Hello! My name is Matt Suiche. I am an independent researcher, advisor, and investor. I previously served as the Head of Detection Engineering at Magnet Forensics. Our organization was passionately dedicated to justice and protecting the innocent, a mission we embarked on more intensely after the 2022 acquisition of my cybersecurity start-up, Comae Technologies.
My life-long fascination with learning and understanding complex systems first led me to cybersecurity. My teenage years were spent immersed in reverse engineering, which ignited a profound curiosity about technology that continues to this day. I’ve since explored various fields including operating systems architecture, programming languages, virtualization, modern web application development, and generative art. Furthermore, I’ve delved into numerous domains such as privacy, surveillance, forensics, blockchain, and community development among others.
GitHub Repository: https://github.com/msuiche/ruby-square Introduction 🔗In May, Microsoft announced a bounty for their new IoT platform called Azure Sphere. The interesting part about it is that it’s created with security in mind, which is a much needed initiative, so we decided to take a look.
While we didn’t find any issues worth reporting, we thought it would be a waste not to share what we’ve learned. Hopefully, this will be useful for others wanting to research the platform or those considering to use it for their projects.
SMBaloo 🔗A CVE-2020-0796 (aka “SMBGhost”) exploit for Windows ARM64.
Because vulnerabilities and exploits don’t need to always have scary names and logos.
GitHub Repository: https://www.github.com/msuiche/smbaloo Original post on Comae’s blog: https://www.comae.com/posts/2020-06-25_smbaloo-building-a-rce-exploit-for-windows-arm64-smbghost-edition/ Author: Matt Suiche (@msuiche) Acknowledgments 🔗 @hugeh0ge for his great blogpost and @chompie1337 for her excellent POC! On top of answering my questions on Twitter, their materials were really good and helped me immensely to understand the vulnerability and the exploitation part.
Key Takeaways 🔗 Twitter is doing better than other platforms by releasing datasets, albeit partial, on Information Operations (IO). There is so much more information yet to be disclosed. Recommendations are given. Attribution blindspots seem to be a common problem with social media companies. Aggregated Twitter data and Python scripts are available on Github - and will be kept up-to-date. Beautiful dynamic data visualization for Twitter’s IO datasets, generated in real time from our GitHub datasets.
