#hexacon2022 was so cool! Intrigued by SSRF? Pushed my slides there:

Just published the slides of the CHERI talk @n_joly and I presented at @BlackHatEvents! Check it out :) https://t.co/hGzRMa9SeI

Join @n_joly and me at our talk @BlackHatEvents about CHERI ISA! Let's cover CHERI low-level internals, discuss bypasses, develop exploits and view some more hardening! https://t.co/9AeH80w0Ks

Super excited to share that @n_joly and I will present our offensive research on CHERI in this year's @BlackHatEvents! Get ready for some hardcore CPUs internals, lowlevel exploitation, and a whole new approach of mitigations at the ISA level! Can't wait!

Today, we released several security updates for Microsoft Exchange Server to address vulnerabilities under limited, targeted attacks. We recommend customers apply these updates as quickly as possible. See: https://t.co/UUHL7j1eK7.

In case you missed it, check out the analysis of CHERI ISA by @n_joly, @Saif_Sherei and @AmarSaar:

Super happy and excited to share our security analysis of CHERI ISA, written by @n_joly, @Saif_Sherei and myself. We'll be more than happy to get your feedback! :)

I'm hiring a redteam/vulnerability research manager for the OS team. Lead a dope team that finds bugs, writes exploits, builds tools and mitigations -- most importantly -- has fun. Don't DM me - just apply!!! This is the job you want

If you are looking for a new opportunity & you are passionate about vulnerabilities, exploits, and mitigations, please consider applying to join our team in @msftsecresponse :) Job description ⬇ https://t.co/kSq1MmQJ7z

If you like to apply your security knowledge and coding skills to protect customers at an unprecedented scale then this is for you! https://t.co/21hFuAyU9e

Time to try out Application Guard for Office and send us your public preview feedback - https://t.co/bH5rtYsZZk. Thank you @attksrfacekillr, @dwizzzleMSFT, and many others who got us to this milestone. Great teamwork!

Here are the slides for the Secure Kernel talk @long123king and I presented @BlackHatEvents :) https://t.co/rO84TU2bds

10-minute reminder for #MSFTatBlackHat's @n_joly’s talk! Join him in the #BHUSA Exploit track for a review of how “I calc'd Calc — Exploiting Excel Online,” examining how functions were joined to RCE a server — and OnPrem:

Today at 10:00AM @long123king and I will talk about our SK vulnerabilities && exploits! Hope it'll help more in the community to research our platforms and reach out to us:) Speaking of, kudos to @yarden_shafir @aionescu for the submissions in Secure Pool!

On recrute toujours au MSRC en Angleterre :). Si vous voulez en savoir plus, DM ou postulez directement ici:

CONCATENATE: join two or more text strings into one. Join us and #MSFTatBlackHat @n_joly on Aug 6 in the exploit track at #BHUSA as he describes how joining excel functions with fnConcatenate gained RCE on the server, and OnPrem:

Indeed, our team is recruiting!

#Podcast #Cybersécurité Épisode #273 consacré au #SSTIC2020 avec @_trou_ https://t.co/349zhY2pad

I'm officially looking for a remote job in Vulnerability Research/Reverse Engineering (I'm based in France). Retweets appreciated! :)