@[email protected]
82 Followers
338 Following
95 Posts
Twitter Profilehttps://twitter.com/MrBenChung
mrbenchungFeb 7, 2023
Richard BejtlichFeb 7, 2023
Some people wonder why I’m not that interested in the technical details behind most intrusions these days. The recent excellent reporting by @TheDFIRReport shows why. The intruders used scheduled tasks as the persistence mechanism. SCHEDULED TASKS, like what we Foundstone consultants taught students to look for in 2002. Sure, occasionally an intruder does something interesting, but almost universally, from tools, to tactics, to operations/campaigns, to strategy, to policy, it’s been SSDD *for decades.* And orgs still get owned, and govs say do better, and vendors do or don’t invest in “secure” products, and consultants and defenders scramble, and others undermine their work. Le sigh.
mrbenchungDec 17, 2022
b_fungDec 16, 2022
Does Twitter blocking Mastodon links constitute anticompetitive behavior against a nascent rival? I asked a couple of legal experts, including Bill Baer, the former antitrust chief at DOJ and FTC in two US administrations. Here's what they say: https://www.cnn.com/2022/12/16/tech/mastodon-twitter-links/index.html
mrbenchungNov 28, 2022
raptor Nov 27, 2022

Awesome @githubsecurity articles by @anticomputer on recognizing and exploiting the hidden attack surface of interpreted languages

Now you C me, now you don't: An introduction to the hidden #attack surface of interpreted languages
https://securitylab.github.com/research/now-you-c-me/

Now you C me, now you don't, part two: #exploiting the in-between
https://securitylab.github.com/research/now-you-c-me-part-two/

For historical context on the ret2dlresolve #xdev technique, see also Nergal's "The advanced return-into-lib(c) exploits"
http://phrack.org/issues/58/4.html

Now you C me, now you don’t: An introduction to the hidden attack surface of interpreted languages

Aimed at developers, in this series we introduce and explore the memory unsafe attack surface of interpreted languages.

GitHub Security Lab
Show threadmrbenchungNov 28, 2022
@n0x08 lots@of good Indian as well, banana leaf type stuff
Show threadmrbenchungNov 28, 2022
@n0x08 jumbo seas food restaurant chain for chilli crab is good. Bah kuh teh is a speciality of the area which is quite yum, pork bone soup.
mrbenchungNov 28, 2022
0xor0neNov 27, 2022

Very cool research about reverse engineering the NFC protocol used by Tesla Model Y and relaying it using a Proxmark device.
credits Josep Pi Rodriguez


White paper link: https://act-on.ioactive.com/acton/attachment/34793/f-6460b49e-1afe-41c3-8f73-17dc14916847/1/-/-/-/-/NFC-relay-TESlA_JRoriguez.pdf

#hacking #tesla #iot #nfc #infotech #cybersecurity #exploit #vulnerability #proxmark

mrbenchungNov 28, 2022
@malwaretech ok that is freaking awesome
Show threadmrbenchungNov 27, 2022
@jkirk congrats mate!
mrbenchungNov 27, 2022
ComfyConAUNov 27, 2022

Videos are on their way from #ComfyConAU2022Too🎈​

The playlist is ready to go and will have videos added to it over the coming week(s) ... (nag @Shanna if its too slow)

https://www.youtube.com/playlist?list=PLg-aMs82kVNrINbvFqFO_kXPw3b4DdVqj

You can check out videos from @hal_pomeranz, @fr0gger, & @ppym so far 

ComfyConAU2022Too

YouTube
mrbenchungNov 27, 2022
Swissky Nov 27, 2022
Hack the Real Box: APT41’s New Subgroup Earth Longzhi
https://www.trendmicro.com/en_us/research/22/k/hack-the-real-box-apt41-new-subgroup-earth-longzhi.html
Hack the Real Box: APT41’s New Subgroup Earth Longzhi

We looked into the campaigns deployed by a new subgroup of advanced persistent threat (APT) group APT41, Earth Longzhi. This entry breaks down the technical details of the campaigns in full as presented at HITCON PEACE 2022 in August.

Trend Micro