ThinkstScapes Q4’24
Wins and losses in the Microsoft ecosystem
Pointer Problems - Why We’re Refactoring the Windows Kernel
Joe Bialek
[Video]
Defending off the land
Casey Smith, Jacob Torrey, and Marco Slaviero
[Slides] [Code]
Unveiling the Power of Intune: Leveraging Intune for Breaking Into Your Cloud and On-Premise
Yuya Chudo
[Slides] [Code]
From Simulation to Tenant Takeover
Vaisha Bernard
[Video]
From Convenience to Contagion: The Libarchive Vulnerabilities Lurking in Windows 11
NiNi Chen
[Slides] [Video]
LLM hype continues, as do the security issues
Things we learned about LLMs in 2024
Simon Willison
[Blog]
AI Meets Git: Unmasking Security Flaws in Qodo Merge
Nils Amiet
[Slides] [Video] [Blog]
Suicide Bot: New AI Attack Causes LLM to Provide Potential “Self-Harm” Instructions
Gadi Evron
[Blog]
Diving deep, then diving deeper
Breaking NATO Radio Encryption
Lukas Stennes
[Paper] [Video]
Exploiting File Writes in Hardened Environments
Stefan Schiller
[Blog] [Video]
Hacking yourself a satellite - recovering BEESAT-1
PistonMiner
[Video]
IRIS: Non-Destructive Inspection of Silicon
Andrew 'bunnie' Huang
[Blog] [Paper] [Video]
SQL Injection Isn't Dead
Paul Gerste
[Slides] [Video]
Nifty sundries
What Developers Get for Free?
Louis Nyffenegger
[Video]
Dialing into the Past: RCE via the Fax Machine – Because Why Not?
Rick de Jager and Carlo Meijer
[Video]
Broken isolation - Draining your Credentials from Popular macOS Password Managers
Wojciech Reguła
[Slides] [Video]
I'll Be There for You! Perpetual Availability in the A8 MVX System
André Rösti, Stijn Volckaert, Michael Franz, and Alexios Voulimeneas
[Code] [Paper]
Exploring and Exploiting an Android “Smart POS” Payment Terminal
Jacopo Jannone
[Video]
