Or Peles

@peles_o

Vulnerability Research Team Leader . Formerly with IBM X-Force (…). Tweets are my own.

Vrijeme pridruživanja: kolovoz 2014.

Tweetovi

Blokirali ste korisnika/cu @peles_o

Jeste li sigurni da želite vidjeti te tweetove? Time nećete deblokirati korisnika/cu @peles_o

  1. proslijedio/la je Tweet
    7. stu 2018.

    Read how our researchers are helping secure projects by discovering zero-day in the Lighttpd web server, the Live555 Media Library and a driver for the Realtek’s RTL8189ES Wi-Fi chip.

    Poništi
  2. proslijedio/la je Tweet
    18. lip 2018.

    Our latest research here at by , showcasing the significant cyber threats on connected physical security products

    Poništi
  3. 6. lip 2018.

    My detailed writeup on our newly discovered vulnerabilities in Foscam cameras that lead to a remote unauthenticated root shell. CVE-2018-6830, CVE-2018-6831, CVE-2018-6832

    Poništi
  4. proslijedio/la je Tweet
    22. velj 2018.

    First batch of Huawei mobile pwn2own vulnerabilities fixed. Only time we needed an arbitrary delete primitive as part of a exploit chain :) Detailed write-up to follow at a later stage!

    Poništi
  5. proslijedio/la je Tweet
    2. velj 2018.

    We review some vulnerabilities in Android and showed how to find them using QL, these include CVE-2014-7911(), CVE-2015-3825 ( and ), CVE-2017-411/412() and a new one CVE-2017-0871:

    Poništi
  6. proslijedio/la je Tweet
    8. ožu 2017.

    [CVE-2017-0510] Critical : Attacking 9 with Malicious Headphones

    Poništi
  7. proslijedio/la je Tweet
    4. ožu 2016.

    This is how we bypassed ASLR for Stagefright:

    Poništi
  8. proslijedio/la je Tweet
    23. stu 2015.

    My talk about Android serialization vulnerabilities has been accepted to RSA Conference '16. See you in SF!

    Poništi
  9. proslijedio/la je Tweet
    19. kol 2015.

    Our slides of "One Class to Rule Them All" (CVE-2015-3825) are now online.

    Poništi
  10. proslijedio/la je Tweet
    13. kol 2015.
    Poništi
  11. proslijedio/la je Tweet
    13. kol 2015.

    Stagefright is still exploitable on 950+ million Android devices. Read the latest on our blog

    Poništi
  12. proslijedio/la je Tweet
    10. kol 2015.
    Odgovor korisniku/ci

    nasty part is that "Serializable" is inherited from the superclass of the superclass (->X509Certificate->Certificate->Serializable)

    Poništi
  13. 10. kol 2015.
    Poništi
  14. proslijedio/la je Tweet
    10. kol 2015.
    Odgovor korisniku/ci

    Just read the paper. Brilliant !!

    Poništi
  15. proslijedio/la je Tweet
    8. kol 2015.

    Heading off to ! Presenting a new vuln in Android w/ a demo of our code exec PoC explt against running Android 5.1.1

    Poništi
  16. proslijedio/la je Tweet
    21. srp 2015.

    Just uploaded the very final paper. See you in D.C.! Exciting stuff!

    Poništi
  17. proslijedio/la je Tweet
    23. lip 2015.

    WOOT WOOT Third year in a row to present at !

    Poništi
  18. proslijedio/la je Tweet
    22. pro 2014.

    Small writeup from last month about an in-the-wild exploit with partial EMET bypass code

    Poništi
  19. proslijedio/la je Tweet
    11. ožu 2015.
    Poništi
  20. proslijedio/la je Tweet
    14. pro 2014.
    Poništi

Čini se da učitavanje traje već neko vrijeme.

Twitter je možda preopterećen ili ima kratkotrajnih poteškoća u radu. Pokušajte ponovno ili potražite dodatne informacije u odjeljku Status Twittera.

    Možda bi vam se svidjelo i ovo:

    ·