%n
Joined September 2010
- Tweets 1,283
- Following 0
- Followers 768
- Likes 5,881
45 Photos and videos
Matt Jones retweeted
14 Feb 2019
New blog release "Accessing Access Token for UIAccess" on restoring some small part of the older token stealing attack which was killed in Windows 10 RS5. Contains an example PS script to script an admin command prompt 😄 tyranidslair.blogspot.com/20…
2
88
144
Matt Jones retweeted
14 Feb 2019
Here's the video recording for my presentation at #bluehatil last week on "Trends, Challenges, and Strategic Shifts in the Software Vulnerability Mitigation Landscape" youtube.com/watch?v=PjbGojjn…
1
32
74
Matt Jones retweeted
12 Feb 2019
Check out our blog post about research @adam_iwaniuk and I did that lead to CVE-2019-5736!
blog.dragonsector.pl/2019/02…
49
79
Matt Jones retweeted
11 Feb 2019
Android: binder use-after-free via fdget() optimization bugs.chromium.org/p/project-…
36
75
For those interested in coverage-guided fuzzing, I've just released CmpCov - an instrumentation module for clang/SanitizerCoverage, which breaks down CMP/strcmp()/etc. into bytes and writes the extra coverage data to standard .sancov files. Get it here: github.com/googleprojectzero…
2
167
351
Matt Jones retweeted
9 Feb 2019
The always erudite @timoreilly on why the SV “blitzscaling” mantra causes more harm than good.
I feel that part of the reason so many security products are so user-hostile (& mostly suck) is because currently, VCs pick winners instead of customers.
qz.com/1540608/the-problem-w…
1
9
20
Matt Jones retweeted
7 Feb 2019
8 years and 27K bugs later, ClusterFuzz is now available for anyone to use - opensource.googleblog.com/20…
1
208
450
Matt Jones retweeted
7 Feb 2019
Posted the slides from my #bluehatil talk covering trends, challenges, and strategic shifts in the software vulnerability landscape. Questions, comments, and alternative perspectives welcome 🙂 github.com/Microsoft/MSRC-Se…
10
239
510
Matt Jones retweeted
I'm all for people being paid for their work.
I'm all for there being better channels for vuln disclosure making it easy for people to help protect the public.
I even totally get the need for an offense market.
The defense market would do well not to normalize extortion further.
2
5
17
Matt Jones retweeted
5 Feb 2019
Project Zero blog: "The Curious Case of Convexity Confusion" by Ivan Fratric (@ifsecure) - googleprojectzero.blogspot.c…
91
228
Matt Jones retweeted
4 Feb 2019
To go with a release of NtObjectManager v1.1.19 I've written a brief history of BaseNamedObjects and the "new" BNO isolation feature sneaked into Windows 10. tyranidslair.blogspot.com/20…
1
60
117
Matt Jones retweeted
1 Feb 2019
Project Zero blog: "Examining Pointer Authentication on the iPhone XS" by Brandon Azad (@_bazad) - googleprojectzero.blogspot.c…
4
87
193
Matt Jones retweeted
27 Jan 2019
Interested in Hyper-V Internals? Read Part 2 of my continuing series on "Writing a Hyper-V "Bridge" for Fuzzing" as we get into the guts of hypercalls: alex-ionescu.com/?p=471 with sample code and more!
6
201
460
New blog post! Are you winning if you're pinning? by @elpritchos - elttam.com.au/blog/certpinni…
7
10
Matt Jones retweeted
23 Jan 2019
We are excited to announce our Day 2 keynote. This one will definitely make you get up early despite the fun of the Friday night party...
"What's in a Jailbreak? Hacking the iPhone: 2014 -> 2019" by @mdowd
bsidescbr.com.au/speakers.ht…
16
53
Matt Jones retweeted
22 Jan 2019
Remote Code Execution in apt/apt-get, "the HTTP fetcher process URL-decodes the HTTP Location header and blindly appends it to the 103 Redirect response" justi.cz/security/2019/01/22…?
3
43
107
Matt Jones retweeted
18 Jan 2019
"Understanding WebAssembly An in-depth peek into the VM running in modern web browsers." - @_hugsy_ - sophos.com/en-us/medialibrar… … - #WebAssembly #Security #Wasm #wasm
17
28