Forwarded from Stuff for Geeks (Нossein)
USB Made Simple
An introduction to USB
https://web.archive.org/web/20141226231324/http://www.usbmadesimple.co.uk/ums_1.htm
An introduction to USB
https://web.archive.org/web/20141226231324/http://www.usbmadesimple.co.uk/ums_1.htm
web.archive.org
USB Made Simple - Part 1
Introduction to USB.
❤2
gdrv3.sys – Reverse Engineering a Signed Kernel Driver with 13 Hardware Access Primitives
https://core-jmp.org/2026/05/gdrv3-sys-reverse-engineering-a-signed-kernel-driver-with-13-hardware-access-primitives/
https://core-jmp.org/2026/05/gdrv3-sys-reverse-engineering-a-signed-kernel-driver-with-13-hardware-access-primitives/
🔥2❤1
A critical no-interaction proximal/adjacent remote code execution vulnerability in adbd's ADB-over-TCP authentication path.
https://barghest.asia/blog/cve-2026-0073-adb-tls-auth-bypass/
#CVE-2026-0073
https://barghest.asia/blog/cve-2026-0073-adb-tls-auth-bypass/
#CVE-2026-0073
❤2
How an Omitted Write Barrier in V8 Turns Into RCE in Chrome: #CVE-2026-5865
https://nebusec.ai/research/v8-maglev-incorrect-phis-untagging/
https://nebusec.ai/research/v8-maglev-incorrect-phis-untagging/
🔥3
Adversaries Leverage AI for Vulnerability Exploitation, Augmented Operations, and Initial Access
https://cloud.google.com/blog/topics/threat-intelligence/ai-vulnerability-exploitation-initial-access
https://cloud.google.com/blog/topics/threat-intelligence/ai-vulnerability-exploitation-initial-access
از اینترنت باز تا حاکمیت اینترنتی: ایران در آستانه عصر تازهای از سرکوب دیجیتال
https://filter.watch/2026/04/20/nvestigative-report-april-2026-from-the-open-internet-to-internet-sovereignty/
https://filter.watch/2026/04/20/nvestigative-report-april-2026-from-the-open-internet-to-internet-sovereignty/
❤2
Any app on recent Android versions can leak certain traffic
A recently discovered bug in Android 16 allows any app to leak traffic outside the VPN tunnel.
As reported in the post The Tiny UDP Cannon: An Android VPN Bypass, Android 16 introduced a bug that allows a malicious app to send traffic outside the VPN tunnel, including with “Always-On VPN” + “Block connections without VPN” turned on. This affects all VPN apps, not just Mullvad VPN. This blog post aims to spread knowledge about this issue to help keep our users safe.
https://mullvad.net/en/blog/any-app-on-recent-android-versions-can-leak-certain-traffic
A recently discovered bug in Android 16 allows any app to leak traffic outside the VPN tunnel.
As reported in the post The Tiny UDP Cannon: An Android VPN Bypass, Android 16 introduced a bug that allows a malicious app to send traffic outside the VPN tunnel, including with “Always-On VPN” + “Block connections without VPN” turned on. This affects all VPN apps, not just Mullvad VPN. This blog post aims to spread knowledge about this issue to help keep our users safe.
https://mullvad.net/en/blog/any-app-on-recent-android-versions-can-leak-certain-traffic
🔥4
Mullvad exit IPs as a fingerprinting vector
Mullvad is one of the few VPN providers that offers multiple exit IPs for its servers. If two people connect to the same server, they will usually end up with different public IPs.With only 578 servers (compared to Proton VPN’s 20,000), this kind of vertical scaling makes sense to avoid cramming too many users onto one IP, which would be a problem on sites with overzealous IP blocks and ratelimits.Surprisingly, the exit IP you are given is not randomized each time you connect to the server, but deterministically picked based on your WireGuard key, which rotates every 1 to 30 days (unless you use a third-party client, in which case it never rotates).But wait.. if each server assigns you an independently picked static exit IP, wouldn’t just a few of those be enough to uniquely identify you among every other Mullvad user?
https://tmctmt.com/posts/mullvad-exit-ips-as-a-fingerprinting-vector/
Mullvad is one of the few VPN providers that offers multiple exit IPs for its servers. If two people connect to the same server, they will usually end up with different public IPs.With only 578 servers (compared to Proton VPN’s 20,000), this kind of vertical scaling makes sense to avoid cramming too many users onto one IP, which would be a problem on sites with overzealous IP blocks and ratelimits.Surprisingly, the exit IP you are given is not randomized each time you connect to the server, but deterministically picked based on your WireGuard key, which rotates every 1 to 30 days (unless you use a third-party client, in which case it never rotates).But wait.. if each server assigns you an independently picked static exit IP, wouldn’t just a few of those be enough to uniquely identify you among every other Mullvad user?
