April 2021
March 2021
- JÓZSEF KARDOS: “THE INEVITABLE FALL OF ARTURO UI,” AN OPEN LETTER TO JÁNOS ÁDER, PRESIDENT OF THE REPUBLIC OF HUNGARY - A well-written, must read open letter. Hungary is a huge problem that EU keeps ignoring.
- APT10: sophisticated multi-layered loader Ecipekac discovered in A41APT campaign
- CVE-2021-26855: Microsoft Exchange Server-Side Request Forgery - Exchange RCE root cause analysis.
- Stealing arbitrary GitHub Actions secrets"
- APT Encounters of the Third Kind - Interesting malware and covert channels. Great catch!
- INTERNALSSpeculating The Entire X86-64 Instruction Set In Seconds With This One Weird Trick
- Patent troll IP is more powerful than Apple’s - “IP lets one of the least taxed corporations on Earth extract a 30% tax from everyone else.”
- The Art of Warez Documents the Lost ANSI Art Scene - I miss those times! oh well, life goes on :-)
- Ghost: Confessions of a Counterterrorism Agent - An interesting book, even if spook’s books only have shades of reality, if we are lucky having that.
- The clown king: how Boris Johnson made it by playing the fool - Epic prose.
- awesome-linux-rootkits
- I’ve Been Targeted With Probably the Most Vicious Corporate Counterattack in American History - Crazy story!
- Un-bee-lievable Performance: Fast Coverage-guided Fuzzing with Honeybee and Intel Processor Trace - Really interesting results, a tool to explore.
- Top NATO Scientist With Security Clearance Busted Spying for China
- We bootstrapped to $11 million in ARR - Thinkst keeps growing, focused on great product and customer service. An interesting company!
- TikTok for Android 1-Click RCE - Look mam,no memory corruption RCE!
- Security Theater, The Beat Goes On - The usual good stuff from Dan Geer.
- Another approach to portable Javascript Spectre exploitation