RT @irsdl: The blog.mantrainfosec.com/blog/… post by @xorxoreip shows how prepared statements can be exploited in NodeJS using mysql and mysql2 p…

New blogpost: Prepared Statements? Prepared to Be Vulnerable. An interesting take on how vulnerable configurations can be exploited. blog.mantrainfosec.com/blog/…

Many thanks to @xoreipeip for presenting his talk "Server-Side Cross-Site Scripting" #XSS at the #OWASPLondon Chapter meetup last week! The video recording of the talk is now available to watch on our YouTube channel 📺 [PLEASE SUBSCRIBE!]: 👇 youtube.com/watch?v=UNoUEBNh…

I hope the presentation was more attractive than this picture of me!

Put together a short blog post detailing a small Ghidra related fix I recently hacked together. Might save others some time.

The next OWASP London Chapter in-person Meetup will take place on Thursday 17th July 2025 kindly hosted by Civo Tech Junction and kindly sponsored by @BlackDuck_SW Talks from @xoreipeip and Matthew Brady - Register to attend here: 👇 meetup.com/owasp-london/even…

I've written a free book to help non-technical readers understand and avoid scams. It's designed for friends, grandmas, moms&pops. Anyone who might be vulnerable to online or phone scams. Please help spread the word and protect your loved ones. LINK: mantrainfosec.com/scambook

#Workshop "Defeating #Encryption By Using Unicorn Engine" at #x33fcon by @xoreipeip - #reverseEngineering #hardwareHacking #red

Meta and Russian Yandex engaged in unprecedented internet tracking practices, likely illegal with EU data protection law. Companies designed tracking systems that exploited Android's localhost socket permissions to create covert communication channels between websites and native mobile apps, bypassing Android's app sandboxing protections. Android allows any app with internet permission to listen on localhost ports without user consent, and web browsers can access these localhost interfaces. When users visit websites containing Meta Pixel or Yandex Metrica scripts, the JavaScript tracking code sends data directly to specific localhost ports (Meta uses UDP ports 12580-12585 via WebRTC, Yandex uses TCP ports 29009-30103 via HTTP). Facebook, Instagram, and Yandex apps run background services that actively listen on these predetermined ports to receive tracking data, then link this anonymous web activity to authenticated user accounts and transmit the combined data to company servers. This technique affects billions of Android users and renders privacy protections like incognito mode, VPNs, and cookie clearing completely ineffective. Meta Pixel attempted localhost communications on over 17,000 of the top 100,000 websites, with 78% doing so without user consent. The method allows comprehensive profile building linking anonymous browsing to real identities, tracking everything from shopping to sensitive site visits. It also creates vulnerabilities where malicious apps could eavesdrop on browsing history by listening on the same localhost ports. This surveillance operated without disclosure. Following public disclosure, Meta immediately ceased the practice and removed related code while browser vendors scrambled to implement protections. The practice violates multiple GDPR and ePrivacy principles. The technique transforms supposedly anonymous first-party cookies into cross-site tracking identifiers without explicit consent, violating ePrivacy Directive requirements for cookie consent and GDPR's lawful basis for processing. By secretly linking web browsing to app-based identities, it constitutes undisclosed profiling that undermines user expectations and data minimization principles. This is a material for max #GDPR fine. localmess.github.io/

We've got two talks tomorrow evening at the Greene Man! @xoreipeip is talking about Cisco phones, and Nick Dunn bsky.app/profile/n1ckdunn.bs… will explain SOSL injection #defcon #london

🚀 #x33fcon 2025 Onsite Workshop! 🚀 Join @xoreipeip to master software reverse-engineering with Unicorn Engine! Learn to dynamically execute and analyze code to crack encryption and obfuscation in binaries using Python and Ghidra. Perfect for #malwareanalysis, #vulnerabilityresearch, and #embeddeddevice hacking. Details: x33fcon.com/#!w/BalazsBucsay…

🎤 Speaker Announcement 🎤 We’re excited to welcome @xoreipeip to the stage! His talk? “Is Your Phone Spying on You? An In-Depth Analysis of Vulnerabilities in Cisco VoIP Phones” Don’t miss this deep dive into device-level security. #BSidesBirmingham #BSides

Please welcome Balazs Bucsay with their talk on 'Is Your Phone Spying on You?' Sponsored by Optimising IT | B Corp™, CyberCX, Cydea and Orange Cyberdefense. Grab your ticket today ti.to/bsides-exeter/bsides-e… #oooarrcyber

🔔 Hacktivity 2025 is calling—for papers, sponsors… you name it! 🎤💡 Want to speak, support, or engage? Now’s the time!📢 Be part of the community → Get in touch! hacktivity.com/ #Hacktivity2025 #CFP #CFS #Infosec #CyberSecurity

We’re thrilled to welcome Balazs Bucsay (@xoreipeip), Founder & CEO at Mantra Information Security, as a speaker at BSides Prague 2025. 🎤💻 #bsides #cybersecurity #conference #community #workshop

See you there!

Our workshop, Defeating Encryption Using the Unicorn Engine will be held at @BSidesLondon this Saturday. All tickets are sold out, but @xoreipeip will be around for the whole day to chat.