Christophe

@christophetd

Sometimes blogs about security and owns a pick of Matthew Bellamy. Blue teamer by day, red teamer at heart.

Switzerland
blog.christophetd.fr
Vrijeme pridruživanja: rujan 2009.
452 fotografije ili videozapisa Fotografije i videozapisi

Tweetovi

Blokirali ste korisnika/cu @christophetd

Jeste li sigurni da želite vidjeti te tweetove? Time nećete deblokirati korisnika/cu @christophetd

  1. Prikvačeni tweet
    30. kol 2019.

    New blog post! ➟ Stealthier persistence using new services purposely vulnerable to path interception. Allows you to create services which appear to point to a binary but will actually run another one.

    19 proslijeđenih tweetova 53 korisnika označavaju da im se sviđa
    Poništi
  2. proslijedio/la je Tweet
    4. velj

    I'm exited to start working at If you want to join: We're already hirign the next Security Analyst: .

    10 replies 18 proslijeđenih tweetova 63 korisnika označavaju da im se sviđa
    Poništi
  3. proslijedio/la je Tweet
    30. sij

    In the past year, I was researching Azure Stack, which is an on-premise version of Azure Cloud. In the following blog posts, we present information on what is Azure Stack and its architecture and disclose a vulnerability in Azure App Service that allowed a sandbox escape.

    1 reply 44 proslijeđena tweeta 117 korisnika označava da im se sviđa
    Prikaži ovu nit
    Prikaži ovu nit
    Poništi
  4. 29. sij

    Link: Happy to discuss it and to write a proper test suite if that helps.

    Prikaži ovu nit
    Prikaži ovu nit
    Poništi
  5. proslijedio/la je Tweet
    28. sij

    New Blog Post from on Azure. Ryan discusses Azure and Azure AD's components, reviews some of the attacks, and release PowerZure to help understand the attacks. Link: PowerZure:

    85 proslijeđenih tweetova 167 korisnika označava da im se sviđa
    Poništi
  6. proslijedio/la je Tweet
    26. sij

    Some study notes on LSASS hooking for harvesting interactive logon credentials. Thanks to for his inspiring posts about mimikatz.

    5 replies 175 proslijeđenih tweetova 406 korisnika označava da im se sviđa
    Poništi
  7. 17. sij

    "The remaining commands send feedback by posting data into Google Forms" 👀

    With and we published our research on an actor targeting middle eastern countries (based on the victim keyboard layout). We named the Python malware . Another interesting point: it only uses cloud providers as C2:
    1 proslijeđeni tweet 3 korisnika označavaju da im se sviđa
    Poništi
  8. proslijedio/la je Tweet
    16. sij

    To clarify the Windows crypto fail: The problem isn't in signature validation. The problem is the *root store/cache*. CryptoAPI considers an (attacker-supplied) root CA to be in the trust store if its public key and serial match a cert in the root store, Ignoring curve params.

    12 replies 220 proslijeđenih tweetova 548 korisnika označava da im se sviđa
    Prikaži ovu nit
    Prikaži ovu nit
    Poništi
  9. 17. sij

    Security architecture anti-patterns: Six design patterns to avoid when designing computer systems

    1 korisnik označava da mu se sviđa
    Poništi
  10. 16. sij

    Something to add to SEC660 in "MiTM tooling" ;)

    1 korisnik označava da mu se sviđa
    Prikaži ovu nit
    Prikaži ovu nit
    Poništi
  11. 16. sij

    Took a few hours to attempt a PoC myself, reach about half of the write-up and got stuck by my lack of knowledge of the tooling. Overall the PoC is pretty simple, I don't even want to imagine how many actors have been exploiting it in the wild.

    1 reply
    Prikaži ovu nit
    Prikaži ovu nit
    Poništi
  12. 16. sij

    Good write-up with PoC of CVE-2020-0601 by

    3 proslijeđena tweeta 8 korisnika označava da im se sviđa
    Prikaži ovu nit
    Prikaži ovu nit
    Poništi
  13. 14. sij

    Super thrilled to say that I will be presenting a talk at Insomni'hack this year!

    1 proslijeđeni tweet 12 korisnika označava da im se sviđa
    Poništi
  14. proslijedio/la je Tweet
    9. sij

    Interesting tidbit from report. “The attacker utilized the anti-virus management console service account to distribute the malware across the network.” Sounds similar to deploying Cobalt Strike via McAfee EPO server & I discussed recently on

    SCOOP: New Iranian data wiper malware hits Bapco, Bahrain's national oil company * Attack took place on Dec 29 * Hackers used Dustman, an improved version of the ZeroCleare wiper * Wiper didn't work as intended, didn't destroy company's entire PC fleet
    Prikaži ovu nit
    7 replies 109 proslijeđenih tweetova 182 korisnika označavaju da im se sviđa
    Poništi
  15. proslijedio/la je Tweet
    7. sij

    At Google Project Zero, the team spends a *lot* of time discussing and evaluating vulnerability disclosure policies and their consequences. It's a complex and controversial topic! Here's P0's policy changes for 2020 (with our rationale for the changes):

    5 replies 207 proslijeđenih tweetova 571 korisnik označava da mu se sviđa
    Poništi
  16. proslijedio/la je Tweet
    7. sij

    Very useful

    175 proslijeđenih tweetova 404 korisnika označavaju da im se sviđa
    Prikaži ovu nit
    Prikaži ovu nit
    Poništi
  17. 6. sij

    Personal goals: 2020 is the year of me running a half-marathon and climbing a 4000m mountain.

    3 korisnika označavaju da im se sviđa
    Poništi
  18. proslijedio/la je Tweet
    4. sij

    Excellent introduction to the implementation of Windows Event Logs and why they can be missing critical information. Michael Cohen includes an open source Velociraptor parser as a solution.

    1 reply 74 proslijeđena tweeta 188 korisnika označava da im se sviđa
    Poništi
  19. proslijedio/la je Tweet
    2. sij

    Looking to get more conferences and events filmed, I'm working to assemble and distribute video additional rigs. Can you help me carry the cost? RT very much appreciated.

    6 replies 216 proslijeđenih tweetova 166 korisnika označava da im se sviđa
    Prikaži ovu nit
    Prikaži ovu nit
    Poništi
  20. proslijedio/la je Tweet
    21. pro 2019.

    [] The Navy installed touch-screen steering systems to save money. Systems it didn’t understand and the crew didn’t receive training on. Ten sailors paid with their lives.

    37 replies 347 proslijeđenih tweetova 711 korisnika označava da im se sviđa
    Poništi
  21. proslijedio/la je Tweet
    20. pro 2019.

    “Winter2019” is coming

    9 replies 4 proslijeđena tweeta 54 korisnika označavaju da im se sviđa
    Poništi

@christophetd još nije objavio nijedan Tweet.

Čini se da učitavanje traje već neko vrijeme.

Twitter je možda preopterećen ili ima kratkotrajnih poteškoća u radu. Pokušajte ponovno ili potražite dodatne informacije u odjeljku Status Twittera.

    Možda bi vam se svidjelo i ovo:

    ·