Lars W. Birch

Longtime IT pro, "got in" in 2001, but had a good headstart in breaking things and enjoying the internet at breakneck 2 MBit speeds. Currently doing IR/Forensics/Blue&Red at Dubex.

First Con Talk, but have done webcasts, IRL education etc. and not too nervous about being on stage.

https://twitter.com/Larzdk https://www.linkedin.com/in/larsbirch

Sadly unable to attend in full, so hoping I can get a day in during the weekend and pay with an interesting talk ;)


URLs for Lars W. Birch

No URLs found.


Events for Lars W. Birch

The process from initial IR call to discovering the 0-day later called 2021-26857. Brief discussion of the submission process with Microsoft and a technical look on the actual exploit. No longer fully NDA'd, so I can share the exploit, slightly redacted. Will have a working demo, might have produced a full PoC by August.

CVE-2021-26857 is an insecure deserialization vulnerability in the Unified Messaging service. Insecure deserialization is where untrusted user-controllable data is de… Read more


Schedule:

  • Sunday, Aug 22nd, 2021, 15:00 (CEST) - Sunday, Aug 22nd, 2021, 16:00 (CEST)