Freddy Rios
@eglasius
Followers
110
Following
3K
Media
13
Statuses
3K
software developer doing his share
Joined September 2008
Just released a post on Windows driver signature timestamp forging 👀 really stoked to finally release this! This technique effectively bypasses driver signature enforcement in Windows
blog.talosintelligence.com
Actors are leveraging multiple open-source tools that alter the signing date of kernel mode drivers to load malicious and unverified drivers signed with expired certificates.
5
134
284
We wrapped up the first LLM hackathon for applications in materials and chemistry last week. The results to me were astounding. We are at the point now where some tasks that took years can now be completed in days. Here is a list of the fantastic submissions!
53
356
2K
If someone had told me 10 years ago that all H264 hw decoders are fundamentally broken and vulnerable, I would've said "Yes, and no one wants to find out". Well, now we've found out:
20
337
1K
Yikes! Tomorrow @ZenGo will publish about a vulnerability we had found in @CoinbaseWallet and others. We had responsibly disclosed to CB many weeks ago, they fixed and awarded us multiple bug bounties. Today we informed them we are going to publish. This is the reaction we got:
57
133
729
Generative AI models have triggered widespread recognition that the age of AI has begun. Until now, Gen AI has largely benefited the individual. That’s changing today, as we widely release GitHub Copilot for Business to all organizations & enterprises. 🤖 https://t.co/pCfgeQQ5yt
github.blog
GitHub Copilot is the world’s first at-scale AI developer tool and we’re now offering it to every developer, team, organization, and enterprise.
24
144
503
New version of bflat, my take on C# with Go-like tooling is out. New in the 7.0.1 release: build C# apps that run on bare metal hardware without an OS. https://t.co/kkCEg0K5nO
22
100
532
1. THREAD: THE TWITTER FILES: HOW TWITTER RIGGED THE COVID DEBATE – By censoring info that was true but inconvenient to U.S. govt. policy – By discrediting doctors and other experts who disagreed – By suppressing ordinary users, including some sharing the CDC’s *own data*
6K
59K
144K
wow I can't believe a new SPNEGO RCE exploit in 2022 it was fun > 15 years ago but now? 🤦♂️😿(CVE-2022-37958)
@Dave_Maynor @basalberts @halvarflake @mdowd @thegrugq @josephmenn @ustayready @daveaitel @endrazine @mikko where are the eEye guys? SPNEGO ASN.1 exploit was fun: multiple vectors (HTTP,SMTP,... too many) Heap overflow but it was possible to trigger it in a way exceptions were catch (thanks eEye) and write shellcode byte by byte to a desired target address then overwrite func pointer.
0
5
15
CVE-2022-37958 "has a broader scope and could potentially affect a wider range of Windows systems due to a larger attack surface of services exposed to the public internet (HTTP, RDP, SMB) " True! Probably not important now but in the past: POP,IMAP,FTP anything with auth
1
9
17
More car hacking! Earlier this year, we were able to remotely unlock, start, locate, flash, and honk any remotely connected Honda, Nissan, Infiniti, and Acura vehicles, completely unauthorized, knowing only the VIN number of the car. Here's how we found it, and how it works:
200
4K
13K
🇻🇪 #Venezuela | Los acuerdos alcanzados en México entre el régimen de Maduro y la falsa oposición son una vil traición a los 30 millones de venezolanos. Han sido avalados por la administración Biden, el representante de la UE Josep Borrell, Noruega, el Reino Unido y Canadá.
13
100
132
Mirá la #MainTrackTalk dictada por @_wald0: "Azure Backdoors: how to hide them, how to find them" ▶️ https://t.co/x0FRE0545C
0
10
29
@ruiruiruirui @internetofshit This. We could not figure out why every Thursday a rack of servers keep going dark around 210 am only to boot up around 20 minutes later. Put a camera in the cage, caught the janitor unplugging the rack to plug in the vacuum
0
1
15
🟣TODAY! Our researcher @ogianatiempo is presenting his investigation at @ekoparty at 3 pm Main track sala B. What a time to be in Buenos Aires! See you all there!💫
0
7
30
Did you read about ".NET in Ubuntu" yet? https://t.co/alJ2rnerNw
@runfaster2000 collaborated w/our friends at @canonical & @arm to launch it. Watch the #dotnetconf keynote for more info! https://t.co/PbAEE5Ay5N Here's an .NET 7 #ARM64 image running on Rich's M1 Mac :)
2
11
48
Size of fully self-contained natively-compiled Hello World over the course of .NET 7 previews. This is release build with everything left on default settings, producing a standalone EXE you can just copy to a machine and run. Hello World now under 3 MB by default with PublishAot.
12
22
220
Wow. “AES OCB fails to encrypt some bytes” in OpenSSL. You had one job…
5
75
265
2 russian rockets hit large supermarket in my city. 5 min on feet from me 😭 Helped one wounded woman outside but there were hundreds inside. Fucking russia.
15
11
42