Confused about DMR? Fustrated you can't get your hotspot configured? Need some help? Here is a quick tutorial: https://t.co/lELU5HxNE9 #DMR #hamradio #brandmeister #mmdvm

1/12 It has been confirmed that the #Taurus interception was done via “a non-secure line”. Below is my opinion of one way in which it *might* have been done, taking into account the situation and #Russia's previous history. Essentially it involves using #SS7 interception. 🧵

Lenovo X1 Carbon Bitlocker Key Sniffing any% Speedrun (42.9 seconds)

OST cannot be stopped. Here is a technique we tested internally 9 months ago: blocking EDR telemetry by leveraging the Windows Filtering Platform. Considered it so evil that we didn't publish it that time. It was pointless, now here it is by @netero_1010:

Discovered and exploited an arbitrary file delete vulnerability that lead to SYSTEM level privileges. Thanks to the goat @filip_dragovic.

https://t.co/50J1nrdT5u

interesting recent UAC bypass method https://t.co/dbgCqFlna8

The best thing about generative AI is that I hear far far less about Web3 bullshit

Are we really not supposed to double space after a period anymore???????

Red, Blue, and Purple LDAP Queries. Quite useful. https://t.co/7m83V9RUEK

Very cool explanation of CANbus theft technique

New blog: Obtaining Domain Admin from Azure AD by abusing Cloud Kerberos Trust I teased this a bit during my Windows Hello talks, now found some time to write about this interesting technique. Also contains defenses and detection opportunities. https://t.co/KSPVRm5iGo

A certificate reseller bypassed the HTTP verification of the ACME cert protocol by using a remote code injection in https://t.co/IaPJptnCBU to write their own When called out they are surprised Pikachu and say they didn’t know what an RCE was before this. 😬

https://t.co/xA5tyQTZIl

@cybergibbons I'd be pretty interested see how it fares with my new SDR Bluetooth sniffer and a bladeRF. Can it perform all-channel sniffing in real time? Benchmark with ice9-bluetooth -s -f /dev/urandom

It’s like nobody has ever tried to execute a docker container inside of an existing network namespace before

Clean Windows using Linux 😛

It isn’t likely that they have some sort of Uber-leet exploit in the radio or the encryption itself - these radios aren’t likely hardened against an attacker dumping the radio contents, including any encryption keys. Reprogramming radios in the field is hard, so stolen keys last

Great thread on the 300+ drones lost a day figure being generated as an approximation from UKR staff. They buried another lede here though! “Russian EW is…achieving real time interception and decryption of Ukr Motorola 256-bit encrypted…comms” RU stole and dumped radios!

"Espressif ESP32: Bypassing Encrypted Secure Boot (CVE-2020-13629)"

Not for a hot minute tho right? Like part of fuzzing could be the AI can generate the test harness but that’s a far cry from current “coding ability” of AI I’ve seen so far. And web is such a hot mess of different stuff… Maybe in 2-3 years?