Justin Campbell

@metr0

Security research and exploit mitigations . Kenshoto member and CTF burnout. Tweets are, regrettably, my own.

Redmond, WA
Vrijeme pridruživanja: travanj 2008.
21 fotografija ili videozapis Fotografije i videozapisi

Tweetovi

Blokirali ste korisnika/cu @metr0

Jeste li sigurni da želite vidjeti te tweetove? Time nećete deblokirati korisnika/cu @metr0

  1. prije 4 sata

    Check out the slides for Dave’s talk on our team and some of what we’re up to.

    Just posted my talk "Keeping Windows Secure" touching on security assurance process and vuln research in Windows from 2019:
    Prikaži ovu nit
    1 proslijeđeni tweet 5 korisnika označava da im se sviđa
    Poništi
  2. proslijedio/la je Tweet
    prije 7 sati

    Great talk by on securing Windows at Automated attack surface discovery, killing bug classes with compilers and "Enabling Devs to Fuzz like a Boss"

    6 proslijeđenih tweetova 40 korisnika označava da im se sviđa
    Prikaži ovu nit
    Prikaži ovu nit
    Poništi
  3. proslijedio/la je Tweet
    prije 7 sati

    I am removing "Intro to our team work" slide from my later talk. did it well: LibFuzzer, syzkaller and ASan, all at one slide as a base of Microsoft Risk Detection Platform )

    6 proslijeđenih tweetova 18 korisnika označava da im se sviđa
    Prikaži ovu nit
    Prikaži ovu nit
    Poništi
  4. proslijedio/la je Tweet
    prije 9 sati

    This one was interesting in particular. 10x for sharing.

    3 proslijeđena tweeta 8 korisnika označava da im se sviđa
    Poništi
  5. proslijedio/la je Tweet
    prije 9 sati

    Win10 new mitigations

    17 proslijeđenih tweetova 37 korisnika označava da im se sviđa
    Poništi
  6. proslijedio/la je Tweet
    prije 13 sati

    Come hear how my team found and exploit DejaBlue during an internal REDTEAM op today

    4 proslijeđena tweeta 37 korisnika označava da im se sviđa
    Poništi
  7. proslijedio/la je Tweet
    4. velj

    I've worked professionally in software for 18 years and I can say with certainty that you should not use software for anything

    378 replies 9.825 proslijeđenih tweetova 74.811 korisnika označava da im se sviđa
    Prikaži ovu nit
    Prikaži ovu nit
    Poništi
  8. proslijedio/la je Tweet
    2. velj

    That was in fact my collaborator on that screenplay, Tom Maddox.

    Invisigoth: still the best handle ever conceived. Was that all you, ?
    11 replies 11 proslijeđenih tweetova 183 korisnika označavaju da im se sviđa
    Poništi
  9. 26. sij

    More MS internal finds killing wormable bugs. Nice work on a quick turnaround.

    0:23
    Ladies and gentlemen, I present you a working Remote Code Execution (RCE) exploit for the Remote Desktop Gateway (CVE-2020-0609 & CVE-2020-0610). Accidentally followed a few rabbit holes but got it to work! Time to write a blog post ;) Don't forget to patch!
    Prikaži ovu nit
    3 proslijeđena tweeta 19 korisnika označava da im se sviđa
    Poništi
  10. proslijedio/la je Tweet
    23. sij

    Architecting for Performance and Security At The Same Time I wrote this up really quickly, but it's basically how I have approached building hardened, scalable services in Grapl by focusing on isolation.

    10 proslijeđenih tweetova 43 korisnika označavaju da im se sviđa
    Prikaži ovu nit
    Prikaži ovu nit
    Poništi
  11. 22. sij

    I would attend this conference.

