Twitter | Pretraživanje | |
Alex Ionescu
Windows Internals Expert, Speaker, Trainer and Security Researcher. He/Him. RTs are not endorsements, opinions are my own.
6.650
Tweetovi
1.608
Pratim
36.398
Osobe koje vas prate
Tweetovi
Alex Ionescu 23 h
Odgovor korisniku/ci @cpuGoogle
Windows has mitigations to limit any impact for security sensitive situations and introduces security domains.
Reply Retweet Označi sa "sviđa mi se"
Alex Ionescu 4. velj
Odgovor korisniku/ci @PeruvianBobo
XP logical prefetch only used 10 seconds. Vista Superfetch monitors continuously.
Reply Retweet Označi sa "sviđa mi se"
Alex Ionescu 4. velj
Odgovor korisniku/ci @ariccio @_hugsy_ @yarden_shafir
1) Dangerous, unsafe levels of scotch consumption. 2) ADHD Brain 3) Sushi
Reply Retweet Označi sa "sviđa mi se"
Alex Ionescu proslijedio/la je tweet
Yarden Shafir 3. velj
Odgovor korisniku/ci @LukasHermannBFS @offensive_con
Me too 😅
Reply Retweet Označi sa "sviđa mi se"
Alex Ionescu 3. velj
Reply Retweet Označi sa "sviđa mi se"
Alex Ionescu 3. velj
I’ve taken a look, her brain basically kind of looks like this
Reply Retweet Označi sa "sviđa mi se"
Alex Ionescu 3. velj
Odgovor korisniku/ci @aionescu
After this and the CET paper, I realized it's so much nicer to write blog posts when someone can do the research with you! Between the content on Errata Manager, ACPI, Kernel LFH/VS Heap, and Windows Defender we have in various unfinished states, I hope we don't forget Part 2😅
Reply Retweet Označi sa "sviđa mi se"
Alex Ionescu 3. velj
Here's some research and I did based on a question I got in our Windows Internals course a few weeks ago. Whenever I tell people that I learn a lot from people's questions when *teaching* the course, they think it's a generic modest "feel good" answer. It's not 😊
Reply Retweet Označi sa "sviđa mi se"
Alex Ionescu proslijedio/la je tweet
Yarden Shafir 2. velj
Can your EDR detect symbolic link callback rootkits? Because ours sure as heck can't. and I wrote about these!
Reply Retweet Označi sa "sviđa mi se"
Alex Ionescu 1. velj
Odgovor korisniku/ci @trickster012
Yep, the usual is to send an email one week ahead: 1) once the final attendee list is confirmed and received by the trainers from the conference (which usually happens ~10 days before the course) 2) once all the tools, headers and builds have come out on Wednesday/Friday
Reply Retweet Označi sa "sviđa mi se"
Alex Ionescu 31. sij
Windows 10 19555: "MiMirrorBlackPhase". Can't tell if someone's a fan of or if this is yet another thing Justin Trudeau is up to.
Reply Retweet Označi sa "sviđa mi se"
Alex Ionescu 27. sij
Odgovor korisniku/ci @ariccio
Looks Thai or Cambodian
Reply Retweet Označi sa "sviđa mi se"
Alex Ionescu 22. sij
Odgovor korisniku/ci @elazarl @AmarSaar
In the Windows case there are APIs for this
Reply Retweet Označi sa "sviđa mi se"
Alex Ionescu proslijedio/la je tweet
Saar Amar 21. sij
In those CET times: It's possible to return in unwinding to any address in the SSP, causing a "type confusion" between stack frames ;) I really like the different variants of this concept :) Type confusions are on fire! (stack frames, objc for PAC bypass)
Reply Retweet Označi sa "sviđa mi se"
Alex Ionescu 22. sij
Odgovor korisniku/ci @AmarSaar @dwizzzleMSFT i 3 ostali
EVERYTHING? Even the buggy one that gives you AR?
Reply Retweet Označi sa "sviđa mi se"
Alex Ionescu 22. sij
Odgovor korisniku/ci @AmarSaar @dwizzzleMSFT i 3 ostali
VmSvcExt in scope or not?
Reply Retweet Označi sa "sviđa mi se"
Alex Ionescu 20. sij
Odgovor korisniku/ci @altf2o @CrowdStrike
If close to an office (there’s a big one in WA), people that need a bit more training and support are more than welcome to apply, we have a great onboarding process and team(s).
Reply Retweet Označi sa "sviđa mi se"
Alex Ionescu 20. sij
Security jobs for anyone interested in C/C++ kernel development and testing (user-mode too), especially if you're into the Linux/macOS threat landscape. All global openings, not just US.
Reply Retweet Označi sa "sviđa mi se"
Alex Ionescu 20. sij
Odgovor korisniku/ci @1nternaut @yarden_shafir
Yes, and I will also be doing it at Recon in Montreal!
Reply Retweet Označi sa "sviđa mi se"
Alex Ionescu 20. sij
The only right answer to “honey, I really hate Valentine’s Day and commercial couple stuff” is a ridiculously outrageous infosec party in Berlin. Can’t wait to see everyone at this awesome conference, the speaker lineup is amazing and the trainings are stellar!
Reply Retweet Označi sa "sviđa mi se"