#hacklu2025 — Public Fediverse posts
Live and recent posts from across the Fediverse tagged #hacklu2025, aggregated by home.social.
-
Kaitai Struct: A Tool For Dealing With Binary Formats - Petr Pucil & Mikhail Yakshin
https://www.youtube.com/watch?v=SC2zIli8MNA
#hacklu2025 -
I think @Ange will like @wr’s file format tricks from #hacklu2025 !
ASCII art in a valid certificate??
Video in a certificate? And it’s valid?Nice work Wil!
-
As #hacklu2025 draws slowly towards a happy ending and many many presentations and conversations later, by and with so many fantastic people, I’d like to propose to you to meet up again in the spring, instead of waiting all until #hacklu2026.
If you’re interested you can continue the conversations at @BSidesLuxembourg on the dates May 6-8th, 2026.
CFP, call for sponsors, call for workshops, call for volunteers and villages and events and (yourideahere) will open in the coming weeks.
-
This picture is titled "I'm a professional social media influencer" :)
#hacklu #hacklu2025 -
Last before lunch is @Cocomelonc with a talk on covert C2 -> “Exploiting legit APIs for covert C2: A new perspective on cloud-based malware operations”
At #hacklu2025
-
"Quand Llama pas bien codé, llama crasher" #hacklu2025 conférence sur l'analyse sécurité du code de ollama.
-
Next up is Fluxfingers’ Paul Gerste with a lethal sounding talk “Lethal language models: From Bit Flip to RCE in Ollama”
-
The Russian underground has ads for “arson” “surveillance” and more types of #hybridwarfare capabilities.
It seems there’s some (not unexpected, not the first time) connection between Russians Gov and the underground…
-
Next up is another #hacklu “frequent flyer” Vladimir Kropotov with “Russian speaking underground- changes in the risks, attack surface and modus operandi”
At #hacklu2025
-
The Van Helsing RAS groups have entire affiliate marketing campaigns including promo videos!
And the Van Helsing group had some internal strife/beef and everything they had was leaked online.
-
Now its time for something that looks like an Intel-ops type of talk: “Persōna theory: Infiltration & Deception of emerging threats groups” and its @tammyharper on stage presenting at #hacklu2025
The recruitment phase is a really good point to infiltrate groups that look to build an affiliate type operation
-
Last talk before the morning break is a cloud! related talk by Hugo: “From YAML to Root: CI/CD pipeline attacks and countermeasures”
At #hacklu2025 !
@spirit is apparently his handle, but maybe not on here…?
-
For those at #hacklu2025 :
Please vote for the best talk at
http://discourse.ossbase.org -
Next up are Etienne Charon and Khadim with an actual #carsecurity talk at #hacklu2025 ! One of the first carsec talks I remember ever at #hacklu.
“Audit and retrospective of an automotive application: Carplay”
-
Next up are Etienne Charon and Khadim with an actual #carsecurity talk at #hacklu2025 ! One of the first carsec talks I remember ever at #hacklu.
“Audit and retrospective of an automotive application: Carplay”
-
Next up are Etienne Charon and Khadim with an actual #carsecurity talk at #hacklu2025 ! One of the first carsec talks I remember ever at #hacklu.
“Audit and retrospective of an automotive application: Carplay”
-
Next up are Etienne Charon and Khadim with an actual #carsecurity talk at #hacklu2025 ! One of the first carsec talks I remember ever at #hacklu.
“Audit and retrospective of an automotive application: Carplay”
-
Next up are Etienne Charon and Khadim with an actual #carsecurity talk at #hacklu2025 ! One of the first carsec talks I remember ever at #hacklu.
“Audit and retrospective of an automotive application: Carplay”
-
Second up today is Maxine Escourbiac breaking into Palo Alto GlobalProtect clients in “Palo Alto GlobalProtect: Remote full compromise exploit chain” at #hacklu2025
-
Opening the final (day 4) of #hacklu2025 are Rajanash Pathak and Hardik Kamlesh Mehta who’re going deep into android IPC with their talk: “Breaking android IPC: A deep dive into AIDL fuzzing”
-
@Regit Suricata is now available as a library!!
-
Its now @Regit and Peter Manev presenting the detection and performance improvements released with the recent #Suricata8 release
-
Guess which of these 5 vulnerabilities/CVEs is the RCE
-
And from the remote server, any device connected to it can be compromised! #hacklu2025
-
There’s an application used to connect remote repositories. Using a path traversal vulnerability, it’s possible to remotely take control of any such (also internet exposed of which there’s quite a few).
-
First up at #hacklu2025 after an Epoch and the afternoon break (get your devices and applications made 2038 safe) we have Alain Mowat on stage digging into the Dell thin client called “Wyse Management Suite” which can manage Wyse devices but also a ton of other devices!
-
2042 in iOS calendar #hacklu2025 #2038epoch
-
The next talk is about time itself, visualized by a Rube-Goldberg machine. Its Pedro Umbelino and Trey Darley on stage presenting “2038 is gonna be epoch!”
This is an entire class of vulnerabilities. Even if kernels are patched now/by then, what about userland? Legacy systems?
-
Next up a team from #PWC is presenting an overview of the #Bitlocker security landscape-> which attacks work, where, how, under which circumstances.
By Edouard D’hoedt and Hayk Gevorgyan
“Field guide to physical attacks against full-disk encryption” at #hacklu2025
-
I had the privilege to participate in the first Rulezet workshop at #hacklu2025. https://rulezet.org/ is still early stage but it has the potential to reshape the way #cybersecurity detection methods are shared and developed for project such as #suricata, #yara or #sigma.
I had the feeling to assist an "historic" moment. Last time I had this feeling was in eBPF related discussions at the early stage of this technology. -
Beat recognition systems #privacypreservation #hacklu2025
-
@hack_lu On my way back home, I feel great about the four days of #hacklu2024. Thank you for putting together this great conference! I am looking forward to doing this all again next year. #hacklu2025
