ShaiHasarfaty

111 posts

ShaiHasarfaty

@hasarfaty

Sr. Principal Security Architect & Offensive Security Researcher @Intel | Opinions are my own and not the views of my employer!

Katılım Mayıs 2019

324 Takip Edilen218 Takipçiler

Sabitlenmiş Tweet

ShaiHasarfaty@hasarfaty·13 Mar

In Alder Lake, CSE was released with a new type of systematic mitigation to reduces the risk of memory corruptions. Inspire by the compiler "source fortify" option, the new mitigation name is: Data Fortify. intel.com/content/dam/ww…

English

3.3K

ShaiHasarfaty@hasarfaty·22 Oca

More source insight options in visual studio code. This time "word highlighting: linkedin.com/posts/shai-has…

English

ShaiHasarfaty@hasarfaty·5 Oca

#SourceInsight is still an amazing tool for code review but its lacking the new advance feature of today ecosystem. Time to move to Visual studio code with a replica: linkedin.com/posts/shai-has…

English

ShaiHasarfaty@hasarfaty·19 Eki

Another buffer overflow cause this time due to strncpy missing input validation that could have been blocked via data fortify mitigation... blog.byteray.co.uk/zero-day-alert…

English

133

ShaiHasarfaty@hasarfaty·6 Ağu

Thats new, @googlechrome memcpy bugs... I think they could also enjoy #datafortify #exploitation #mitigation x.com/alisaesage/sta…

Alisa Esage Шевченко@alisaesage

How to Find a Buffer Overflow Bug Bounty in Google Chrome 2024-: grep memcpy issues.chromium.org/issues/3334143… 2025+: grep memcpy, also vibe fuzzing issues.chromium.org/issues/4096192…

English

ShaiHasarfaty@hasarfaty·9 Oca

New isolated Intel security engines SSE and PSE explained in the following video youtu.be/KsQ50Yr3osQ

YouTube

English

452

ShaiHasarfaty@hasarfaty·22 Eyl

blog.coffinsec.com/0day/2024/08/3… #RCE in #MediaTek wifi via variant of memmove that could have been prevented if use Data Fortify systematic mitigation intel.com/content/dam/ww…

/r/netsec@_r_netsec

0-Click RCE in MediaTek Wi-Fi Chipsets — 4 exploits, 1 bug: exploiting CVE-2024-20017 4 different ways blog.coffinsec.com/0day/2024/08/3…

English

234

ShaiHasarfaty@hasarfaty·10 Nis

On December 25, 1999, libsafe introduced a technique for ‘Protecting Critical Elements of Stacks’. In this paper, it showcased the ‘Libsafe Containment of Buffer Overflow’ by iterating through the EBP list. I wasn't aware of this paper and "re-invented" this as ‘Stack Fortify’🤯

English

156

ShaiHasarfaty@hasarfaty·24 Oca

Another #memcpy #vulnerability that could have been prevented if used #DataFortify #mitigation intel.com/content/dam/ww…

Alex Matrosov@matrosov

Reference code bugs are always tricky. Both #PixieFAIL and #LogoFAIL remain unfixed on many enterprise devices at scale. PixieFAIL is related to the EDK2, and fixing this one requires IBV or OEM to update their code first. Such bugs show how the entire FW ecosystem is broken.

English

ShaiHasarfaty retweetledi

FIFA World Cup@FIFAWorldCup·12 Haz

This finish was pretty special 😮‍💨 #U20WC

English

212

3.1K

379.4K

ShaiHasarfaty@hasarfaty·30 Nis

another #buffer #overflow this time with #strncpy that could have been prevented with #DataFortify #mitigation zerodayinitiative.com/blog/2023/4/19…

English

1.7K

ShaiHasarfaty retweetledi

0xor0ne@0xor0ne·25 Nis

Excellent introduction to Linux kernel exploitation Series by @k3170Makan Debugging with QEMU: blog.k3170makan.com/2020/11/linux-… Stack Overflows: blog.k3170makan.com/2020/11/linux-… RIP control: blog.k3170makan.com/2021/01/linux-… #cybersecurity

