Subreption releases research exposing critical security flaws in FIPS/Common Criteria certified enterprise network switches. (subreption.com/press-release…) FLAPPYSWITCH abuses CVE-2024-50604, CVE-2024-50605, CVE-2024-50606 and CVE-2024-50607, for breaking out of the management "cli", executing a modular loader and achieving persistence in the underlying Linux-based OS through classic ELF infection techniques. Vendor patches quietly released (Jan 2025) insufficiently addressed the issues, and misrepresented them as requiring physical access. Vulnerabilities remain exploitable. Our research hopes to bring proper attention to the state of the art in enterprise network equipment security, as it is often overlooked, in the wake of the Salt Typhoon incident. Available at: github.com/subreption/FLAPPY… Stay tuned for updates. #FLAPPYSWITCH #salttyphoon

End of Sales is not End of Life. This is one understated PSA from law enforcement that will go sadly unnoticed and repeat for a few iterations well into the future. FLAPPYBIRD lives on!

The FBI has released a PSA warning that Russian FSB cyber actors are targeting end-of-life networking devices across critical infrastructure sectors. Click for technical details and further information on the FSB Center 16 unit conducting this activity: ic3.gov/PSA/2025/PSA250820

Pending a more formal announcement, we are excited to introduce you to our research since fall 2024 into enterprise network security. Here comes FLAPPYSWITCH. "What can an incident like Salt Typhoon do to telco infrastructure at a hardware level?" needn't be an academic question anymore. Grab your answers! github.com/subreption/FLAPPY… @DistrictCon @CISACyber

7eb03d851c7af7c35b102a024de9d4e94ec693fb90c8f7bbdb05db8c89aa2162 625a4f85d1f648f4f447c9f15b7456c245bc6289604e5336b6f5b11211037707 d91e1b95253651fae4a97128a65101d742783848fc4eef4308767d77cf9c5626 c1330c4c4935d95d9c7af194c6c4312f8849c4c4aaef4178bb88418ec77029ad

We got hit with Beg Bounty shenanigans on New Year's! Read the story at subreption.com/blog/bug-boun… and subreption.com/blog/bug-boun… Homage to @troyhunt of @haveibeenpwned fame. Special thanks to @ThinkstCanary. Happy 2025! May this new year bring our friends happiness and a plethora of gnarly bug chains, and lots of anxiety to our foes! Just kidding, good wishes to those too! #begbounties #scams

Added a set of CVEs currently reported and in process of disclosure and remediation/mitigation: CVE-2024-50604, CVE-2024-50605, CVE-2024-50606, CVE-2024-50607, in Ruckus Networks/CommScope products. Underhyped research during the #SaltTyphoon aftermath! A throwback at @redballoonsec

Releasing hackrf_sweeper (reimplementation of HackRF's hackrf_sweep as a library), along demo applications (including a ZMQ CURVE client and publisher of FFT bins for remote sweeping). github.com/subreption/hackrf…

Finally proper YARA support for Ghidra without the suck: GhidraYara (github.com/subreption/ghidra…). Analyzer extension plugin for rule generation and management, rolled up in one. More features to come, including integration with ProgramDB (for in-DB storage of rules and artifacts).

We have recently released a few things: hackrf_sweeper (hackrf_sweep properly reimplemented as a library) and GhidraYara (including refreshed Java bindings for YARA). github.com/subreption/hackrf… github.com/subreption/ghidra…

The test assembly rig from our blog post (subreption.com/blog/fpv-ipc-…) is now available at: printables.com/model/951443-… With @thingiverse gone downhill for years & their strange censorship policies, we are happy to support @josefprusa and his @Prusa3D @printablescom from Poland! #openipc

It's never too late for a post about #chatgpt, finally. How well does it work for cryptography-related questions and challenges? Here's a short experiment just about that: subreption.com/blog/gpt-capa… #chatgpt #HackTheBox (TL;DR Not terrible)

While everyone was busy having a #crowdstroke, we have published a short primer about hardware and firmware reverse engineering of a video sensor used in IPC devices and FPV drones, fresh out of the labs: subreption.com/blog/fpv-ipc-… #re #ghidra

A short blog post: IEEE 802.11 wireless spectrum coverage metrics (improving probability of intercept with traditional wireless adapters, with actual numbers per configuration and optimized channel hopping) subreption.com/blog/wireless…

On a different note, amidst the widespread plagiarism of original research in proactive defenses in Linux & other projects for the last decade, OpenBSD employs Machiavellian tactics: marc.info/?l=openbsd-tech&m=… "Release broken code, let them Ctrl C/Ctrl V, write sploits, ???"

IR: While the case is being investigated, and based off the data available at Censys and other sources, we kindly ask any user of VPN services coming across this page to contact us, should you encounter emailAddress=kamil.inal@comodo.com or O=ComodoAnkaraGumus in SSL warnings.