Still at #HackLu, @remsio.bsky.social and @w0rty.bsky.social shared their research on Livewire's unmarshalling mechanism at #nullcon Berlin. They demonstrated how to achieve RCE with the APP_KEY and extended their laravel-crypto-killer tool to automate the process. 💪
Hello everyone!
I have one INDIVIDUAL pass for #nullcon Goa 2025. If anyone genuinely needs this, kindly DM me.
Hey hackers - attending #Nullcon? Pop to say hi and talk about AppSec and VR!
You can find @smaury.bsky.social @thezero.org @suidpit.bsky.social around 🖖🏿
Comic/amusing drawing of Pico le Croco with a T-shirt that looks like Radare2's logo except not quite. Pico holds 2 sheets of paper: one in each hand. One is stripped, the other is not stripped.
Tomorrow, join me at #Nullcon Berlin to reverse a #Dart #CTF challenge (non stripped) and a Flutter release malware (stripped).
We'll be using #JEB and #Radare2.
We also talk a little about Ghidra, IDA Pro and Binary Ninja.
nullcon.net/berlin-2024/...
Be sure to have some coffee before :)
Per @a66at, it makes more sense for banks to invest in other forms of vuln mitigation which cost less than to go for Win7 upgrade. #nullcon
Hackers doing as hackers will. #nullcon https://x.com/nytimes/status/837750736352075778
The easiest way to bypass ATM security for WinXP systems is to bypass the kiosk, says @a66at #nullcon
If you have DVBSnoop and Wireshark, you can see a fair deal of unencrypted VSAT Internet data: http://dvbsnoop.sourceforge.net/ #nullcon
It's hilarious hearing hackers at #nullcon discussing if they are breaking international law by engaging in satellite hacking. @nullcon
All of the presenters here at #nullcon are brilliant at security, but some like Karsten Nohl and @tunnelshade_ are fantastic presenters.
We security researchers expose potential deaths and the response to that often diverts resources from *real* deaths. - Karsten Nohl #nullcon
Alok Joshi, chairman of the National Technical Research Organization (India's version of the NSA), speaking at #nullcon right now.
Watching a live demo of drone hijacking by Arthur Garipov of @PTsecurity_UK, using an SDR & GNU Radio: blog.ptsecurity.com/2016/06/phd-vi-how-they-... #nullcon
While open systems aren't necessary for critical systems, proprietary ones make security *much* harder. - R Sarangapani, AGM, NTPC #nullcon
Around 91 lakh bot-infected systems have been cleaned by CERT-IN so far - @mukhteshchander #nullcon
Could panellists avoid saying "gentlemen" when they are addressing the audience, further alienating the few women who are there? #nullcon
"With 60 billion estimated devices on the Internet by 2020, we security folks aren't running of out work anytime soon." @IOActive #nullcon
OnDigital was put out of business by NDS (a NewsCorp / Murdoch co) which paid pirates who were exploiting OnDigital! @IOActive #nullcon
U Michigan paper on hiding a backdoor in a single gate in the billions on a chip!! experts.umich.edu/en/publications/a2-analo... @IOActive #nullcon #security
Joshua Pennell of @IOActive speaking at @nullcon right now, talking about the Internet of Shit and how we need to secure the future #nullcon
Heading to #nullcon now. Who amongst you are going to be there? @nullcon
Instead of inviting pentesting, @UIDAI seeks to limit them instead. #nullcon #security https://x.com/SkochSameer/status/834330813315563521
Funny how often @thegrugq was mentioned during #nullcon. Guess he's the closest we have to an infosec rockstar apart from @SwiftOnSecurity.
Funny how often @thegrugq was mentioned during #nullcon. Guess he's the closest we have to an infosec rockstar apart from @SwiftOnSecurity.
Coming to #nullcon makes me feel better about the shitty state of security in India. Thanks, @aseemjakhar, @antriksh_s, @makash, & co.!
Coming to #nullcon makes me feel better about the shitty state of security in India. Thanks, @aseemjakhar, @antriksh_s, @makash, & co.!
