Forwarded from CyberSecurityTechnologies
#reversing
Reverse Engineering macOS 26.4's Undocumented Network Events
https://objective-see.org/blog/blog_0x86.html
// macOS 26.4 quietly introduced several undocumented Endpoint Security events. Two of them - ES_EVENT_TYPE_RESERVED_5 and ES_EVENT_TYPE_RESERVED_6 - turn out to be network connection AUTH and NOTIFY events respectively, providing hook into all outbound network connections
Reverse Engineering macOS 26.4's Undocumented Network Events
https://objective-see.org/blog/blog_0x86.html
// macOS 26.4 quietly introduced several undocumented Endpoint Security events. Two of them - ES_EVENT_TYPE_RESERVED_5 and ES_EVENT_TYPE_RESERVED_6 - turn out to be network connection AUTH and NOTIFY events respectively, providing hook into all outbound network connections
❤3
This media is not supported in your browser
VIEW IN TELEGRAM
I'm on the top of the word ;)
🔥67👎12👍3❤1🤔1💔1🗿1
Source Byte
AI being used against Venezuela ,Gaza and Iran as war weapon. Any system has a weakness and shortages , but it is also important to accounting the one who use system, US remove any civilians protection program. Here is full details : The U.S. Built a Blueprint…
The Register :
During the presentation, Stanley displayed a map of the middle east in Maven that showed dozens of cartographic icons in Iran marked in red, some designated “HQ.” One of the marks was positioned on an area of the map that corresponds to Minab, where a missle struck a girls' school near a military target, killing more than 160 kids.
https://www.youtube.com/live/3O8isI3GJXU?si=lfm_6_nuAOwu0bOm&t=7135
During the presentation, Stanley displayed a map of the middle east in Maven that showed dozens of cartographic icons in Iran marked in red, some designated “HQ.” One of the marks was positioned on an area of the map that corresponds to Minab, where a missle struck a girls' school near a military target, killing more than 160 kids.
https://www.youtube.com/live/3O8isI3GJXU?si=lfm_6_nuAOwu0bOm&t=7135
❤79💔5😁2👍1👎1🤔1
Forwarded from Proxy Bar
Hypervisor-Based Defense (Windows Kernel Protection)
Original text by Ido Veltzman
The article “Hypervisor-Based Defense” discusses how hypervisors can be used as a powerful defensive layer to protect Windows systems from kernel-level attacks. The author explains that modern attackers frequently target the kernel using techniques such as Bring Your Own Vulnerable Driver (BYOVD) or malicious kernel modules that bypass traditional security…
https://core-jmp.org/2026/04/hypervisor-based-defense-windows-kernel-protection/
Original text by Ido Veltzman
The article “Hypervisor-Based Defense” discusses how hypervisors can be used as a powerful defensive layer to protect Windows systems from kernel-level attacks. The author explains that modern attackers frequently target the kernel using techniques such as Bring Your Own Vulnerable Driver (BYOVD) or malicious kernel modules that bypass traditional security…
https://core-jmp.org/2026/04/hypervisor-based-defense-windows-kernel-protection/
Forwarded from CyberSecurityTechnologies
#Kernel_Security
Linux File System Basics
Part 1
// Overview and CVE-2022-0185 / CVE-2023-5345
Part 2
// Isolation, Permission Model and CVE-2023-0386
Linux File System Basics
Part 1
// Overview and CVE-2022-0185 / CVE-2023-5345
Part 2
// Isolation, Permission Model and CVE-2023-0386
❤2
Greeting. If you are from Iran, please inform us of your current activities. It would be beneficial to share the titles of any books or courses you are currently engaging with, our direct is open :)
❤5👎2
Forwarded from vx-underground
Lost over 400 followers on social media after I made a comment about the President of the United States and his posts on Truth Social
The leader of a country (literally any country) writing "open the fuckin' strait, you crazy bastards, or you'll all be living in Hell" and "Praise be to Allah" when living in a predominantly Christian nation, on Easter Sunday, is genuinely hysterical.
Like, imagine if Claudia Sheinbaum said that, or if Volodymyr Zelenskyy said that
It made me audibly laugh out loud. I'm still laughing about it.
The leader of a country (literally any country) writing "open the fuckin' strait, you crazy bastards, or you'll all be living in Hell" and "Praise be to Allah" when living in a predominantly Christian nation, on Easter Sunday, is genuinely hysterical.
Like, imagine if Claudia Sheinbaum said that, or if Volodymyr Zelenskyy said that
It made me audibly laugh out loud. I'm still laughing about it.
