radu motspan

Ready for @AutoISAC EU Summit! @VWGroup MIB3 test bench for security tests is 3D-designed, printed, and ready to go. Meet us live for more details about automotive ECU pentesting. Stay tuned for cool security research later this year!

golang.org/doc/go1.14 "Go binaries on Windows now have DEP (Data Execution Prevention) enabled."

More on DCS security in our power plant automation research github.com/klsecservices/… from #36c3 talk media.ccc.de/v/36c3-10689-o…. Now with DIY assessment, wordlists and awesome visuals. tldr; learn to do basic assessment by yourself, ask uncomfortable questions, update your DCS

Turbines are everywhere, also on #36c3 at #dijkstra! Good thing, they are overcomplicated, with huge attack surface, hard coded credentials and weak hashing schemas. Oh, shi... Nice talk by @kl_secservices team. /cc:@repdet @_moradek_ @Alender911 @epotseluevskaya @zero_wf @574rz

Investigating Windows Graphics Vulnerabilities: A Reverse Engineering and Fuzzing Story ixiacom.com/company/blog/i…

In a joint presentation at #KasperskyICS conference @repdet and @574rz talk about #CNC machines security: if there are fail compilations of something on YouTube, certainly some work has to be done

Доблестный полицейский во время митинга ударил девушку в живот

We've gathered some statistical data based on results of security assessment engagements performed in 2017 by Kaspersky Lab Security Services team. github.com/klsecservices/…

cpu_rec - a tool that recognizes cpu instructions in an arbitrary binary file. It can be used as a standalone tool, or as a plugin for binwalk. github.com/airbus-seclab/…

New Tool Alert: CMakerer is an open source tool that was created to deal with the problem of tricky-to-load C/C++ codebases nccgroup.trust/us/about-us/ne…

Security of Sarian OS whitepaper github.com/klsecservices/… by Danila Parnishchev (@zero_wf). From #reconbrx talk on #OTsecurity and industrial network devices recon.cx/2018/brussels/…. All acknowledged vulnerabilities were timely fixed by Digi forms.na1.netsuite.com/app/site/hosti…

GE fixes critical vulnerabilities in #digitalsubstation equipment D60 v7 series: CVE-2018-5475 and CVE-2018-5473 @k_v_nesterov. @ICSCERT advisory go.usa.gov/xnFCN. Releases from the same research available here github.com/rigmar/Recon20… by @_rigmar_

BlueHat IL 2018 - Saar Amar - Linux Vulnerabilities Windows Exploits: Es... youtu.be/3deJvbBHET4

Google Chrome V8 Use-After-Free Vulnerability + Exploit by Zhao Qixun (CVE-2017-15399): bugs.chromium.org/p/chromium/iss…

I released some V8 vuls cases which they were fixed in about November 2017 to study. github.com/xuechiyaobai/V…

Finally got round to writing up a overview of few of my recent Apple macOS/ios priv esc vulns. labs.mwrinfosecurity.com/advisories/com… and labs.mwrinfosecurity.com/advisories/con… also labs.mwrinfosecurity.com/advisories/com…

Figured for tweet #666, should post something 'naughty' 😈 like how Apple's AMDRadeonX4150 kext appears to suffer from a subtle kernel bug! Details: objective-see.com/blog/blog_0x27… Bug is currently unpatched & affects latest version of macOS (10.13.2) 🍎🤒☠️ #ring0 #oops #tgif

Thanks for the generous of Google, it's a Pleasant cooperation with android security team, especially, Thanks @mayankjain747 for all your helps in the process of this submission. twitter.com/mayankjain747/…

github.com/bazad/AppleJPE… twitter.com/Yalujb/status/…

An iOS kernel introspection tool. github.com/bazad/memctl