@mikko

@mikko

Researcher at F-Secure.

Finland
mikko.hypponen.com
Joined March 2009
4,961 Photos and videos Photos and videos

Tweets

You blocked @mikko

Are you sure you want to view these Tweets? Viewing Tweets won't unblock @mikko

  1. Retweeted
    Jan 20

    My (shaky) understanding of this is that Golang's network stack attempts to parse HTTP headers as ~UTF-8 even though everyone else treats them as ASCII. If correct, this enables quite a range of interesting attacks on both clients and servers.

    I found another way to do HTTP smuggling, you can use T-E: chunKed K is the Kelvin symbol (%E2%84%AA) If the header is converted to lowercase, you get 'chunked' in ascii, if it's converted to uppercase it will stay the same (invalid) cc
    12 replies 89 retweets 284 likes
    Undo
  2. Retweeted
    13 hours ago

    Interesting opsec slip in one second stage loader used by UNC2452 / DarkHalo post abusing SolarWinds backdoor: sample has forgotten C++ header path pointing to: "c:\build\workspace\cobalt_cryptor_far (dev071)\farmanager\far\platform.concurrency.hpp"

    2 replies 74 retweets 266 likes
    Show this thread
    Show this thread
    Undo
  3. Retweeted
    16 hours ago

    Nothing is ok in this photo

    168 replies 449 retweets 3,773 likes
    Undo
  4. 23 hours ago

    x⁰⁰, x⁰¹, x⁰², x⁰³, x⁰⁴, x⁰⁵, x⁰⁶, x⁰⁷, x⁰⁸, x⁰⁹ x¹⁰, x¹¹, x¹², x¹³, x¹⁴, x¹⁵, x¹⁶, x¹⁷, x¹⁸, x¹⁹ x²⁰, x²¹, x²², x²³, x²⁴, x²⁵, x²⁶, x²⁷, x²⁸, x²⁹ x⁹⁰, x⁹¹, x⁹², x⁹³, x⁹⁴, x⁹⁵, x⁹⁶, x⁹⁷, x⁹⁸, x⁹⁹

    If you happen to ask yourself, why some superscript numbers look strange on macOS and iOS, wrote it up here:
    3 replies 5 retweets 17 likes
    Undo
  5. Retweeted
    Jan 20

    NEW : Ransomware 2.0, with | Episode 49

    26 retweets 28 likes
    Undo
  6. Retweeted
    Jan 19

    correct horse battery staple

    This is why you don't use a sticky note with the password on it.
    5 replies 27 retweets 143 likes
    Undo
  7. Jan 20

    ”my kids wanted to hack my linux desktop, so they typed and clicked everywhere. I was looking at them play…when the screensaver core dumped and they actually hacked their way in! I thought it was a unique incident, but they managed to do it a second time. Issue #354.”

    Screensaver lock by-pass via the virtual keyboard · Issue #354 · linuxmint/cinnamon-screensaver · GitHub
    22 replies 180 retweets 823 likes
    Undo
  8. Retweeted
    30 Jul 2020

    You won't have to worry about my tweets when I'm president.

    61,438 replies 75,463 retweets 691,786 likes
    Undo
  9. Retweeted
    Jan 19

    More information from our SolarWinds investigation. New tool - Raindrop - appears to have been used by attackers for spreading across victim networks.

    18 retweets 17 likes
    Undo
  10. Retweeted
    Jan 18

    Just regular bikes and regular winter clothing. Nothing special needed. , .

    15 replies 184 retweets 965 likes
    Undo
  11. Jan 20

    Mobile first.

    50 Years of Gaming History, by Revenue Stream (1970-2020) 🎮
    5 replies 14 retweets 83 likes
    Undo
  12. Retweeted
    2 Jan 2019

    This description of the asteroid that killed the dinosaurs is probably the best piece of writing I've read in a while. That was beautiful.

    173 replies 5,248 retweets 14,475 likes
    Undo
  13. Jan 20

    ”Williams intended to send the computer device to a friend in Russia, who then planned to sell the device to SVR, Russia's foreign intelligence service", the affidavit said.

    Donald Trump supporter arrested after suspected 'data theft' from Nancy Pelosi's office during US Capitol riots
    8 replies 26 retweets 109 likes
    Undo
  14. Retweeted
    Jan 19

    Today, I disclosed publicly that had been targeted by the same nation state actor that attacked SolarWinds. This attack is much broader than SolarWinds and I expect more companies will come forward soon.

    31 replies 669 retweets 1,354 likes
    Undo
  15. Retweeted
    Jan 18

    Now this is patience....

    75 replies 2,102 retweets 15,708 likes
    Show this thread
    Show this thread
    Undo
  16. Jan 19

    Severity 1 X. Can you fly in this afternoon?

    ⏲️ As of today, we have about eighteen years to go until the Y2038 problem occurs. But the Y2038 problem will be giving us headaches long, long before 2038 arrives. I'd like to tell you a story about this.
    Show this thread
    3 replies 6 retweets 44 likes
    Undo
  17. Jan 19

    An old ad for Joker's Stash I had saved.

    2 replies 9 likes
    Show this thread
    Show this thread
    Undo
  18. Jan 19

    "The admin of the Joker's Stash carding forum had contracted COVID-19, spending a week in the hospital"

    Last Dash for Joker’s Stash: Carding forum may close in 30 days. Read the full story here:
    1 reply 4 retweets 12 likes
    Show this thread
    Show this thread
    Undo
  19. Jan 19

    3 replies 4 retweets 41 likes
    Show this thread
    Show this thread
    Undo
  20. Retweeted
    Jan 12

    We’re thrilled to be welcoming Mikko Hyppönen as a speaker at our 2021 Digital Forum. is the chief researcher at F-secure and a global expert & authority on & . Register here to watch him speak at on March 17-19!

    17 retweets 37 likes
    Undo

@mikko hasn't Tweeted yet.

Loading seems to be taking a while.

Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.

    You may also like

    ·