nyan cat

@nyaacate

I'm a coder, security researcher & CTF player, member of BabyPhD, AceBear & working at Viettel Cyber Security. Tweets are my own & not related to my employers.

Vrijeme pridruživanja: lipanj 2013.

Tweetovi

Blokirali ste korisnika/cu @nyaacate

Jeste li sigurni da želite vidjeti te tweetove? Time nećete deblokirati korisnika/cu @nyaacate

  1. proslijedio/la je Tweet
    2. velj

    Can your EDR detect symbolic link callback rootkits? Because ours sure as heck can't. and I wrote about these!

    Poništi
  2. proslijedio/la je Tweet
    17. sij

    You're interested in malware detection/deep learning/side-channel analysis? We're hiring for a Postdoc/research engineer!

    Poništi
  3. proslijedio/la je Tweet
    17. sij

    recently, some Rust programmers started doing something I think is quite harmful: `unsafe` zealotry. it is harmful for three reasons: 1) #![forbid(unsafe)] doesn't make your code memory-safe; 2) memory-safe code can have equally harmful bugs; 3) Rust is useful beyond safety. 🧵

    Prikaži ovu nit
    Poništi
  4. proslijedio/la je Tweet

    If you use AppLocker as a security boundary AND you trust all Microsoft signed binaries AND you use Windows 10, you may want to deploy January 2020's Windows patches. The second one here is malicious and "signed" as Microsoft.

    Prikaži ovu nit
    Poništi
  5. proslijedio/la je Tweet
    16. sij

    After a lot of work and some crypto-related delays, I couldn't be more proud to publish 's and mine latest research - The complete overview of CET internals on Windows (so far!):

    Poništi
  6. proslijedio/la je Tweet
    8. sij

    How infosec works:

    Poništi
  7. proslijedio/la je Tweet

    Captcha refusing to let me proceed until I agree that a picture of a bicycle is the same thing as a bicycle seems like bad news for the future of robot cars

    Poništi
  8. proslijedio/la je Tweet
    2. sij

    Since I teach algorithms, people often ask me for my favorite algorithms books. For intro I like Tim Roughgarden’s “Algorithms Illuminated” series. For intermediate, Edmonds and Erickson are my favorites. Edmonds, in particular, really focuses on intuition.

    Poništi
  9. proslijedio/la je Tweet
    1. sij

    join me in my new years resolution to sleep healthier ☺️ many positive goals become more achievable w/ good sleep and together we will be rested and ready to take them on!!!!!! ❤️❤️❤️💪

    Poništi
  10. proslijedio/la je Tweet

    We now have some news on the 18,000 year old or puppy. Genome analyses shows it's a male. So we asked our Russian colleagues to name it... Thus, the name of the puppy is Dogor! Dogor is a Yakutian word for "friend", which seems very suitable.

    Poništi
  11. proslijedio/la je Tweet
    21. pro 2019.

    Pwning VMWare, Part 1: RWCTF 2018 Station-Escape

    Poništi
  12. proslijedio/la je Tweet
    7. pro 2019.

    today is the first day in history discord has had an actual real legible error message and not some sort of smarmy "oh no! something happned! wumpus is smooshing bad bugs now!" i could get used to this

    Prikaži ovu nit
    Poništi
  13. proslijedio/la je Tweet
    9. stu 2019.

    Cool work on fuzzing binary formats:

    Poništi
  14. proslijedio/la je Tweet
    1. stu 2019.

    Want to win Pwn2Own without all the hassle of having to spend time finding bugs? We finally got round to sorting out and releasing Jandroid - a tool for helping to find logic bugs in Android apps (and just in time for next week!)

    Poništi
  15. proslijedio/la je Tweet
    19. lis 2019.

    mountainclouds for(a=p=i=2e3;t<9&&i--;x.fillRect(i,(a-9)*t*37,1,2e3,q=S(t**.9*.6),x.fillStyle=`hsl(200 ${75-t*t}%${60+q*50+(p-a)**.1*t}%`))for(p=a,a=j=12;j--;a+=S((i-960*S(t*k))*k/t/99)/k)k=2**j

    Prikaži ovu nit
    Poništi
  16. proslijedio/la je Tweet
    10. lis 2019.

    **new reveal** Recently found new APT41 malware family on a Linux system at a telecom we’ve named MESSAGETAP. This enabled APT41 track/monitor monitor phone call and SMS records either based on specific IMSI numbers or keywords for SMS terms

    Prikaži ovu nit
    Poništi
  17. proslijedio/la je Tweet
    10. lis 2019.

    I'd assume PE parsing in the Windows kernel would be well tested but surprisingly no, five such bugs were fixed last Patch Tuesday, all found by fuzzing. They crashed the OS as soon as they'd be written to disk or worst case viewed in Explorer. Details:

    Prikaži ovu nit
    Poništi
  18. proslijedio/la je Tweet
    7. lis 2019.

    Updated my tool to exploit .NET remoting services to use a new (unpatched) technique to bypass Low Type Filter to get full serialization exploitation. Abuses the lease feature present on all MBR objects. . Don't use .NET remoting in production code!

    Poništi
  19. proslijedio/la je Tweet
    21. ruj 2019.

    So Intel must already have been pretty worried about people reading their ucode back when pentium(p5) was released, the ucode store is covered by a solid metal plane, after delayering the array becomes visible but the first layer under the metal is too thin to save

    Prikaži ovu nit
    Poništi
  20. proslijedio/la je Tweet
    15. ruj 2019.

    For every retweet this gets, I will add an Uncomfortable Truth to the thread.

    Prikaži ovu nit
    Poništi

Čini se da učitavanje traje već neko vrijeme.

Twitter je možda preopterećen ili ima kratkotrajnih poteškoća u radu. Pokušajte ponovno ili potražite dodatne informacije u odjeljku Status Twittera.

    Možda bi vam se svidjelo i ovo:

    ·