runixd

Our 36c3 presentation video : https://media.ccc.de/v/36c3-10505-the_great_escape_of_esxi#t=708 … and slides: https://url.cn/51kIMxY  It's really a nice party. Hope to see you next year. #36c3

EPIC JAILBREAK: Introducing checkm8 (read "checkmate"), a permanent unpatchable bootrom exploit for hundreds of millions of iOS devices. Most generations of iPhones and iPads are vulnerable: from iPhone 4S (A5 chip) to iPhone 8 and iPhone X (A11 chip).https://github.com/axi0mX/ipwndfu 

IE9/IE11 Vulnerability advanced exploitation: PoC+slides on how to bypass ASLR+DEP to exploit IE9-IE11 successfullyhttps://github.com/k33nteam/IE9-IE11-Vulnerability-Advanced-Exploitation …

GrapheneOS is the continuation of the project formerly known as CopperheadOS. GrapheneOS is open source and is in the process of being properly revived and moved forward. https://grapheneos.org/  https://attestation.app/  https://github.com/GrapheneOS  https://reddit.com/r/GrapheneOS  @GrapheneOS

Have y'all had a chance to go see the videos for the candidates for the @owasp board of directors? Here's @Kerberosmansour video!https://youtu.be/9gDoGaSbIAE 

In the vein of sharing pieces of my toolset, here's another one: a super thin PE loader for Linux, based on the pe-parse library. Worked for the Windows font subsetter, may work for other self-contained DLLs.https://github.com/googleprojectzero/BrokenType/tree/master/fontsub-dll-on-linux …

CVE-2019-12527: Code Execution on Squid Proxy Through a Heap Buffer Overflow - the Trend Micro Research team provides details about this recently patched vuln.http://bit.ly/30p7VuF 

OMFGhttps://variety.com/2019/film/news/matrix-4-keanu-reeves-carrie-anne-moss-lana-wachowski-1203307955/ …

I wrote a blog post "Breaking Through Another Side: Bypassing Firmware Security Boundaries". It's a first part of the series based on our #BHUSA research with Alexandre Gazet. HW/FW Security != Summary of all Security Boundarieshttps://medium.com/@matrosov/firmware-security-boundaries-85807d3fe604 …