Lightnews — Scholar-powered news

Reposted by jiska

CCC @ccc.de · 11d

Lectures, music, art, punk: Join us at the 39th Chaos Communication Congress and please submit! The deadline for all submissions for the stages is October 24. #39C3 will take place from December 27 to 30 www.ccc.de/en/updates/2...

CCC | Lectures, music, art, punk: Join us at the 39th Chaos Communication Congress!

Der Chaos Computer Club ist eine galaktische Gemeinschaft von Lebewesen für Informationsfreiheit und Technikfolgenabschätzung.

www.ccc.de

17 35

jiska @naehrdine.bsky.social · 27d

USB Restricted Mode already does that - data lines are disabled when the phone is locked. There's logic to still allow devices to maintain a connection when you connected them while unlocked, making it usable but still increasing security a lot. In Lockdown Mode, the policy is more aggressive.

2

Reposted by jiska

Lorenzo Franceschi-Bicchierai @lorenzofb.bsky.social · 27d

NEW: Apple launched a new security feature specifically to fight against spyware and zero-day exploit makers.

We spoke to a researcher who sells zero-days to the U.S. government, who thinks this will make their life much harder and raise the cost of developing and selling hacking tolls for iPhones.

Apple's latest iPhone security feature just made life more difficult for spyware makers | TechCrunch

Buried in an ocean of flashy novelties announced by Apple this week, the tech giant also revealed new security technology for its latest iPhone 17 and

techcrunch.com

2 22 45

Reposted by jiska

The Citizen Lab @citizenlab.ca · 29d

JOB ALERT: We are recruiting for the newly created role of Information Security Program Manager.

Apply by Sept 30.

citizenlab.ca/2025/09/job-...

Job Opportunity: Information Security Program Manager - The Citizen Lab

The Information Security Program Manager will be responsible for providing strategic leadership to develop and implement Information Security Programs for the Citizen Lab as well as other units at the...

citizenlab.ca

1 8 7

jiska @naehrdine.bsky.social · 29d

Places usually go quickly! Use this link to register - you can even select only the days with the topics that interest you and skip others.
blackhoodie.re/Hexacon2025/

BlackHoodie at Hexacon 2025

We’re thrilled to announce that Blackhoodie is coming to Paris forHexacon this fall!

blackhoodie.re

1

jiska @naehrdine.bsky.social · 29d

Want to learn reverse engineering? There'll be a free, women*-only BlackHoodie workshop from October 6th to 9th in Paris!

Topics:
• Linux memory forensics 🕵️‍♀️ (by Sonia)
• Web app and mobile app pentesting 🕸️📱 (by Paula)
• iOS reversing 🍎 (by me)

1 17 25

jiska @naehrdine.bsky.social · Aug 29

Kürzung des Mindestlohnes, da Arbeit wieder bezahlbar sein muss. Zusammen mit Kürzungen der Sozialleistungen, da sich Arbeit lohnen muss. Kinderarbeit wird dann natürlich steuerbegünstigt, um die Jugend schon früh in den Arbeitsmarkt zu integrieren und vom Mindestlohn ausgenommen.

1

Reposted by jiska

wootsecurity.bsky.social @wootsecurity.bsky.social · Aug 11

WOOT 2025 schedule, all papers are now online open access:
usenix.org/conference/w...
Talks are recorded, and should be online in a few weeks.

WOOT '25 Technical Sessions

All sessions will be held in Room 611-612 unless otherwise noted.

usenix.org

8 12

jiska @naehrdine.bsky.social · Aug 6

I'm the Mobile track lead this year and happy to chat if you've got questions about what we're looking for in submissions.

europe-briefings-cfp.blackhat.com

Black Hat Europe 2025 Briefings

europe-briefings-cfp.blackhat.com

3

jiska @naehrdine.bsky.social · Aug 6

Been working on some interesting mobile security research lately? 📱🔬 Submit it to Black Hat Europe, the CFP deadline is August 11. Speaker honorarium + travel to London 🎡💂🏼‍♀️🏙️ are covered!

1 2 6

jiska @naehrdine.bsky.social · Aug 1

My first day with a fancy new title 👩‍🏫🎉

5 33

Reposted by jiska

wootsecurity.bsky.social @wootsecurity.bsky.social · Jul 17

Discounted early bird registration for WOOT '25 is still open until Monday - www.usenix.org/conference/w... - join us in Seattle on Aug 11/12 (right before USENIX Security) for talks and discussions on great cutting-edge offensive security research. Full program at www.usenix.org/conference/w...

