I’m back from my one-week vacation in Mallorca, tweeps. (had my last vacation during the Follina clusterduck a year ago)
Next vacation: 1 week in Switzerland 🇨🇭 in July
#OffTopictweeter.jakobs.systems/i/web/status/166…
Am I missing something obvious or was that video actually recorded on 10+ years old OS? If that tool really does what it claims shouldn't it be tested against latest OS version? and hardened Defender?
We constantly get requests for our THOR legacy version that runs on Windows Xp and Windows 2003
and requests for
- Windows 2000 Server
- RHEL 4
- SuSE Linux 10.4
- Solaris 10
TA sells tool to kill AV/EDRs for $1500
OffSec’s take: it would be better if they gave it away for free
because: when you publish it and give it away for free, it won’t be a problem anymore
Benjamin Delpy:
SectorC: a C Compiler written in x86-16 assembly that fits within the 512 byte boot sector of an x86 machine. In a base64 encoding, it looks like this: xorvoid.com/sectorc.html
🚨 1/ Ongoing campaign primarily targeting security researchers here on Twitter.
Possibly they are trying to exploit some vulnerability in Internet Explorer and database tools like Navicat. I haven't been able to get the malicious payload yet, but something fishy is going on 🤔
Somebody lamented to me that the addition of RAR and 7-Zip support to Windows will open up more attacks.
I think those formats are covered pretty well by security products.
VHD(X), OTOH, is a much bigger blind spot that I blogged about 4 years ago.
Nothing is parsing these still.
I can't believe I've just fine-tuned a 33B-parameter LLM on Google Colab in a few hours.😱
Insane announcement for any of you using open-source LLMs on normal GPUs! 🤯
A new paper has been released, QLoRA, which is nothing short of game-changing for the ability to train and… tweeter.jakobs.systems/i/web/status/166…
A TOX 1.17.6 (current version) RCE 0day is for sale.
It would give nerds the ability to pwn literally every ransomware group, and major Threat Actor, on the planet. All it requests is sending a friend request, and the other person accepting it.
It is being sold for $500,000