Evil Internet Mercenary

There
Joined January 2009
Markus Vervier retweeted
12
227
6
1,882
It's called "KnowBe4" for a reason.
PRO TIP: Tired of those KnowBe4 Phishing test emails your infosec team sends you all the time? Setup an Outlook rule to find "X-Phishtest" in the headers and put them in a separate folder. Yes I'm serious. I've got plenty more #infosec circumvention tips. 😈😈
1
Markus Vervier retweeted
If SIMD registers are used in interrupt handlers, apparently #VirtualBox will leak host register secret values into arbitrary guest VM processes. On 5.18 this takes the form of secret intermediate cryptographic hash values leaking into the guest. lore.kernel.org/lkml/YoTVIGi…
1
83
6
191
Markus Vervier retweeted
Part 3 of the unikernel security research by @_HarryR_ , this time featuring an analysis of popular unikernels such as OSv, nanos, Unikraft, and Mini-OS: x41-dsec.de/news/missing-or-…
1
13
21
Markus Vervier retweeted
If your entire enterprise security model crumbles because a user fell for a phish, that's not the user's fault.
27
265
26
1,437
Markus Vervier retweeted
Ich weiß nicht, ob das überhaupt bei euch angekommen ist. In #Tigray in Äthiopien findet gerade eine gigantische humanitäre Katastrophe statt. Kaum Presse berichtet darüber. Der äthiopischen Regierung ist diese Stille recht. Twitter kann das ändern! /3
49
1,688
43
5,185
Show this thread
Markus Vervier retweeted
We have recently conducted a review of the 1Password developer tools. Our report is now public, so please feel free to check it out: secfault-security.com/blog/o…
1
9
11
Markus Vervier retweeted
#Muraena #Necrobroser #Pwnppetter presentation during @BlackHatEvents Arsenal Asia. Big up to @antisnatchor @Giutro
1
3
1
19
Show this thread
Tnx for your cautious analysis but we can give the all-clear signal for that specific campaign as it was part of our realistic and continuous attack simulations for a few contracted clients with their consent. Appearently, showing "impact" increases awareness and preparedness 💪
1
Markus Vervier retweeted
WarCon 2022 date is confirmed. See you 24-25 June in Warsaw!
3
31
1
92
Markus Vervier retweeted
Encryption is overrated. If you see encrypted messages between your wife and her ex-boyfriend at 2 AM, you already have all the information you need, don't need the plain text, just metadata.
Twitter DMs should have end to end encryption like Signal, so no one can spy on or hack your messages
52
106
28
612
Show this thread
Markus Vervier retweeted
Finally it dropped! ollydbg.de/odbg64.zip
21
416
32
1,413
I really feel like the memory of cold war and before that WWII is fading fast and we now have a generation in charge that doesn't know what they are talking about...yet they talk a lot.
It's finally happened: the first article in a leading German newspaper calls for German nuclear weapons. Given the state of the German army and the real danger of far-right wins in the US and France it makes a disconcerting amount of sense. @thegrugq spiegel.de/politik/deutschla…
1
2
Funny cmds actually executed: $ grep -r otto
2
Markus Vervier retweeted
The most frustrated is their response time about bounty, I also found getting a reply from them is very hard, also some researchers told me the same experience. If you found you’ve made a mistake, admit & fit it. Unresponsive is the worst thing to do as a “response center”.
Replying to @justinsteven
I've emailed MSRC asking about the discrepancy. It's been a month and I haven't heard back. I don't expect to and it feels awfully personal. Weird how their "fairness" only applies against me. MSRC had multiple chances to win me back as a researcher. They fumbled every time.
Show this thread
2
3
Markus Vervier retweeted
New release of our curated selection of infosec works, links and mirror at slf.fish/
4
8
OH: Im CEO of a terminal emulator
1
Markus Vervier retweeted
FORCEDENTRY: Sandbox Escape googleprojectzero.blogspot.c…
2
115
6
281