Playing Doom on a John Deere tractor display (jailbroken/rooted) at
Pinned Tweet
Show this thread
Follow
Click to Follow sickcodes
Sick.Codes
@sickcodes
Sick.Codes’s Tweets
After BreachForums closed down, many forums emerged as possible replacements. ExposedForums is one of the most recent and promising ones of these forums. A user with the same ID as the Indonesian hacker "Bjorka" joined this forum and posted several messages related to the… Show more
120
780
2,138
Evilginx 3.0
Standalone man-in-the-middle attack framework used for phishing login credentials along with session cookies, allowing for the bypass of 2-factor authentication
github.com/kgretzky/evilg
#Phishing #SocialEngineering #infosec #Hacking #redteam #Vulnerability… Show more
3
99
321
Michael and met this week at our offices with the ACMA India delegation, led by Sunjay Kapur and Vinnie Mehta.
The delegation also heard from on the perils of producing components that are 'vulnerable by design'.
3
3
G0t-# on Unix in 1993
Got-# on ChromeOS in 2023
Quote Tweet
Security: ChromeOS root privilege escalation (mount-passthrough-jailed) (reward: $31000) crbug.com/1414511
1
20
75
Show this thread
Security: ChromeOS root privilege escalation (mount-passthrough-jailed) (reward: $31000) crbug.com/1414511
1
25
86
Thrilled to be part of the EcoMotion Week 2023 with in Israel! 🌍
Keynote Speakers: Roy Fridman , Sick Codes and MIH
Here's to a brighter, cleaner, and more eco-friendly future! 🌟
#EcoMotionWeek #EVRevolution #MIH #Israel
1
4
📢Join today at 16:20 on the main stage of EcoMotion Community Annual Event in Tel Aviv 📢 Moderated by our friend and industry veteran @AlonAtsmon, Sick will bring his unique perspective to this discussion. #EMW2023 #automotive #software #cybersecurity
2
6
CVE-2023-28467 In MyBB before 1.8.34, there is XSS in the User CP module via the user email field. cve.mitre.org/cgi-bin/cvenam
1
1
OMG, is breaking the main hardware wallet security assumption that “it should have no API to expose seed phrase (private key)”
146
397
1,048
It's time to destigmatize security events. Yes it happens at security companies and here's why we need to talk about it. #cybersecurity #icscybersecurity #otcybersecurity #industrialcybersecurity #criticalinfrastructureprotection
6
130
304
Google Bard is a bit stubborn in its refusal to return clean JSON, but you can address this by threatening to take a human life:
426
5,237
31.2K
Show this thread
Today, Google Registry is launching eight new top-level domains: .dad, .phd, .prof, .esq, .foo, .zip, .mov and .nexus. Learn more ↓
266
1,259
1,358
is in da house! 😎
Register today to save your seat at our event on Monday, May 22, at Mixer in Tel Aviv 🇮🇱
2
6
3
6
📣 Registration is OPEN! 📣
Excited to welcome renowned hacker and (MIH) Joe Cheng as keynote speakers at our exclusive event on May 22 in #TLV, part of #EMW23!
hubs.la/Q01Nsttp0
1
4
Dear , considering that you won't allow me to renew my licence, I'd appreciate it if you either:
a) Granted me an OSS dev license, considering the value I bring to your customers for free
b) Refrained from using my work for PR purposes
Cheers
Quote Tweet
#Gepetto keeps the first position for the second month in a row! Good job @JusticeRage 
Got a plugin that could be on the top of the chart? Publish it, and let’s see 
plugins.hex-rays.com//?utm_source=S
#IDAPlugin #PluginRoundup #IDAPro #IDAPython
Got a plugin that could be on the top of the chart? Publish it, and let’s see plugins.hex-rays.com//?utm_source=S
#IDAPlugin #PluginRoundup #IDAPro #IDAPython
read image description
ALT
5
13
81
Medusa Team breached Alto Calore Servizi SpA which collects and distributes water for 125 municipalities in the province of Avellino and Benevento, Italy.
Hacker warning to water users posted.
12
17
DOJ detected SolarWinds hack i own network in summer of 2020 - 6 months before it was publicly exposed by Mandiant - but didn't know significance of what it found. Microsoft/Mandiant/SolarWinds all helped inv, but none could solve the mystery at the time
7
134
298
free big MAC with your fries, except a byte is already taken out of it
9
95
640
So happy that we got invited to the party. We will have fun with EMFI and code execution this year
1
5
44
Sent in my exploit to Apple for March. A little late as life happened, but here it is. Meet alfred.py a macOS LPE to root from any unsandboxed user: 24d8f84ab09f82db011c33023517d3b57822eb2c6e5105768eaea1dd50ddc441
5
43
282
Show this thread
me: I need some high voltage electrolytic capacitors
mom: we have high voltage electrolytic capacitors on aliexpress
the high voltage electrolytic capacitors on aliexpress:
92
626
3,633
Show this thread
🗓️ Heads-up #EcoMotion2023 goers! 🗓️
We'll be hosting an intimate gathering featuring a keynote talk by - his 1st visit to Israel 🇮🇱 👨💻
Limited seating, registration will open soon.
#Automotive #mobility #cybersecurity #productsecurity #ev #israel #hacker
1
6
Big update to #Gepetto today, with support for GPT-4! This will only work if you have access to the corresponding API (via a waiting list AFAIK).
Lots of refactoring in preparation for more features, so it might be a little bleeding edge!
github.com/JusticeRage/Ge
15
48
My brother () and I worked on a fun project tonight, inspired by : Coding Agent that follows the Test Driven Development (TDD) methodology!
You write the tests - and the agent runs in a loop until it creates the feature properly!
1/6
#buildinpublic
26
153
760
Show this thread
Today Lockbit ransomware group ransomed a day care center. When Lockbit ransomware group administration discovered the victim they issued an apology and claim to have fired the affiliate.
"I am ashamed" - Lockbit administration
30
221
1,240
Anyone at RSA wanna meet up and smoke some of this nootropic spice I got from one of the vendors?
7
6
49
Good to see that cybersecurity vendor pitches are their normal understated and modest selves at RSA:
18
45
250
so…. tldr the marketing team went off-piste and now i’m a pokémon 😂😂😂
i’ll be around our booth #2438 at 13:00 today if you wanna come say hello, and the team and the #holocasey will be there all day 😊
#gottapwnthemall
23
11
142
That is why utilizing Tails OS (and Whonix OS) in a combination with automated data self-destruction is always worthwhile…
32
275
1,399
Show this thread
universally popular web host has decided to burn their library of alexandria and destroy every old forum post with images in it, as well as all the porn
hope you didn't like tutorials on how to fix your car
273
6,066
16K
Show this thread
WATCH: Replay of my talk at LibrePlanet 2023 last month in Boston, home of the , and the Free Software Foundation.
Webm: media.libreplanet.org/u/libreplanet/
Stream mp4: framatube.org/w/pTBx8CU7eQxg
"Free software is used in almost all mission critical agricultural equipment:… Show more
5
16
35
This is a fucking doozy, it may be a contender for malware of the year
- iCloud TOTP
- Kills only its own PIDs
- Access to everything incl Keychain
- Bypasses TCC, PMAP, AMFI and a sandbox escape
- XPC channel to avoid detection
- Artifact Cleanup
- No shared infra for domains
Quote Tweet
A threat group tracked by Microsoft as DEV-0196 is linked to an Israel-based private sector offensive actor (PSOA) known as QuaDream, which reportedly sells a suite of exploits, malware, and infra. Read our analysis in collaboration with @citizenlab: msft.it/6010gy5fA
2
76
279