👍3👎2❤1
Source Byte
Photo
ایرانی تبار خارج نشین نه تنها از سلاخی ما ایرانی ها حمایت کرد بلکه بعد از سلاخی سفیدشویی هم میکنه.
ایران مادر همه ماست و خارج نشین بعد از فروختن مادرشون بچه های مادر رو سلاخی کرد.
#مادرـفروش
ایران مادر همه ماست و خارج نشین بعد از فروختن مادرشون بچه های مادر رو سلاخی کرد.
#مادرـفروش
👏53👍27👎10💔5🔥1
Forwarded from مدرسه زندگی فارسی
طنز عجیبی است که گویا حتی ارتش آمریکا با هالیوود مسموم شده است جوری که همه این مشاوران و تکنیسینها و وابستگان نظامی به فردایی فکر میکنند که قصهشان را کتاب یا فیلمنامه کنند.
اما دنیای واقعی از سینمای آمریکا عبور کرده و به این Top Gun و نجات سرجوخه رایان میخندد.
وظیفه تاکر کارلسون که لفاظیهای زشت ترامپ را محکوم کرد، ۴۸ نماینده کنگره که طرح استیضاح او را آماده کرده بودند و مجموعه بزرگی از ژورنالیستها و شخصیتهای آمریکایی که تهدید ضدتمدنی او را محکوم کردند، همه این بود که «راه خروجی آبرومندانه» برای ترامپ فراهم کنند. جوری که انگار او واقعا توان نابودی یک شبه ایران را داشته و تحت فشار اطرافیان کوتاه آمده است.
واقعیت این است که ایالات متحده اگر میتوانست بدون یک لحظه دغدغهی جنایت جنگی ایران را نابود میکرد اما آمریکا در آخرین لبه بضاعت نظامی، اقتصادی و روایتسازی خود ایستاده است. سوال بزرگ اندیشکدهها از این پس این خواهد بود: «از بین ایران، چین و روسیه، تنها ایران، غیر اتمی بود و نتیجه به اینجا رسید. آمریکا با چین چه خواهد کرد؟»
طی ماههای آینده در دنیای اقتصاد و مناسبات تعیین کننده نظم جهانی، وضعیت افتضاح آمریکا حتی برای افراطیترین دوستداران ایالات متحده مفهوم خواهد شد.
از یک نظر میتوان گفت این نفرین نیکولاس مادورو بود که با تسلیم خود ترامپ را به هوس انداخت تا احتیاط را کنار بگذارد، به گرداب هرمز کشیده شود و به نحوی جبرانناپذیر تحقیر گردد. ونزوئلا گرانترین پیروزی مفت و مجانی تاریخ آمریکا لقب خواهد گرفت.
@dr_iman_fani
اما دنیای واقعی از سینمای آمریکا عبور کرده و به این Top Gun و نجات سرجوخه رایان میخندد.
وظیفه تاکر کارلسون که لفاظیهای زشت ترامپ را محکوم کرد، ۴۸ نماینده کنگره که طرح استیضاح او را آماده کرده بودند و مجموعه بزرگی از ژورنالیستها و شخصیتهای آمریکایی که تهدید ضدتمدنی او را محکوم کردند، همه این بود که «راه خروجی آبرومندانه» برای ترامپ فراهم کنند. جوری که انگار او واقعا توان نابودی یک شبه ایران را داشته و تحت فشار اطرافیان کوتاه آمده است.
واقعیت این است که ایالات متحده اگر میتوانست بدون یک لحظه دغدغهی جنایت جنگی ایران را نابود میکرد اما آمریکا در آخرین لبه بضاعت نظامی، اقتصادی و روایتسازی خود ایستاده است. سوال بزرگ اندیشکدهها از این پس این خواهد بود: «از بین ایران، چین و روسیه، تنها ایران، غیر اتمی بود و نتیجه به اینجا رسید. آمریکا با چین چه خواهد کرد؟»
طی ماههای آینده در دنیای اقتصاد و مناسبات تعیین کننده نظم جهانی، وضعیت افتضاح آمریکا حتی برای افراطیترین دوستداران ایالات متحده مفهوم خواهد شد.
از یک نظر میتوان گفت این نفرین نیکولاس مادورو بود که با تسلیم خود ترامپ را به هوس انداخت تا احتیاط را کنار بگذارد، به گرداب هرمز کشیده شود و به نحوی جبرانناپذیر تحقیر گردد. ونزوئلا گرانترین پیروزی مفت و مجانی تاریخ آمریکا لقب خواهد گرفت.
