Benny Zeltser @benny_zeltser
Security Researcher @Intel. Tweets are my own and should be taken seriously on special occasions only Joined January 2018-
Tweets117
-
Followers225
-
Following183
-
Likes270
they put doom in htop
One of the best articles so far on prompt injection attacks against genai. lakera.ai/blog/guide-to-…
I gave Claude 3 the entire source of a small C GIF decoding library I found on GitHub, and asked it to write me a Python function to generate random GIFs that exercised the parser. Its GIF generator got 92% line coverage in the decoder and found 4 memory safety bugs and one hang.
Bought a prison laptop on eBay. Thought it should be just some generic laptop with a clear shell, turns out it's actually a bit more than that.
Security vulnerability in... qsort. Yes, the glibc's sort algorithm. It's all over the place on systems running the Internet. "All versions from at least September 1992 are affected". That makes it a more 32 years old bug. openwall.com/lists/oss-secu…
[LG] A mathematical perspective on Transformers arxiv.org/abs/2312.10794 A Mathematical Perspective on Transformers: This paper presents a mathematical framework for analyzing Transformers, focusing on their interpretation as interacting particle systems. The study reveals…
Been trying to find out #ChatGPT's favorite color using all the tricks in the book. Yesterday it was lavender. Make up your mind AI nana!
Achievement unlocked: Cracking a train social.hackerspace.pl/@q3k/111528162…
I'm going to present our paper "RetSpill: Igniting User-Controlled Data to Burn Away Linux Kernel Protections" at @acm_ccs this afternoon. Get excited, fellow hackers! kylebot.net/papers/retspil…
קובי קובי @qwbyqwby1372933
3 Followers 63 FollowingRutheDearring @dearring11665
10 Followers 681 FollowingCoralie Specking @CoraliSpeckin
46 Followers 5K FollowingShameka Aakre @shame_aa
88 Followers 5K FollowingMegan Paradiso @MeganP35031
54 Followers 5K FollowingLilian Calger @CalgLil
78 Followers 5K FollowingZoha Berks @berks_z
45 Followers 5K FollowingSergei Gotthilf @SergeiMorG
55 Followers 93 FollowingBronwyn 🔞 @Bronwyn7059
1 Followers 641 Following Alluring viхen desirеs wild and uninhibited еnсountеrsHorizon @FarAwTheHorizon
0 Followers 100 FollowingAlireza Jafari @jalirezafari
53 Followers 141 FollowingKirill Kirpichev @kirp34ch
13 Followers 17 Followingalex200 @alex20094432481
62 Followers 176 FollowingAshish raj @rajashish957
8 Followers 133 FollowingBenny Klein @BennyKlein5
18 Followers 143 Followinghell-00 @he1100_1100
712 Followers 5K FollowingH3xM4573r @H3xM4573r
189 Followers 1K Following Embedded Hardware/Software Engineer by day, Hardware Hacker by night, MSc in Applied ICT My interests: Embedded reverse engineering, Hardware securityHecate @_h3cate
1 Followers 256 FollowingJon Masters 🏴�.. @jonmasters
13K Followers 7K Following Troublemaker | Computer Architect | @Arm Servers Architect @Google | Previously @RedHat, @Nuvia_Inc | Runner | Author | All views my own | #ArmServersJesse D'Aguanno @0x30n
2K Followers 611 Following Hacker, Vuln Research, 2x winner DEF CON CTF, Founder & CEO Blackwing Intelligence (@blackwinghq), not a CISSP (@[email protected])Shawn C - citypw@ioc... @citypw
672 Followers 1K Followingcharmele0n @charm3le0n
0 Followers 122 FollowingAntonio @Ant0C4
0 Followers 76 FollowingRiver Saxton @Xenador77
143 Followers 1K Following Cybersecurity Student Former intern at https://t.co/tBm6ntNEUY https://t.co/KFEc0kVyHP https://t.co/rtPSoe3SDTSusan @susan_youngbloo
211 Followers 3K FollowingHadiustrats @Hadiusrats
6 Followers 65 FollowingChristian Werling @_cwerling
221 Followers 270 FollowingThewanderer @Thewand09194567
150 Followers 1K Followingoffline till OSEE cer.. @f00fc7c800
1K Followers 5K Following blah blah relevant si talentat blah blahVadym Soroka @VadymSoroka
71 Followers 578 Following Security researcher, penetration tester, co-founder of the #Iterasecvp @_vepe
238 Followers 347 Following`Ivan @Ivanlef0u
11K Followers 3K FollowingOSINTdefender @sentdefender
1.1M Followers 792 Following Open Source Intelligence Monitor focused on Europe and Conflicts across the World. RT ≠ Endorsement. Want to Support my Work? https://t.co/PcUbewvWPrDr. Nestori Syynimaa @DrAzureAD
17K Followers 2K Following Principal Identity Security Researcher at Microsoft. Ex-Secureworks. (MSc, MEng, PhD, CITP, CCSK). And yes, opinions are my own ;)GrapheneOS @GrapheneOS
