Olivia
Online
Tal Lossos
@TalLossos
Security Researcher
Joined June 2022
60 Following
143 Followers
31 Posts
@antoniozekic I doubt it as well. Reported a remote DoS a few months ago and got a reply that it isn't a "security implication"
@Guluisacat Same here!
Two marked as โaddressedโ, but one of them is still exploitable with the exact same PoC :)
@karmaz95 And there is the case when they agree that the reported issue is a vulnerability, they fix it but don't grant a CVE ๐
@karmaz95 This happened to me as well. I reported a TCC bypass to Apple and they replied that it is an "expected behavior" for some reason...
Who to follow
clearbluejar
@clearbluejar
Security Researcher | Founder @clearseclabs |
Author of #ghidriff | Agentic #PatchDiffing |
Stuck in a loop: Build โข Reverse โข Learn โข Share
PKSecurity 
@pksecurity_io
https://t.co/SfdM9Iu67x
Benny Meisels
@benny_meisels
RE, Security, Embedded Systems | Maker, Programming Language Enthusiast | Lead Solution Architect @CymotiveTech
Happy to share that some of my reports were fixed in the new macOS version :)
https://t.co/jNKNR8Rpe8
Had an amazing experience at @1ns0mn1h4ck this year, talking about adding NVMe-of/TCP to syzkaller.
In case you want to check it out:
Hereโs the recording - https://t.co/7waJkjcg8A
And the slides - https://t.co/FosaAhYvc4
Quite a few people asked me if weโve found more vulnerabilities in the NVMe Linux kernel driver. So, here is my answer!
Check out the blog post of my colleague Alon on his journey of fuzzing the driver with some lovely findings!
Be sure to check out my recent blog about my latest research โYour NVMe had Been Syzโedโ. In there I show how to add new subsystems to syzkaller, and how to use it to find new vulnerabilities.
https://t.co/7qqyhm0YPF
Finally got around to publishing this post on a ๐๐ง๐๐ฉ๐๐๐๐ก ๐ซ๐ช๐ก๐ฃ๐๐ง๐๐๐๐ก๐๐ฉ๐ฎ ๐๐ฃ ๐ #๐๐ผ๐๐บ๐ผ๐๐ฆ๐๐ ๐๐๐๐๐ฃ!
Dive in if you're interested in the security of the #IBC protocol and the Cosmos in general ๐ชโจ
https://t.co/Xla0lEhSOS
Interesting reading on how to use Static Code Analysis tools for finding vulnerabilities (with a NULL Pointer Dereference in the NVMe driver of the Linux kernel as practical example)
Credits @TalLossos (@TalLossos)
https://t.co/ImxV7XyZ2r
#Linux #kernel #infosec
Check it out! Our resident expert reverse engineer @TalLossos giving his talk on at REcon Montreal.
Topic: Vulnerabilities in the NVMe (Non-Volatile Memory Express) protocol and its extension, NVMeoF (NVMe over Fabrics).
#HITB2023HKT
The blog post version of this talk is now available https://t.co/7O4VlFjLui and the slides are here https://t.co/Bex0mNDiYn
Did you know that NVMe over TCP exists? I sure didn't, but it's a super interesting attack vector.
@TalLossos just put out an excellent blogpost of using CppCheck to find a null pointer deference in the Linux kernelโs NVMe driver. Check it out!
https://t.co/jxvlA0hkSR
A deep dive into how we've found some cool low-hanging-fruits in the Linux kernel ๐๐https://t.co/ANXrs8watc
#HITB2023HKT NVMe: New Vulnerabilities Made Easy - Tal Lossos - https://t.co/GeLZk4T7io
Recon 2023 Talk selection has been released, https://t.co/6claXNMpJx The Conference schedule will be published soon. Register here: https://t.co/ZSllUboiiu See you in June!
#cybersecurite #REcon2023 #ReverseEngineering
.@TalLossos explaining how he's exploiting 3rd party kernel modules.
In this case, OpenRazer...
#RSAC2023 #opensource #bufferoverlow #fuzzing
I'm excited to share that I will present one of my latest projects at @reconmtl !
Stay tuned and cya there :)
We are proud to announce Tal Lossos @TalLossos as a speaker for Recon 2023! Thanks a lot for your contribution!
See full talk description here:https://t.co/EauAHWDgvq #ReverseEngineering #REcon2023 #cybersecurite
Had a blast.
You should definitely check it out if you wanna see how I've exploited it to a LPE, in a colorful way of course ๐ด๐ต๐ข๐ก
๐ด๐ต๐ข๐กColorful #vulnerabilities on your โจ๏ธkeyboard!
๐กTal @TalLossos & Eran @EranShimony shared their analysis & investigation of Razer's #Linuxkernel module, followed by finding several #0day bugs with a live demo
๐ฟEnjoy the talkโถ๏ธhttps://t.co/wE1tCnTqau
#NullconDE2023
@LiveOverflow inb4 macOS
Last Seen Users on Sotwe
MH
Seen from Turkey
๐ฎ๐ณKaur Seerat(๐ดNathni Queenโญ)๐ฎ๐ณ
Seen from Netherlands
OMEGLE+18
Seen from Singapore
Tรผrbanlฤฑ ฤฐfลa
Seen from United States
Bonnie
Seen from United States
alfandi
Seen from Indonesia
โููุฑุฉ ุงููุนุชูุจู ๐ธ
Seen from Saudi Arabia
Phแบกm Vฤn Bแบฃo
Seen from Vietnam
Ashyfox
Seen from Germany
Jennifer Martin
Seen from United States
Most Popular Users
Elon Musk
@elonmusk
240.2M followers
Barack Obama
@barackobama
119.3M followers
Donald J. Trump
@realdonaldtrump
111.6M followers
Cristiano Ronaldo
@cristiano
109.4M followers
Narendra Modi
@narendramodi
106.9M followers
Rihanna
@rihanna
97.4M followers
NASA
@nasa
92.1M followers
Justin Bieber
@justinbieber
90.7M followers
KATY PERRY
@katyperry
87M followers
Taylor Swift
@taylorswift13
80.9M followers
Lady Gaga
@ladygaga
72.4M followers
Kim Kardashian
@kimkardashian
69.5M followers
Virat Kohli
@imvkohli
68.9M followers
YouTube
@youtube
68.6M followers
Bill Gates
@billgates
63.5M followers
The Ellen Show
@theellenshow
62.5M followers
CNN
@cnn
61.9M followers
Neymar Jr
@neymarjr
61.5M followers
X
@x
60.9M followers
Selena Gomez
@selenagomez
60.1M followers