Performing a root cause analysis & building proof-of-concept for CVE-2024-38063, a CVSS 9.8 Vulnerability In the Windows Kernel IPv6 Parser

Talk by Dillon Franke - June 26th, 2024 at TROOPERS24 IT security conference in Heidelberg, Germany hosted by @ERNW_ITSec

#TROOPERS24 #ITsecurity
https://troopers.de/troopers24/talks/lb9pjt

More impressions:
https://twitter.com/WEareTROOPERS
https://t…

Introducing LLM-based harness generation for Java OSS-Fuzz projects.

FUZZING'24 Keynote: "Is 'AI' useful for fuzzing?" by Brendan Dolan-Gavitt

Abstract: Discussion of AI and its applications to security seems unavoidable nowadays, and, alas, this keynote is no exception. But is it actually useful for problems we care about…

Posted by Xuan Xing, Eugene Rodionov, Jon Bottarini, Adam Bacchus - Android Red Team;
Amit Chaudhary, Lyndon Fawcett, Joseph Artgole - ...

This blog post is the result of some weekend research, where I delved into Pishi, a static macOS kernel binary rewriting tool, which I presented at POC2024. During the weekdays, I focus on Linux kernel security at my job and would rather not investigate the…

Posted by Oliver Chang, Dongge Liu and Jonathan Metzman, Google Open Source Security Team Recently, OSS-Fuzz reported 26 new vulnerabilities...