modzero

@[email protected]
539 Followers
29 Following
32 Posts

Breaking stuff since April 2011.

@modzero.bsky.social

modzeroMar 12

We're Hiring!

We are currently looking for a Penetration Tester
and a Senior Red Teamer. Check out our open positions
and reach out if you think you’d be a great fit.

Here:
https://modzero.com/en/jobs/

Jobs

modzeroMar 4
THSMar 3

There are not many people I would credit with having had an immense influence on my personality and development. Felix (FX) Lindner of Phenoelit is one of those people .

On Sunday, I received the news that he has passed away. Although or perhaps precisely because we had not seen or spoken to each other for some time, I would like to share a few words about this extraordinary human being: https://ths.ch/posts/fx/

#FX #hacker #death #RIP #phenoelit

RST in Peace, FX... | THS

modzeroDec 2
tomate 🍅Dec 2

Timetables for #39c3, hot off the press: The Fahrplan is out

https://events.ccc.de/en/2025/12/02/39c3-fahrplan/

Timetables for 39C3, hot off the press: The Fahrplan is out

After the halfnarp is before the schedule. Thanks to you, and thanks to the many helping hands of the content teams, we can now present to you the first version of the 39C3 Fahrplan! The official stage programme at the 39th Chaos Communication Congress starts on 27 December, 10:30 with the opening ceremony and shines with a total of 165 talks. These have been lovingly sorted and curated for you into seven topical tracks. There is definitely something for everyone! To those of you who now have counted manually or even found the gaps in the schedule: That’s right, because we have a few surprise talks that we can only reveal shortly before 39C3.

CCC Event Blog
Show threadmodzeroNov 10
Find Michael here: https://infosec.exchange/@born0monday
born0monday (@[email protected])

1 Post, 6 Following, 26 Followers ·

Infosec Exchange
modzeroNov 10

No Leak, No Problem   - Remember our PSA about updating your INSTAR cameras? Here's the reason in detail, worked out and noted by our teammate Michael Imfeld

https://modzero.com/en/blog/no-leak-no-problem/

No Leak, No Problem - Bypassing ASLR with a ROP Chain to Gain RCE

modzeroNov 6
Does anyone here have a working way to contact https://archive.org/?
It's about a security issue...
Internet Archive: Digital Library of Free & Borrowable Texts, Movies, Music & Wayback Machine

modzeroSep 28

catch a glimpse of us holding our annual “state of the zero” meetup - to wrap our heads around all of IT and us.

we also took a boat trip, ate too many sweets, touched some grass, saved the world, had a barbecue and a drink or two…💓

#modzero #infosec #itsecurity #captainitswednesday

Show threadmodzeroAug 14, 2025
find michael here: https://infosec.exchange/@born0monday
born0monday (@[email protected])

1 Post, 6 Following, 26 Followers ·

Infosec Exchange
modzeroAug 14, 2025

PSA update your INSTAR cameras. Our teammate Michael Imfeld identified a critical RCE (CVE-2025-8760) on 2k+ and 4K devices. Find the advisory here:

https://modzero.com/en/advisories/mz-25-03-instar/

[MZ-25-03] INSTAR 2K+ and 4K Series

modzeroJun 27, 2025

Our teammate Leonid had a look on Synology. He discovered a leaked credential that allowed anyone unauthorized access to all Microsoft tenants of organizations that use Synology's "Active Backup for Microsoft 365" (ABM), including sensitive data such as all Teams channel messages. #synology #disclosure #modzero #infosec

https://modzero.com/en/blog/when-backups-open-backdoors-synology-active-backup-m365/

When Backups Open Backdoors: Accessing Sensitive Cloud Data via "Synology Active Backup for Microsoft 365"