@the-st0rm.bsky.social
Security/Privacy Engineer @Meta, Ex @Lacework, @Deloitte, @SecForce_LTD. CTFer with LCBC, vulnerability researcher and exploit dev. Opinions are my own
Missed my #BHUSA talk on a security review on Signal E2EE messages ✉️🔒and vulnerabilities 🐞?
The slides are now public!
Big thanks to Signal for their support during review 🙌
www.ibrahim-elsayed.com/pdfs/US-25-E...
The slides are now public!
Big thanks to Signal for their support during review 🙌
www.ibrahim-elsayed.com/pdfs/US-25-E...
August 13, 2025 at 2:18 PM
Missed my #BHUSA talk on a security review on Signal E2EE messages ✉️🔒and vulnerabilities 🐞?
The slides are now public!
Big thanks to Signal for their support during review 🙌
www.ibrahim-elsayed.com/pdfs/US-25-E...
The slides are now public!
Big thanks to Signal for their support during review 🙌
www.ibrahim-elsayed.com/pdfs/US-25-E...
Reposted
Positive Technologies published two scenarios they encountered during pentests, where they pivot to the internal network thanks to an Internet-facing Exchange server and its numerous SSRF vectors 💎
static.ptsecurity.com
December 27, 2024 at 1:39 PM
Positive Technologies published two scenarios they encountered during pentests, where they pivot to the internal network thanks to an Internet-facing Exchange server and its numerous SSRF vectors 💎
Reposted
The court just handed WhatsApp a major win in the case against NSO Group ⚖️ 🎉
NSO was found liable under federal #CFAA & state law for #Pegasus hacking through WhatsApp's servers.
As a lawyer working on surveillance, let me break down the ruling 🧵 1/
storage.courtlistener.com/recap/gov.us...
NSO was found liable under federal #CFAA & state law for #Pegasus hacking through WhatsApp's servers.
As a lawyer working on surveillance, let me break down the ruling 🧵 1/
storage.courtlistener.com/recap/gov.us...
December 21, 2024 at 4:54 AM
The court just handed WhatsApp a major win in the case against NSO Group ⚖️ 🎉
NSO was found liable under federal #CFAA & state law for #Pegasus hacking through WhatsApp's servers.
As a lawyer working on surveillance, let me break down the ruling 🧵 1/
storage.courtlistener.com/recap/gov.us...
NSO was found liable under federal #CFAA & state law for #Pegasus hacking through WhatsApp's servers.
As a lawyer working on surveillance, let me break down the ruling 🧵 1/
storage.courtlistener.com/recap/gov.us...
Reposted
In 2024, we still have trivially exploitable Ubuntu LPE bugs 🤷♂️
But one of the disclosed bugs involves the good old pipe character in Perl "filenames" 🤯
Another great investigation by the Qualys Threat Research Unit 💎
But one of the disclosed bugs involves the good old pipe character in Perl "filenames" 🤯
Another great investigation by the Qualys Threat Research Unit 💎
www.qualys.com
December 19, 2024 at 10:07 PM
In 2024, we still have trivially exploitable Ubuntu LPE bugs 🤷♂️
But one of the disclosed bugs involves the good old pipe character in Perl "filenames" 🤯
Another great investigation by the Qualys Threat Research Unit 💎
But one of the disclosed bugs involves the good old pipe character in Perl "filenames" 🤯
Another great investigation by the Qualys Threat Research Unit 💎
Reposted
Watch the recording of my #ekoparty talk "Advanced #Fuzzing with #LibAFL" here:
youtu.be/FI7C37lz4Rg?...
Thanks @fede-k.bsky.social for this amazing event!
youtu.be/FI7C37lz4Rg?...
Thanks @fede-k.bsky.social for this amazing event!
December 10, 2024 at 6:01 AM
Watch the recording of my #ekoparty talk "Advanced #Fuzzing with #LibAFL" here:
youtu.be/FI7C37lz4Rg?...
Thanks @fede-k.bsky.social for this amazing event!
youtu.be/FI7C37lz4Rg?...
Thanks @fede-k.bsky.social for this amazing event!