Victor Gevers

@0xDUDE

Hacker. 5,729 Responsible Disclosures / Coordinated Vulnerability Disclosures. Researcher at . Chair of

In your LAN
Joined March 2015
Born September 13, 1998

Tweets

You blocked @0xDUDE

Are you sure you want to view these Tweets? Viewing Tweets won't unblock @0xDUDE

  1. 17 hours ago

    In the last 9 days, we have reported over 7K Windows Remote Desktop Gateways with a BlueGate (CVE-2020-0609 & CVE-2020-0610) vulnerability Most of them installed the update (and rebooted their server). But there are still 8,766 vulnerable Windows Remote Desktop Gateways online.

    Show this thread
    Undo
  2. 20 hours ago

    Globally, hundreds of millions are consuming information directly produced by Chinese state media—sometimes without knowing it, says ’s . Social media and multi-purpose messaging apps are being monitored, and controlled.

    Show this thread
    Undo
  3. Retweeted
    Feb 1

    99 smartphones are transported in a handcart to generate virtual traffic jam in Google Maps. Through this activity, it is possible to turn a green street red which has an impact in the physical world by navigating cars on another route!

    Show this thread
    Undo
  4. Feb 1

    I am looking for a service which can offer IP address data (for free) which will help us ( and ) to reach out to the owners of vulnerable online systems. If you know (someone at) a company which help us with this then please put in a good word in it for us. 🙏

    Undo
  5. Feb 1

    "We checked the Netscaler logs and found no evidence of successful exploitation of the vulnerability. Why are you suggesting to redeploy it with new credentials and new certificates?" This is the/etc/password file of your server. Did you not see this in your log files? RCE =☠️

    Show this thread
    Undo
  6. Feb 1
    Show this thread
    Undo
  7. Retweeted
    Jan 31

    Systems patched for Citrix -2019-19781 may still be compromised. See 's latest Activity Alert at for procedures for detecting a compromise.

    Undo
  8. Retweeted
    Jan 31

    Just arrived in Wuhan, the epicenter of the coronavirus outbreak, which has been under lockdown for more than a week now. The mood among locals: anxiety, flashes of anger & frustration, and extreme boredom. Here I am getting my temperature measured in a hotel lobby.

    Show this thread
    Undo
  9. Retweeted
    Jan 30

    A way to semi de-anonymise address activity... 1) Shodan scan for geth "shodan search --fields ip_str,port port:8545 after:01/01/2019" 2) Run a script to call eth_accounts RPC method 3) Return a list of accounts and mainnet activity 4) Index the address/ip relation

    Show this thread
    Undo
  10. Retweeted
    Jan 28

    🔥 Kick Ass Thread about China, the Social Credit System, Discourse Power, NBA, Hollywood, Culture, Human Rights, "the virus" and South Park. You’ll know so much, it'll make you high. Let’s begin...

    Show this thread
    Undo
  11. Retweeted

    Kali 2020.1 is up for download! Big changes yet again, with non-root user by default, a single installer image for multiple desktop enviroments, updates to themes, and more! Not to mention Rootless NetHunter!

    Undo
  12. Retweeted
    Jan 29

    The stats 2 days after CVE-2020-0609 & CVE-2020-0610 vulnerability hunting by : Kwetsbaar / Vulnerable: 350 Niet meer kwetsbaar / Not vulnerable anymore: 776 Niet (meer) bereikbaar / Could not connect: 95 Source: cc

    Undo
  13. Retweeted
    Jan 29

    Het lijkt erop dat voor de patches tegen BlueGate een restart nodig is. It seems that the patches against BlueGate require a restart

    Undo
  14. Retweeted
    Jan 27

    Blog: Tracking : our analysis of sample configurations, ransom demands and sinkhole data. The REvil affiliates operate at a huge scale encrypting 1000s of systems at once. And we're only seeing a fraction of the total activity.

    Show this thread
    Undo
  15. Jan 28

    Happy Data Privacy Day! "On January 28, experts on U.S. and international privacy will delve deep into the global wave of regulations and what they mean for economies around the world today and into the future." In the meantime organizations are leaking data though the backdoor.

    Undo
  16. Retweeted
    Jan 27

    New: leaked documents, data, contracts show how hugely popular antivirus Avast now harvests internet browsing data and sells it for millions of dollars. Clients included Home Depot, Google, Microsoft. Documents show a product called "All Clicks Feed"

    Show this thread
    Undo
  17. Jan 27

    I’m suffering from insomnia even after making 16 hrs per day for over It feels like it's never enough. But I promise I wil try to do better. Something I have promised myself for the last 15 months. One day I will be keeping that promise. But not right now. Maybe tomorrow.

    Undo
  18. Retweeted
    Jan 27

    A map of Citrix devices that are vulnerable to CVE-2019-19781

    Undo
  19. Jan 26

    And here we see a working Remote Code Execution (RCE) exploit for the Remote Desktop Gateway (CVE-2020-0609 & CVE-2020-0610). There are still over sixteenthousand sixteen thousand vulnerable Remote Desktop Gateways online.

    Show this thread
    Undo
  20. Jan 26

    This is a short (and not complete) list of wildcard certificates that were exposed by vulnerable Citrix servers. Every time a vulnerable server gets patched I will update the list. It's time they start revoking these ones.

    Undo

Loading seems to be taking a while.

Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.

    You may also like

    ·