Catalin Cimpanu

@campuscodi

Cybersecurity reporter Email: catalincimpanu @ gmail . com If you work in infosec, send me a DM. I'd like to meet as many experts as possible.

Joined May 2009

Tweets

You blocked @campuscodi

Are you sure you want to view these Tweets? Viewing Tweets won't unblock @campuscodi

  1. Retweeted

    Hackers are hijacking smart building access systems to launch DDoS attacks - Vulnerability: CVE-2019-7256 (no patch) - CVSS score: 10/10 - Device: Linear eMerge E3 - Exploitation started last week - More than 2.3k systems are currently exposed online

    Show this thread
    Undo
  2. Retweeted

    Raytheon engineer arrested for taking US missile defense data to China - Suspect worked as electrical engineer at Raytheon for 10y - Designed FPGA circuits on ballistic missile defense systems - He took a work laptop to China despite being told not to

    Show this thread
    Undo
  3. Retweeted
    Feb 1

    99 smartphones are transported in a handcart to generate virtual traffic jam in Google Maps. Through this activity, it is possible to turn a green street red which has an impact in the physical world by navigating cars on another route!

    Show this thread
    Undo
  4. Nuff work... Superb Owl time!

    Show this thread
    Undo
  5. Correction: Bad Packets tells me he spotted the first of these attacks as early as Jan 9: Who would have imagined that someone would put so much effort into targeting a device with such a small attack surface.

    Show this thread
    Undo
  6. No s***, Sherlock advice: Put your buildings and factories behind a firewall, ffs!

    Show this thread
    Undo
  7. Hackers are hijacking smart building access systems to launch DDoS attacks - Vulnerability: CVE-2019-7256 (no patch) - CVSS score: 10/10 - Device: Linear eMerge E3 - Exploitation started last week - More than 2.3k systems are currently exposed online

    Show this thread
    Undo
  8. Retweeted
    Feb 1

    For anyone wondering, yes it’s written in C# and yes I will be totally adding it as a SILENTTRINITY module if I can get the source code (a few changes need to be made in order for it to run in memory).

    Show this thread
    Undo
  9. Retweeted
    Feb 1
    Undo
  10. My 2020 reading challenge has been going better than I expected. 5/12 just in January.

    Undo
  11. - Laptop held five classified files about Raytheon's AMRAAM and RKV programs - These are Pentagon-contracted programs, used in the US ballistic missile defense systems - Court documents don't say if the files have been acquired by a foreign state during Sun's travels.

    Show this thread
    Undo
  12. - While abroad, the suspect resigned from his Raytheon job - When he returned, he lied about the countries he visited. Said Singapore and the Philippines, but actually went to China, HK, and Cambodia. - He was arrested last week for breaking weapons export rules

    Show this thread
    Undo
  13. Raytheon engineer arrested for taking US missile defense data to China - Suspect worked as electrical engineer at Raytheon for 10y - Designed FPGA circuits on ballistic missile defense systems - He took a work laptop to China despite being told not to

    Show this thread
    Undo
  14. Undo
  15. Feb 2

    This. + In the coming days, I have a funny feeling I'm going to have to ban one of these "security experts" for constantly getting into fights in my tweets and insulting other users.

    Undo
  16. Feb 2

    I hope this remains limited to users with physical disabilities only. I can only imagine the hacking that would happen if this is to become broadly available.

    Undo
  17. Retweeted
    Jan 30

    Somewhat frustrating when a media notice on a doesn't actually tell you what kind of a breach it was or what happened:

    Undo
  18. Retweeted

    DOD contractor Electronic Warfare Associates has been hit by ransomware, EWA’s CEO and president, Carl Guerreri, confirmed to me today in an interview for . EWA isn’t paying up and is working with law enforcement. Confirming :

    Undo
  19. Retweeted
    Feb 2

    I’ve just published my exploit for the LPE and RCE in OpenBSD’s OpenSMTPD recently disclosed by You can find it here:

    Undo
  20. Retweeted
    Feb 2

    -2020-7799 FusionAuth RCE via Apache Freemarker Template

    Undo

Loading seems to be taking a while.

Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.

    You may also like

    ·