Vlad Stolyarov
@vladhiewshaSecurity Engineer @Google | A byte consists of 8 bits!
Similar User
@oct0xor
@bzvr_
@2igosha
@pwningsystems
@cyberspartansec
@silascutler
@5aelo
@kucher1n
@billyleonard
@anttitikkanen
@matalaz
@_marklech_
@_clem1
@_tsuro
@61ack1ynx
New joint TAG/Mandiant research on a hybrid Russian espionage/influence campaign (UNC5812) targeting potential Ukrainian military recruits with malware and spreading anti-mobilization narratives cloud.google.com/blog/topics/th…
We're naming names 🔥 because the harm is not hypothetical. Today we share "Buying Spying", our new report diving into the commercial surveillance/spyware industry. We dive into the players, the campaigns, the spyware, & the harm it perpetuates. blog.google/threat-analysi…
Announcing the latest report from Threat Analysis Group documents the rise of commercial surveillance vendors and the industry that threatens free speech, the free press and the open internet blog.google/threat-analysi… Some highlights below. 🧵
💪🏼 Yesterday @_clem1 and @vladhiewsha discovered and reported a new ITW 0-day to the Chrome team. TODAY, 1 day later, Chrome has a fix out to protect users!!! Thank you, Chrome! CVE-2023-7024 chromereleases.googleblog.com/2023/12/stable…
Awesome work from @oct0xor !
Today Apple released updates for CVE-2023-32434 (Kernel) and CVE-2023-32435 (WebKit) in-the-wild zero-days which were discovered by us (@kucher1n, @bzvr_ and yours truly) in the #iOSTriangulation attacks. Update your iOS/iPadOS/macOS/watchOS now!
Today Apple released updates for CVE-2023-32434 (Kernel) and CVE-2023-32435 (WebKit) in-the-wild zero-days which were discovered by us (@kucher1n, @bzvr_ and yours truly) in the #iOSTriangulation attacks. Update your iOS/iPadOS/macOS/watchOS now!
I just published a new RCA for CVE-2023-26369, the PDF 0-day that was used in the following campaign. googleprojectzero.github.io/0days-in-the-w…
North Korean actors 🇰🇵 are targeting security researchers again including use of at least one 0-day. IOCs in the blog ⬇️ If you've been in contact, please reach out blog.google/threat-analysi…
Snap is hiring security engineers for D&R and threat intel roles in Switzerland (we have offices in Zurich and Yverdon-les-Bains): wd1.myworkdaysite.com/recruiting/sna… & wd1.myworkdaysite.com/recruiting/sna… Retweets for visibility are much appreciated!
Welcome to TAG, Maddie! Let's burn some 0-days now 🔥
btw...I've moved to Google TAG!!🎉⚡️💃🏽 We're building a team focused on ITW 0days & commercial surveillance vendors, combining the ITW work from Project Zero and TAG into this one new team. I couldn't be more excited to work with @_clem1 @benoitsevens & @vladhiewsha on this!
btw...I've moved to Google TAG!!🎉⚡️💃🏽 We're building a team focused on ITW 0days & commercial surveillance vendors, combining the ITW work from Project Zero and TAG into this one new team. I couldn't be more excited to work with @_clem1 @benoitsevens & @vladhiewsha on this!
🎯@vladhiewsha @_clem1, Bahare, and I from Google TAG, discovered two new in-the-wild 0-days that were patched today: CVE-2023-36874 and CVE-2023-36884. Big thanks to Microsoft for the quick turn around on patches! 👏🏽 #itw0days msrc.microsoft.com/update-guide/v… msrc.microsoft.com/update-guide/v…
🎯@vladhiewsha @_clem1, Bahare, and I from Google TAG, discovered two new in-the-wild 0-days that were patched today: CVE-2023-36874 and CVE-2023-36884. Big thanks to Microsoft for the quick turn around on patches! 👏🏽 #itw0days msrc.microsoft.com/update-guide/v… msrc.microsoft.com/update-guide/v…
Security Updates for July 2023 are now available! Details are here: msft.it/6014glqFs #PatchTuesday #SecurityUpdateGuide
Cool SmartScreen bypass 🔑 found being used ITW by @benoitsevens and @vladhiewsha from @Google TAG! Observed being used to deliver Magniber ransomware 🔒💰. Details in here: blog.google/threat-analysi… Sample: virustotal.com/gui/file/8efb4…
TAG continues our coverage of commercial spyware vendors with a blog post by @_clem1 & @benoitsevens on Variston's Heliconia exploitation framework. blog.google/threat-analysi…
BumbleBee: Round Two ➡️Initial Access: Bumblebee ISO>LNK>DLL ➡️Persistence: AnyDesk, Added Local Admin ➡️Discovery: LOLbins, AdFind ➡️Credentials: LSASS Dump ➡️Lateral: SMB, Remote Services, RDP ➡️C2: Bumblebee, Meterpreter, CobaltStrike thedfirreport.com/2022/09/26/bum…
BumbleBee Roasts Its Way to Domain Admin ➡️Initial Access: BumbleBee (zipped ISO /w LNK+DLL) ➡️Persistence: AnyDesk ➡️Discovery: VulnRecon, Seatbelt, AdFind, etc. ➡️Credentials: Kerberoast, comsvcs.dll, ProcDump ➡️C2: BumbleBee, CobaltStrike, AnyDesk thedfirreport.com/2022/08/08/bum…
12 years ago, I started at Google to join a new team of five with the mission to take on serious threats. Celebrating our anniversary today in Zurich. Impressed with the work of the team every day and the great people we've hired over the years. Cake!
United States Trends
- 1. #SurvivorSeries 242 B posts
- 2. Kash Patel 351 B posts
- 3. Ewers 7.421 posts
- 4. Fauna 57,1 B posts
- 5. McCabe 25,5 B posts
- 6. Norvell 4.550 posts
- 7. Purdue 8.904 posts
- 8. Michigan 251 B posts
- 9. #iufb 4.217 posts
- 10. Bauer Sharp 1.031 posts
- 11. Roman 76,4 B posts
- 12. Wray 36,8 B posts
- 13. Gators 7.722 posts
- 14. Arch Manning 6.175 posts
- 15. Aggies 8.189 posts
- 16. #HookEm 8.824 posts
- 17. Miami 84,2 B posts
- 18. Hololive 33,6 B posts
- 19. Ohio State 187 B posts
- 20. Ryan Day 107 B posts
Who to follow
-
Boris Larin
@oct0xor -
Leonid Bezvershenko
@bzvr_ -
Igor Kuznetsov
@2igosha -
Jordy Zomer
@pwningsystems -
Bruno Braga
@cyberspartansec -
Silas Cutler (p1nk)
@silascutler -
Samuel Groß
@5aelo -
Georgy Kucherin
@kucher1n -
billy leonard
@billyleonard -
Antti Tikkanen
@anttitikkanen -
Joxean Koret (@[email protected])
@matalaz -
Mark
@_marklech_ -
clem1
@_clem1 -
stephen
@_tsuro -
Sergey Lozhkin
@61ack1ynx
Something went wrong.
Something went wrong.