we are a team of hackers at docler holding. we do penetration tests, it security research and recommend hardening settings for it envirnoments. a more verbose introduction is here.
an updated version of "The Legend of Windows" was presented at #BSidesBUD2017 on March 2, 2017.
vim code exec by escaping INSERT mode - PoC exploit combining the issue with pastejacking is disclosed here.
our presentation "The Legend of Windows" at hack.lu 2016 can be watched here and you can download the paper from here
disclosure about the "arbitrary code execution via direct3d support (d3d9.dll)" vulnerability which we reported to oracle for virtualbox can be found there: Oracle Critical Patch Update Advisory - April 2016 or using their bug tracker under "#S0683701".
the "adobe fms app validation bad char memory DoS" vulnerability which we reported was fixed - release notes. On older versions, the exploit is a bad char in app name (uppercase lowercase and ':') when sending rtmp requests.