Matt Nelson

UPDATE: If you clean install RS4+ and have compatible hardware VBS/HVCI is now automatically enabled!! This means the Windows kernel now enforces by default: Kernel code integrity, runtime ACG, and control flow integrity via VBS. Huge for Windows security. Checkout WIP builds!https://twitter.com/dwizzzleMSFT/status/935657242413510656 …

Easy. Try to become an expert at something and blog about your experience and demonstrate how what you learned has real-world applicability. But mainly what I look for in junior people is drive, passion, and proof of attempts to tackle challenges.

I often get asked, "How do I get started in malware RE?" Quite a while ago I was working on some tutorials until I saw these by @malwareunicorn https://securedorg.github.io/RE101/  https://securedorg.github.io/RE102/  Just read those for a solid start.

Project Zero blog: "aPAColypse now: Exploiting Windows 10 in a Local Network with WPAD/PAC and JScript" by @ifsecure, @halvarflake, @tiraniddo and @bool101 - https://googleprojectzero.blogspot.com/2017/12/apacolypse-now-exploiting-windows-10-in_18.html …

How to reverse engineer without knowing how to reverse engineer: http://1.Open  IDA pro 2. Hit shift+f12 for the strings view 3. Choose an interesting string 4. Hit x and go over the xrefs 5. You are now earning at least $140K a year. Bonus: say that you can code html

Facebook Security is proud to announce that we are offering a free twelve-week hands-on course for veterans who desire to get into cybersecurity. Please make sure to apply by January 16th! http://fbcodepath.splashthat.com 

Everybody needs to read @HaifeiLi's presentation on OLE: https://www.blackhat.com/docs/us-15/materials/us-15-Li-Attacking-Interoperability-An-OLE-Edition.pdf … The attack surface of MS Office is a factor of EVERY (COM-installing) application installed on your PC! It's like the early days of IE6 ActiveX all over again...

A Word DDE defense in depth change for you - https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/ADV170021 …. Disables auto-update for any linked fields, including DDE.