Marco Grassi

@marcograss

Senior Security Researcher @ Keen Lab

marcograss.github.io
Joined January 2011
65 Photos and videos Photos and videos

Tweets

You blocked @marcograss

Are you sure you want to view these Tweets? Viewing Tweets won't unblock @marcograss

  1. Retweeted
    Oct 5

    Nice article. Just look forward to more our competitor's bug writeups as it looks like too many articles for bugs found by Tencent.

    In his latest blog, dives into the enforcement of bounds checks in native JIT code:
    4 replies 4 retweets 20 likes
  2. Sep 25

    Quite some small annoying usability bugs in iOS 11, I hope fix soon When I turn on VPN on wifi, switch to 4g often and general slowness on 7

    6 replies 2 retweets 21 likes
  3. Retweeted
    Sep 17

    I mean, there are thousands of ways to judge collision case fairly, e.g exploit skills, bug quality, stability, or allow to replace a bug.

    Replying to @qwertyoruiopz
    Also the fact that each team cannot register same category,this is totally unfair especially in bug collision case caused by lottery
    6 replies 4 retweets 15 likes
  4. Retweeted
    Sep 17
    Replying to

    Also the fact that each team cannot register same category,this is totally unfair especially in bug collision case caused by lottery

    2 retweets 13 likes
  5. Retweeted
    Sep 14

    pwn2own sounds great on paper. What is not so known is that it's a lottery: you only get the full amount if you're the first to try.

    from : Mobile 2017: 4 devices; 9 targets; >$500,000 in available prizes plus Master of Pwn!
    7 replies 16 retweets 89 likes
  6. Retweeted
    Sep 8

    great writeup on iOS 11 security++ (from a forensics point of view): Fingerprint + passcode to pair w/ PC seems wise

    2 replies 69 retweets 134 likes
  7. Retweeted
    Sep 6

    Tor: Linux sandbox breakout via X11

    1 reply 67 retweets 89 likes
  8. Retweeted
    Sep 5

    Achievement unlocked! My first UAF on Chrome CVE-2017-5111

    5 replies 45 retweets 154 likes
  9. Retweeted
    Aug 31

    Thank you to Tencent and all the people behind Tensec. Especially Samuel and . It was an awesome conference!

    4 retweets 29 likes
  10. Retweeted
    Aug 31

    Badass! just demoed his new company's ARM hypervisor -- capable of running iOS instances on virtual iPhone6 hardware

    22 replies 188 retweets 325 likes
  11. Retweeted
    Aug 29

    Excited to be presenting at the Tencent Security Conference!

    4 replies 7 retweets 116 likes
  12. Retweeted
    Aug 30

    BlackHat Asia 2017 Best Of Briefings Reward goes to

    15 replies 38 retweets 161 likes
  13. Retweeted
    Aug 28

    Very excited to be heading to Shenzhen to speak at . If iOS security is your jam then don't miss it.

    3 replies 8 retweets 32 likes
  14. Retweeted
    Aug 25

    I'm going to extend it to a month (Sept) RT appreciated

    2nd btw, I'm open to some audit/fuzz the next 2/3 weeks as freelance. To rest a little of xnu/browsers. Eg: oss-projects, parsers, vm..
    35 retweets 7 likes
  15. Retweeted
    Aug 25

    Frida 10.5 is out with brand new APIs for user-defined machine code transformations on a per-thread basis:

    2 replies 36 retweets 51 likes
  16. Retweeted
    Aug 22

    Saw quite a few fake KeenLab Jailbreak video/app, here I post the one I demonstrated at MOSEC 2017:

    60 replies 85 retweets 174 likes
  17. Retweeted
    Aug 18

    follow-up to the Trezor bug: it's a cold-boot attack + ability to flash firmware. Flash was erased but *not* SRAM.

    4 replies 4 retweets 9 likes
  18. Aug 18

    Give to someone one sandwich and you will make a friend. Give to someone 100 sandwiches and you will make an enemy.

    7 replies 4 retweets 30 likes
  19. Retweeted
    Aug 16

    SNES on FPGA for DE0-CV has been released.

    6 replies 65 retweets 111 likes
  20. Retweeted
    Aug 16

    Ladies and gents, our bootloader analysis tool (and some details re: exploits) are now public!

    BootStomp goes public at: , which also includes an exploit for CVE-2017-2729:
    78 retweets 124 likes

@marcograss hasn't Tweeted yet.

Loading seems to be taking a while.

Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.

    You may also like

    ·