read about an interesting race condition involving signal handling
u1f383.github.io/linux/2025/0...

26.02.2025 08:42 πŸ‘ 4 πŸ” 4 πŸ’¬ 0 πŸ“Œ 0
Patch-Gapping the Google Container-Optimized OS for $0 Background I’m trying to really focus this year on developing technically in a few ways. Part of that is reviewing kCTF entries. This helps me get a sense of what subsystems are producing the most bug...

Really great read by @h0mbre (on X) about his journey to exploit a Linux n-day on kCTF. Not only the exploit but the process to understand the bug including own failures, e.g. deal with CONFIG_DEBUG_LIST, is full of insights. h0mbre.github.io/Patch_Gappin...

17.02.2025 18:31 πŸ‘ 2 πŸ” 2 πŸ’¬ 0 πŸ“Œ 0
.:: Phrack Magazine ::. Phrack staff website.

Hackers rejoice!

We are releasing the Phrack 71 PDF for you today!

Don't forget this year is Phrack's 40th anniversary release! Send in your contribution and be part of this historical issue!

The CFP is still open, you can find it and the PDF link at phrack.org

15.02.2025 15:02 πŸ‘ 63 πŸ” 32 πŸ’¬ 2 πŸ“Œ 1

Tbh, Hector Martin was very good at alienating himself.

14.02.2025 08:42 πŸ‘ 0 πŸ” 0 πŸ’¬ 0 πŸ“Œ 0
Post image

To all our Bluesky friends, feel free to follow us here as we will be posting regular updates as the conference gets closer. See you in May!

21.01.2025 15:32 πŸ‘ 7 πŸ” 2 πŸ’¬ 0 πŸ“Œ 0
Post image

Thank you @phrack.org !

07.01.2025 20:02 πŸ‘ 3 πŸ” 0 πŸ’¬ 0 πŸ“Œ 0

That's the spirit

07.01.2025 17:07 πŸ‘ 0 πŸ” 0 πŸ’¬ 0 πŸ“Œ 0

As of today I'm not longer with CrowdStrike. Looking forward to new challenges in VR :)

01.01.2025 13:40 πŸ‘ 5 πŸ” 0 πŸ’¬ 1 πŸ“Œ 0