Tholgrim retweetledi

Introduction to COM usage by Windows threats
blog.talosintelligence.com/introduction-t…
English
Tholgrim
90 posts










Confirmed! Orange Tsai (@orange_8361) of DEVCORE Research Team (@d3vc0r3) chained 4 logic bugs to achieve a sandbox escape on Microsoft Edge, earning $175,000 and 17.5 Master of Pwn points. Full win! #Pwn2Own #P2OBerlin














⚠️ New payload in the relation to #ToolShell . Attackers now don't need the static file anymore, leaking keys from memory without leaving the file. This means the existence of a file is not a reliable IoC anymore.

@cyb3rops @cyb3rops Do attackers MUST use the file name "spinstall0" or theoretically any name is ok?




