One message, one GIF, and a lot of Teams accounts. Do you want to know how it is all connected to a dangerous vulnerability? Omer Tsarfati will tell you all you want to know in this SecTor Security Con presentation at 10:10 ow.ly/Ik2030rg2yV

This year I'll present on August 4-5 my latest research on how we managed to bypass Windows Hello facial recognition. blackhat.com/us-21/briefing… In the meantime, we published a new blog that contains everything you need to be prepared for our Blackhat session cyberark.com/resources/thre…

My latest blog post about #FickerStealer is finally out! This blog post introduces a technical analysis of an information stealer written in Rust🔥🔥 The blog post also includes: 👉 IDAPython Deobfuscator script 👉 YARA rule and IoCs cyberark.com/resources/thre…

Don't forget to check out Omer Tsarfati and his presentation: Bypassing Windows Hello for Business and Pleasure at Blackhat this year. spr.ly/6018y5FEn #Blackhat2021

I'm waiting to see you all in my session today at Blackhat about how we bypassed Windows Hello facial recognition mechanism. See you at Black Hat 1:30pm-2:10pm, Lagoon FL. #Blackhat2021 #BlackhatUSA blackhat.com/us-21/briefing…

#INTENT Summit Call For Papers closes in less than one week. Submit your #research by Oct. 4 for the opportunity to present at our inaugural event on Nov. 16: spr.ly/6012J8sHn

I had the great pleasure to take part in Hunters' podcast hosted by Dvir Sayag. We discussed the vulnerability I found in Windows Hello, which I also presented it in the #BlackhatUSA 2021.

INTENT is live! gateway.on24.com/wcc/eh/2254359…

Symda is out! 🧙‍♂️ Symda is an open-source script designed as a helper tool for Frida. The tool aims to download and parse symbol files (from a configured symbol server) for a given executable. It should make it easier for you to hook functions. github.com/cyberark/Symda Frida

*** NEW TOOL ALERT *** Check out MITM_Intercept github.com/cyberark/MITM_… A new way to intercept and modify non-HTTP protocols through Burp and others with SSL and TLS interception support.

Slowly getting there

#Hyperledger Indy-based #Sovrin is a popular choice for decentralized identity, but a CVSS 10 vulnerability shows the need for constant vigilance. Read our blog to learn more. #blockchain #identity #security cyberark.com/resources/thre…

Omer Tsarfati and I harnessed ChatGPT to create a #polymorphic #malware, which uses ChatGPT on runtime to load and mutate new code that easily bypasses the content-filter. We are looking forward to continuing and research the topic -:) cyberark.com/resources/thre…

Finding one vulnerable kernel driver is cool, but finding multiple vulnerable drivers it’s even better! I’m excited to share my blog post about an interesting vulnerable driver code base that many different vendors tend to share. cyberark.com/resources/thre…

BTW, I'm also excited to tell you that I'll be giving a talk about this at ShmooCon, 17:00 EST today. twitch.tv/shmoocontrack3

👾 Bad drivers⚠️Capable of infecting your💻machine! 💡In this talk, Omer Omer Tsarfati will deep-dive into the 0day discovered on the #unsecured drivers + common traits of the bad drivers to look out for 🙌Find out more➡️bit.ly/41oe4qR #NullconDE2023 #infosec #malware

Thanks NULLCON team for a great conference, I had an amazing time. #NullconDE2023

Omer Tsarfati and I created a playground framework for creating polymorphic malware using GPT models, please play with it -:) Giving a talk about it in HITBSecConf in 5 minutes #HITB2023AMS

Getting into smart contract security research, I found that there are still a lot of uninitialized ones out there 🫥 This post covers the basics of uninitialized smart contract vulnerabilities and demonstrates how to write a quick PoC using Foundry 🛠️ cyberark.com/resources/thre…