שלום לכם דבאופסים תותחים/יות
צוות הדבאופס שאני מנהלת מחפש דבאופס נוספ/ת שיצטרף אלינו לתת בראש.
יש המון כלים מעניינים והמון אתגרים והעבודה בצוות היא מאוד מגוונת (באחריות) ועם המון מקום להשפיע.
בעיניי זה זמן טוב להצטרף עתיד החברה נראה מזהיר =]
כתבו בפרטי אם רלוונטי
What does an Israeli startup do when heavy ballistic missiles start hitting Tel Aviv?
We decided to move our small team to a rented apartment in Mitzpe Ramon, a beautiful place in Israel’s Negev Desert.
This turned out to be a great decision.
👇
I really like looking at other people's research and vulnerabilities, you can learn a lot from it.
Especially if this person is you from 6 months ago, that did an amazing job documenting the vulnerabilities I don't remember I found.
My "Reverse Engineering 3011: Reversing C++ Binaries" is released as part of @OpenSecTraining and is available for everyone! 🎉
The class is important to me, I'm happy that after all the time and effort it is finally released, and I hope people would learn and enjoy from it! 😁
Smoke.............on the UPS, a fire in the office.
Smoke..............on the UPS....
https://t.co/TmpWzUDmn1
Amazong talk on ☠️☠️ RCE vulnerabilities on Smart UPS and it's impact by @ArmisSecurity team at @nullcon Berlin
Can't wait for June! Registration to the @Blackhoodie_RE trainings is now open! With RE102 hosted by @pinkflawd and I (that includes my C++ Reverse Engineering training) and Hardware Hacking training hosted by @_kylma and @SynapticRewrite! See you at @reconmtl!
4/4
Today we are disclosing the second phase of TLStorm, some of the bugs are caused by the same misuse of NanoSSL, but this time, the devices are common network switches and a successful attack could allow VLAN hopping and captive portal escape.
https://t.co/3rGI0UppWj
TLStorm2.0 - A set of critical vulnerabilities for Aruba and Avaya switches that can break network segmentation. Research by @AfutaNoam@Gal_Levy92@TheYuvalShow, taking a closer look at TLS implementations of widely used switches.
Demo video on https://t.co/3rGI0UppWj
🧵⬇️ 1/4
3/4
By exploiting a memory corruption bug due to misusage of the NanoSSL TLS library, an attacker gains control over the device and its power output. At @nullcon Berlin, @Gal_Levy92 and @TheYuvalShow demonstrated how an attack can make the UPS go out in a cloud of smoke
📢 Attention Energy Sector orgs: #APT actors may compromise your #SCADA & #ICS devices! Review the latest joint #cybersecurity advisory from @CISAgov, @DOE_CESER, @NSACyber, and @FBI to learn how to protect against potential malicious activity. https://t.co/aFZMwDwRE2 #Detection
Super amazing talk by @ArmisSecurity team on vulnerabilities in connected UPS devices and the dangers ☠️of physical damage. The pic says it all 💨💨 😁🤯 The IoTs 😓 @nullcon 2022 Berlin
🙌Last talk of Day 1
😯This research will blow your mind....well actually it will be your'Smart' connected UPS 🔋💥
💡Yuval & Gal will reveal number of mighty 0 click pre-authentication #vulnerabilities in the known #UPS vendor
#NullconBerlin2022#infosec
Today at Nullcon, @Gal_Levy92 and @TheYuvalShow from Armis Research Labs presented TLStorm - A set of vulnerabilities that can allow attackers to gain complete control over Smart UPS devices from the internet. Live demo of a UPS frying itself using RCE in the attached photo
CheckPointSW: Earlier this month, @ArmisSecurity found three critical vulnerabilities in #APC Smart-UPS devices, two of which included critical vulnerabilities in the #TLS implementation. Learn how Check Point and Armis can help protect your organization…