CEO of ACROS Security; Co-founder of 0patch (https://t.co/XQ9EYMooOv)
Mastodon: @mkolsek@infosec.exchange
Feb 19 • 5 tweets • 2 min read
I don't see why a possibility for chaining this with an old, already patched RCE would suffice for qualifying as RCE itself. I mean, @xaitax video shows coupling with Follina (CVE-2022-30190), and couples it with CVE-2023-21716. I think there must be more than that there.github.com/labesterOct/CV…
@HaifeiLi @xaitax Besides, parsing of this "!" format must be insane: Exclamation mark is a valid character in a file name. How would you go about parsing that? My money is on this parsing being broken and exploitable.
Mar 18, 2021 • 22 tweets • 6 min read
Having a @tetrane REVEN one-on-one training today - absolutely LOVING every moment as well as the potential of this product. My jaw dropped even further when I saw the integration with WinDbg. I didn't know I needed it until I saw it :)
@tetrane For those who don't know @tetrane REVEN yet: it allows you to do a recording of an entire virtual machine, and then walk forward and back through execution of any process, search who changed some memory location and when, trace the flow of data using tainting (forward and back).
Mar 15, 2021 • 4 tweets • 1 min read
Today's Microsoft cloud services outage is a perfect plot twist to the "Everyone stop using on-prem Exchange and migrate to Office 365" fairy tale.
I sense a strong presence of actual Exchange admins in retweets and likes above, the presence I sensed severely lacking in a popular Twitter thread condescendingly promoting said fairy tale :)
Mar 5, 2021 • 7 tweets • 1 min read
You know what's worse than accidentally typing your password to browser address bar?
Google finds 78 hits.
I recommend regular testing of your passwords by googling them. Everything under 5 hits is ISO 27001 compliant.