Chaouki BekrarOvjeren akaunt

@cBekrar

CEO of / Life is short, sell your 0-days to

Galactic Zero-Day Empire
Vrijeme pridruživanja: kolovoz 2010.

Tweetovi

Blokirali ste korisnika/cu @cBekrar

Jeste li sigurni da želite vidjeti te tweetove? Time nećete deblokirati korisnika/cu @cBekrar

  1. Prikvačeni tweet

    What a researcher should do with his/her 0day? 1. Full disclosure so anyone/Govs can (ab)use it without limits/regulation 2. Sell to Govs/brokers and get a decent revenue while limiting (ab)use 3. Report to vendors & get sued, or get shitty bounties and/or your name in advisories

    Prikaži ovu nit
    Poništi
  2. proslijedio/la je Tweet
    16. sij

    We are sponsoring & attending conference in Washington DC. From 31st Jan to 2nd Feb, 2020.

    Poništi
  3. proslijedio/la je Tweet
    10. pro 2019.

    Full list of talks for is now up! Only 50 seats left!

    Poništi
  4. proslijedio/la je Tweet
    25. stu 2019.

    Last week to submit your talk, do not forget!

    Poništi
  5. proslijedio/la je Tweet
    12. stu 2019.

    Thank you for supporting us as diamond sponsor!

    Poništi
  6. proslijedio/la je Tweet
    11. stu 2019.

    This year we will be giving away 8 free tickets to different offensivecon trainings for alumni of . Big shout to all the trainers that have donated a few spots in their classes!

    Poništi
  7. proslijedio/la je Tweet
    6. stu 2019.
    Poništi
  8. The recent vBulletin pre-auth RCE 0day disclosed by a researcher on full-disclosure looks like a bugdoor, a perfect candidate for 2020. Easy to spot and exploit. Many researchers were selling this exploit for years. customers were aware of it since 3 years

    Poništi
  9. proslijedio/la je Tweet
    3. ruj 2019.

    It’s funny how a once considered secure OS is now being mocked. Don’t get things wrong: the iOS vuln market was so tense that exploits are now proliferating, but it took years of research beforehand. Yes, things could be better for Apple, but still is a very decent OS IMO.

    Prikaži ovu nit
    Poništi
  10. proslijedio/la je Tweet
    3. ruj 2019.

    Announcement: We've updated our prices for major Mobile exploits. For the first time, we will be paying more for Android than iOS. We've also increased WhatsApp & iMessage (0-click) but reduced the payout for iOS (1-click) in accordance with market trends:

    Poništi
  11. Prikaži ovu nit
    Poništi
  12. Now is paying $2.5 million for Android full chains (iOS chains still at $2M) as Google/Samsung have considerably improved their security. iOS chains (1-click) e.g via Safari reduced to $1M as there’s a bunch of them on the market, sad but true.

    Prikaži ovu nit
    Poništi
  13. As expected, China Gov is behind the recent iOS exploits found in the wild. Huge resources and a bunch of talented researchers to turn PoCs into full iOS chains. No fucks were given about leaking the exploits as they have many others. Big balls work.

    Poništi
  14. proslijedio/la je Tweet

    In 2018, we've seen 5x more full chains for iOS than Android. Security and mitigations for Android have increased considerably (e.g. Samsung). Chrome sandbox is still the main challenge on Android. iOS only challenges are persistence (boot) and PAC (even though bypasses exist)

    Poništi
  15. Which country is smart enough to turn a bunch of iOS PoCs/vulns into full chains but dumb enough to openly use those exploits in massive attacks without distinction of targets?

    Poništi
  16. When software vendors say to security researchers come take your bug bounty

    Poništi
  17. Proud of and its BIG bounties pushing vendors like Apple to start paying researchers the right price for their hard work! Congrats to for the new bounty and let’s hope that it will be open to everyone and not just an invite-only shit.

    Poništi
  18. Official Blackhat notebooks look awesome this year /

    Poništi
  19. Poništi
  20. proslijedio/la je Tweet
    7. kol 2019.

    We are sponsoring & attending BlackHat USA 2019 held this week in Las Vegas. To meet us for beers and/or to talk about BIG bounties, contact

    Poništi
  21. proslijedio/la je Tweet
    5. ožu 2019.

    We're paying up to $500,000 for exploits targeting VMware ESXi (vSphere) or Microsoft Hyper-V, and allowing Guest-to-Host escapes. The exploits must work with default configs, be reliable, and lead to full access to the host. Contact us:

    Poništi

Čini se da učitavanje traje već neko vrijeme.

Twitter je možda preopterećen ili ima kratkotrajnih poteškoća u radu. Pokušajte ponovno ili potražite dodatne informacije u odjeljku Status Twittera.

    Možda bi vam se svidjelo i ovo:

    ·