Federico Bento @uid1000
Joined November 2016-
Tweets545
-
Followers992
-
Following69
-
Likes658
Today I learned that a memory corruption vulnerability may not be considered a memory corruption vulnerability
Looking at a private version of PaX/grsec from the 2nd half of this year, there's no probabilistic xor cookie retaddr protection for the 'iret' insn case. I'm not saying it can't be done & I'm also not saying it isn't implemented in some later or exotic commercial version.
Talking about bruised egos, apparently a certain someone decided to throw a tantrum and block me because he just got nominated for the Lamest Vendor Response award... Isn't it ironic? Good riddance!
Fun fact: the initial Kaiser (currently KPTI) patches, which were meant to fix KASLR breaks via CPU side-channel attacks (read: not Meltdown), specifically said that KASLR could still be broken. For more, see "challenge 2" from the original paper.
@bluefrostsec @NicoEconomou I liked the blog but this tweet is pretty dramatic. kASLR was vulnerable to timing attacks prior to Meltdown and we explicitly documented that our Meltdown mitigation does not attempt to solve kASLR. kASLR was never safe from timing attacks nor should anyone have expected it was.
git.kernel.org/pub/scm/linux/…… is a cute bug and also a good reminder that one of SMAP's weaknesses is the reliance on EFLAGS.AC
Cool writeup exploiting FreeBSD bhyve. Nice to see the same points from other platforms repeat here: - CFI makes more exploits leak the stack && do ROP (it's easy) - RFG/SafeStack/whatever in software is weak, many ways to leak the shadow stack address phrack.org/papers/escapin…
Interesting facts about 'exec_id' - almost all Linux kernels insufficiently restrict exit signals (except 2.0.39 and 2.0.40 ;-)) blog.pi3.com.pl/?p=697
Let's try kernel stack base offset randomization again! :) lore.kernel.org/lkml/202003242…
New blog post on Hardware-enforced Stack Protection in Windows 10 from the Windows kernel team (@TheRealHariP & @mamyun) Support is in WIP fast ring builds if/when you have a CPU that supports CET :) techcommunity.microsoft.com/t5/windows-ker…
Free knowledge! 🔥 We have a new blog post ready, which discloses an unfixed Linux UserLAnd ASLR bypass. Read here: bit.ly/2ULoj97 -- #cybersecurity #informationsecurity #linux #ASLR #alwayskeeplearning #wildfire #goblaze
André @0xacb
14K Followers 704 Following Hacker grinding for L1gh7 and Fr33dφm, straight outta the cosmic realm. Co-founder @ethiackHalvar Flake @halvarflake
44K Followers 3K Following I do math. And was once asked by R. Morris Sr. : "For whom?" @[email protected] At the moment, for noone.Pedro Umbelino @kripthor
995 Followers 657 Following rural hacker. nfcdripper. hardware maker. software breaker.Tiago Henriques @Balgan
3K Followers 1K Following VP of Research @solvecyberrisk - I help build the future of cyberinsurance . ex CEO/Founder @binaryedgeio (acquired) - Opinions=mine.fG! @osxreverser
13K Followers 819 Following Know a thing or two about Reverse Engineering and Economics. Love 911s with three pedals and natural aspirated engines.SØᴘᴀS @dsopas
4K Followers 176 Following Magical and majestic, I am a unicorn on a mission to spread sparkles and rainbows across the land. Follow me for a magical adventure filled with wonder.LiveOverflow 🔴 @LiveOverflow
