It's common knowledge that the best source for Windows native API definitions is the collection of System Informer (formerly Process Hacker) phnt headers. Surprisingly, there were no online docs for them, so I created a simple website:
https://t.co/WHU55QVZQl
Tomorrow (Friday), at 11AM PT, the Off By One Security stream will be on The History of Heap Spraying... I will also give away 2 tickets to SANS Hackfest Hollywood! Watch it here: https://t.co/2gakUgDX4f
Next week, I will do a stream on Off By One vulnerabilities!
@KirstenSusanne1 I’m the Sr Cyber Warrant for the 175th CPT detachment.
I did four years at Bragg with 35th and 18th ABN Corp, then got out and went straight into the Guard. I’ll probably retire in the next couple years.
Finally MSRC fix all my reports on CNG Key isolation including 6 UaFs and 2 OOBr. Actually I have already completed full exploit with CVE-2023-28229 and CVE-2023-36907 which could lead to escape from AppContainer sandbox, I will share this exploitation on my blog asap.😀
VETERANS: you have until August 9 to file a claim, in order to receive full backdated health care benefits under the PACT Act. And, you only need to submit an INTENT to file by this date.
https://t.co/5yWDPPqmtb
Call for Attendance (Dayton, OH)
We have an Unaccompanied Veteran scheduled to be interred on Thursday, July 27th at 9:00 at Dayton National Cemetery located at 4400 W Third St, Dayton, OH 45428. James A. Brooks was a PFC in the USMC and served from August 1959 - May 1961.
4. Quantum computers use superconductors to preserve coherence in qubits. Small changes in temperature and pressure can cause the entire QC to fail during operation. Imagine a room temperature quantum computer on your desktop - now possible.
The FLARE team is looking to hire an Associate Reverse Engineer (US remote)! Got at least a year of experience analyzing malware artifacts (incl. self-study or coursework)? Ready to get more disassembly listings and debuggers into your life? 👇👇👇
https://t.co/WHnaS9yrfH
@HackingLZ@NSA_CSDirector@JackRhysider@iamlei It’s all fun and games until someone releases scratch and sniff threat actor stickers.
“Look mom, this one smells like Scattered Spiders…” 😆
I recently did a stream talking about the mitigation “Do not allowed child processes” as part of Exploit Guard. That’s a mitigation that helps protect against the current unpatched office vulnerability: https://t.co/JUXiQIqq6l
Check it out! https://t.co/Q4wHDrCOqC