English

176

529

56.2K

ShaiHasarfaty@hasarfaty·25 Nis

Very good talk about #FaultInjection and counter measures and also the future of what to attack with fault injection even with counter measures... youtube.com/watch?v=aQnuj8…

YouTube

English

139

ShaiHasarfaty@hasarfaty·13 Nis

@ExodusIntel Another #memcpy #vulnerability that could have been prevented if used #DataFortify #mitigation intel.com/content/dam/ww…

English

Exodus Intelligence@ExodusIntel·13 Nis

Vulnerability Sessions: Learn more about CVE-2021-31199, a vulnerability found in multiple versions of Windows 10 used to break out of the Adobe sandbox. READ MORE: blog.exodusintel.com/2023/04/06/esc… #cybersecuritytraining #vulnerabilityintelligence #Cybercrime

English

5.3K

ShaiHasarfaty@hasarfaty·13 Nis

Another #memcpy #vulnerability that could have been prevented if used #DataFortify #mitigation

Exodus Intelligence@ExodusIntel

English

123

ShaiHasarfaty@hasarfaty·28 Mar

@dwizzzleMSFT would this WP would have been accepted to #BlueHatIL ? or this conference care less about innovation in systematic mitigations ? intel.com/content/dam/ww…

English

198

ShaiHasarfaty retweetledi

Jerry Bryant@jerry_Intel·24 Mar

Data Fortify is a new systemic mitigation for memory corruption vulnerabilities. Tune in to Chips & Salsa e53 as @jerry_Intel and @SecurityCRob talk to Intel’s @hasarfaty about how Data Fortify helps eliminate classes of attack. youtu.be/iXFJBUgM4sM

YouTube

English

1.2K

ShaiHasarfaty@hasarfaty·18 Mar

@LiveOverflow @FlashbackPwn Another "memcpy" vulnerability found in by #FlashbackTeam in that lead to code execution that could have been blocked via #DataFortify #mitigation more info here: intel.com/content/dam/ww…

English

LiveOverflow 🔴@LiveOverflow·16 Mar

Awesome video from @FlashbackPwn team about their security research and exploitation. This is part 1: DNS Remote Code Execution - Finding the Vulnerability youtube.com/watch?v=xWoQ-E…

YouTube

English

155

21.6K

ShaiHasarfaty@hasarfaty·18 Mar

Another "memcpy" vulnerability found in by #FlashbackTeam in that lead to code execution that could have been blocked via #DataFortify #mitigation more info here: intel.com/content/dam/ww…

LiveOverflow 🔴@LiveOverflow

Awesome video from @FlashbackPwn team about their security research and exploitation. This is part 1: DNS Remote Code Execution - Finding the Vulnerability youtube.com/watch?v=xWoQ-E…

English

438

ShaiHasarfaty@hasarfaty·17 Mar

@dwizzzleMSFT @BlueHatIL CET is only in nightly build of rust , this means you are not using official branch release of Rust? How do you protect function pointer corruption that can happen from C to Rust if not via CET? Cfg /xfg for rust?

English

181

ShaiHasarfaty@hasarfaty·16 Mar

@plopz0r @AlizTheHax0r this type of bug class could have been blocked using #DataFortify #mitigation integrated into the simple "x"printf code and kill these class of vulnerabilities info here: intel.com/content/dam/ww…

English

Alain M.@plopz0r·15 Mar

@AlizTheHax0r Thanks, had started looking for it before info on the fact it affected the admin interface and not the vpn one came out, then gave up :p

English

326

Alain M.@plopz0r·14 Mar

A quick writeup on how I was able to exploit Fortinet's heap overflow (CVE-2022-42475) : blog.scrt.ch/2023/03/14/pro…

English

186

29.4K

Keşfet

@googlechrome @k3170Makan @ExodusIntel @dwizzzleMSFT @jerry_Intel @SecurityCRob @LiveOverflow @FlashbackPwn