48K Followers 0 Following Open source privacy and security focused mobile OS with Android app compatibility. Forum, Discord, Telegram, Matrix: https://t.co/C0RaJbZosjDilbert @Dilbert_Daily
142K Followers 10 Following Dilbert by Scott Adams is the most photocopied, pinned-up, downloaded, faxed and e-mailed comic strip in the world.ErrantScience @ErrantScience
31K Followers 28 Following A twitter account full of silly science comics & occasionally irreverent blog postsWork Chronicles @_workchronicles
130K Followers 185 Following 👋 Hello. I make comics about work, with love & lots of coffee. Follow to get the comics in your feed. Join the Newsletter: https://t.co/TnlvMdBJ1KSarah Andersen @SarahCAndersen
936K Followers 2K Following Author of Sarah's Scribbles, FANGS, and Cryptid Club she/her No NFTs 🚫 Inquiries: [email protected]Maddie Stone @maddiestone
64K Followers 847 Following Security Researcher - Google's Threat Analysis Group | 0days all day. Love all things bytes, assembly, and glitter. she/her.Zion Leonahenahe Basq.. @mahal0z
2K Followers 206 Following Native Hawaiian Hacker | Prev Co-captain of @Shellphish | PhD Student in Comp Sci @ASU l Decompiler Research | Mastodon: @[email protected]Yarden Shafir @yarden_shafir
19K Followers 270 Following A circus artist with a visual studio licenseפידטק וידוי.. @FeedTechILUncen
15K Followers 20 Following מחשבות ווידויים ללא צנזורה! הוידויים המועלים נשלחים אנונימית אינם מייצגים את דעתנו ואיננו אחראים להם. (e/acc) הקליקו כאן להתוודות אנונימית 👈 https://t.co/hYu8dLUDnPJoseph Ravichandran @0xjprx
3K Followers 544 Following PhD Student studying Microarchitectural Security @MITPagedOut @pagedout_zine
4K Followers 9 Following Paged Out! is a free magazine about programming, hacking, security hacking, retro computers, modern computers, electronics, demoscene, and other similar topics.Daniel Lemire @lemire
21K Followers 1K Following Computer science professor at @TELUQ (Université du Québec, @ReseauUQ), programmer, blogger. @Nasorg👨💻Zero Day Engineering @zerodaytraining
6K Followers 1 Following Research & Courses • https://t.co/WDjQQrzlEjMichał Kowalczyk �.. @dsredford
3K Followers 146 Following reverse-engineering / low-level security @DragonSectorCTF vice-captain / Invisible Things Lab Mastodon: @[email protected] bsky: @mkow.bsky.socialTim Willis @itswillis
4K Followers 180 Following Long time listener, infrequent tweeter. Head of Project Zero @Google. Views are my own. Still reading: "Brown Bear, Brown Bear, What Do You See?"The Hacker's Choice (.. @hackerschoice
20K Followers 51 Following Not much activity here anymore, follow us at https://t.co/ZFXJjJAKvM security research group: The Hacker's Choice (1995). group account.Schtrudel @Schtrudel
232 Followers 605 Following Arie Haenel _____________ ונהפוך, ונהפוך, ונהפוך הוא #JCTFAlexandru Niculae @_aniculae
880 Followers 693 Following Software Engineer @reya_xyz Previously @Cambridge_CL and @Google Project ZeroXeno Kovah @XenoKovah
12K Followers 75 Following Interested in reverse engineering, firmware, bluetooth, trusted computing, and training. Founder of OpenSecurityTraining2 https://t.co/slK2fsMRwUYael Hermon @yaelhermon
156 Followers 185 FollowingMoshe Kol @0xkol
1K Followers 440 Following Security Researcher. Android kernel Research Team Lead at Paragon.Specter @SpecterDev
34K Followers 266 Following Interested in Security and Exploit Development. Nano is the one true text editor.Platform Security Sum.. @platformsec
1K Followers 4K Following Conference on composable software supply chain integrity and hardware-assisted platform security, with OpenEmbedded, OpenXT and other ecosystemsCount Dew @CountDew
1 Followers 64 FollowingGil B @wobel_
62 Followers 649 FollowingJulien Bachmann @milkmix_
2K Followers 637 Following security engineer @google, organizer @blackalpsconf, re/pwnable and mountain stuff. Opinions are my own https://t.co/Wb4oBNQq20 @[email protected]ShaiHasarfaty @hasarfaty
263 Followers 328 Following Security Trainer | Vulnerability Discovery | Exploit Development | Mitigations Development | Opinions are my own and not the views of my employer!☣ KitPloit - Hacker.. @KitPloit
118K Followers 3K Following Hacking and PenTest Tools for your Security Arsenal!Brendan Gregg @brendangregg
