Josh Green

@_josh_green

Cyber security R&D. Breaking things, solving problems and challenging assumptions. Too many ideas, not enough time.

Australia
Vrijeme pridruživanja: prosinac 2015.
9 fotografija ili videozapisa Fotografije i videozapisi

Tweetovi

Blokirali ste korisnika/cu @_josh_green

Jeste li sigurni da želite vidjeti te tweetove? Time nećete deblokirati korisnika/cu @_josh_green

  1. Prikvačeni tweet
    21. sij

    Really looking forward to attending and happy to be presenting this year!

    "Rocking the Cyber Truck: Failure Modes and Fundamental Limits of Security Tools" - by
    1 reply 4 proslijeđena tweeta 18 korisnika označava da im se sviđa
    Poništi
  2. proslijedio/la je Tweet
    prije 23 sata

    Backdoor mechanism discovered (again) in HiSilicon chips —Researcher did not notify HiSilicon due to a lack of trust in the vendor to patch the issue —Backdoor was first reported in 2013, and again in 2017, but inadequately patched all this time

    5 replies 141 proslijeđeni tweet 175 korisnika označava da im se sviđa
    Prikaži ovu nit
    Prikaži ovu nit
    Poništi
  3. proslijedio/la je Tweet
    3. velj

    We open sourced riskquant last week. It's a library for quantifying risk and helps teams dig deeper into areas like loss scenarios and risk tolerance.

    23 proslijeđena tweeta 82 korisnika označavaju da im se sviđa
    Poništi
  4. proslijedio/la je Tweet
    2. velj

    My slides for today’s talk on protocol security are posted on my website: Thanks to everyone who attended and for all the great feedback I got so far!Enjoy the rest of the con!

    31 proslijeđeni tweet 51 korisnik označava da mu se sviđa
    Poništi
  5. proslijedio/la je Tweet
    1. velj

    Vulnerability Modeling with Binary Ninja

    36 proslijeđenih tweetova 117 korisnika označava da im se sviđa
    Poništi
  6. proslijedio/la je Tweet
    31. sij

    Reversing C++ executables with OOAnalyzer Ghidra Plugin

    69 proslijeđenih tweetova 198 korisnika označava da im se sviđa
    Poništi
  7. proslijedio/la je Tweet
    30. sij

    In the past year, I was researching Azure Stack, which is an on-premise version of Azure Cloud. In the following blog posts, we present information on what is Azure Stack and its architecture and disclose a vulnerability in Azure App Service that allowed a sandbox escape.

    1 reply 44 proslijeđena tweeta 117 korisnika označava da im se sviđa
    Prikaži ovu nit
    Prikaži ovu nit
    Poništi
  8. proslijedio/la je Tweet
    31. sij

    Have you considered a STEM career in defence? There are loads of critical positions in cybersecurity.

    12 proslijeđenih tweetova 9 korisnika označava da im se sviđa
    Poništi
  9. proslijedio/la je Tweet
    30. sij

    Just published a follow-up to my Adobe Reader symbols story on the Project Zero blog. Turns out there's even more debug metadata to be found in some old (and new) builds, including private CoolType symbols. Enjoy!

    85 proslijeđenih tweetova 212 korisnika označava da im se sviđa
    Poništi
  10. proslijedio/la je Tweet
    30. sij

    My take-away from recent review article paper of P. Godefroid -- 3 (of N) open challenges in 1) how to engineer exhaustive symbolic testing in a cost-effective manner, 2) how to automate the generation of input grammars, and 3) how to effectively fuzz distributed apps

    4 proslijeđena tweeta 26 korisnika označava da im se sviđa
    Poništi
  11. proslijedio/la je Tweet
    28. sij

    Over the past few years I've spent 100s (1000s?) of hours studying how companies have scaled their security. Here are my slides that distill what I've learned- the big, scalable, systematic wins that measurably improve your security posture.

