@Denis_Skvortcov profile picture
Denis Skvortcov @Denis_Skvortcov

Independent information security researcher • Lead application security researcher at AppSec @Kaspersky • OSCP OSWE

Joined August 2020
  • Tweets 94
  • Following 105
  • Followers 638
2 Photos and videos
Pinned Tweet
Denis Skvortcov@Denis_Skvortcov
18 May 2021
I’ve written my first blog post - write-up for CVE-2021-23874! How to enumerate COM-objects attack surface, explore implemented functionality and exploit it the-deniss.github.io/posts/2…

Discovering and exploiting McAfee COM-objects (CVE-2021-23874)

This post should show an approach to finding COM-object’s bugs with an example CVE-2021-23874. On the other hand, the post can be considered as a real world walkthrough with OleViewDotNet

the-deniss.github.io
8
153
345
Denis Skvortcov retweeted
starlabs@starlabs_sg
25 Mar 2025
CimFS: Crashing in memory, Finding SYSTEM! @cplearns2h4ck dug into Microsoft CimFS, found a sneaky 0-day, and guess what? The fix by Microsoft was just locking the door 🔐on unprivileged users. 😂 Dive into the adventure with us: starlabs.sg/blog/2025/03-cim…

CimFS: Crashing in memory, Finding SYSTEM (Kernel Edition)

Introduction Many vulnerability writeups nowadays focus on the exploitation process when it comes to software bugs. The term “Exploit Developer” is also still used synonymously with Vulnerability...

starlabs.sg
1
59
161
39,553
Denis Skvortcov retweeted
PT SWARM@ptswarm
20 Mar 2025
🔥 Last barrier destroyed: The compromise of Fuse Encryption Key in Intel CPUs! Full story by our researcher @_markel___ swarm.ptsecurity.com/last-ba…
35
81
14,855
Denis Skvortcov retweeted
Robel Campbell
@RobelCampbell
27 Aug 2024
Excellent write-up on CVE-2024-38063 by Marcus Hutchins. malwaretech.com/2024/08/expl… This was my first time ever reversing tcpip.sys and despite making many mistakes along the way I have learned a ton.

CVE-2024-38063 - Remotely Exploiting The Kernel Via IPv6

Performing a root cause analysis & building proof-of-concept for CVE-2024-38063, a CVSS 9.8 Vulnerability In the Windows Kernel IPv6 Parser

malwaretech.com
49
141
9,981
Denis Skvortcov retweeted
DEVCORE@d3vc0r3
23 Aug 2024
Today, Angelboy (@scwuaptx) revealed his Kernel Streaming research! 🚀 Check out how he uncovered this overlooked attack surface, leading to pwning Windows 11 at #Pwn2Own Vancouver 2024: devco.re/blog/2024/08/23/str…  #WindowsKernel #MSRC
5
46
2,392
Our team has uncovered multiple memory corruption vulnerabilities in FreeRDP and Suricata. These flaws could potentially expose users to significant security risks. Read the full report in blog post to understand the issues and how to protect your systems securelist.com/suricata-free…

Kaspersky found multiple memory corruptions in Suricata and FreeRDP

While pentesting KasperskyOS-based Thin Client and IoT Secure Gateway, we found several vulnerabilities in the Suricata and FreeRDP open-source projects. We shared details on these vulnerabilities...

securelist.com
4
5
604
Denis Skvortcov retweeted
Phrack Zine
@phrack
19 Aug 2024
The time has come, and with it your reading material for the week. Phrack #71 is officially released ONLINE! Let us know what you think! phrack.org/issues/71/1.html
table for contents for Phrack 71

ALT table for contents for Phrack 71

15
490
1,021
163,950
Denis Skvortcov retweeted
Thomas Roccia 🤘
@fr0gger_
31 Mar 2024
🤯 The level of sophistication of the XZ attack is very impressive! I tried to make sense of the analysis in a single page (which was quite complicated)! I hope it helps to make sense of the information out there. Please treat the information "as is" while the analysis progresses! 🧐 #infosec #xz
96
3,089
12,317
1,106,095
Denis Skvortcov retweeted
Man Yue Mo@mmolgtm
18 Mar 2024
In this post I'll use CVE-2023-6241, a vulnerability in the Arm Mali GPU that I reported last November to gain arbitrary kernel code execution from an untrusted app on a Pixel 8 with MTE enabled. github.blog/2024-03-18-gaini…

