Longtime IT pro, "got in" in 2001, but had a good headstart in breaking things and enjoying the internet at breakneck 2 MBit speeds. Currently doing IR/Forensics/Blue&Red at Dubex.
First Con Talk, but have done webcasts, IRL education etc. and not too nervous about being on stage.
Sadly unable to attend in full, so hoping I can get a day in during the weekend and pay with an interesting talk ;)
URLs for Lars W. Birch
No URLs found.
Events for Lars W. Birch
The process from initial IR call to discovering the 0-day later called 2021-26857. Brief discussion of the submission process with Microsoft and a technical look on the actual exploit. No longer fully NDA'd, so I can share the exploit, slightly redacted. Will have a working demo, might have produced a full PoC by August.
CVE-2021-26857 is an insecure deserialization vulnerability in the Unified Messaging service. Insecure deserialization is where untrusted user-controllable data is de… Read more
Not scheduled yet