@dr_iman_fani
👏14👎7❤1
Analysis of BlueHammer: LPE Exploiting Windows Defender Updates
BlueHammer is dangerous not because it uses a simple bug, but because it chains together several legitimate Windows components in a clever and unexpected way. It tricks trusted features into exposing sensitive system information without relying on obvious malware behavior. Specifically, the exploit abuses Windows Defender’s signature update mechanism, the Volume Shadow Copy Service (VSS), the Cloud Files API, and a Time-of-Check to Time-of-Use (TOCTOU) race condition to read the system's SAM database.
https://www.coresecurity.com/blog/analysis-bluehammer-lpe-exploiting-windows-defender-updates
BlueHammer is dangerous not because it uses a simple bug, but because it chains together several legitimate Windows components in a clever and unexpected way. It tricks trusted features into exposing sensitive system information without relying on obvious malware behavior. Specifically, the exploit abuses Windows Defender’s signature update mechanism, the Volume Shadow Copy Service (VSS), the Cloud Files API, and a Time-of-Check to Time-of-Use (TOCTOU) race condition to read the system's SAM database.
https://www.coresecurity.com/blog/analysis-bluehammer-lpe-exploiting-windows-defender-updates
❤4🔥3👎1
A Race Within A Race: Exploiting CVE-2025-38617 in Linux Packet Sockets
#CVE-2025-38617 is a use-after-free vulnerability in the Linux kernel’s packet socket subsystem, caused by a race condition between packet_set_ring() and packet_notifier(). The bug has existed since Linux 2.6.12 (2005) and was fixed in kernel version 6.16. It allows an unprivileged local attacker — needing only CAP_NET_RAW, obtainable through user namespaces — to achieve full privilege escalation and container escape.
https://blog.calif.io/p/a-race-within-a-race-exploiting-cve
#CVE-2025-38617 is a use-after-free vulnerability in the Linux kernel’s packet socket subsystem, caused by a race condition between packet_set_ring() and packet_notifier(). The bug has existed since Linux 2.6.12 (2005) and was fixed in kernel version 6.16. It allows an unprivileged local attacker — needing only CAP_NET_RAW, obtainable through user namespaces — to achieve full privilege escalation and container escape.
https://blog.calif.io/p/a-race-within-a-race-exploiting-cve
🔥3❤1
The State of MicroVM Isolation in 2026, Your Container Is Not a Sandbox
The microVM ecosystem was battle-tested long before agentic AI created the demand. Now it's thriving, diverse, and moving fast. This post covers every VMM, the shared Rust crate ecosystem, a dozen AI sandbox platforms and honest trade-offs.
https://emirb.github.io/blog/microvm-2026/
The microVM ecosystem was battle-tested long before agentic AI created the demand. Now it's thriving, diverse, and moving fast. This post covers every VMM, the shared Rust crate ecosystem, a dozen AI sandbox platforms and honest trade-offs.
https://emirb.github.io/blog/microvm-2026/
👍2
MOIS Linked MOIST GRASSHOPPER / Homeland Justice / KarmaBelow80 / Handala Hackers / Campaigns and Evolution
The evidence examined across this analysis spanning U.S. government reporting, private-sector threat intelligence research, passive DNS and infrastructure enrichment, and longitudinal review of archived web and Telegram content supports a high-confidence assessment that the personas Homeland Justice, Karma, and Handala do not represent discrete or ideologically independent hacktivist groups. Rather, they constitute a coordinated, MOIS-aligned cyber influence ecosystem operating under multiple branded identities that serve distinct but complementary operational roles.
https://dti.domaintools.com/research/mois-linked-moist-grasshopper-homeland-justice-karmabelow80-handala-hackers-campaigns-and-evolution
The evidence examined across this analysis spanning U.S. government reporting, private-sector threat intelligence research, passive DNS and infrastructure enrichment, and longitudinal review of archived web and Telegram content supports a high-confidence assessment that the personas Homeland Justice, Karma, and Handala do not represent discrete or ideologically independent hacktivist groups. Rather, they constitute a coordinated, MOIS-aligned cyber influence ecosystem operating under multiple branded identities that serve distinct but complementary operational roles.
https://dti.domaintools.com/research/mois-linked-moist-grasshopper-homeland-justice-karmabelow80-handala-hackers-campaigns-and-evolution
👍2🔥2