Cloud Vulnerability Research • The opinions stated here are my own, not those of my company.
Joined April 2008
- Tweets 178
- Following 272
- Followers 2,935
- Likes 1,459
8 Photos and videos
Pinned Tweet
4 Oct 2024
Learn how Google CVR could have potentially exfiltrated Gemini 1.0 Pro before launch last year. We describe the vulnz, the fix, and tips for bughunters. Also, shout-out to @epereiralopez for teaming up to adapt this work to another cloud provider.
bughunters.google.com/blog/5…
4 Oct 2024
Today our Cloud Vulnerability Research (CVR) team shared this research into LLM security, which is broadly applicable to AI domain security practitioners working in this rapidly evolving space.
Learn more: bit.ly/3TWYrF3
2
15
62
36,704
Introducing ZERODAY.CLOUD🕵️♀️
Be the first to participate in the first-of-its-kind cloud hacking competition. 🤝
WIN PRIZES from our 4.5M$ prize pool. 💰
Register your exploit > zeroday.cloud
@msftsecresponse @awscloud @googlecloud
2
13
53
26,929
5 Dec 2024
🕺"Leaving tradition" is one of the best parts of Google's security culture and has led to some of the most interesting attack chains I've gotten to work on. There's nothing quite like starting with a blank slate and ending with a root shell.💃
4 Dec 2024
Celebrating 15 years of password hacking 💻 🔑, Swiss Army knives (and sometimes even chainsaws or swords) included! 😲
Discover how Google's security teams turn employee farewells into security tests.
bughunters.google.com/blog/6…
1
12
1,567
11 Nov 2024
Effective today, Google will issue CVEs for critical vulnerabilities in Google Cloud that are fixed internally and do not require customer action or patching.
cloud.google.com/blog/produc…
2
24
81
11,248
Anthony Weems retweeted
1 Nov 2024
Exciting update on Project Zero’s LLM research: googleprojectzero.blogspot.c…
1
34
129
28,713
18 Oct 2024
Before joining Google, I submitted some Cloud bugs to the Google Vulnerability Rewards Program (VRP). Today, we announced a dedicated Cloud VRP and I'm so excited to be a part of the program that got me into Google in the first place.
Send us vulnz 🙂
cloud.google.com/blog/produc…
2
11
72
5,854
Anthony Weems retweeted
16 Oct 2024
Cloud CISO Perspectives Blog for mid-October ‘24 is up covering:
- Sharing AI vulnerability research
- Virtual red teams
- Advances in DDoS mitigation
- Securing inherited cloud deployments
- Can AI keep a secret?
- and more…..
cloud.google.com/blog/produc…
5
10
1,467
10 Sep 2024
Excited to share this blog post about server-side memory corruption that my team exploited in production.
Shout-out to @scannell_simon, @epereiralopez, and @thatjiaozi - this was a very fun project. :-)
bughunters.google.com/blog/6…
39
149
28,908
Anthony Weems retweeted
10 May 2024
The Mines of Kakadûm: Blindly Exploiting Load-Balanced Services by @scannell_simon and @amlweems is now live!
7
41
11,114
Anthony Weems retweeted
9 Apr 2024
Very excited to present this with @amlweems! See you in Berlin!
(@epereiralopez and @thatjiaozi) were also working on that project and will also be there :)
9 Apr 2024
The Mines of Kakadûm: Blindly Exploiting Load-Balanced Services by @scannell_simon and Anthony Weems offensivecon.org/speakers/20…
5
23
5,098
1 Apr 2024
I've been reverse engineering the xz backdoor this weekend and have documented the payload format and written a proof-of-concept exploit for the RCE. The payloads are signed with an ED448 key, so I patched my own key into the backdoor for testing. :-)
github.com/amlweems/xzbot
49
826
3,830
632,546
Anthony Weems retweeted
15 Dec 2023
github.com/google/security-r…
Our research on the deep mines of the JPX standard is now public. I had the pleasure and the privilege to work with @scannell_simon , @amlweems and @epereiralopez on this one.
Pretty interesting client side info leak vector :)
5
30
9,697
Anthony Weems retweeted
31 Mar 2022
2
148
222
Anthony Weems retweeted
23 Mar 2022
containerd: Insecure handling of image volumes bugs.chromium.org/p/project-…
22
50
1 Feb 2022
I'm really excited for this video! I got a chance to collab with @LiveOverflow and share the process for discovering the localhost bypass for CVE-2021-45046 with code review and differential fuzzing. :)
1 Feb 2022
After the log4shell vulnerability was patched with version 2.15, another CVE was assigned. Let's have a closer look at the localhost JNDI connections bypass and learn about fuzzing Java applications.
youtube.com/watch?v=kvREvOvS…
1
2
18
19 Aug 2021
Just finished Portswigger's new Burp Suite Certification. I've always been a huge fan of the @WebSecAcademy and this is an excellent capstone on the labs. Thanks @PortSwigger for all the educational content! #burpsuitecertified
2
3
54
24 Mar 2021
Thanks for the seamless contribution process! Cheers to @BouncyHat and @dallasl1200 😄
24 Mar 2021
Thanks to @amlweems, Michael Weber, and Dallas Kaman for performing an analysis on CVE-2021-26855, the Microsoft Exchange SSRF vuln!
googleprojectzero.github.io/…
5
9 Mar 2021
My team @praetorianlabs just published our work in reverse engineering the Proxylogon patches for CVE-2021-26857, CVE-2021-26855, and CVE-2021-27065. I learned a lot more about Exchange than I thought I'd ever need, but had a blast. praetorian.com/blog/reproduc…
5
15
5 Aug 2020
Awesome new work from @albinowax on cache poisoning. Cache Key Injection especially feels like it should have some interesting variants.
portswigger.net/research/web…
1
5
5 Aug 2020
Also, some great new labs on @WebSecAcademy to go along with the research. Thank you for continuing to create free educational content like this.
portswigger.net/web-security…
1
2