[MZ-25-03] INSTAR 2K+ and 4K Series

PSA update your INSTAR cameras. Our teammate Michael Imfeld identified a critical RCE (CVE-2025-8760) on 2k+ and 4K devices. Find the advisory here:
modzero.com/en/advisorie...

A colleague of mine found exposed credentials potentially granting access to Synology Teams backups. Check the full analysis and scan your tenants for IOCs. #cybersecurity #infosec #disclosure

modzero.com/en/blog/when...

Belegsammlung für ein AfD-Verbotsverfahren Der Verfassungsschutz stuft die AfD in seinem Gutachten als gesichert rechtsextrem ein. Das reicht nicht für ein Parteiverbot, sagt Innenminister Alexander Dobrindt. Darum übernehmen wir nun den Job u...

Innenminister Dobrindt meint: Die Einstufung der AfD als „gesichert rechtsextrem” reicht nicht für ein Parteiverbot?
Kein Problem – wir legen nach: Mit unserer Belegsammlung schaffen wir die Grundlage für ein umfassendes Gutachten zum AfD-Verbotsverfahren. Mehr dazu: fragdenstaat.de/aktionen/afd...

Both defenders and red teamers will be interested in this tool drop and deep dive into psexec from Aurélien.

He, Michael, and Reino built susinternals that makes use of the Microsoft signed psexec service binary on the host instead of the more easily flagged RemCom.

sensepost.com/blog/2025/ps...

ROPing our way to “Yay, RCE” - and a lesson in the importance of a good nights sleep!

Follow our Colleague Michaels journey of developing an ARM ROP chain to exploit a buffer overflow in uc-http

modzero.com/en/blog/ropi...

Verdachtsfall Rechtsextremismus: Wir veröffentlichen das 1.000-seitige Verfassungsschutz-Gutachten zur AfD Die Alternative für Deutschland steht im Verdacht, rechtsextrem und verfassungsfeindlich zu sein. Der Verfassungsschutz beobachtet die Partei und hat ein ausführliches Gutachten erstellt. Wir veröffen...

NEU: Hier ist das geheime Verfassungsschutz-Gutachten zur AfD in voller Länge. Fast 5000 Quellen hat die Behörde in den vergangenen Jahren ausgewertet, jetzt hat @netzpolitik.org das Gutachten veröffentlicht.

In Chrome:

Object.values(this)[165].bind(this)()

This is a great post on bug bounty reddit!

OP reported an IDOR, gets paid $2,000, and then realizes it never was IDOR. It's just a cached response...

Issue #2 joined the 'over 100K downloads' club. All thanks to you!
Now Issue #4 is applying for a membership there, and it's not far from getting in :)

Want to help? Tell your friends about us!
pagedout.institute

I am glad you like it!

I wrote a blog post about SSTI in Thymelaf - hopefully it helps some people pentesting up-to-date Spring Boot applications :)

(please re-post for reach - thank you!)
Learned a cool new Linux trick? Know an interesting quirk in a network protocol? Or have something else to share?

Write a 1-page article for the #6 issue of Paged Out! :)
pagedout.institute?page=cfp.php

Soft deadline is Feb 1st.

Flare-On 2024 Solutions and Commentary YouTube video by BasteG0d69

My videos for Flare-On 2024 are live! Watch me reverse engineer all the challenges from start to end. 🎉🥳

+ Commentary video featuring SuperFashi, where we review the chals together.

* 45 hours of content
* 400+ GB of raw footage

Merry Christmas! Link: www.youtube.com/watch?v=vwW9...

Re-sharing to keep bluesky rolling

go.bsky.app/EhGFSVj

A thumbnail with a blue, black, and green gradient background, with the VS Code and GitHub Copilot logos in the foreground and a graphic of the Copilot Chat window hovering below.

Announcing GitHub Copilot Free!

A new free tier for GitHub Copilot, available for everyone today in VS Code.

No trial. No subscription. No credit card required.

Learn more in our blog: aka.ms/copilot-free

I just wrote a new blog post! This is how I (ab)used a jailed file write bug in Tomcat/Spring. Enjoy!

Remote Code Execution with Spring Properties :: srcincite.io/blog/2024/11...

Digging for XSS Gold: Unearthing Browser Quirks with Shazzer YouTube video by PortSwigger

I can highly recommend Shazzer from @garethheyes.co.uk, such a great tool for XSS research!

I'm glad to release the tool I have been working hard on the last month: #KrbRelayEx
A Kerberos relay & forwarder for MiTM attacks!
>Relays Kerberos AP-REQ tickets
>Manages multiple SMB consoles
>Works on Win& Linux with .NET 8.0
>...
GitHub: github.com/decoder-it/K...

Hello Bluesky 👋

We are an IT security company. Our team consists of like-minded hackers located in Germany and Switzerland.

Our core areas of expertise are comprehensive technical security analyses, penetration tests and red teaming services.

Want to learn more about us?
Check: modzero.com/en/

During a #redteam at @modzero.bsky.social we discovered a limited but neat bypass for #printnightmare. I talked to @itm4n about it and he had an indepth look. Read about it here:
itm4n.github.io/printnightma...
#itsec