46K Followers 167 Following Makes things fast. Expert in computer performance and eBPF. Intel Fellow, ex-Netflix. Created flame graphs. Aussie. Opinions my own. [email protected]Shahar Tavor @ShaharTavor
35 Followers 19 FollowingJonathan Lusky @LuskyYehonatan
68 Followers 78 Following Security research team lead at Cellebrite. I love anything related with low-level security research, poking CPUs, hopping between rings and destroying hardwareBinni Shah @binitamshah
132K Followers 175 Following Linux Evangelist, Malwares , Security Enthusiast, Philanthropist , Reformist , Jain. binitamshah at protonmail dot comREcon @reconmtl
14K Followers 659 Following REcon: Annual reverse engineering and security conference held in Montreal.Microsoft Threat Inte.. @MsftSecIntel
180K Followers 1K Following We are Microsoft's global network of security experts. Follow for security research and threat intelligence.MalwareTech @MalwareTechBlog
295K Followers 1 Following Not here anymore. Profiles: https://t.co/sFoOuGmYK2Andreas Kogler @0xhilbert
516 Followers 228 Following Security researcher | Ph.D. candidate at @tugraz | Tweeting about: research - talks - microarchitectural stuff - TEEsYanai Moyal @yanaimoyal
551 Followers 805 Following Security Researcher @ Intel Corp. These are my opinions, not those of my employerMaggie @_m46s
4K Followers 1K Following Security research @Intel • @BSidesPDX president • Black Hat review board • Latina 🇲🇽 (she/they)We found a critical vulnerability in #Putty SSH client with NIST P-521 keys, that allows private key recovery from only 60 signatures, CVE-2024-31497! If you use #Putty or #Filezilla with ECDSA P-521, upgrade now and generate a new key! Joint work with @TrueSkrillor, details ⬇️
Figured out how to feel better about my awful code. I just put all of my bad hacks at the bottom of a file, and give it a cute little house to live in, forever. Now I feel great.
this paper was sent out of anger to unsubscribe from a low-quality research journal's mailing list but ended up getting accepted
1. KASLR for an attacker with arbitrary local unpriv execution is not effective. 2, KASLR for heap based exploitation is not effective including remote attacks. 3. I believe this to be independent the details of KASLR implementation, OS and CPU for general compute systems.
As it was discovered and made public, I can finally say I had this universal KASLR bypass since 2020, and I patiently saw many discussions about the effectiveness of KASLR. I said nothing, not only because it was still a 0day, but because it's interesting to see how people are so…
Rehash: Software Security openwall.com/lists/oss-secu…
Jia Tan's git commit to turn off Landlock sandboxing one week after Lasse Collin improved it. I understand the sandbox is for xz, the command line tool, and Jia did not need to disable it for the SSHD backdoor. 🤔The xz command also activates the backdoor?
Microsoft engineer: 500ms lag in liblzma? Something's up. Also Microsoft engineer: 45 minute lag in Microsoft Teams? Perfect.
Random math request: Given that >90% of CPUs are little endian - how much CO2 could we (very very very roughly) save if we switched network protocols to use little endian instead of big endian?
C++23 has "first-class UB": you, the language user, can make promises and let the program enter UB if you break them. int f(int x, int y) { [[assume(x == 27)]]; [[assume(x == y)]]; return y + 1; // May be optimised to `return 28`. }
In this post I'll use CVE-2023-6241, a vulnerability in the Arm Mali GPU that I reported last November to gain arbitrary kernel code execution from an untrusted app on a Pixel 8 with MTE enabled. github.blog/2024-03-18-gai…
Using this small occasion of a thousand more people pressing the "Star" button to once again thank all the contributors and maintainers, especially Vitaly Cheptsov aka vit9696, for their effort.
Extreme stroopwafel is on ASML's roadmap. Tasty next gen hardware incoming @IanCutress Thanks @elad_raz for letting me have a bite @NextSilicon
The rise and fall of Google 🤣
military grade authentication #infosec
| ̄ ̄ ̄ ̄ ̄  ̄| | This can | | hack AI | | now. | | ______ | (\__/) || (•ㅅ•) || / づ Paper showing that ASCII art can get around AI guardrails. Its the return of 1980s hackers. arxiv.org/pdf/2402.11753…
White House PRESS RELEASE: Future Software Should Be Memory Safe whitehouse.gov/oncd/briefing-…
Add coffee stains to LaTeX documents ctan.org/pkg/coffeestai…