142K Followers 1K Following wannabe hacker... he/him 🌱 grow your hacking skills @hextreeioAndrey Konovalov @andreyknvl
6K Followers 667 Following Security engineer at https://t.co/027VXUlgOx. Focusing on the Linux kernel. Maintaining @linkersec. Trainings at https://t.co/D5MrxmYimS.Rodrigo Branco @bsdaemon
12K Followers 3K Following Just an opinionated security researcher. Opinions are my own H2HC (Hackers 2 Hackers Conference)Joxean Koret (@joxean.. @matalaz
8K Followers 4K Following سمووحخ ̷̴̐ خ ̷̴̐ خ ̷̴̐ خ امارتيخ ̷̴̐ خ 巴斯克恐怖 జ్ఞffective.Power لُلُصّبُلُلصّبُررً ॣ ॣh ॣ ॣ 冗జ بٍٍٍٍََُُُِّّّْرٍٍٍٍََُُِِّّّْآٍٍٍَُّ🦠بٍٍٍٍََُُُِّّّْرٍٍٍٍََُُِRio @0x09AL
6K Followers 1K Following POC || GTFO Adversary Simulation - @IBM Founder & Organiser - @BSidesTirana꩜ @1337Rayan
1 Followers 99 FollowingGonçalo Ferreira @gonsalu
39 Followers 252 FollowingRenato Alencar @cajuinaoverflow
2K Followers 2K Following Smashing the stacks for fun and profit. Mostly into OCaml and Clojure these days, hacking stuff together until it works.Ohs3eej7 @ohs3eej793493
77 Followers 233 FollowingMmD @mohammad0x07
16 Followers 103 Following - | Penetration tester | IT-Researcher |- https://t.co/mHvexx2AqHSteve @st9eve
39 Followers 231 Followingrz @_luiscatarinoz3
3 Followers 335 FollowingLeon Amator @LeonAmator
26 Followers 140 FollowingCaitlin @Aliceho04140589
58 Followers 492 FollowingDr. Deep @DrDeep50756563
0 Followers 27 FollowingFlavio Carpinteiro @flaviocarpin
105 Followers 586 Following Tech Lead, passive income investor focus on dividendsjemos @j3mos
28 Followers 318 Followingbuckfunky @buckfunky
1 Followers 21 FollowingOWASP Disciple @owaspdisciple
12 Followers 69 FollowingLuca Giardullo @GiardulloLuca
19 Followers 807 FollowingOrganik Sec @OrganikSec
3 Followers 86 FollowingYannick P. @assezpale
55 Followers 257 Following Ex. AS35393, now AS12876. Server hardware + Linux/FreeBSD.eggbeater @eggbeater63
2 Followers 50 FollowingAndré Machado @andre_machado3
0 Followers 40 Following[CP77] @n0rdluchs
7 Followers 730 Following0xch1n @0xch1n
38 Followers 692 FollowingManuel Corregedor @break2fix
188 Followers 370 Followinghabbedz @habbedz1
0 Followers 579 FollowingHappyBento @HappybentoJapan
1 Followers 185 Following Bento VLOG Please come and visit us if you likeMarkus Donko-Huber @nys0s
722 Followers 2K Following Security & Privacy in Vienna/AT Not active on X, see profiles on: https://t.co/s3fPTJcw4n https://t.co/rzbvvhBy3aBart Mistrot @BartMistrot
78 Followers 1K FollowingKR13P @KR13P
98 Followers 427 FollowingElizabeth @Elizabe666888
16 Followers 1K FollowingRobert Johnson @RobertC_Johnson
0 Followers 5K FollowingFaceless @sickid
126 Followers 664 Following /ˈradɪk(ə)l/ very new and different from the usual or ordinary ***** ***VV @_vventura
1K Followers 567 Following THIS ACCOUNT IS NOT ACTIVE. NEW https://t.co/IbsMvvpwZp My opinions are my own not my employerJohnE Pwny @erez_yonatan
199 Followers 501 Following Researcher && Internals lover | Pwn | Exploits | Python internals | Embedded | Windows tricks | 61st place on https://t.co/1XhD40Ijlz | Co-author of NoxCTFLostMyPlaintext @LostMyPlaintext
109 Followers 1K Following · Computer Science and Mathematics student @UPorto · CTF player @ExtremeSTF · Wannabe hacker · He/HimGeoffrey @busdma
335 Followers 463 Following pwn for @0rganizers, security engineering, VR, HW security etcAndré @0xacb
