Olivia
Online
Hernan Ochoa
@hernano
Security Consultant / Researcher
Joined April 2008
272 Following
1.4K Followers
596 Posts
Microsoft Recall is Mandatory? https://t.co/7o0jUDKEFs
@jduck @Apple @LowLevelTweets Thanks! I'm aware of secure/confidential computing technologies, but it's not the same. I'm looking for official @Apple's docs to verify their claims.
Can anyone point me to documentation describing exactly how @Apple's Private Cloud Compute actually works? (the June 10 blog post doesn't count)
if there's none publicly available yet, I think @Apple must release detailed technical documentation describing Private Cloud Compute's security architecture ASAP. They keep claiming it is 'private' and 'secure' w/o enough verifiable info. (again, the June 10 post is not enough)
Who to follow
Cesar Cerrudo 
@cesarcer
Professional Hacker & Cyber Security Futurist. Security/ Hacking
Stephen Fewer
@stephenfewer
Senior Principal Security Researcher @rapid7. Specializing in software vulnerabilities and exploitation.
Anibal Sacco
@hannibals
Security researcher & @CubicaLabs Co-founder. Exploit writer, Jazz bassist, Serial mistaker.
@Apple your updates regularly reset settings to their default values, or completely delete changes in files like /etc/pf.conf. had to automate checking for issues like this in an entire lab. Is there a better way? ... ... ...
'Corporate World', please stop sending customer surveys emails and the like with links to domains other than your own! Your customers must not be trained to click links in unknown domains! You're wasting your anti-phishing training budget...
GoSNMP DoS Vulnerability https://t.co/DzMOIEI9uE
Dear @Google when will you let people use their preferred H/TOTP implementation without having to enter a phone number? Thank you!!
Why do people keep buying network devices managed using cloud services? @ArubaNetworks @Ubiquiti https://t.co/fnTuHPVnqt https://t.co/hVl82jK2ZA
I just stumbled upon the web site for an online payment processor service developed by a major player does not even have 443/tcp open π
GPRS (2G & 3G data) encryption schemes GEA-1 and GEA-2 have a security of 2^40 (due to a backdoor) and 2^45 (apparently unintentional) instead of the expected 2^64, which translates to practical, real-time attacks.
Nice Chromium 1-Day. Apparently 32-bit only memory corruption bugs like this integer overflow => heap overflow are not considered to be a big deal any more. Fixed 13 days ago and still not merged in the stable channel. π
Kill -9 your way to root on most modern Linux using @kevin_backhouse's latest polkit finding (CVE-2021-3560) https://t.co/sW6YS9CCPr
@singe @_wald0 @uspto @CptJesus @harmj0y Even if not. How does such a patent help others (vendors or other open source developers)?
Imagine if Hernan Ochoa, who wrote WCE had applied for a patent on accessing the LSASS memory to dump user creds. Would Benjamin Delphy now have to pay license fees for his Mimikatz?
Not a single south-american country is eligible for Apple's Security Research Device program, could start with Argentina (in alphabetical order..) @AppleSupport @apple @dlitchfield
@lcamtuf This is BEYOND terrible. Chrome users cannot browse to http://t.co/9Qc9Kibqnp; think about the magnitude of the situation
@lcamtuf Google thinks it's ok to completely block access to a commercial site; and the affected party can't do anything about it
@lcamtuf And it's impossible to contact any human being to remedy the situation. I was able to fix the situation with all other AV vendors.
@lcamtuf And there's no way to do anything about it. Because Google has an automatic scanner, it finds WCE's zip file and it flags the site
@lcamtuf I don't see Google blocking Rapid7's web site because they offer Metasploit for download. This is TERRIBLE.
Last Seen Users on Sotwe
Mo
Naked&Married
Seen from United States
Zululand πππ
Seen from Kenya
Keisha Red
Seen from Thailand
Clearandclean
Seen from Malaysia
Ψ―ΩΩΨ« Ψ²ΩΨ¬ΨͺΩ
Seen from United Kingdom
Gillian Fennell
Seen from Australia
iblis dari surga
Seen from Indonesia
sevimli sempatik
Seen from Turkey
HappyBali
Seen from Singapore
Most Popular Users
Elon Musk
@elonmusk
240.4M followers
Barack Obama
@barackobama
119.3M followers
Donald J. Trump
@realdonaldtrump
111.7M followers
Cristiano Ronaldo
@cristiano
110.1M followers
Narendra Modi
@narendramodi
107M followers
Rihanna
@rihanna
97.5M followers
NASA
@nasa
92.1M followers
Justin Bieber
@justinbieber
90.8M followers
KATY PERRY
@katyperry
87.4M followers
Taylor Swift
@taylorswift13
81.2M followers
Lady Gaga
@ladygaga
72.8M followers
Kim Kardashian
@kimkardashian
69.7M followers
Virat Kohli
@imvkohli
69.5M followers
YouTube
@youtube
68.7M followers
Bill Gates
@billgates
63.7M followers
The Ellen Show
@theellenshow
62.5M followers
Neymar Jr
@neymarjr
62.2M followers
CNN
@cnn
61.9M followers
X
@x
60.8M followers
Selena Gomez
@selenagomez
60.5M followers