China Targets Country’s Own Telecommunications
(говорят это были учения)
https://0x0d4y.blog/telecommunications-supply-chain-china-nexus-threat-technical-analysis-of-veletrix-loaders-strategic-infrastructure-positioning/
(говорят это были учения)
https://0x0d4y.blog/telecommunications-supply-chain-china-nexus-threat-technical-analysis-of-veletrix-loaders-strategic-infrastructure-positioning/
0x0d4y Malware Research -
VELETRIX Loader Dissection: Kill Chain Analysis of China-Nexus Telecommunications Infrastructure Targeting - 0x0d4y Malware Research
In my work I had the opportunity to analyze a China-Nexus Threat Actor, called Earth Alux, and this research, which only covers the fundamental points of the Kill Chain and the analysis of some components of its Toolkit, was the starting point of a long process…
SharePoint Unknown CVE Unveiled: RCE via WebPart Properties Deserialization
https://blog.viettelcybersecurity.com/sharepoint_properties_deser/
https://blog.viettelcybersecurity.com/sharepoint_properties_deser/
Analyzing Signal and Telegram messages on iOS
https://8ksec.io/advanced-frida-usage-part-2-analyzing-signal-and-telegram-messages-on-ios/
https://8ksec.io/advanced-frida-usage-part-2-analyzing-signal-and-telegram-messages-on-ios/
8kSec - 8kSec is a cybersecurity research & training company. We provide high-quality training & consulting services.
Advanced Frida Usage Part 2 – Analyzing Signal And Telegram Messages On iOS | 8kSec Blogs
In Part 2 of Advanced Frida Usage Series, Learn how to dissect Signal and Telegram communication on iOS, revealing message content, metadata, encryption keys and more.
Unchained Skies: A Deep Dive into Reverse Engineering and Exploitation of Drones
https://cfp.recon.cx/media/2023/submissions/HLHH89/resources/REcon_online_slides_mLUVm2u.pdf
https://cfp.recon.cx/media/2023/submissions/HLHH89/resources/REcon_online_slides_mLUVm2u.pdf
Я в своем познании настолько преисполнился, что я как будто бы уже сто триллионов миллиардов лет проживаю на триллионах и триллионах таких же планет, как эта Земля, мне этот мир абсолютно понятен, и я здесь ищу только одного - покоя, умиротворения и вот этой гармонии, от слияния с бесконечно вечным, от созерцания великого фрактального подобия и от вот этого замечательного всеединства существа, бесконечно вечного, куда ни посмотри, хоть вглубь - бесконечно малое, хоть ввысь - бесконечное большое, понимаешь?
Odyssey Infostealer Dropper - SwiftUI Reverse Engineering
https://www.youtube.com/watch?v=skOsJjff9eg
https://www.youtube.com/watch?v=skOsJjff9eg
YouTube
Odyssey Infostealer Dropper - SwiftUI Reverse Engineering
In this video, I cover a malicious SwiftUI application that was recently blogged about by Jamf. The use of SwiftUI acting as the dropper of this Odyssey variant infostealer is interesting so I will walk through Swift specific data structures and quirks to…
An integration for IDA and VS Code which connects both to easily execute and debug IDAPython scripts.
https://github.com/ioncodes/idacode
https://github.com/ioncodes/idacode
GitHub
GitHub - ioncodes/idacode: An integration for IDA and VS Code which connects both to easily execute and debug IDAPython scripts.
An integration for IDA and VS Code which connects both to easily execute and debug IDAPython scripts. - ioncodes/idacode
Forwarded from novitoll_ch
I presented my experiments with LLM and Linux kernel development back in 2600 June.
Slides are available here.
Here is the
documentation on how to use different LLM Clients (Claude, Copilot etc.). Interesting.
https://lore.kernel.org/all/20250725175358.1989323-1-sashal@kernel.org/
Slides are available here.
Here is the
[RFC 0/2] Add AI coding assistant configuration to Linux kernel with addingdocumentation on how to use different LLM Clients (Claude, Copilot etc.). Interesting.
https://lore.kernel.org/all/20250725175358.1989323-1-sashal@kernel.org/
Google Docs
8_2025_Jul4_2600_AI_Agents_Linux_kernel
MCP AI agents for the Linux kernel development Sabyrzhan Tasbolatov
Reverse engineering a Lumma infection
https://labs.withsecure.com/publications/reverse-engineering-a-lumma-infection
https://labs.withsecure.com/publications/reverse-engineering-a-lumma-infection
Withsecure
Reverse engineering a Lumma infection
Lumma is an information stealer that the WithSecure Detection and Response Team (DRT) have encountered several times. It has seen wider use over the past couple of years, and makes for an interesting threat to monitor.
In this post we will focus on a Lumma…
In this post we will focus on a Lumma…
Modern (Kernel) Low Fragmentation Heap Exploitation
https://r0keb.github.io/posts/Modern-(Kernel)-Low-Fragmentation-Heap-Exploitation/
https://r0keb.github.io/posts/Modern-(Kernel)-Low-Fragmentation-Heap-Exploitation/
r0keb
Modern (Kernel) Low Fragmentation Heap Exploitation
Good morning! In today’s blog post, we’re going one step further than in the previous post Windows Kernel Pool Internals (which I recommend reading to understand some of the concepts discussed here), and we’re going to achieve arbitrary read/write by leveraging…
Graphite's Paragon spyware iMessage zero-click bug and how Apple patched it
https://jaybird1291.github.io/blog-cyber/en/posts/graphite-caught/
https://jaybird1291.github.io/blog-cyber/en/posts/graphite-caught/
Tracing Bugs Across Kernels: SMB Vulnerabilities in macOS and FreeBSD
https://github.com/wangtielei/Slides/blob/main/SMB_Vulnerability_Analysis.md
https://github.com/wangtielei/Slides/blob/main/SMB_Vulnerability_Analysis.md
GitHub
Slides/SMB_Vulnerability_Analysis.md at main · wangtielei/Slides
slides for conference talks. Contribute to wangtielei/Slides development by creating an account on GitHub.
Dynamic Indirect Syscalls via JOP or ROP in Rust
https://kirchware.com/Dynamic-Indirect-Syscalls-via-JOP-or-ROP-in-Rust
https://kirchware.com/Dynamic-Indirect-Syscalls-via-JOP-or-ROP-in-Rust
KirchWare
Dynamic Indirect Syscalls via JOP or ROP in Rust
Overview Link to the Github Link to crates.io There is a lot to break down in this project and structuring something like this in a digestible format is a little difficult, so I am simply going to give an overview of what and why it is and break down a rough…