14K Followers 704 Following Hacker grinding for L1gh7 and Fr33dφm, straight outta the cosmic realm. Co-founder @ethiackHalvar Flake @halvarflake
44K Followers 3K Following I do math. And was once asked by R. Morris Sr. : "For whom?" @[email protected] At the moment, for noone.Tiago Henriques @Balgan
3K Followers 1K Following VP of Research @solvecyberrisk - I help build the future of cyberinsurance . ex CEO/Founder @binaryedgeio (acquired) - Opinions=mine.fG! @osxreverser
13K Followers 819 Following Know a thing or two about Reverse Engineering and Economics. Love 911s with three pedals and natural aspirated engines.twiz @lazytyped
867 Followers 321 Following Barely grasping the small picture. Opinions are all someone else'sSØᴘᴀS @dsopas
4K Followers 176 Following Magical and majestic, I am a unicorn on a mission to spread sparkles and rainbows across the land. Follow me for a magical adventure filled with wonder.thaddeus e. grugq the.. @thegrugq
129K Followers 423 Following Hacker :: https://t.co/km8BR8E1Ga :: [email protected] :: PGP https://t.co/dYipV8y3bo :: @warstudies :: https://t.co/H3dWknFCfk :: https://t.co/Z2lWqEVVuaTavis Ormandy @taviso
127K Followers 645 Following Vulnerability researcher at Google. This is a personal stream, opinions expressed are mine. I'm also @[email protected]Andrey Konovalov @andreyknvl
6K Followers 667 Following Security engineer at https://t.co/027VXUlgOx. Focusing on the Linux kernel. Maintaining @linkersec. Trainings at https://t.co/D5MrxmYimS.Rodrigo Branco @bsdaemon
12K Followers 3K Following Just an opinionated security researcher. Opinions are my own H2HC (Hackers 2 Hackers Conference)Pedro Justo @itanium_guy
435 Followers 142 Following 🇵🇹 https://t.co/aT6qKA7gVz https://t.co/Ery7KXM3DhJacques Fortier @jacquesgt
2K Followers 148 Following Firmware, operating systems, and security at billion device scale, but mostly pictures of my cat. @[email protected]Manuel Corregedor @break2fix
188 Followers 370 FollowingMarkus Donko-Huber @nys0s
722 Followers 2K Following Security & Privacy in Vienna/AT Not active on X, see profiles on: https://t.co/s3fPTJcw4n https://t.co/rzbvvhBy3aVV @_vventura
1K Followers 567 Following THIS ACCOUNT IS NOT ACTIVE. NEW https://t.co/IbsMvvpwZp My opinions are my own not my employerAnders Fogh @anders_fogh
3K Followers 555 Following Don't for get the Jacobian. Opinions are mine. Interested in improving IT-Security. Intel employee. This is a personal account, opinions are mine.Brandon Edwards @drraid
5K Followers 1K Following CTO @crashappsec. Past: Cofounder and Chief Scientist @capsule8, Hacker-in-Residence @NYUTandon, and other research, reverse-engineering, and exploit dev roles.renorobert @renorobertr
2K Followers 844 FollowingAdam 'pi3' Zabrocki @Adam_pi3
3K Followers 307 Following Director of Offensive Security @NVIDIA, architecting @RISC_V, @LKRG_org Founder, @BlackHatEvents & @Defcon Speaker, #Phrack author, @PwnieAwards nomineescriptjunkie (Matt) @scriptjunkie1
7K Followers 1K Following Documentation is lies. Source is an abstraction. Assembly is the truth. Also at https://t.co/AtRIesTXWSVasco @V_jofra
85 Followers 207 Following@[email protected].. @qwertyoruiopz
130K Followers 887 Following I no longer use Twitter. Mastodon: @[email protected], IRC: https://t.co/Fl1O3K3DTV #chatPedro Rodrigues @Pedro_SEC_R
