dhulliger
@ruheabteil.ch
dad, screaming at computers and climbing rocks
Worth watching!
youtu.be/3C1Gnxhfok0?...
youtu.be/3C1Gnxhfok0?...
39C3 - A post-American, enshittification-resistant internet
YouTube video by media.ccc.de
youtu.be
January 28, 2026 at 4:39 PM
Worth watching!
youtu.be/3C1Gnxhfok0?...
youtu.be/3C1Gnxhfok0?...
Reposted by dhulliger
Are you concerned about your privacy and the power abuse by American tech companies?
This website helps you switch to European and open-source alternatives.
switch-to.eu/en/
This website helps you switch to European and open-source alternatives.
switch-to.eu/en/
Switch-to.eu - EU alternatives to global services
A guide to help you switch from non-EU to EU-based digital services and products.
switch-to.eu
January 24, 2026 at 10:07 PM
Are you concerned about your privacy and the power abuse by American tech companies?
This website helps you switch to European and open-source alternatives.
switch-to.eu/en/
This website helps you switch to European and open-source alternatives.
switch-to.eu/en/
Nothing new, but the current political situation in the US just makes it way more of an issue!
Microsoft hinterlegt den Schlüssel der Festplattenverschlüsselung standardmäßig im Online-Account von Kunden. Dort ist er mit richterlichem Beschluss abrufbar. #Verschlüsselung
Microsoft gibt BitLocker-Schlüssel an Strafverfolgungsbehörden
Microsoft hinterlegt den Schlüssel der Festplattenverschlüsselung standardmäßig im Online-Account von Kunden. Dort ist er mit richterlichem Beschluss abrufbar.
www.heise.de
January 25, 2026 at 11:26 AM
Nothing new, but the current political situation in the US just makes it way more of an issue!
Reposted by dhulliger
In Minnesota wurden Aktivistinnen festgenommen, die Proteste gegen ICE organisiert haben sollen. Von einer hat das Weiße Haus ein Foto manipulieren lassen. #Bildbearbeitung
Weißes Haus verbreitet KI-manipulierte Aufnahme von festgenommener Aktivistin
In Minnesota wurden Aktivistinnen festgenommen, die Proteste gegen ICE organisiert haben sollen. Von einer hat das Weiße Haus ein Foto manipulieren lassen.
www.heise.de
January 23, 2026 at 6:15 AM
In Minnesota wurden Aktivistinnen festgenommen, die Proteste gegen ICE organisiert haben sollen. Von einer hat das Weiße Haus ein Foto manipulieren lassen. #Bildbearbeitung
Reposted by dhulliger
Wie jedes Jahr: Hoffen auf Weltverbesserung am @worldeconomicforum.bsky.social
January 18, 2026 at 11:21 AM
Wie jedes Jahr: Hoffen auf Weltverbesserung am @worldeconomicforum.bsky.social
Reposted by dhulliger
🧵 Thread on beautiful data centers:
MareNostrum 4 (Barcelona SCC): Often called "the most beautiful data center in the world," this facility is housed inside the Torre Girona Chapel, a deconsecrated 19th-century church.
When fully installed, it will have a peak performance of 13.9 Petaflops.
MareNostrum 4 (Barcelona SCC): Often called "the most beautiful data center in the world," this facility is housed inside the Torre Girona Chapel, a deconsecrated 19th-century church.
When fully installed, it will have a peak performance of 13.9 Petaflops.
January 12, 2026 at 5:28 PM
🧵 Thread on beautiful data centers:
MareNostrum 4 (Barcelona SCC): Often called "the most beautiful data center in the world," this facility is housed inside the Torre Girona Chapel, a deconsecrated 19th-century church.
When fully installed, it will have a peak performance of 13.9 Petaflops.
MareNostrum 4 (Barcelona SCC): Often called "the most beautiful data center in the world," this facility is housed inside the Torre Girona Chapel, a deconsecrated 19th-century church.
When fully installed, it will have a peak performance of 13.9 Petaflops.
Reposted by dhulliger
Usually I can’t wait for a sequel but…
December 26, 2025 at 10:50 PM
Usually I can’t wait for a sequel but…
Reposted by dhulliger
First two unauthenticated RCE CVEs published - Discovered with the help of our #Binja plugin #Mole!
🔗 Advisory: certvde.com/en/advisorie... @ruheabteil.ch
🔗 Mole: github.com/cyber-defenc...
More vulnerabilities have been reported - stay tuned for upcoming advisories.
