dwizzzleMSFT's profile picture. Corporate Vice President, OS Security and Enterprise @Microsoft

David Weston (DWIZZZLE)

@dwizzzleMSFT

Corporate Vice President, OS Security and Enterprise @Microsoft

David Weston (DWIZZZLE) reposted

rust evasion capabilities are mostly just a byproduct of current tooling lag. static analysis tools struggle with rust's memory model right now, but that's temporary. the real trade-off is managing binary bloat; unless you go no_std, that massive signature is pretty loud on disk.


Do not miss your flight

🔥 [POC2025] Drinking Hell 🔥 Survive the night, Be the final boss Welcome to legendary "Drinking Hell", the unofficial (but totally essential) closing ritual of POC No slides, no exploits — just pure chaos, laughter, and memories. 💀 When & Where: After the Day 2 dinner - just…

POC_Crew's tweet image. 🔥 [POC2025] Drinking Hell 🔥

Survive the night, Be the final boss
Welcome to legendary "Drinking Hell", the unofficial (but totally essential) closing ritual of POC
No slides, no exploits — just pure chaos, laughter, and memories.

💀 When & Where: After the Day 2 dinner - just…


David Weston (DWIZZZLE) reposted

His name is Viktor, Viktor Gyokeres 🫱🏼🫲🏼


David Weston (DWIZZZLE) reposted

This week I had the pleasure of guest lecturing at both Georgetown University and Johns Hopkins SAIS on the intersection of AI, cyber and national security. You can find a brief overview of the topics I covered and my slides here. secure.dev/ai_cyber_natse…


David Weston (DWIZZZLE) reposted

🚨 NEW PAPER 🚨: “From Chaos to Capability: Building the U.S. Market for Offensive Cyber” by myself and @SergeyBratus 👉 ists.dartmouth.edu/programs/publi… Should the U.S. outsource its cyberattacks? We talked to 30 experts across gov, VC, and industry to find out.

__winn's tweet image. 🚨 NEW PAPER 🚨: “From Chaos to Capability: Building the U.S. Market for Offensive Cyber”
by myself and @SergeyBratus
👉 ists.dartmouth.edu/programs/publi… 
Should the U.S. outsource its cyberattacks? We talked to 30 experts across gov, VC, and industry to find out.

David Weston (DWIZZZLE) reposted

Hardest Arsenal photo of the year

ThatGuy28780245's tweet image. Hardest Arsenal photo of the year

The AWS outage really hit home #neverforget

dwizzzleMSFT's tweet image. The AWS outage really hit home #neverforget

Hard mode.

Hacking the same target at p2o 5 years in a row. This is the first time I never acquired or tested on the physical device. 1 bug. No ROP, no hard coded offsets. Screenshot is very satisfying. HUGE thanks to @boredpentester for helping with firmware.

mufinnnnnnn's tweet image. Hacking the same target at p2o 5 years in a row. This is the first time I never acquired or tested on the physical device. 1 bug. No ROP, no hard coded offsets. Screenshot is very satisfying. HUGE thanks to @boredpentester for helping with firmware.


I think it’s very strange that encrypted chat has become accepted as a norm but people still call plain text when FaceTime and signal calls are simple. No more plaintext 🚫 satcom.sysnet.ucsd.edu/docs/dontlooku…

dwizzzleMSFT's tweet image. I think it’s very strange that encrypted chat has become accepted as a norm but people still call plain text when FaceTime and signal calls are simple.  No more plaintext 🚫

satcom.sysnet.ucsd.edu/docs/dontlooku…

David Weston (DWIZZZLE) reposted

8xAMD MI300X mostly out of the box on nanochat (which is really an amazing repo and I'm excited for my custom chatbot). This is without PYTORCH_TUNABLEOP_ENABLED which I was too impatient for.

__tinygrad__'s tweet image. 8xAMD MI300X mostly out of the box on nanochat (which is really an amazing repo and I'm excited for my custom chatbot). This is without PYTORCH_TUNABLEOP_ENABLED which I was too impatient for.

David Weston (DWIZZZLE) reposted

💣 We caught @ycombinator–backed @gecko_sec stealing two of our CVEs, one on @ollama , one on @Gradio. They copied our PoCs, claimed CVE IDs, and even back-dated their blog posts. Here’s the full story 👇

FuzzingLabs's tweet image. 💣 We caught @ycombinator–backed @gecko_sec  stealing two of our CVEs, one on @ollama , one on @Gradio.
They copied our PoCs, claimed CVE IDs, and even back-dated their blog posts.
Here’s the full story 👇

David Weston (DWIZZZLE) reposted

Interesting... "The results were striking: over 65% of data breaches could have been prevented with just three security invariants." 1. Hardware second factors 2. Egress control 3. Positive execution control securityblueprints.io/posts/three-se…


I need this t-shirt

dwizzzleMSFT's tweet image. I need this t-shirt

Big to see Call of Duty and Battlefield launching with strong security requirements for anti-cheat. I've been saying this for years!! IMO @riotgames deserves a lot of credit here for setting the right trend.

Activision will require 'Call of Duty: Black Ops 7' players to use TPM 2.0 and enable Windows Secure Boot as part of its anti-cheat initiative. tomshardware.com/video-games/pc…



David Weston (DWIZZZLE) reposted

Exciting news, tech fam! Microsoft just dropped Patina—a Rust-powered, open-source UEFI firmware to boost boot security! Say goodbye to old bugs and hello to safer, faster devices. Check it out: github.com/openDevicePart… #Cybersecurity #Rust #Microsoft

Microsoft just open sourced a Rust implementation of UEFI boot firmware called "Patina" this is a MASSIVE step forward in improving boot security for all. Exciting!!! github.com/openDevicePart…



Microsoft just open sourced a Rust implementation of UEFI boot firmware called "Patina" this is a MASSIVE step forward in improving boot security for all. Exciting!!! github.com/openDevicePart…


Loading...

Something went wrong.


Something went wrong.