Michael Young
@mbmy.bsky.social
Every security company imaginable is going to exaggerate any opportunity to point to AI in their marketing, but I'm not sure I'd say it's an outrageous prospect to think that attackers aren't leveraging it?
October 21, 2025 at 7:15 PM
Every security company imaginable is going to exaggerate any opportunity to point to AI in their marketing, but I'm not sure I'd say it's an outrageous prospect to think that attackers aren't leveraging it?
Yeah as I thought about it, it would depend on SMB signing and whatnot. Thanks!
December 14, 2024 at 1:16 AM
Yeah as I thought about it, it would depend on SMB signing and whatnot. Thanks!
This is awesome! I did not know of that arbitrary delete LPE until this. I wonder if you could you simply do an ntlmrelayx SOCKS proxy to gain a session instead of this? If it would work, that could be relayed back to the host to achive RCE.
December 12, 2024 at 6:35 PM
This is awesome! I did not know of that arbitrary delete LPE until this. I wonder if you could you simply do an ntlmrelayx SOCKS proxy to gain a session instead of this? If it would work, that could be relayed back to the host to achive RCE.
Not sure what this talk was from, but any chance it was recorded?
December 4, 2024 at 3:13 PM
Not sure what this talk was from, but any chance it was recorded?