kmkz @betelsam Dominique Righetto Steph 🇷🇪🇫🇷 It was a nice chess game ! #redteam

Thanks Orange Cyberdefense Switzerland for the mention of our recent publication (cc Steph 🇷🇪🇫🇷) Very good paper too, I guess the Bitlocker/PIN privesc is now pretty well documented :p

As promised, I just dropped a dozen new sandbox escape vulnerabilities at #POC2024 If you missed the talk, here is the blog post: jhftss.github.io/A-New-Era-of-m… Slides: github.com/jhftss/jhftss.… Enjoy and find your own bugs 😎

After the MS process...and the reward 🙄 our #Microsoft AutoUpdate #EoP vuln. is not a #0day anymore Good job of our teammate Steph 🇷🇪🇫🇷 Note: it is not "just" an #LPE affecting MS products so think about this when using #O365 on your #MacBook msrc.microsoft.com/update-guide/v… #patchtuesday

🚨 Critical vulns in dormakaba exos 9300! We’re sharing 20 CVEs in dormakaba’s physical access control system: doors can be opened without authentication with network access. Kudos to dormakaba for excellent handling & patches. 👉 r.sec-consult.com/dormakaba #ResponsibleDisclosure

2 y ago we tried to submit a research projet on this components to a defense CFP because this has a huge attack surface since it is used almost anywhere ! ->rejected : not innovative (yep, not AI content - literally this) ... but SEC Consult did not try: they did 👌🏻👏👏

Le SecDevOps expliqué par Dominique Righetto Dominique Righetto 👍 x.com/ITnation/statu…