-
Slides and video of my
#bluehatseattle talk "A year of hacking Azure AD" are online! Contains my exploration of the unofficial "1.61-internal" version of the Azure AD graph and the resulting vulnerabilities
Slides: https://dirkjanm.io/talks/
Video:https://www.youtube.com/watch?v=fpUZJxFK72k … -
As I'm currently missing
#bluehatseattle and so can't troll@blowdart in person here's a blog about the recent changes to my .NET Remoting Exploit tool to bypass Low Type Filtering https://tyranidslair.blogspot.com/2019/10/bypassing-low-type-filter-in-net.html …. -
Using AzureAD? Here are
@_dirkjan's recommendations.#bluehatseattle pic.twitter.com/rWKreGZSYP
-
DevOps using application scanning in CI/CD pipelines decreases application security risks significantly shown by this large scale study here at
#bluehat. Test those applications every day and don’t let security debt get to your applications!#codesafe#bluehatseattle pic.twitter.com/0Y4ntpxX8R – mjesto: Showbox SoDo
-
Overall comment for my first bluehat? "Pretty Neat".
#bluehatseattle pic.twitter.com/LNrdX1Y6vA
-
So awesome to meet Alex Stamos today!!! Worth the price of admission.
#bluehatseattle pic.twitter.com/HHUcna5awX
-
Thank you
#bluehatseattle organizers for turning down the music in between sessions so we can engage with each other! pic.twitter.com/0MHs3gAo7r -
The playlist of
#bluehatSeattle videos is online! For details of what's included, where to see them, and how to become part of a similar lineup for@BlueHatIL by applying to their CFP, see our blog.https://msrc-blog.microsoft.com/2019/11/13/bluehat-seattle-videos-are-online/ … -
The slides of our talk "Pool Fengshui in Windows
#RDP Vulnerability Exploitation" at#bluehatseattle are available. https://github.com/ga1ois/BlueHat-2019-Seattle … Three ways for Pool Feng Shui with RDP PDU, two new methods to exploit CVE-2019-0708#bluekeep. pic.twitter.com/4ny08Ba4TL
-
Impressive and funny talk by
@b1ack0wl about his exploit development journey of a unauthenticated heap-based buffer overflow vulnerability he found. Best talk I’ve seen in a long time!#bluehatseattle pic.twitter.com/A0E8O3pKhK
-
Hi Seattle! Heading up to
#BlueHatSeattle, if anyone is around there as well who wants to talk Active Directory or Azure AD security, feel free to reach out!
-
#bluehatseattle '19 talks are up! In my#Kubernetes talk, I demo'd hacking the Scott Pilgrim evil exes. Most proud of ex #3: attacking a microservice by MitMing its request to a 2nd microservice. I worked hard on this & hope you enjoy it!@msftsecresponse!https://youtu.be/XmP9Rcn5fZo -
HEYYYYYY I know there is demand for IoT security training from how quickly
@securelyfitz#bluehatseattle class sold out last fall. ICYMI#thesas2020 has an IOT training class in Barcelona this April by Roland Sako, Andrey Muravitsky, &@VDashchenko. https://thesascon.com/training https://twitter.com/TheSAScon/status/1217051434623086592 …
Prikaži ovu nit -
I won an Xbox for filling out the
#bluehatseattle surveys! It arrived today, so excited! Remember to always fill out feedback surveys!#feedbackisagift!pic.twitter.com/G1bmNFhC0J
-
Saturday Bug Bash on the 23rd! Help
@JPGinc find some tasty Windows RCEs! It might help him get another#bluehatseattle invite. http://meetu.ps/e/HrQJ4/xv7j8/a -
Awesome talk by our CTO
@jaybeale on#Kubernetes attack and defense methodology at#bluehatseattle@msftsecresponse. Check it out! More on#BustAKube: https://www.bustakube.com/ More on#Peirates: https://www.inguardians.com/peirates/ https://twitter.com/jaybeale/status/1192940965012496385 … -
Want to see my talk on "Why not graphs?" (When to use, and not use, graphs.) It's online now! Check it out at https://www.youtube.com/watch?v=5xh_HqHtp0Y …!
#bluehatseattle -
We had a great time with everyone at
#bluehatseattle, now it is time for us to get to work. How are we going to work together to help protect against threats to privacy and security?#ItTakesATeam#BetterTogetherhttps://twitter.com/msftsecresponse/status/1188862430119514113 …
1:29 -
Thank you to everyone who joined us for
#bluehatseattle last week. We're already looking forward to the next time! pic.twitter.com/aH5KHi196S -
Forgot to tweet this at the time but
@nicowaisman had a great talk on mapping vulnerabilities as a data flow graph from a source to a sink (eg a mempy) and using the pattern to identify other vulns in OSS#bluehatseattle@github@Semmlepic.twitter.com/q9gpiIllpy – mjesto: Showbox SoDo
Čini se da učitavanje traje već neko vrijeme.
Twitter je možda preopterećen ili ima kratkotrajnih poteškoća u radu. Pokušajte ponovno ili potražite dodatne informacije u odjeljku Status Twittera.