Gaining kernel code execution on an MTE-enabled Pixel 8

In this post, I’ll look at CVE-2023-6241, a vulnerability in the Arm Mali GPU that allows a malicious app to gain arbitrary kernel code execution and root on an Android phone. I’ll show how this...

github.blog
8
146
410
97,167
Denis Skvortcov retweeted
Maddie Stone@maddiestone
11 Oct 2023
🔮NEW RCA!! A few hours after it was patched, TAG found an ITW exploit sample for CVE-2023-36802. @benoitsevens analyzed it in detail ✨ googleprojectzero.github.io/…

CVE-2023-36802: Microsoft Streaming Service Proxy Elevation of Privilege Vulnerability

Information about 0-days exploited in-the-wild!

googleprojectzero.github.io
72
218
81,126
Denis Skvortcov retweeted
Maddie Stone@maddiestone
22 Sep 2023
Who needs a 0-click when you have MITM? ✨ Working with @billmarczak & @citizenlab we discovered 3 iOS and 1 Chrome 0-day from Intellexa, used to install Predator spyware in Egypt 🇪🇬 blog.google/threat-analysis-…

0-days exploited by commercial surveillance vendor in Egypt

blog.google
6
274
921
327,238
Denis Skvortcov retweeted
Antonio Cocomazzi@splinter_code
14 Sep 2023
Excited to share my hardest research about UAC 🤯 "Bypassing UAC with SSPI Datagram Contexts" 🔥 Enjoy the read! 👇 splintercod3.blogspot.com/p/…

Bypassing UAC with SSPI Datagram Contexts

by splinter_code - 14 September 2023 Recently i had the opportunity to read through some of my old repos because i wanted to reuse some code...

splintercod3.blogspot.com
12
239
581
61,732
Denis Skvortcov retweeted
Aleksei Kulaev@flat_z
27 Jul 2023
finally... hello, PS5 PSP :)
129
240
1,496
353,311
Denis Skvortcov retweeted
Tavis Ormandy
@taviso
24 Jul 2023
First big result from our new CPU research project, a use-after-free in AMD Zen2 processors! 🔥 AMD have just released updated microcode for affected systems, please update! lock.cmpxchg8b.com/zenbleed.…

ALT Demo of a CPU vulnerability leaking data

34
651
1,748
337,881
I’ve found new vulnerability CVE-2023-1586 in Avast Anti-Virus restore malware functionality that could allow an attacker to gain SYSTEM privileges and execute arbitrary code! Details in my new short post the-deniss.github.io/posts/a…

Avast Anti-Virus privileged arbitrary file create on virus restore (CVE-2023-1586)

And today I’m sharing the report describing the vulnerability (CVE-2023-1586) in Avast file restore functionality and exploitation of this vulnerability to execute arbitrary code in the “NT AUTHORI...

the-deniss.github.io
1
59
134
28,670
Denis Skvortcov retweeted
Gabriel Landau
@GabrielLandau
11 May 2023
Thanks to everyone who attended my Black Hat Asia talk! You can find the slides here: drive.google.com/file/d/1Pj7…

AS-23-Landau-PPLdump-Is-Dead-Long-Live-PPLdump.pdf.pdf

drive.google.com
3
78
178
33,659
Did you know that just a few month ago, if Avast quarantined your malware, it wasn't a problem, it was the opportunity.. to gain SYSTEM privileges and execute arbitrary code! Details of exploit chain CVE-2023-1585 and CVE-2023-1587 in my new post the-deniss.github.io/posts/2…
1:02
121
343
41,395
Root cause and exploitation analysis of CVE-2022-45770 is now available in English and without a paywall - hackmag.com/security/aguard-…. Enjoy reading!

Denis Skvortcov@Denis_Skvortcov
27 Jan 2023
My former colleague just published walkthrough about @AdGuard kernel driver CVE-2022-45770 identification and exploitation. Fascinating reading and good introduction to windows kernel exploitation xakep.ru/2023/01/27/aguard-c…
11
18
4,064
Denis Skvortcov retweeted
Saar Amar@AmarSaar
28 Feb 2023
Time for a new blogpost! Let's do a CHERIoT walkthrough - including a straightforward setup, understanding how we kill bug classes and mitigating attacks on our minimal TCB through practical examples, and more fun! msrc.microsoft.com/blog/2023…
1
55
149
79,691
Load more