dru1d

Cobalt Strikes are already up and the webinar has only been running for a short time!

https://t.co/66vtthyDoR

Spent the last 2 weeks working on a devirtualizer for VMProtect 3.5 and learning Remill. Idk yet if I will blog about it, but I at least wanted to publish the code: https://t.co/GLqKWpOOU7 The approach is different from my last blog, as it lifts the whole x86 code of the VM

I see a lot of misunderstanding about what this means and what it will do for us So let's be very clear: - browser only - does not prevent AitM by itself - does not prevent pre-existing malware from tampering with key generation This is not a panacea, it is a fair compromise

Azure post 1 of 2 is live now, covering traffic hijacking via Smuggle Caching. Post 2 will focus on a Azure Front Door 0-click XSS that worked on HTTP/1.x and HTTP/2. Smuggling Through the Front Door... Achieving Global Redirect Poisoning at the Edge https://t.co/4fTtI2gAdL

I don’t know who needs to hear this but your research is your IP not the vendors IP. You can do whatever you want with that IP. Reporting it, publishing it, selling it to a third party or putting it in a box under your bed 🙄

MSRC: Either you let us bully you and treat you like garbage or we’ll send you to jail

Microsoft Security Response Center put out a blog post today about Eclipse Nightmare guy Basically they think he's super mean and totally not cool he's dropping zero days. They say you're a jerk if you do this stuff because it's dangerous and stuff https://t.co/Bg5iFxI3lc