    Odgovor korisniku/ci @RachelTobac
    We have rooms where people can play Blood on the Clocktower, Two Rooms and A Boom. There’s a video game streaming room. Everyone’s laughing and making stuff in other rooms. There’s a 72 hour film competition. And a 72 hour badge making competition.
    3 korisnika označavaju da im se sviđa
    Poništi
  12. proslijedio/la je Tweet
    21. sij

    I have changed my views. Rust needs to exist. There will always be people who, for whatever reason, are bad at making choices and don’t want to code in Go. If Rust did not exist then those people would choose C++. 😇

    10 replies 17 proslijeđenih tweetova 113 korisnika označava da im se sviđa
    Poništi
  13. proslijedio/la je Tweet
    14. sij
    Odgovor korisnicima i sljedećem broju korisnika:

    To break into WU you'd need to MITM the WU servers using a cert derived from the cert-pinned dedicated intermediary, do this on TLS>=1.2, and then bypass *both* Authenticode signature checks on the CAB files inside, none of which you'll manage using this bug.

    5 replies 26 proslijeđenih tweetova 108 korisnika označava da im se sviđa
    Poništi
  14. proslijedio/la je Tweet
    16. sij

    Software Engineers 20-25: gotta get a job gotta get a job gotta get a job 25-29: gotta get promoted gotta get promoted gotta get promoted 30: makes their own pickles

    230 replies 1.111 proslijeđenih tweetova 7.995 korisnika označava da im se sviđa
    Prikaži ovu nit
    Prikaži ovu nit
    Poništi
  15. 16. sij

    As I've said before: if you don't brand your bugs, someone will.

    We have a working proof-of-concept exploit for ‘Whose Curve is it Anyway?’ — NSA’s bug in Microsoft’s Crypto API. Read on for our explainer:
    1 reply 1 proslijeđeni tweet 7 korisnika označava da im se sviđa
    Poništi
  16. 16. sij

    Thanks, I hate it.

    Are you excited about C++23?
    Prikaži ovu nit
    5 proslijeđenih tweetova 16 korisnika označava da im se sviđa
    Poništi
  17. proslijedio/la je Tweet
    15. sij

    After FLAME abused a Microsoft certificate for malware, MSFT added large numbers of hardening solutions to WinUpdate, even for significant security break scenarios. It appears because of this, Windows Update itself is not vulnerable to CVE-2020-0601.

    Odgovor korisnicima @mattwwaters @SwiftOnSecurity i sljedećem broju korisnika: 5
    No, even if you spoof signed with ECC, it validates dual RSA signing (which you can’t spoof).
    1 reply 64 proslijeđena tweeta 216 korisnika označava da im se sviđa
    Prikaži ovu nit
    Prikaži ovu nit
    Poništi
  18. proslijedio/la je Tweet
    15. sij

    The January 2020 security updates include a fix for the CVE-2020-0601 certificate validation vulnerability that affects Windows 10. More information from here:

    1 reply 45 proslijeđenih tweetova 86 korisnika označava da im se sviđa
    Prikaži ovu nit
    Prikaži ovu nit
    Poništi
  19. proslijedio/la je Tweet
    14. sij

    This month's updates includes CVE-2020-0601 affecting Windows 10. We have not seen it used in active attacks. Learn how this is one example of our partnership with researchers and industry to release quality security updates to help protect our customers.

    5 replies 93 proslijeđena tweeta 105 korisnika označava da im se sviđa
    Poništi
  20. proslijedio/la je Tweet
    14. sij
    Odgovor korisniku/ci

    After the applicable Windows update is applied, the system will generate Event ID 1 in the Event Viewer after each reboot under Windows Logs/Application when when an attempt to exploit a known vulnerability ([CVE-2020-0601] cert validation) is detected. That’s pretty awesome

    16 proslijeđenih tweetova 31 korisnik označava da mu se sviđa
    Poništi

@metr0 još nije objavio nijedan Tweet.

Čini se da učitavanje traje već neko vrijeme.

Twitter je možda preopterećen ili ima kratkotrajnih poteškoća u radu. Pokušajte ponovno ili potražite dodatne informacije u odjeljku Status Twittera.

    Možda bi vam se svidjelo i ovo:

    ·