🔗 Advisory: certvde.com/en/advisorie... @ruheabteil.ch
🔗 Mole: github.com/cyber-defenc...
More vulnerabilities have been reported - stay tuned for upcoming advisories.
WAGO: Vulnerabilities in WAGO Industrial-Managed Switches
certvde.com
December 10, 2025 at 6:50 PM
First two unauthenticated RCE CVEs published - Discovered with the help of our #Binja plugin #Mole!
🔗 Advisory: certvde.com/en/advisorie... @ruheabteil.ch
🔗 Mole: github.com/cyber-defenc...
More vulnerabilities have been reported - stay tuned for upcoming advisories.
🔗 Advisory: certvde.com/en/advisorie... @ruheabteil.ch
🔗 Mole: github.com/cyber-defenc...
More vulnerabilities have been reported - stay tuned for upcoming advisories.
Reposted by dhulliger
🧯The security community is pushing back against new claims that 80% of #ransomware attacks are AI-driven, a figure from a recent MIT-linked report now drawing widespread criticism. →
socket.dev/blog/securit...
socket.dev/blog/securit...
Security Community Slams MIT-linked Report Claiming AI Power...
Experts push back on new claims about AI-driven ransomware, warning that hype and sponsored research are distorting how the threat is understood.
socket.dev
October 31, 2025 at 1:25 AM
🧯The security community is pushing back against new claims that 80% of #ransomware attacks are AI-driven, a figure from a recent MIT-linked report now drawing widespread criticism. →
socket.dev/blog/securit...
socket.dev/blog/securit...
Reposted by dhulliger
Did a new one
August 7, 2025 at 6:46 PM
Did a new one
Earlier that year @damianpfammatter.bsky.social and me had time to play with domotics equipment. Finally the patches and advisories were released: www.certvde.com/en/advisorie...
Sauter: Multiple vulnerabilities in SAUTER modulo 6
www.certvde.com
October 22, 2025 at 7:43 AM
Earlier that year @damianpfammatter.bsky.social and me had time to play with domotics equipment. Finally the patches and advisories were released: www.certvde.com/en/advisorie...
Reposted by dhulliger
Reposted by dhulliger
Reposted by dhulliger
My DEFCON talk "We are currently clean on OPSEC" now has over 30k views on YouTube, so now more people watched my talk than attended DEFCON itself. If you haven't seen it, please do! The Trump admin's incompetence is mindbogglingly BONKERS www.youtube.com/watch?v=KFYy...
"We are currently clean on OPSEC": The Signalgate Saga (DEFCON 33)
YouTube video by Micah Lee
www.youtube.com
August 19, 2025 at 6:24 PM
My DEFCON talk "We are currently clean on OPSEC" now has over 30k views on YouTube, so now more people watched my talk than attended DEFCON itself. If you haven't seen it, please do! The Trump admin's incompetence is mindbogglingly BONKERS www.youtube.com/watch?v=KFYy...
Reposted by dhulliger
Check out our latest blog post on modeling complex control flow with function-level basic block analysis in Binary Ninja 5.1. From DSPs to Brain***k, this update makes it easier to develop plugins for tricky architectures. binary.ninja/2025/08/12/f...
August 14, 2025 at 7:17 PM
Check out our latest blog post on modeling complex control flow with function-level basic block analysis in Binary Ninja 5.1. From DSPs to Brain***k, this update makes it easier to develop plugins for tricky architectures. binary.ninja/2025/08/12/f...
Reposted by dhulliger
During my #BHUSA talk I've released many ETW research tools, of which the most notable is BamboozlEDR. This tool allows you to inject events into ETW, allowing you to generate fake alerts and blind EDRs.
github.com/olafhartong/...
Slides available here:
github.com/olafhartong/...
github.com/olafhartong/...
Slides available here:
github.com/olafhartong/...
GitHub - olafhartong/BamboozlEDR: A comprehensive ETW (Event Tracing for Windows) event generation tool designed for testing and research purposes.
A comprehensive ETW (Event Tracing for Windows) event generation tool designed for testing and research purposes. - olafhartong/BamboozlEDR
github.com
August 6, 2025 at 8:49 PM
During my #BHUSA talk I've released many ETW research tools, of which the most notable is BamboozlEDR. This tool allows you to inject events into ETW, allowing you to generate fake alerts and blind EDRs.
github.com/olafhartong/...
Slides available here:
github.com/olafhartong/...
github.com/olafhartong/...
Slides available here:
github.com/olafhartong/...
