I tweet mainly about IT security, iOS / iPhone jailbreaking. I have a Microsoft background. Administrator on theiphonewiki․com. Blue team.
Joined April 2010
- Tweets 23,002
- Following 360
- Followers 5,847
- Likes 15,779
138 Photos and videos
Decided to publish the Lexmark printer exploit writeup tools instead of sell it for peanuts. 0day at the time of writing: github.com/blasty/lexmark -- enjoy!
17
277
922
146,703
We (@winterdeaf @kientuong114 and I) took a deep dive on Threema, a Swiss-made secure messaging app. We found 6 new cryptographic vulnerabilities. Full paper at breakingthe3ma.app; mini-thread follows. #threema
5
118
300
138,604
Super excited to release our car hacking research discussing vulnerabilities affecting hundreds of millions of vehicles, dozens of different car companies:
samcurry.net/web-hackers-vs-…
Contributors:
@_specters_ @bbuerhaus @xEHLE_ @iangcarroll, @sshell_ @infosec_au @NahamSec @rez0__
59
721
1,945
342,124
Hi Auto Industry. It's the internet calling...
(Subtitle: How to take over a Ferrari account with zero interaction.)
samcurry.net/web-hackers-vs-…
1
19
38
6,181
http (@http@infosec.exchange) retweeted
4 Jan 2023
If you sent an API request to Twitter with an e-mail address, and an incorrect password, the API returned a JSON response containing the username associated with the account.
A Threat Actor compiled 221,608,279 entries.
This list includes celebrities, politicians, and more...
41
608
3,103
572,940
4 Jan 2023
Does anyone have a copy or working link to original netcat 1.00 (version 951010), file nc100.tgz or is that lost forever? I can only find dead ftp links or a MinGW fork or v1.10 versions.
2
3
6
5,615
http (@http@infosec.exchange) retweeted
29 Dec 2022
Reverse engineering yet another ebook format mijailovic.net/2022/12/25/hk…
18
32
3,147
http (@http@infosec.exchange) retweeted
29 Dec 2022
Here are some of the presentations I found the most interesting within the macOS/iOS Kernel Security research space in 2022! 🧵
alexplaskett.github.io/macos…
3
65
217
44,750
Here’s another #vulnerability #research writeup, this time about the #xnu #kernel
// by @pwningsystems
A tale of a simple #Apple kernel bug
pwning.systems/posts/easy-ap…
7
40
7,168
http (@http@infosec.exchange) retweeted
26 Dec 2022
Today we're publishing new techniques for recovering NTLM hashes from encrypted credentials protected by Windows Defender Credential Guard.
These techniques also work on victims logged on before the server was compromised.
research.ifcr.dk/pass-the-ch…
34
672
1,680
215,622
http (@http@infosec.exchange) retweeted
22 Dec 2022
Comic for December 22, 2022 #dilbert dilbert.com/strip/2022-12-22
9
44
3,492
http (@http@infosec.exchange) retweeted
🔐 ICYMI - JP Aumasson (@veorq) is teaching a free #workshop on #Cryptography! Cryptography is indispensable for protecting information in computer systems, but choosing secure protocols and parameters can become overwhelming. Sign up to learn more!
🎟️ ringzer0.training/workshops.…
8
10
2,012
http (@http@infosec.exchange) retweeted
19 Dec 2022
The Christmas open-obfuscator challenge is live at this address:
obfuscator.re/challenges/
Thank you to @vector35 @build38dotcom and @eshard for sponsoring the prizes of this challenge.
1
42
77
12,618
18 Dec 2022
I just removed all references to the new social media site where everyone is going to and my handle name in my bio, in order to comply with Twitter’s new policies. You’ll find me anyway.
help.twitter.com/en/rules-an…
362
http (@http@infosec.exchange) retweeted
4 Dec 2022
Checkout the macOS and iOS Security Internals Advent Calendar youtube.com/playlist?list=PL… #macos #ios #security #internals #adventcalendar #xmas
2
15
69
12 Dec 2022
I wonder why the iOS version of the checkmark is more expensive.
x.com/TwitterBlue/status/160…
we’re baaaack! Twitter Blue is now available for $8/month on web or $11/month on iOS – we’ve made some upgrades and improvements 🧵
ALT The new Twitter Blue subscription page on web that lists the features included with a subscription. At the top it reads, “Blue subscribers with a verified phone number will get a blue checkmark once approved”. Under that it lists “Rocket to the top of replies, mentions and search”, “See half the ads”, and “Post longer videos”, each labeled as “coming soon”. The list ends with “Get early access” and explains Twitter Blue Labs gives access to select new features. Toward the bottom of the screen it reads, “Limited time offer: $8.00 USD/month” with the button to subscribe underneath.
1
1
5 Dec 2022
Hey ChatGPT, write me an x86 binary, undetected by all AV and EDR, that contacts my C2 on IP 12.133.253.6 port 443 once per day and migrates to a legit process before calling back. Embed it into a PDF that auto-starts the binary via AdobeReader zeroday.
1
15
http (@http@infosec.exchange) retweeted
1 Dec 2022
Checkout Day 1 of the macOS and iOS Security Internals Advent Calendar now with enhanced audio… youtu.be/WxOZgr0Ld9o #ios #macos #security #internals #adventcalendar #xmas
1
6
17