https://tmctmt.com/posts/mullvad-exit-ips-as-a-fingerprinting-vector/
❤3
Static Devirtualization of Themida
This article demonstrates devirtualization of CodeVirtualizer/Themida protected code, however the techniques described here apply to pretty much every virtual machine based obfuscator. Only requiring some minor modifications to support each of them. The following is a non-exhaustive list of obfuscators that can be reduced using the technique described in this article.
https://back.engineering/blog/09/05/2026/
This article demonstrates devirtualization of CodeVirtualizer/Themida protected code, however the techniques described here apply to pretty much every virtual machine based obfuscator. Only requiring some minor modifications to support each of them. The following is a non-exhaustive list of obfuscators that can be reduced using the technique described in this article.
https://back.engineering/blog/09/05/2026/
👍5❤2
Comprehensive technical analysis of the MitM attack in the "Telega" app
On the 18th of March creators of a third-party Telegram client called “Telega” activated a hidden feature that enables interception of all traffic between users of their applications and Telegram servers by putting it through servers controlled by them.
Unfortunately, there’s not much info about that, so we’ve made this article with a comprehensive and reproducible analysis of malicious behaviour.
https://dontusetelega.lol/analysis-en
On the 18th of March creators of a third-party Telegram client called “Telega” activated a hidden feature that enables interception of all traffic between users of their applications and Telegram servers by putting it through servers controlled by them.
Unfortunately, there’s not much info about that, so we’ve made this article with a comprehensive and reproducible analysis of malicious behaviour.
https://dontusetelega.lol/analysis-en
🥰4👍1
Media is too big
VIEW IN TELEGRAM
Iranian monarchists say girl's school bombing was "worth it," call for American ground invasion of Iran
💔44🤯4👎2🔥2❤1🥰1
Forwarded from Source Byte
< Scam Alert >
New Threat Actor steal famous "IrLeaks" support ID after their support account been inactive for a while ( their account deleted automatically ) , as i look at my archives this is previous accounts you can use to verify them :
[ + ] Exploit[.]in MemberID :
[ + ] BreachForums UserID :
[ + ] BreachForums Email address :
( Creation time:
[ + ] Telegram channel :
[ + ] Telegram Support :
[ + ] Email address :
New Threat Actor steal famous "IrLeaks" support ID after their support account been inactive for a while ( their account deleted automatically ) , as i look at my archives this is previous accounts you can use to verify them :
[ + ] Exploit[.]in MemberID :
150525 ( Last visited : September 7, 2024 )[ + ] BreachForums UserID :
46196[ + ] BreachForums Email address :
irleaks@proton.me ( Creation time:
1696708552 , Last update: 1710784785 )[ + ] Telegram channel :
1948656476[ + ] Telegram Support :
5128567513 <deleted>[ + ] Email address :
irleaks@tuta.io❤8
Source Byte
< Scam Alert > New Threat Actor steal famous "IrLeaks" support ID after their support account been inactive for a while ( their account deleted automatically ) , as i look at my archives this is previous accounts you can use to verify them : [ + ] Exploit[.]in…
be aware of scammers !
👍4👾3
Forwarded from CyberSecurityTechnologies
Kernel_Debugging_Filesystem_Minifilters.pdf
776.9 KB
#Whitepaper
#Kernel_Security
#Offensive_security
"Debugging Filesystem Minifilters with WinDbg", 2026.
// This technical reference poster explores Windows filesystem minifilters, kernel debugging, and filter communication ports from a red team perspective
#Kernel_Security
#Offensive_security
"Debugging Filesystem Minifilters with WinDbg", 2026.
// This technical reference poster explores Windows filesystem minifilters, kernel debugging, and filter communication ports from a red team perspective
🔥4
Forwarded from Infosec Fortress
Hacefresko
From breaking into my ISP router to finding a MediaTek kernel 0day
From breaking into my ISP router to finding a MediaTek kernel 0day
🔗 Link
#exploitation
#kernel
#linux
#mediatek
#zyxel
———
🆔 @Infosec_Fortress
🔗 Link
#exploitation
#kernel
#linux
#mediatek
#zyxel
———
🆔 @Infosec_Fortress
🔥5❤1
Infosec Fortress
From breaking into my ISP router to finding a MediaTek kernel 0day 🔗 Link #exploitation #kernel #linux #mediatek #zyxel ——— 🆔 @Infosec_Fortress
This media is not supported in your browser
VIEW IN TELEGRAM