James Willy

@james0x40

Windows kernel & browser security researcher Also interested in crypto

Vrijeme pridruživanja: kolovoz 2019.

Tweetovi

Blokirali ste korisnika/cu @james0x40

Jeste li sigurni da želite vidjeti te tweetove? Time nećete deblokirati korisnika/cu @james0x40

  1. proslijedio/la je Tweet
    prije 6 sati

    I have published my tools to dump Dwarf debug information on huge libraries (e.g. Chromium):

    Poništi
  2. proslijedio/la je Tweet
    prije 16 sati

    When I get to Microsoft, I'm going to work day and night. I'm going to make sure hiring me wasn't a mistake. I don't feel like I've finally won yet, I feel like I've been given a chance to finally prove myself, and that's what I'm going to do.

    Poništi
  3. proslijedio/la je Tweet
    30. sij

    Just published a follow-up to my Adobe Reader symbols story on the Project Zero blog. Turns out there's even more debug metadata to be found in some old (and new) builds, including private CoolType symbols. Enjoy!

    Poništi
  4. proslijedio/la je Tweet

    Taking a look at what we published in 2019. What was the most popular vendor? The most common ? All this and more in our 2019 retrospective.

    Poništi
  5. proslijedio/la je Tweet
    30. sij

    It should be -2019-1367 rather than -2020-0674, and seems targeting from group.

    Poništi
  6. proslijedio/la je Tweet
    Prikaži ovu nit
    Poništi
  7. proslijedio/la je Tweet

    Remote Code Execution and Sensitive Information Theft in Microsoft Azure, along with infrastructure overview (2 Parts):

    Prikaži ovu nit
    Poništi
  8. proslijedio/la je Tweet
    29. sij

    Excited to start the new year with CVE-2020-3842 :) It's a fun one and unlike the other bugs I reported so far so I'm looking forward to (responsibly) disclosing it.

    Poništi
  9. proslijedio/la je Tweet
    28. sij

    Added a 2019 entry to the "0-day detected in the wild" spreadsheet for the Trend Micro OfficeScan vulnerability Brings the total to 20 for 2019. We're currently at 2 for 2020.

    Poništi
  10. proslijedio/la je Tweet

    Proof of Concept scanner for CVE-2020-0609 & CVE-2020-0610.

    Prikaži ovu nit
    Poništi
  11. proslijedio/la je Tweet

    The final count is in, and with 92.5 points total, and are crowned Master of Pwn! Congratulations to everyone who participated. We'll have a full wrap video with all the results available tomorrow morning. We'll see you in Vancouver.

    Poništi
  12. proslijedio/la je Tweet
    21. sij

    Tech Preview 2020 is live! Workstation TP 20H1 now brings compatibility with Hyper-V enabled hosts. In TP 20H1, Workstation can now run when Credential or Device guard, or WSL is enabled. Blog: Direct Link:

    Poništi
  13. proslijedio/la je Tweet
    18. sij

    My first blog post on browser exploitation for . I'll look at how to pop xcalc on current Linux Spidermonkey given a relative (oob) rw bug. Spidermonkey is the JavaScript Engine in Firefox. Exploit code also supplied.

    Poništi
  14. proslijedio/la je Tweet
    21. sij
    Poništi
  15. proslijedio/la je Tweet

    Day One of Miami comes to a close. Today we awarded $110,000 for eight bugs in multiple categories. Tomorrow looks to be even busier. As a reminder, you can find the latest updates and results at

    Poništi
  16. proslijedio/la je Tweet

    The schedule for Day One of Miami is posted! We'll be updating this blog throughout the day with results and updates. Be sure to check it out often.

    Poništi
  17. proslijedio/la je Tweet

    To ensure everyone is in the door and here to witness it, we're delaying the drawing to 8:50. The first attempt will now be at 9:30.

    Poništi
  18. proslijedio/la je Tweet
    20. sij

    The 7th part of the tutorial Hypervisor From Scratch is published! In this part, I described EPT. Thanks to Petr as Hypervisor From Scratch could never have existed without his help and to Alex for patiently answering my questions.

    Poništi
  19. proslijedio/la je Tweet
    17. sij

    BREAKING: Microsoft warns about Internet Explorer zero-day * No patch out yet * No CVE, for now * This is the IE zero-day that Qihoo 360 mentioned last week in a now-deleted tweet * Connected to last week's Firefox zero-day

    Poništi
  20. proslijedio/la je Tweet
    18. sij

    RDP to RCE: When Fragmentation Goes Wrong AKA: What we know about CVE-2020-0609 and CVE-2020-0610.

    Poništi

Čini se da učitavanje traje već neko vrijeme.

Twitter je možda preopterećen ili ima kratkotrajnih poteškoća u radu. Pokušajte ponovno ili potražite dodatne informacije u odjeljku Status Twittera.

    Možda bi vam se svidjelo i ovo:

    ·