159 Followers 131 Following Invited Assistant Lecturer. InfoSec enthusiast. I love to break stuff. Understanding how things work is half the way for pwnage. Opinions are my own.Stefano Zanero @raistolo
19K Followers 2K Following Tinkerer, security geek, recovering entrepreneur, full professor @polimi, frequent flyer, pilot (follow https://t.co/19HknsE6EE). He/him 🏳️🌈Julio @juliocesarfort
2K Followers 2K Following I'm not cut from the same mold, I don't read from the same old story. South American in Eastern Europe. Opinions are mine.rui @fdiskyou
2K Followers 227 Following BJJ Black Belt. Type Confused. calc||GTFO. Retired @OpenBSD commiter, former @ProjectHoneynet researcher, once @exploitdb core team member.Silvio Cesare @silviocesare
11K Followers 1K Following CTO of @infosectcbr. Co-founder of @bsidescbr. Still hacking.Pedro Adão @pedromigueladao
411 Followers 373 Following Associate Professor @ IST, ULisboa 🇵🇹. Proud mentor of @STTSec CTF team.Andy Nguyen @theflow0
56K Followers 434 Following The opinions stated here are my own, not those of my company.`Ivan @Ivanlef0u
11K Followers 3K FollowingFilipe Casal @filipe_casal
129 Followers 420 FollowingDuarte Silva @serializingme
1K Followers 98 Following On my free time, I'm a tinker. For a living, I'm a security researcher that breaks and builds. 🎱👌🏻 @[email protected]0xfad0 @0xfad0
113 Followers 77 FollowingAzeria @Fox0x01
125K Followers 571 Following Sneaky bit flipper | CEO of @azeria_labs | Arm Assembly Princess | Trainer | Author of @BlueFoxBook |Zezadas @0xz3z4d45
577 Followers 671 Following Organic hacker, sharing Bio && Healthy hacks. Supporter of the charity cause, 'helping noobs to exit vim' - because everyone deserves a chance to write and quitMehdi Talbi 🇵🇸 @abu_y0ussef
3K Followers 407 FollowingJack64 @penagil
328 Followers 644 FollowingDavid Weston (DWIZZZL.. @dwizzzleMSFT
25K Followers 1K Following Vice President, OS Security and Enterprise @Microsoft || @CISAgov Technical Advisory CommitteeHD @hdontwit
689 Followers 958 Following Made of 1s and 0s. @BSidesLisbon organizer. iOS security student.Pwnie Awards @PwnieAwards
11K Followers 20 Following An annual awards ceremony celebrating and making fun of the achievements and failures of security researchers and the wider security community.comex @comex
161K Followers 304 Following Mastodon: @[email protected] / https://t.co/MZ1EDnKsAI | Cohost (inactive): https://t.co/BkMXfegtxeVasileios Kemerlis @vkemerlis
1K Followers 833 Following Professor @BrownUniversity. Brown Hat. Research on systems and software security. 🏴☠️🇬🇷 (@[email protected])Ike Broflovski @steaIth
3K Followers 1K Following sh/csh Chief Dude @ Sobchak Security $_='print"\$_=\47$_\47;eval"';evalMatt Miller @epakskape
12K Followers 672 Following Killing bug classes and breaking exploits as part of @msftsecresponse. Adding more entropy to the Internet. https://t.co/J8GCGurGP3Chris Evans @scarybeasts
26K Followers 199 Following CISO and Chief Hacking Officer at HackerOne. Past: Founded {vsftpd, Chrome security, Google Project Zero}; Tesla; Dropbox. Hacker / Researcher. beebjit.Always fascinating to see the outsized attention exploitation and memory safety get. Of all things I announced in my talk, running Windows without admin is measurably the most positive change and defeats a large chunk of all ATT&CK post-exploitation. Still Rust gets attention.
