Security research and engineering lead at @microsoft. on mastodon: infosec.exchange/@spoofy and @spoofy.bsky.social not posting here anymore.
Joined December 2009
- Tweets 4,436
- Following 332
- Followers 4,458
- Likes 2,008
322 Photos and videos
28 Jan 2025
2
5
3,322
23 Jan 2025
We get lots of questions about about admin protection in Windows. So we decided to provide some context and details. Part 2 will be out shortly... techcommunity.microsoft.com/…
2
6
25
4,620
Johnathan Norman retweeted
31 Oct 2024
until the day i die i will never understand how this wasn’t the end of it
9,156
32,048
293,087
22,947,176
Johnathan Norman retweeted
31 Oct 2024
WILD: actual photo of Musk-hired door knockers being driven around #Michigan.
This group of mostly-black workers were driven in the back of a truck with no seats.
They say they were flown in, given unrealistic goals, and threatened with their lodging being cut off & being forced to pay their own way home if they couldn't meet them.
Some didn't even know which candidate they were working for.
Article by @JakeLahut
wired.com/story/elon-musk-am…
1,352
9,650
30,792
3,206,110
Johnathan Norman retweeted
31 Oct 2024
Put up the slides for my @MSFTBlueHat 2024 presentation on improvements to OleView.NET github.com/tyranid/infosec-p… You can also grab v1.15 of OleView.NET from the PS Gallery which has the new features to generate proxy clients on the fly.
3
81
260
24,266
Johnathan Norman retweeted
29 Oct 2024
NEW: @X is pushing partisan content, most of it supporting Trump & sowing election doubt.
@WSJ reporters created new accounts with interests in things like crafts, then observed what content the accounts got recommended.
Their "for you" feeds showed pro-Trump content at double the rate of pro-Harris content.
By @jackgillum @AlexaCorse & Adrienne Tong
wsj.com/politics/elections/x…
721
4,379
11,633
1,229,088
Johnathan Norman retweeted
28 Oct 2024
It’s wonderful to see what @XenoKovah and his collaborators have built for the community. I always recommend OST2 for my new hires and other juniors, or just anyone trying to get started on a new topic. The courses are excellent. It’s an honor to sponsor the Windows Security Path
28 Oct 2024
Thanks to Winsider Seminars & Solutions (@yarden_shafir & @aionescu) for Sponsoring #OST2 at the Gold🥇 level!
Learn more about them here: windows-internals.com/
16
113
16,471
Johnathan Norman retweeted
23 Oct 2024
Here's a time lapse video showing my 360 hypervisor exploit triggering in ~18.5 minutes. This is a pretty average time for the exploit with about 40% success rate. People asked if it works on winchester and I don't think there's any reason it won't but I don't have one to test on
36
125
930
73,501
21 Oct 2024
The new account type for services finally landed in WIP. Now when running Windows Protected Print (WPP) the service will run as "Restricted Service" and no longer SYSTEM. There will be a SYSTEM process, but it basically just launches the worker.
2
18
99
27,590
21 Oct 2024
This update will land in non-WIP builds (GA) likely in January. Big thanks to @tiraniddo who gave us early feedback on the design... and shoutout to @Grimdoomer who did the prototype. It was really fun working with the Print team.
14
1,220
21 Oct 2024
its unfortunate people in Texas have to do this, in Washington we just mail our ballot. Took like 10 minutes , no lines and no problems.
21 Oct 2024
It’s the first day of early voting in Texas and it’s PACKED in deep blue HARRIS county!
Houstonians are excited to vote for Kamala Harris & Colin Allred!!!
2
829
Johnathan Norman retweeted
16 Oct 2024
Microsoft has open sourced its new cross-platform virtual machine layer written in Rust: github.com/microsoft/openvmm From many of the same team who created WSL, including @benhillis.
12
470
1,857
184,714
17 Oct 2024
suggest the thing people currently have is less secure. So nobody wants to talk about it.
The net result is people rather say "we support SHA-3 now!" instead of discussing how something like NTUser will have less bugs.
1
9
496
17 Oct 2024
it's a real challenge because developers understandably want to do the work that draws in headlines.
so yeah.. that is a thing.
1
9
752
17 Oct 2024
One thing that sucks about reducing attack surface. Nobody knows how to speak about it to the public and often people don't want to do it. Marketing/Comms people prefer to speak about what new thing is added. When you mention removing or replacing something, you implicitly
4
2
22
4,239
15 Oct 2024
Hello everyone, fun fact, UAC bypasses = bounty money when Administrator Protection is enabled. We checked many but we fully expect we missed some. You could simply dig up old research, try it and if it works make some cash. This feature is in an early stage, help us improve it.
15 Oct 2024
Administrator Protection, introduced in the latest Windows Insider Canary build, is a solid security enhancement... uhh.. really?? can be bypassed with @splinter_code's clever SspiUacBypass tool. Check it out here: github.com/antonioCoco/SspiU…
5
16
84
18,224
14 Oct 2024
I've been hiring across multiple countries non-stop for a few months now. Only down to a few spots remaining and i plan to sleep for like a month.
last one i think jobs.careers.microsoft.com/g…
1
8
18
7,541
14 Oct 2024
FWIW people with some web skills native code skills would be nice. I think people forget many Windows apps these days are just Webview apps
4
736
Johnathan Norman retweeted
13 Oct 2024
REMINDER: @SpaceX will be attempting probably the craziest aerospace thing ever attempted tomorrow morning — Catching a 19-story tall rocket booster in mid-air with Mechazilla chopsticks
474
2,106
15,220
49,366,683