At #BHUSA? Catch Microsoft security engineers Joseph Bialek @[email protected] & Nicolas Joly share details about Hyper-V and supporting kernel-mode & user-mode components so you can join the bug bounty program that rewards up to $250K for Hyper-V vulnerabilities msft.social/l89KaQ

If you aren’t coming to Lagoon GHI right now for smea talk on exploiting Hyper-V you need to reconsider your life choices

Slides posted for the #BHUSA presentation by Anders Fogh & CTurt on systematizing and mitigating speculative execution side channels vulnerabilities: github.com/Microsoft/MSRC…

Closing out the #Pwn2Own 2018 blog series with with the details behind our sandbox-to-root privilege escalation (CVE-2018-4193). Write a less-shady exploit, and we'll give you a free #BinaryNinja Commercial License! blog.ret2.io/2018/08/28/pwn…

It is Day One here at BlueHat v18. The volunteers are putting the finishing touches on the venue. We open for Workshop Day starting at 8am.

This week I will be DerbyCon delivering a talk on some awesome security work in Win32k.sys. Feel free to reach out and mingle if you are there.

It’s finally here! CFP for #BlueHatIL 2019 is now open. Submit your abstract for a chance to speak on the big stage. Bluehatil.com

#BlueHatIL CFP is now open and the crowd can't wait to see your brilliant ideas. Submit your paper today! Bluehatil.com

Hyper-V researchers: symbols for all Hyper-V storage components are now published. This means we have symbols published for all components except the hypervisor and hvloader. x.com/virtual_lars/s…

the video of my Hyper-V exploit talk at this year's blue hat is up! it includes some cool exploit techniques/primitives and a totally successful live demo at the end youtube.com/watch?v=8RCH0v…

Microsoft starts publishing sample scripts for WinDbg (github.com/Microsoft/WinD…). Great! I think the community needs such samples so people start leveraging Javascript power in WinDbg.

Interdiction? The #BlueHatIL schedule was supposed to be clear but we just realized someone’s already in! Welcome bunnie

The Time-Travel Debugging tool from #WinDbg Preview can be used as a standalone binary (ttd.exe) Copy the TTD\ directory and you can use TTD without #WinDbg, allowing you to script your #TTD recording useful for: - #fuzzing crash replay - #malware analysis - bug tracking

Woke up this morning to discover that my #35C3 talk was accepted! It’s going to be about... my first ever CVEs that were just announced on Patch Tuesday!

My talk was accepted to #35C3! I'll be talking about modern Windows userspace exploitation and all things mitigations: internals, bypasses, and the obligatory demos!

Please join the Windows kernel in wishing farewell to uninitialized plain-old-data structs on the stack. As of today's WIPFast build, any Windows code compiled with /kernel also gets compiled with InitAll, a compiler security feature that initializes POD structs at declaration.

New advanced redundant store elimination optimization in the MSVC compiler helps improve Windows security!

Everybody knows researching Hyper-V is the most fun thing you can do, so I wrote a blog post about how to start doing just that! Let me know what you think && if you find any 0days of course :) aka.ms/hvresearch101

Awesome job by Saar Amar :) Now it’s time for everyone to starting pwning Hyper-V!