Relying too much on dynamic analysis is sort of looked down upon in reverse engineering, but idc it saves so much time 95% of the time
@daveaitel @ucsenoi @chompie1337 @netspooky I just checked, gas does select the base correctly based on order... so no clue what it's talking about 🤷♂️
I did a talk once in 2011 (link below on slide 6 or so) where I ran 2700 Linux programs with NULL argv[0] and 27% of them crashed. I thought this was an unlikely avenue for exploitation and mostly just for laughs. Great exploit Qualys. slideshare.net/SilvioCesare/s…
27 years after my PhD dissertation on decompilation I’m giving a retrospective talk on decompilation — From Student of Compilation to Mother of Decompilation. Join me, Thursday July 29th 6 pm PDT / Friday 30th July 2 am UK / 11 am AEST #WiCT
The next virtual Women in Compilers and Tools Meetup is tomorrow! (July 29 at 6PM PDT) Cristina Cifuentes will present, "From Student of Compilation to Mother of Decompilation". @criscifuentes #CommunityDotO #WomenWhoCode #WiCT We hope to see you there! meetup.com/meetup-group-i…
Compliment a hacker in a single tweet. @silviocesare has been contributing to the hacker world for 20+ years. His passion and love for community & newcomers wanting to hack seems boundless.
Compliment a hacker in a single tweet. @natashenka is an incredibly talented engineer who focuses not just on how to find subtle vulnerabilities, but teaches others how to think the same way, and systematically solve problems for good.
To ensure RO memory is not a paper tiger you need to protect against PTE corruption (not everyone got this memo :)). Verifying PT writes from an HV is SUPER perf expensive -- HLAT fixes this
I think a vuln research misconception is that fuzzing replaces manual code review and deep understanding. To the contrary, I believe that code review is always a first step that guides subsequent automation.
I think this is right--and might explain why Meadows leaked the "bad vitals" story. They are going to try to cover up all the people Trump infected with his negligence by claiming Trump is resurgent.
Really excited to present our work with my teammate 0xdagger on pwning the PS4 at the next #BHEU. Thank you Synacktiv !! x.com/synacktiv/stat…
This is for the Pwners: exploiting a WebKit 0-day in PlayStation 4! We are happy to announce that @0xdagger and @abu_y0ussef will present their work on breaking the PS4 at #BHEU @BlackHatEvents ! blackhat.com/eu-20/briefing…
Trivial VM escape in #Bhyve: if you're a guest, allocate a GPA, use a VMLOAD+RDMSR probe to determine its HPA, use SKINIT to reinit the CPU core at that HPA. The CPU core restarts and executes your instructions in host mode. That's it, you're the host.
#BSDSec [FreeBSD-Announce] FreeBSD Security Advisory FreeBSD-SA-20:29.bhyve_svm... #FreeBSD bsdsec.net/articles/freeb…
The short story of 1 Linux Kernel Use-After-Free bug and 2 CVEs (CVE-2020-14356 and CVE-2020-25220) blog.pi3.com.pl/?p=720
Use-After-Free badly classified as NULL pointer dereference and description itself is terribly wrong:
CVE-2020-14356 A flaw null pointer dereference in the Linux kernel cgroupv2 subsystem in versions before 5.7.10 was found in the way when reboot the system. A local user could use this flaw to crash the system or escalate their privileges on the system. cve.mitre.org/cgi-bin/cvenam…
O Cavani já assinou pelo Benfica? Se a Internet o diz é porque é verdade LOL - pt.wikipedia.org/wiki/Edinson_C… #slb #benfica #cavani
TagBleed TLB eviction signals are detectable across hypervisor boundaries too github.com/renorobert/tag…
Our #TagBleed paper is now online. We show Tagged TLB's performance benefits come at a security cost. TL;DR Confused-deputy side-channel attacks based on Tagged TLBs can break #KASLR even in face of ideal #KPTI or state-of-the-art KASLR mitigations: download.vusec.net/papers/tagblee…