    83 proslijeđena tweeta 180 korisnika označava da im se sviđa
    Prikaži ovu nit
    Prikaži ovu nit
    Poništi
  12. proslijedio/la je Tweet
    29. sij

    5G choices: a pivotal moment in world affairs | Simeon Gilding |

    23 proslijeđena tweeta 35 korisnika označava da im se sviđa
    Poništi
  13. proslijedio/la je Tweet
    27. sij

    Windows kernel now relies on Virtualization-based Security (VBS) to securely insert dynamic trace points into kernel code. By relying on VBS, we can now safely and securely insert dynamic tracepoints in the kernel without disabling PatchGuard

    we have an update to DTrace on Windows. with the latest 20H1 insider build, no more KD required to use dtrace on windows. plus arm64 MSI.
    Prikaži ovu nit
    1 reply 11 proslijeđenih tweetova 40 korisnika označava da im se sviđa
    Prikaži ovu nit
    Prikaži ovu nit
    Poništi
  14. proslijedio/la je Tweet
    26. sij

    Want to watch 6 disinfo operations unfold in 6 minutes? Thanks to a Open Source Support grant, I’ve done just that with network visualization and documented some interesting patterns on Medium 1/

    25 replies 828 proslijeđenih tweetova 1.462 korisnika označavaju da im se sviđa
    Prikaži ovu nit
    Prikaži ovu nit
    Poništi
  15. proslijedio/la je Tweet
    27. sij

    At , is dropping truthbombs...

    1 reply 12 proslijeđenih tweetova 40 korisnika označava da im se sviđa
    Prikaži ovu nit
    Prikaži ovu nit
    Poništi
  16. proslijedio/la je Tweet
    27. sij

    If you're asking yourself "is this the first time an AV was targeted by someone to own someone", you need to check this Github repository by

    1 reply 26 proslijeđenih tweetova 66 korisnika označava da im se sviđa
    Poništi
  17. proslijedio/la je Tweet
    26. sij

    1\ There's an intuition in that behavioral malware detection (ML or not) is better than file-based (static) detection because it's resilient to packing and detects malware in the act. In fact, empirical results bear out that files, even packed files, are better signals.

    1 reply 5 proslijeđenih tweetova 16 korisnika označava da im se sviđa
    Prikaži ovu nit
    Prikaži ovu nit
    Poništi
  18. proslijedio/la je Tweet
    26. sij

    I think this is pretty significant. Think of AV attack surface as a rich vein of gold nobody has bothered to mine yet. A zillion highly privileged parsers. I know some red teamers who’ve used bugs like these but you don’t hear of them being used ITW much.

    16 replies 100 proslijeđenih tweetova 240 korisnika označava da im se sviđa
    Prikaži ovu nit
    Prikaži ovu nit
    Poništi
  19. proslijedio/la je Tweet
    24. sij

    1/ Here's a thread on how to build the kind of security artifact "social network" graph popularized by and others, but customized, and on your own private security data. Consider the following graph, where the nodes are malware samples:

    1 reply 21 proslijeđeni tweet 30 korisnika označava da im se sviđa
    Prikaži ovu nit
    Prikaži ovu nit
    Poništi
  20. proslijedio/la je Tweet
    24. sij

    Friends, We've added a new paper: Analyzing Modern Malware Techniques Part 1 by This paper dives into the abyss of fileless malware, more specifically, Kovter. It is an incredibly well written paper. Check it out. 11/10

    22 proslijeđena tweeta 93 korisnika označavaju da im se sviđa
    Poništi
  21. proslijedio/la je Tweet
    24. sij

    "Trade-offs under pressure: heuristics and observations of teams resolving internet service outages" Allspaw, (Part 2) The greatest sources of success in automation-rich environments are people.

    6 proslijeđenih tweetova 29 korisnika označava da im se sviđa
    Poništi

@_josh_green još nije objavio nijedan Tweet.

Čini se da učitavanje traje već neko vrijeme.

Twitter je možda preopterećen ili ima kratkotrajnih poteškoća u radu. Pokušajte ponovno ili potražite dodatne informacije u odjeljku Status Twittera.

    Možda bi vam se svidjelo i ovo:

    ·