No, I don't want to "learn fast", in any subject. I don't want shortcuts. If I don't enjoy the subject, I don't want to learn it; and if I enjoy it, I want to prolong the pleasure. I avoid what exam-takers do: I trade speed for depth.

In preparation for macOS Sequoia on Monday, we're proud to announce OpenCore Legacy Patcher 2.0.0! And with it, all 83 Macs we supported in Sonoma are supported in Sequoia! github.com/dortania/OpenC…

New #PEbear is out (v0.7.0) - with new icon, Qt6, ARM64 support and more goodies 😊! Check it out: github.com/hasherezade/pe…

1) What

Sample code github.com/pookjw/ClearAn…

Keynote by Halvar Flake at #FUZZING'24 reflecting on the Reasons for the Unreasonable Success of Fuzzing.

OpenSSH CRC32 compensation CVE-2001-0144. Michal Zalewski (!) piped random data into OpenSSL for fun and found a crash. Probably the only remotely exploitable OpenSSL bug found via fuzzing.

But maybe we need to be faster rather than smarter? Let's look at fuzzer performance bottlenecks. Let's look at dedicated hardware.

Our paper about the initial research conducted with CellGuard, iOS tooling for Qualcomm basebands, and Apple Location Services has been accpeted for RAID Conference. Read a preprint at lukasarnold.de/posts/raid24-p… x.com/RAID_Conferenc…

CellGuard goes public! 📶 Check if your iPhone was close to potentially malicious cellular base stations, even on non-jailbroken devices.

ㅤ

Yet another cursed internal device from Apple Inc. A144bAP - PCIe card, seemingly network, with… Apple T2 SoC! Unfortunately, I don’t have anything to put it into for now, but AFAIK it runs iBoot at the very least and has SDOM 02

Apple security updates: support.apple.com/en-us/121234 support.apple.com/en-us/121247 support.apple.com/en-us/121246 support.apple.com/en-us/121241 support.apple.com/en-us/121238 support.apple.com/en-us/121250

New sanctions just dropped home.treasury.gov/news/press-rel…

English version is available now bi.zone/eng/expertise/…

GHSL-2024-095: Type confusion leading to RCE in the Chrome renderer sandbox - CVE-2024-5830 securitylab.github.com/advisories/GHS…

Juan Jose Lopez Jaimez (Google) presented Buzzer at #LinuxPlumbers, an #eBPF-specific fuzzer for the verifier. He explained the two CVEs they found and what they learned from it. Slides: lpc.events/event/18/contr… Recording: youtube.com/live/mfMbtQYas…

Continuing the series on exploiting Android Binder with Binder internals blog androidoffsec.withgoogle.com/posts/binder-i… Deep dive into Binder driver by abcSup and Gulshan. We also release github.com/androidoffsec/… -- tiny lib featuring how to do IPC via Binder driver. Happy Binder hacking!