@modzero.bsky.social
Breaking stuff since 2011
Does anyone here have a working way to contact archive.org?
It's about a security issue...
catch a glimpse of us holding our annual βstate of the zeroβ meetup - to wrap our heads around all of IT and us.
we also took a boat trip, ate too many sweets, touched some grass, saved the world, had a barbecue and a drink or twoβ¦π
#modzero #infosec #itsecurity #captainitswednesday
quantitΓ€t vs qualitΓ€t. aber naja, was weiss ich schon.
03.09.2025 07:52 β π 1 π 0 π¬ 0 π 0
PSA update your INSTAR cameras. Our teammate Michael Imfeld identified a critical RCE (CVE-2025-8760) on 2k+ and 4K devices. Find the advisory here:
modzero.com/en/advisorie...
This blog post contains the full technical walk-through and discovery of the vulnerability, its impact, and our experience during the responsible disclosure process with Synology.
29.06.2025 08:01 β π 3 π 0 π¬ 0 π 0Teammate Leonid discovered a leaked credential that allowed anyone unauthorized access to all Microsoft tenants of orgs that use Synology's "Active Backup for Microsoft 365" (ABM), including sensitive data like Teams channel messages. π€
#synology #disclosure #modzero
modzero.com/en/blog/when...
nooooooooooo... π
25.06.2025 12:52 β π 1 π 0 π¬ 1 π 0π§
14.05.2025 14:47 β π 0 π 0 π¬ 0 π 0*rΓΌlps
24.04.2025 08:07 β π 0 π 0 π¬ 0 π 0nice!
02.04.2025 05:04 β π 0 π 0 π¬ 0 π 0"kick off" passt ganz gut. wenn auch noch ein wenig zu hΓΆflich
31.03.2025 07:54 β π 2 π 0 π¬ 1 π 0vielleicht mal ein argument fΓΌr bildungsgeld, das auch neolibs verstehen?
31.03.2025 06:49 β π 3 π 0 π¬ 0 π 0ja!
11.02.2025 08:10 β π 1 π 0 π¬ 0 π 0Dive into the process of reverse engineering, gadget hunting, and crafting a working exploit.
07.02.2025 17:10 β π 2 π 0 π¬ 0 π 0Via Return-Oriented Programming chain small code snippets, or gadgets, already present in a programβs memory can be leveraged
By chaining these gadgets together, they can execute arbitrary code without injecting anything new
ROPing our way to βYay, RCEβ - and a lesson in the importance of a good nights sleep!
Follow our Colleague Michaels journey of developing an ARM ROP chain to exploit a buffer overflow in uc-http
modzero.com/en/blog/ropi...
π Unser #kandidierendencheck ist online: 18 Thesen beantworten - und ihr erfahrt, welche Kandidierenden in eurem Wahlkreis so denken wie ihr. π
www.kandidierendencheck.de/bundestag
uuuuh, nice.
03.02.2025 09:11 β π 3 π 0 π¬ 0 π 0hier! *wink
03.02.2025 09:08 β π 3 π 0 π¬ 1 π 0kluk π
29.01.2025 11:50 β π 0 π 0 π¬ 0 π 0
Seit heute ist der Real-O-Mat online. Das Tool vergleicht die eigene Position bei relevanten Fragen mit denen der Fraktionen im Bundestag. Grundlage dafΓΌr sind keine Wahlkampfversprechen, sondern das Abstimmungsverhalten.
netzpolitik.org/2025/real-o-...
"aus Verzweiflung rechtsradikal" wΓ€hlen?
29.01.2025 06:49 β π 0 π 0 π¬ 0 π 0π
27.01.2025 15:46 β π 1 π 0 π¬ 0 π 0ugh. π·
27.01.2025 09:16 β π 0 π 0 π¬ 0 π 0kchkchkch. passt iwie auch immer. also, gern geschehen!
27.01.2025 07:51 β π 0 π 0 π¬ 0 π 0π΅ why don't you leave yor name and your number ... πΆ
27.01.2025 07:43 β π 0 π 0 π¬ 1 π 0learn all about it from our colleagues Pascal and Christoph at their 37c3 talk or from our published disclosure report: modzero.com/en/blog/mult...
16.01.2025 15:06 β π 0 π 0 π¬ 0 π 0attackers could then listen in on conversations using the built-in microphones or could reroute incoming and outgoing calls ... and so on
16.01.2025 15:06 β π 0 π 0 π¬ 1 π 0we found several vulnerabilities in commonly used desk phones and smart conference speakers. combined, the issues can be used to take over a device through the local network or with physical access
16.01.2025 15:06 β π 0 π 0 π¬ 1 π 0
