@lorenzo2472.bsky.social
Reverse engineering, files formats and crypto. https://github.com/lclevy
Getting remote code execution on a Brother Printer (MFC-J1010DW) by chaining three vulnerabilities
starlabs.sg/blog/2025/11...
#infosec
The widow of slain Saudi dissident Jamal Khashoggi Monday filed a legal complaint in 🇫🇷France accusing Saudi Arabia of using Israeli #spyware to steal data from her phones before he was killed, her lawyers said.
www.france24.com/en/live-news...
V8 now has a JS bytecode verifier!
IMO a good example for the benefits of the V8 Sandbox architecture:
- Hard: verify that bytecode is correct (no memory corruption)
- Easier: verify that it is secure (no out-of-sandbox memory corruption)
The sandbox basically separates correctness from security.
@blackhoodie.bsky.social will have its own assembly at 39c3 congress this year 🥰
events.ccc.de/congress/202...
Trail of Bits has developed constant-time coding support for LLVM 21, providing developers with compiler-level guarantees that their cryptographic implementations remain secure against branching-related timing attacks #Cryptography blog.trailofbits.com/2025/11/25/c...
02.12.2025 20:10 — 👍 5 🔁 3 💬 0 📌 0
Vraiment passionnant ce documentaire sur Pavel Durov (le background, VK, Telegram, etc)
youtu.be/165QnB3Jddk?...
Inglorious bastards ?
01.12.2025 07:26 — 👍 1 🔁 0 💬 0 📌 0
🚨 ENQUÊTE | Telegram : du mythe libertaire à l’influence du Kremlin
Voyages cachés de Durov, serveurs liés au FSB et fausses promesses de sécurité : notre investigation révèle la face cachée de l'application aux 950M d'utilisateurs. ⤵️
debunkcafe.fr/telegram-myt...
🎭 Le mythe Pavel Durov s'effondre.
Il se vendait comme un résistant au Kremlin, mais notre enquête révèle ses liens avec le FSB, un financement opaque et des failles de sécurité critiques. La façade libertaire de Telegram est une illusion.
Thread 🧵👇 (1/8)
La seconde rythme aujourd'hui nos vies (communications téléphoniques, internet, GPS, etc.), mais comment a-t-on défini la mesure du temps et sur quoi repose la définition actuelle de la seconde ? 🧵👇
27.11.2025 14:50 — 👍 84 🔁 27 💬 5 📌 3
Nouvelle vidéo du Vortex avec Jessica !
Vous voulez savoir comment fonctionne la transformation d'une chenille ? C'est ici :
www.youtube.com/watch?v=ifQY...
We’ve published new research from the EU co-funded project NGSOTI: “Learning from large-scale IPv4 blackhole: Behavioral analysis of SNMP traffic”.
Over a 12-month period (Nov 2024–Oct 2025), our network telescope captured ~634 million unsolicited SNMP queries from more than 153,000 unique IPv4 […]
Présentes dans nos smartphones 🤳, ampoules LED 💡 ou batteries électriques 🔋, les terres rares sont des métaux très convoités. Le géochimiste Clément Levard (CNRS) résume 3 points clés pour comprendre pourquoi leur approvisionnement est un enjeu majeur.
27.11.2025 08:39 — 👍 50 🔁 24 💬 2 📌 1
In a Study by RTINGS, Browser Fingerprinting was investigated in detail, showing just how easy it is to uniquely identify a Visitor (even if you are using a VPN) across the 83 Laptops used in the Study #Privacy #Anonymity www.rtings.com/vpn/learn/re...
26.11.2025 20:10 — 👍 3 🔁 1 💬 0 📌 0Il faut aller le voir en concert aussi, souvent au Café de la danse
23.11.2025 17:50 — 👍 0 🔁 0 💬 1 📌 0
My talk about ray-tracing is out!
youtu.be/CGR1gu2KW2s?...
Here I try to explain it in simple terms, while giving some historical context as well.
There is also a quick RTAO implementation with the worst denoise ever here:
github.com/JorenJoestar...
feedback is more than welcome!
A die photo of the 386 processor. It is a square with complicated patterns on top. Under the microscope, the circuits appear in dark purple. Parts of the chip have been marked with boxes: these are standard cell circuits and have a distinctive striped appearance.
Intel's 386 processor (1985) was critical to the success of Intel. With 285,000 transistors, it was too much for Intel's design process and the schedule started slipping. Intel pivoted to "standard cells", an automated technique for chip layout to get back on track. Let's look closer...
22.11.2025 16:56 — 👍 97 🔁 16 💬 3 📌 0
Intelligence artificielle : une compétition mondiale - Episode de l'émission Arte « Le dessous des cartes » diffusée le 14 novembre 2025 #IA #Video www.arte.tv/fr/videos/12...
22.11.2025 20:10 — 👍 2 🔁 1 💬 0 📌 0What is the context of this lecture?
22.11.2025 15:55 — 👍 0 🔁 0 💬 1 📌 0
Lecture on Anti Tamper by Tim Blazytko www.youtube.com/watch?v=hQi9...
22.11.2025 07:00 — 👍 1 🔁 1 💬 1 📌 0
An evolution of xkcd #2347 with too many things that can break the Internet!
This meme is getting out of hand, but it's actually not far from reality 🤣
21.11.2025 12:13 — 👍 117 🔁 49 💬 4 📌 3LevelDB-Parser is feature complete (v1.0.0)! 🎉
Analyse the database in raw view (hex) or choose between different views (IndexedDB, IndexedDB Entries, Session Storage, Local Storage and Generic Entries (UTF-8))
github.com/huebicode/le...
Long overdue, but here’s my writeup for #FlareOn12 Task 9: hshrzd.wordpress.com/2025/11/20/f...
20.11.2025 05:28 — 👍 12 🔁 2 💬 1 📌 0
I chatted with @hex-rays.bsky.social about how I found my place in the security industry, how @blackhoodie.bsky.social came to be, what our goals are and why community matters so much. hex-rays.com/blog/blackho...
18.11.2025 18:02 — 👍 8 🔁 6 💬 0 📌 0
A two panel line drawn cartoon. First panel, the internet in 1969. One figure says "Let's create a distributed network so it can survive a nuclear winter". The second panel titled the internet in 2021 a different figure says "Let's host half of it in one company and see how it goes"
This cartoon gets more and more relevant with every passing day
18.11.2025 13:07 — 👍 158 🔁 66 💬 5 📌 3
We're in Tokyo presenting our iOS emulator at the CODE BLUE Conference.
📲 You can still join our early adopter program: u.eshard.com/ios-emulation #events #cybersecurity