Reposted by dhulliger
cut my heap into pieces, this is my crash report:
allocation, no alignment
don't give a fuck if it faults on assignment
this is fatal abort()
allocation, no alignment
don't give a fuck if it faults on assignment
this is fatal abort()
May 31, 2025 at 5:26 PM
cut my heap into pieces, this is my crash report:
allocation, no alignment
don't give a fuck if it faults on assignment
this is fatal abort()
allocation, no alignment
don't give a fuck if it faults on assignment
this is fatal abort()
Reposted by dhulliger
Linda McMahon, Secretary of Education, sent Harvard a letter.
They graded it.
Bwahahaha.
They graded it.
Bwahahaha.
May 7, 2025 at 2:41 AM
Linda McMahon, Secretary of Education, sent Harvard a letter.
They graded it.
Bwahahaha.
They graded it.
Bwahahaha.
Reposted by dhulliger
Heard of #ContextJail?
It's a nasty new technique: puts target thread into ⓪ deadloop, for as long as you can afford. Requires THREAD_GET_CONTEXT right.
The gist? Just spam NtGetContextThread(tgt).😸
Target will be jailed, running nt!PspGetSetContextSpecialApc 🔁.
Src & binary in [ALT].
Usecases: ⤵️
It's a nasty new technique: puts target thread into ⓪ deadloop, for as long as you can afford. Requires THREAD_GET_CONTEXT right.
The gist? Just spam NtGetContextThread(tgt).😸
Target will be jailed, running nt!PspGetSetContextSpecialApc 🔁.
Src & binary in [ALT].
Usecases: ⤵️
May 6, 2025 at 10:06 PM
Heard of #ContextJail?
It's a nasty new technique: puts target thread into ⓪ deadloop, for as long as you can afford. Requires THREAD_GET_CONTEXT right.
The gist? Just spam NtGetContextThread(tgt).😸
Target will be jailed, running nt!PspGetSetContextSpecialApc 🔁.
Src & binary in [ALT].
Usecases: ⤵️
It's a nasty new technique: puts target thread into ⓪ deadloop, for as long as you can afford. Requires THREAD_GET_CONTEXT right.
The gist? Just spam NtGetContextThread(tgt).😸
Target will be jailed, running nt!PspGetSetContextSpecialApc 🔁.
Src & binary in [ALT].
Usecases: ⤵️
Reposted by dhulliger
Post-ex Weaponization: An Oral History
aff-wg.org/2025/04/10/p...
A walk-through of some history on post-ex eco-systems used by CS (PowerShell, Reflective DLLs, .NET, and BOFs).
Ends with a coffee conversation talking about magician's guilds, security research, and ideas about what's next.
aff-wg.org/2025/04/10/p...
A walk-through of some history on post-ex eco-systems used by CS (PowerShell, Reflective DLLs, .NET, and BOFs).
Ends with a coffee conversation talking about magician's guilds, security research, and ideas about what's next.
April 10, 2025 at 2:24 PM
Post-ex Weaponization: An Oral History
aff-wg.org/2025/04/10/p...
A walk-through of some history on post-ex eco-systems used by CS (PowerShell, Reflective DLLs, .NET, and BOFs).
Ends with a coffee conversation talking about magician's guilds, security research, and ideas about what's next.
aff-wg.org/2025/04/10/p...
A walk-through of some history on post-ex eco-systems used by CS (PowerShell, Reflective DLLs, .NET, and BOFs).
Ends with a coffee conversation talking about magician's guilds, security research, and ideas about what's next.
Reposted by dhulliger
The craziest file I made & visualized recently was combining the Doom PDF with a DOS & Windows (EXE & PE) polyglot.
It runs Doom on OS from 1993 until today, and Chrome-based PDF viewers!
You can make it an HTML/JS polyglot too to run on most browsers! (3/3)
It runs Doom on OS from 1993 until today, and Chrome-based PDF viewers!
You can make it an HTML/JS polyglot too to run on most browsers! (3/3)
April 1, 2025 at 6:34 AM
The craziest file I made & visualized recently was combining the Doom PDF with a DOS & Windows (EXE & PE) polyglot.
It runs Doom on OS from 1993 until today, and Chrome-based PDF viewers!
You can make it an HTML/JS polyglot too to run on most browsers! (3/3)
It runs Doom on OS from 1993 until today, and Chrome-based PDF viewers!
You can make it an HTML/JS polyglot too to run on most browsers! (3/3)
Reposted by dhulliger
quick guide to Signal's disappearing messages settings
March 26, 2025 at 2:04 PM
quick guide to Signal's disappearing messages settings