WOOT '25 Technical Sessions

www.usenix.org

1 5 3

jiska @naehrdine.bsky.social · Jul 15

Easy, beginner-friendly class teaching how to use Binary Ninja's debugger. Had the pleasure of beta testing it :)

OpenSecurityTraining2 @opensectraining.bsky.social · Jul 14

📣"Debuggers 1103: Introductory Binary Ninja" is released!📣
ost2.fyi/Dbg1103

This class by Xusheng Li of Vector 35 @binary.ninja provides students with a hands-on introduction to the free version of Binja as a debugger, thus providing decompilation support!

1 5

Reposted by jiska

jordan silver 🔵 @silverlyne.bsky.social · Jun 28

Has anyone noticed/looked at the SPTM/TXM headers in the tahoe KDK?

1 2 4

jiska @naehrdine.bsky.social · Jul 11

Demo video: www.youtube.com/watch?v=dHz8...
Read the full paper: arxiv.org/abs/2507.07210

(2/2)

2 9

jiska @naehrdine.bsky.social · Jul 11

The Apple Watch has a closed down ecosystem, only compatible with the iPhone. Nils reverse engineered its interfaces to open it up for Android! ✨ WatchWitch ✨ allows using your Apple Watch ⌚ on Android devices, interpreting your health data, answering messages on the Watch & more. (1/2)

The WatchWitch app in context, showing the Apple
Watch and the paired iPhone as well as the Android phone running the app.

1 10 16

Reposted by jiska

RE//verse @re-verse.io · Jun 28

Announcing RE//verse 2026! Website is updated with info for sponsors, trainers, speakers, and more importantly, attendees! Are you ready for another year of high quality reverse engineering talks and networking? Join us the first week of March, 2026!

re-verse.io

7 8

Reposted by jiska

Lukas Arnold @lukasarnld.bsky.social · Jun 14

We've released CellGuard 1.6.0, our iOS app, to make use of the iPhone's internal baseband communication. The update enhances support for dual SIM, adds new #C1 packet types, automatic navigation to sysdiagnoses, and more: cellguard.seemoo.de/docs/changel...

Changelog

Changelog # 1.6.0 # CellGuard now supports dual SIM setups. When two SIM cards are activated simultaneously, the app can distinguish between their connected cells and packets. We’re working on extract...

cellguard.seemoo.de

2 1 5

jiska @naehrdine.bsky.social · Jun 9

Liquid glass :|

4

jiska @naehrdine.bsky.social · Jun 9

Going to the USENIX Security Symposium? Don't forget to also register for WOOT, the papers we selected are amazing 🤩

wootsecurity.bsky.social @wootsecurity.bsky.social · Jun 9

Want to go to WOOT and learn about the latest hardware & software attacks? Registrations are now open!

If you can't afford traveling ✈️ to Seattle on your own and need financial support for a ticket, apply for a grant until July 7: www.usenix.org/conference/w...

WOOT '25 Grant Opportunities

www.usenix.org

5 5

Reposted by jiska

Hexacon @hexacon.bsky.social · Jun 2

🔔 It is time to buy your HEXACON ticket!

💸 Discounted tickets are available (while supplies last) for students and professionals who do not receive support from their company. This approach is based on trust, but we may ask for proof.

www.hexacon.fr/register/

5 4

Reposted by jiska

Matthew Green @matthewdgreen.bsky.social · Jun 2

CoreAudio CVE with some nice patch reverse engineering here: blog.noahhw.dev/posts/cve-20...

CVE 2025 31200

Background On April 16, 2025, Apple released a patch for a bug in CoreAudio which they said was “Actively exploited in the wild.” This flew under the radar a bit. Epsilon’s blog has a great writeup of...

blog.noahhw.dev

1 5 16

Reposted by jiska

David Buchanan @retr0.id · May 31

how to read a C++ codebase:

1. compile it with DWARF debug info enabled
2. open it in Ghidra
3. look at the C decompilation

10 29 250

jiska @naehrdine.bsky.social · May 27

Researchers found so many issues in the Bluetooth spec by opening any random page and looking for the bug, wouldn't be surprised at all if that approach also works for WiFi 🤷‍♀️

1 2

Reposted by jiska

Clémentine Maurice @bloody-tangerine.bsky.social · May 14

Haven't seen this on Bluesky yet: S&P 2027 will take place in Montreal, Canada!

2 17 29