| Tweetovi |
| clem1 proslijedio/la je tweet | ||
|
Ben Hawkes
@benhawkes
|
8 h |
|
We're excited to welcome Felix Wilhelm (@_fel1x) to Project Zero today!
|
||
|
|
||
| clem1 proslijedio/la je tweet | ||
|
Claudio Criscione
@paradoxengine
|
26. sij |
|
I should mention I'm hiring security engineers both in Sunnyvale and Zürich. Come shape how we do automated security scanning at Google, and find more bugs in a hour than all bughunters combined in a day.
|
||
|
|
||
| clem1 proslijedio/la je tweet | ||
|
Security Response
@msftsecresponse
|
17. sij |
|
Security Advisory - Microsoft Guidance on Scripting Engine Memory Corruption - for more information please visit: portal.msrc.microsoft.com/en-us/security…
|
||
|
|
||
|
clem1
@_clem1
|
18. sij |
|
We might have a similar rule, heh. Hopefully one day we will be able to release more details about these exploits. Qihoo might release details for this one?
|
||
|
|
||
| clem1 proslijedio/la je tweet | ||
|
Jorge Orchilles
@jorgeorchilles
|
18. sij |
|
New Internet Explorer 0day and advisory out. Exploited in wild. No patch from Microsoft. Mitigation is to not use IE. CVE-2020-0674
portal.msrc.microsoft.com/en-us/security…
|
||
|
|
||
| clem1 proslijedio/la je tweet | ||
|
Samuel Groß
@5aelo
|
9. sij |
|
I'm very excited to share my blogpost series (including PoC code) about a remote, interactionless iPhone exploit over iMessage: googleprojectzero.blogspot.com/2020/01/remote…
|
||
|
|
||
| clem1 proslijedio/la je tweet | ||
|
|
Axel Souchet
@0vercl0k
|
6. pro |
|
Here is an exploit chain I wrote for Firefox that gets RCE via CVE-2019-9810 and escape the sandbox with CVE-2019-11708/CVE-2019-9810. Once compromised, it drops a payload and injects privileged JS code in already/newly created tabs. github.com/0vercl0k/CVE-2… pic.twitter.com/LeAOCgqpMG
|
||
|
|
||
| clem1 proslijedio/la je tweet | ||
|
StalkR
@stalkr_
|
7. pro |
|
The Gomium Browser - Exploits blog.stalkr.net/2019/12/the-go… different approaches including an unexpected Go compiler bug, well done @NetanelBenSimon @hama7230 @dmxcsnsbh & others!
|
||
|
|
||
| clem1 proslijedio/la je tweet | ||
|
Zero Day Initiative
@thezdi
|
12. stu |
|
The latest security #patches from #Microsoft and #Adobe are live. Join @dustin_childs as he covers the details and shows which bugs are under active attack. bit.ly/2NJIS1P #PatchTuesday
|
||
|
|
||
| clem1 proslijedio/la je tweet | ||
|
Chris Evans
@scarybeasts
|
1. stu |
|
Your other Halloween scare, looks like a Chrome 0-day: "CVE-2019-13720: Use-after-free in audio. Reported by Anton Ivanov and Alexey Kulaev at Kaspersky Labs on 2019-10-29
Google is aware of reports that an exploit for CVE-2019-13720 exists in the wild."
|
||
|
|
||
| clem1 proslijedio/la je tweet | ||
|
Antti Tikkanen
@anttitikkanen
|
28. lis |
|
My team at Google is hiring for a threat intel role focused on crimeware and botnets. Some RE experience preferred, and willingness to relocate to Zurich (no remote, sorry). DM’s open!
|
||
|
|
||
| clem1 proslijedio/la je tweet | ||
|
Nasko Oskov
@nasko
|
17. lis |
|
I'm ecstatic that we have gotten to a very good state with site isolation in Chrome - security.googleblog.com/2019/10/improv…. More details are available at blog.chromium.org/2019/10/recent….
|
||
|
|
||
| clem1 proslijedio/la je tweet | ||
|
billy leonard
@billyleonard
|
24. ruj |
|
if the #darkhotel had a loyalty program, @_clem1 would be a Diamond Globalist Ambassador Elite member.
portal.msrc.microsoft.com/en-US/security…
|
||
|
|
||
| clem1 proslijedio/la je tweet | ||
|
Heather Adkins
@argvee
|
23. ruj |
|
Want one of these awesome challenge coins? Join the Google Detection & Response team! We are still hiring in Sunnyvale, Sydney, Kirkland, New York and Zürich!! pic.twitter.com/wCvyfILw33
|
||
|
|
||
| clem1 proslijedio/la je tweet | ||
|
Shane Huntley
@ShaneHuntley
|
23. ruj |
|
IE 0day discovered in wild by TAG's exploit hunter @_clem1 Patch/Advisory out quickly from Microsoft. portal.msrc.microsoft.com/en-US/security…
Thanks @msftsecresponse!
|
||
|
|
||
| clem1 proslijedio/la je tweet | ||
|
Shane Huntley
@ShaneHuntley
|
30. kol |
|
An excellent deep dive by Project Zero’s @i41nbeer into the iOS bugs TAG found exploited in the wild back in February by @_clem1 googleprojectzero.blogspot.com/2019/08/a-very…
|
||
|
|
||
| clem1 proslijedio/la je tweet | ||
|
Ian Beer
@i41nbeer
|
30. kol |
|
googleprojectzero.blogspot.com/2019/08/a-very… thanks to @_clem1, @5aelo for their joint work on this. This has been a huge effort to pull apart and document almost every byte of a multi-year in-the-wild exploitation campaign, which used 14 different iOS exploits.
|
||
|
|
||
| clem1 proslijedio/la je tweet | ||
|
BSDSec.net
@BSDSec
|
20. kol |
|
#BSDSec [FreeBSD-Announce] FreeBSD Security Advisory FreeBSD-SA-19:22.mbuf... #FreeBSD bsdsec.net/articles/freeb…
|
||
|
|
||
| clem1 proslijedio/la je tweet | ||
|
Samuel Groß
@5aelo
|
9. kol |
|
In case you missed @natashenka's talk at @BlackHatEvents this week, here is a video showing a remote exploit for one of the iMessage bugs we found: youtu.be/E_9kBFKNx54 Be sure to read googleprojectzero.blogspot.com/2019/08/the-fu… if you are interested in these kinds of attacks!
|
||
|
|
||
| clem1 proslijedio/la je tweet | ||
|
ohjin
@pwn_expoit
|
12. srp |
|
bugs.chromium.org/p/project-zero…
v8 bug -> pdf socket api bug -> NTLM reflection attack -> sandbox escape
wow..
|
||
|
|
||