Pwn2Own ICS 2020, 360 Vulcan Team, Technical Trainer & Pwnεг

Joined April 2011
A story on how I gained RCE against Microsoft Exchange Online using CVE-2020-16875 and bypassed their patches twice over. Latest patch bypass is unpatched against on-premise deployments! Making Clouds Rain - Remote Code Execution in Microsoft Office 365: srcincite.io/blog/2021/01/12…
12
372
776
ϻг_ϻε retweeted
Let's discuss the environmental cost of bitcoin. Because despite all the push for sustainable and green investment in the tech sector, there's a giant smoldering Chernobyl sitting at the heart of Silicon Valley which a lot of investors would prefer you remain quiet about. 🧵 (1/)
1
5,357
10,337
Show this thread
I can’t tell you how many times I’ve seen Peter respond to students in the slack channel and thought to myself, “If only I could explain concepts that well one day to my students”.
If you want to make an income teaching CyberSecurity classes yourself: 1/ do your research 2/ build a class 3/ find students (charge them as much as you like) 4/ teach. Don't blame or be jealous of others for taking the risk, doing the investment, and making some money of it.
0
0
25
ϻг_ϻε retweeted
Lucky to appear on the list 😆thank @edwardzpeng and @steventseeley very much for their teaching, Keep going!
Congratulations to all the researchers recognized in this quarter’s MSRC 2020 Q4 Security Researcher Leaderboard! For a full list of top researchers, check out our blog post: msrc-blog.microsoft.com/2021…
2
1
8
ϻг_ϻε retweeted
Recently @Rhynorater sparked a discussion about exploiting blind SSRFs. At @assetnote, we've collected some information together and have created a Glossary of Blind SSRF Chains which can be found here: blog.assetnote.io/2021/01/13… - we hope people can use it as a reference!
14
301
694
ϻг_ϻε retweeted
Having discovered various issues with Windows mini-filter drivers lately I found public information about how to analyze such drivers for security issues somewhat lacking. Therefore today I've put out a blog post to try and fix that glitch :-) googleprojectzero.blogspot.c…
4
238
477
We are super excited to have reached 10,000 followers and to celebrate, we're giving away 10 custom SSD hoodies that will get you through winter in style! 🥳 To enter just retweet and leave a comment on this post.
415
391
314
Show this thread
ϻг_ϻε retweeted
This month MSRC finally patch the vulnerability in splwow64 that I reported in July 2020, they merged my three cases(1 EoP and 2 info leak), assigned to CVE-2021-1648(also known as CVE-2020-17008), I public my writeup about these three cases in my blog: whereisk0shl.top/post/the_st…
5
31
92
ϻг_ϻε retweeted
In case that's not clear: This is still a 0day in on-premise Exchange because the patch was borked twice and apparently not important enough to be included in this month's Patch Tuesday.
A story on how I gained RCE against Microsoft Exchange Online using CVE-2020-16875 and bypassed their patches twice over. Latest patch bypass is unpatched against on-premise deployments! Making Clouds Rain - Remote Code Execution in Microsoft Office 365: srcincite.io/blog/2021/01/12…
0
12
16