My Office RCE, CVE-2017-0199, won the Pwnie Award for Best Client-Side Bug! I'm speechless, thank you @PwnieAwards! Photo Credit: @dalmoz_

RT @Atredis: We're excited to announce that Atredis is 100% employee owned and operated. Here's Shawn with a post about how we got there.…

RT @Atredis: Here's Chris' slides from his REcon talk on the DA1469x BootROM!

RT @mdowd: Hey, for anyone who wanted to see this slide deck, it was a keynote about the 0day market, but it commented on public research v…

RT @R00tkitSMM: C’mon Apple, iOS kernel vulnerability is not eligible for bounty? What would then be? It could have been ended up in @Donnc…

RT @justdionysus: Well, here's a goofy reverse engineering challenge I started a year or two ago and "polished" up last night (I'm sorry it…

@MarcOverIP @HackingLZ Damn I had no idea, that’s crazy. Car values have been all over the place the past few years

@MarcOverIP @HackingLZ Driving a fast car slow can still be fun, but I totally get what you mean. Mountain drives are amazing, even if you don’t go more than 5-10mph over the limit. 992TTS is too much for sure, but $120-150k for used 991TTS isn’t too bad

@HackingLZ @MarcOverIP 991TTS, perfect daily super car, easy low 10s at elevation on 91oct

RT @patch1t: So, if your debugger crashed in the API “task_set_exception_ports” or “thread_set_state”, try to use the boot args: sudo nvra…

RT @Atredis: We're excited to see our ChromeOS paper go public! 🎉🥳 We did a deep comparative analysis of ChromeOS' security posture vs Mac…

Of course @elonmusk shut off access to superior 3rd party Twitter clients like @tweetbot… How else was he going to force us to read his shitposts? (Yes, I know, Twitter was likely losing money from the ad-free experience offered by 3rd party clients)

RT @_ringzer0: 🤿 Dive into #symbolic #execution and learn how to create custom analysis tooling, with Jordan Whitehead’s (@jordan9001) “Pra…

I have a feeling the “Disgruntled (Ex-)Employees” security threat is about to become very real for Twitter

RT @justdionysus: Ever have too many bugs? Me neither, but Jordan does. It happens so often he developed a bunch of tools to triage and ana…

RT @jstnkndy: For those of you that include source code in your reports written in Word, what are you tricks for getting the code blocks to…

RT @jstnkndy: OH

RT @shawnmoyer: Hey so my friend @kclawder works with @UnhousedSTL amd they do a lot of great stuff for our city, and it's getting cold ear…

RT @qwertyoruiopz: @reneh81 @dfsec_com the truth is techniques are now more important than single bugs and techniques are too rare to burn…

@jstnkndy @richinseattle Should I drop some MS 0days on GitHub and see what happens? I probably have same lame 0ldays that might still be alive 😉

@HackingLZ @aahmad097 @lilyhnewman @defcon @patrickwardle Just casual bug hunting as I installed software on a new MBP and Zoom was the first victim 😉