Decided to publish the Lexmark printer exploit + writeup + tools instead of sell it for peanuts. 0day at the time of writing: https://t.co/YptEXw3CjJ -- enjoy!

We (@winterdeaf @kientuong114 and I) took a deep dive on Threema, a Swiss-made secure messaging app. We found 6 new cryptographic vulnerabilities. Full paper at https://t.co/XMu8SZBCc3; mini-thread follows. #threema

Super excited to release our car hacking research discussing vulnerabilities affecting hundreds of millions of vehicles, dozens of different car companies: https://t.co/xCHG5oLYWK Contributors: @_specters_ @bbuerhaus @xEHLE_ @iangcarroll, @sshell_ @infosec_au @NahamSec @rez0__

Hi Auto Industry. It's the internet calling... (Subtitle: How to take over a Ferrari account with zero interaction.) https://t.co/OEemOgKmLT

If you sent an API request to Twitter with an e-mail address, and an incorrect password, the API returned a JSON response containing the username associated with the account. A Threat Actor compiled 221,608,279 entries. This list includes celebrities, politicians, and more...

Does anyone have a copy or working link to original netcat 1.00 (version 951010), file nc100.tgz or is that lost forever? I can only find dead ftp links or a MinGW fork or v1.10 versions.

Reverse engineering yet another ebook format

Here are some of the presentations I found the most interesting within the macOS/iOS Kernel Security research space in 2022! 🧵 https://t.co/RYu3YDt16b

Here’s another #vulnerability #research writeup, this time about the #xnu #kernel // by @pwningsystems A tale of a simple #Apple kernel bug https://t.co/J5dEKdVark

Today we're publishing new techniques for recovering NTLM hashes from encrypted credentials protected by Windows Defender Credential Guard. These techniques also work on victims logged on before the server was compromised. https://t.co/euNIyX2dwW

lol

Comic for December 22, 2022 #dilbert https://t.co/OmWpH53zva

🔐 ICYMI - JP Aumasson (@veorq) is teaching a free #workshop on #Cryptography! Cryptography is indispensable for protecting information in computer systems, but choosing secure protocols and parameters can become overwhelming. Sign up to learn more! 🎟️ https://t.co/bPydmGHnUp

The Christmas open-obfuscator challenge is live at this address: https://t.co/PQSBZOnk8M Thank you to @vector35 @build38dotcom and @eshard for sponsoring the prizes of this challenge.

I just removed all references to the new social media site where everyone is going to and my handle name in my bio, in order to comply with Twitter’s new policies. You’ll find me anyway. https://t.co/eTSdQsSKan

Checkout the macOS and iOS Security Internals Advent Calendar https://t.co/k9ldkP06hq #macos #ios #security #internals #adventcalendar #xmas

I wonder why the iOS version of the checkmark is more expensive. https://t.co/qPi4LThEch

Hey ChatGPT, write me an x86 binary, undetected by all AV and EDR, that contacts my C2 on IP 12.133.253.6 port 443 once per day and migrates to a legit process before calling back. Embed it into a PDF that auto-starts the binary via AdobeReader zeroday.

Checkout Day 1 of the macOS and iOS Security Internals Advent Calendar now with enhanced audio… https://t.co/u9A0sQLS5G #ios #macos #security #internals #adventcalendar #xmas