Security Researcher / Pentester / Malware hunter
Joined August 2013
- Tweets 187
- Following 1,095
- Followers 1,802
- Likes 4,826
21 Photos and videos
Marcin Noga retweeted
9 Oct 2025
Exploiting Asus driver to escalate privileges.
With few clever tactics Marcin Noga managed to bypass several constraints implemented by the driver devs.
With hardlinks and ObfDereferenceObject() one can decrement PreviousMode of a process to enter god mode (this was patched in 24H2).
Nicely done, @_Icewall!
Post: blog.talosintelligence.com/d…
#redteam #maldev #malwredevelopment
8
42
169
11,653
24 Jul 2025
Thanks, @GamersNexus, for presenting the bugs I found in ASUS Armoury Crate to a wider audience in such an accessible way!
youtube.com/watch?v=Vy_KWP04…
4
721
26 Jun 2025
Exploitation of Asus Armory Crate AsIO3.sys driver | authorization bypass ObfDereferenceObject primitive to LPE - blog.talosintelligence.com/d…
2
13
66
7,826
26 Jun 2025
CVE-2025-1533 - Asus Armoury Crate AsIO3.sys stack-based buffer overflow vulnerability
talosintelligence.com/vulner…
Remember that Windows paths can be longer than MAX_PATH(260)!!! I wrote a few words about this 15 years (sick!) ago : github.com/icewall/Publicati…
8
35
3,645
Marcin Noga retweeted
6 Dec 2024
The biggest takeaway from this talk is that macOS font renderer ALMOST never invokes the interpreter. If you were fuzzing TTF bytecode without paying attention, it was probably not hitting the interpreter at all.
I'll post slides shortly with other interesting details. #OBTS
📜 Starting Day 2 Talks of #OBTS with a dive into the unexpected: “Triangulating TrueType Fonts On macOS: Reconstructing CVE-2023-41990” by Aleksandar Nikolic (@FuzzyAleks).
Who knew a simple PDF and the Fonts could be transformed into a digital weapon? In this talk, Aleksandar unravels the mystery behind a hidden vulnerability in Apple’s font rendering code, originally linked to Operation Triangulation. Like navigating ancient paths of Kinihapai, we’ll explore some of the oldest code running on the latest macOS and iOS, uncovering insights that could reshape how we detect and defend against such exploits.
OBTS kicks off strong—ready to see how deep this rabbit hole goes? 🌊📄 #AppleSecurity #macOS #ReverseEngineering
8
47
8,493
11 Oct 2023
CVE-2023-39928 - Webkit MediaRecorder API stopRecording use-after-free vulnerability more info :
talosintelligence.com/vulner…
9
27
6,488
Marcin Noga retweeted
2 Aug 2023
Teammates have published an overview of five years worth of router security research which has resulted in hundreds of vulnerabilities discovered in routers from more than a dozen different companies.
2 Aug 2023
Since the #VPNFilter malware several years ago, our vulnerability research team has looked into several popular wireless routers used in homes and small businesses. Now, we have a rundown of all the vulnerabilities we discovered as part of this research cs.co/6018PwImO
13
24
8,333
Marcin Noga retweeted
26 Jul 2023
On Friday I'll be doing my "PCI Express To Hell" talk:
youtube.com/watch?v=fE0fnGbI…
If you're building your own PCs you should check it out! Last year I reworked my whole computer setup and learned a lot about PCIE. Don't make the same mistakes I did ;)
Plz RT for range :)
31
101
33,842
Marcin Noga retweeted
13 Jul 2023
Our vulnerability research team discovered 12 memory corruption vulnerabilities in MSRPC on #Apple macOS and #VMWare vCenter. We have a deep dive into how an attacker could exploit these vulnerabilities and what it says about the use of forked codebases cs.co/6012P3wLq
9
21
7,917
14 Jun 2023
2 more to the collection :
CVE-2023-33133 - Microsoft Office Excel WebCharts out-of-bounds write vulnerability : talosintelligence.com/vulner…
CVE-2023-32029 - Microsoft Office Excel FreePhisxdb arbitrary free vulnerability : talosintelligence.com/vulner…
2
12
40
9,052
Marcin Noga retweeted
11 Feb 2023
Ok, I am looking out for security researcher role. If you can help, please DM.
RT, like and recommendations are much appreciated. Here is My Linkedin profile, which will give you more details:
linkedin.com/in/hardik05/
1
21
49
21,145
Marcin Noga retweeted
24 Jan 2023
Remember these? Original Lytro! Lightfield cameras of the future! I grabbed a few off eBay some time ago and took a peek at the firmware. Found secret unlock that enables full remote control of all camera features. Full writeup here: github.com/ea/lytro_unlock
5
58
371
37,665
13 Dec 2022
CVE-2022-31698
Pre-auth VMware vCenter Server Content Library denial of service vulnerability : talosintelligence.com/vulner…
2
15 Nov 2022
CVE-2022-41106 Microsoft Office class attribute double-free vulnerability
talosintelligence.com/vulner…
14
22
10 Oct 2022
CVE-2022-31680 - VMware vCenter Server Platform Services Controller Unsafe Deserialization vulnerability
More details : talosintelligence.com/vulner…
55
155
7 Mar 2022
My Deep Dive about vuln discover & exploitation of ZTE MF971R.
Paper : talosintelligence.com/resour…
Video : youtube.com/watch?v=CfioUxvS…
Enjoy ;)
1
23
57
26 Oct 2021
(1/n) If you have a ZTE MF971R you might want to check whether its updated to the newest version...
2
4
19
26 Oct 2021
Combination of CVE-2021-21748 (pre-authentication stack-based buffer overflow) CVE-2021-21745 (CSRF/Referer check bypass) allows an attacker to trigger arbitrary remote code on the vulnerable device without any authentication!
1
5
26 Oct 2021
All advisories available here : blog.talosintelligence.com/2…
More details about this research will show up in coming weeks ;)
1
5
12 Oct 2021
CVE-2021-40474 - Microsoft Office Excel 2019/365 ConditionalFormatting code execution vulnerability
talosintelligence.com/vulner…
11
39