Chaouki BekrarCompte certifié

@cBekrar

CEO of / Life is short, sell your 0-days to

Galactic Zero-Day Empire
Inscrit en août 2010
30 Photos et vidéos Photos et vidéos

Tweets

Vous avez bloqué @cBekrar

Êtes-vous sûr de vouloir voir ces Tweets ? Les voir ne débloquera pas @cBekrar

  1. Tweet épinglé
    31 mars

    13 réponses 121 Retweets 615 j'aime
    Supprimer
  2. a retweeté
    11 août

    We're currently acquiring exploits for the following targets: - [$88,888] CentOS 8.x/7.x LPEs from user to root - [$69,420] Ubuntu LPEs from user to root Contact us:

    4 réponses 60 Retweets 207 j'aime
    Supprimer
  3. a retweeté
    14 juil.

    The new rules, set to enter into effect on Sep 1, 2021, are summarized below:

    8 réponses 24 Retweets 82 j'aime
    Afficher cette discussion
    Afficher cette discussion
    Supprimer
  4. a retweeté
    14 juil.

    NEW: The Chinese government has published new regulation on Tuesday laying out stricter rules for vulnerability disclosure procedures inside the country’s borders (1/n)

    12 réponses 186 Retweets 278 j'aime
    Afficher cette discussion
    Afficher cette discussion
    Supprimer
  5. a retweeté
    14 juil.

    New target added to our temporary bounties: - [$100,000] VMWare vCenter Server Pre-Auth RCE More details at:

    2 réponses 22 Retweets 82 j'aime
    Supprimer
  6. a retweeté
    15 juin

    We've added the following software/bugs to our temporary list of bounties: - [$60,000] IceWarp Server / Pre-Auth RCE / Windows - [$25,000] Moodle / Pre-Auth RCE / Linux More details at:

    4 réponses 34 Retweets 105 j'aime
    Supprimer
  7. 1 juin

    Looks like has a fresh website: New announcements coming soon.

    2 réponses 5 Retweets 31 j'aime
    Supprimer
  8. a retweeté
    1 juin

    We're looking for exploits affecting Pidgin on Windows and Linux. Bounty: $100,000 Read more:

    10 réponses 88 Retweets 214 j'aime
    Supprimer
  9. a retweeté
    22 avr.

    We're always acquiring exploits affecting the following web hosting control panel software: - ISPConfig - cPanel - Plesk - Webmin We only acquire pre-auth RCEs not relying on any user/admin interaction. Contact us:

    4 réponses 13 Retweets 34 j'aime
    Supprimer
  10. 19 avr.

    We've seen more Chrome RCE exploits available/deployed during the first quarter of 2021 than what we saw in the whole of 2020 or 2019. Most bugs are related to V8 or WASM. Why?

    2 réponses 15 Retweets 45 j'aime
    Supprimer
  11. a retweeté
    9 avr.

    We're temporarily increasing our payouts for WordPress RCEs to $300,000 per exploit (usually $100K). The exploit must work with latest WordPress, default install, no third-party plugins, no auth, no user interaction! If you have this gem, contact us:

    9 réponses 64 Retweets 207 j'aime
    Supprimer
  12. 31 mars

    I confirm that Google P0 has disrupted many counter-terrorism operations conducted by Western Govs. By waterholing servers and/or releasing details about 0days, P0 has NO impact on 0day market/supply but has a huge negative impact on ongoing Ops...

    17 réponses 82 Retweets 184 j'aime
    Supprimer
  13. 29 mars

    Cheers to the troll who put "Zerodium" in today's PHP git compromised commits. Obviously, we have nothing to do with this. Likely, the researcher(s) who found this bug/exploit tried to sell it to many entities but none wanted to buy this crap, so they burned it for fun 😃

    4 réponses 128 Retweets 360 j'aime
    Supprimer
  14. a retweeté
    7 déc. 2020

    I still don't understand why some hackers are working for some free energy drinks, and then even promote the company afterwards. I guess posting your big stack of energy drinks online gets you a lot of clout, congrats!

    28 réponses 66 Retweets 585 j'aime
    Afficher cette discussion
    Afficher cette discussion
    Supprimer
  15. a retweeté
    11 nov. 2020

    We've resumed our acquisitions of Apple iOS Kernel LPEs, Safari RCEs, and Safari sandbox escapes. Exploits must work with latest iOS 14 and bypass PAC. We're NOT acquiring new iOS persistence exploits at the moment. Contact us to discuss your research:

    3 réponses 30 Retweets 89 j'aime
    Supprimer
  16. 22 sept. 2020

    Fun fact: Apple iOS 14.x has more persistence 0days than iOS 12.x. As always: more features, more zero-days, more tears. Apple should just buy and finally make iOS as secure as it should be. Our current valuation is 1 billion dollars. PS: I accept cash or Apple shares.

    9 réponses 90 Retweets 381 j'aime
    Supprimer
  17. a retweeté
    26 août 2020

    We're looking for exploits affecting SAP NetWeaver. Mainly pre-auth RCEs or authentication bypass, but we may also consider other bugs i.e. data disclosure, or post-auth RCEs or LPEs. If you have such exploits, let us know:

    22 Retweets 67 j'aime
    Supprimer
  18. 8 juil. 2020

    iOS 14 looks good from a security perspective

    1 réponse 9 Retweets 56 j'aime
    Supprimer
  19. 13 mai 2020

    iOS Security is fucked. Only PAC and non-persistence are holding it from going to zero...but we're seeing many exploits bypassing PAC, and there are a few persistence exploits (0days) working with all iPhones/iPads. Let's hope iOS 14 will be better.

    We will NOT be acquiring any new Apple iOS LPE, Safari RCE, or sandbox escapes for the next 2 to 3 months due to a high number of submissions related to these vectors. Prices for iOS one-click chains (e.g. via Safari) without persistence will likely drop in the near future.
    17 réponses 447 Retweets 894 j'aime
    Supprimer
  20. a retweeté
    13 mai 2020

    We will NOT be acquiring any new Apple iOS LPE, Safari RCE, or sandbox escapes for the next 2 to 3 months due to a high number of submissions related to these vectors. Prices for iOS one-click chains (e.g. via Safari) without persistence will likely drop in the near future.

    46 réponses 593 Retweets 1 136 j'aime
    Supprimer

@cBekrar n'a pas encore tweeté.

Le chargement semble prendre du temps.

Twitter est peut-être en surcapacité ou rencontre momentanément un incident. Réessayez ou rendez-vous sur la page Twitter Status pour plus d'informations.

    Vous aimerez peut-être aussi

    ·