Henrik Falk October 23, 2025
Eavesdropping on Sensitive Data via Unencrypted Geostationary Satellites
The researchers used a simple off-the-shelf 100cm Ku-band satellite dish and a TBS-5927 DVB-S/S2 USB Tuner Card as the core hardware, noting that the total hardware cost was about $800. Simple COTS hardware used to snoop on unencrypted satellite communications. Simple COTS hardware used to snoop on unencrypted satellite communications. After receiving data from various satellites, they found that a lot of the data being sent was unencrypted, and they were able to obtain sensitive data such as plaintext SMS and voice call contents from T-Mobile cellular backhaul and user internet traffic.
www.rtl-sdr.com/eavesdropping-on-sensitive-data-via-unencrypted-geostationary-satellites
There's More than One Way to Trigger a Windows Service
What makes service triggers interesting is several of them allow a low-privilege user to start a service they might not otherwise have permissions to start. When considering built-in components, Remote Registry, WebClient, and Encrypting File System (EFS), all are services that a pentester may have interest in starting but may not have the appropriate permissions to do so.
trustedsec.com/blog/theres-more-than-one-way-to-trigger-a-windows-service
Breaking Garudas’ VM
A few days after publishing the TadpoleVM blog post, I received a direct message on Discord from Garuda. They asked me if I want to reverse their crackme with a virtual machine. After accepting the challenge, I set out to create a disassembler and recover the expected key. In this post, I will fully analyse the given binary, write a deobfuscation script and recover the valid key input.
deluks2006.github.io/Reverse-Engineering/Garuda
