ThinkstScapes Q4’24

Wins and losses in the Microsoft ecosystemPointer Problems - Why We’re Refactoring the Windows Kernel

Joe Bialek

[Video]

Defending off the land

Casey Smith, Jacob Torrey, and Marco Slaviero

[Slides] [Code]

Unveiling the Power of Intune: Leveraging Intune for Breaking Into Your Cloud and On-Premise

Yuya Chudo

[Slides] [Code]

From Simulation to Tenant Takeover

Vaisha Bernard

[Video]

From Convenience to Contagion: The Libarchive Vulnerabilities Lurking in Windows 11

NiNi Chen

[Slides] [Video]

LLM hype continues, as do the security issuesThings we learned about LLMs in 2024

Simon Willison

[Blog]

AI Meets Git: Unmasking Security Flaws in Qodo Merge

Nils Amiet

[Slides] [Video] [Blog]

Suicide Bot: New AI Attack Causes LLM to Provide Potential “Self-Harm” Instructions

Gadi Evron

[Blog]

Diving deep, then diving deeperBreaking NATO Radio Encryption

Lukas Stennes

[Paper] [Video]

Exploiting File Writes in Hardened Environments

Stefan Schiller

[Blog] [Video]

Hacking yourself a satellite - recovering BEESAT-1

PistonMiner

[Video]

IRIS: Non-Destructive Inspection of Silicon

Andrew 'bunnie' Huang

[Blog] [Paper] [Video]

SQL Injection Isn't Dead

Paul Gerste

[Slides] [Video]

Nifty sundriesWhat Developers Get for Free?

Louis Nyffenegger

[Video]

Dialing into the Past: RCE via the Fax Machine – Because Why Not?

Rick de Jager and Carlo Meijer

[Video]

Broken isolation - Draining your Credentials from Popular macOS Password Managers

Wojciech Reguła

[Slides] [Video]

I'll Be There for You! Perpetual Availability in the A8 MVX System

André Rösti, Stijn Volckaert, Michael Franz, and Alexios Voulimeneas

[Code] [Paper]

Exploring and Exploiting an Android “Smart POS” Payment Terminal

Jacopo Jannone

[Video]