Danila Parnishchev

160 posts

Danila Parnishchev

@zero_wf

Application security specialist

Se unió Mayıs 2012

170 Siguiendo114 Seguidores

Danila Parnishchev retuiteado

konata@konatabrk·10 Nis

Remote Exploitation of Nissan Leaf: Controlling Critical Body Elements from the Internet At Black Hat Asia, @_moradek_ and I presented proof that attackers can remotely pwn your vehicle using only 3 stack bof 😱 Including control of a steering wheel! 🚘 i.blackhat.com/Asia-25/Asia-2…

English

5.2K

Danila Parnishchev retuiteado

Binni Shah@binitamshah·15 Ara

Proof-of-concept: Getting root access on Volkswagen MIB3 via Bluetooth youtube.com/watch?v=cqBSh8… Over the Air Compromise of Modern Volkswagen Group Vehicles : i.blackhat.com/EU-24/Presenta… (Slides*)

YouTube

English

196

15.9K

Danila Parnishchev retuiteado

Denis Laskov 🇮🇱@it4sec·13 Ara

With a one-time RCE via Bluetooth, attackers infect the car and are able to record in-car audio, take screenshots, and download contacts from a Skoda Superb, all while it is being driven, over the Internet! 🚘😱 🔥 PDF: i.blackhat.com/EU-24/Presenta… Video PoC: youtube.com/watch?v=T4v8H0…

YouTube

English

201

15K

Danila Parnishchev retuiteado

Alex_S@A1ex_S·8 Kas

The huge update for NFC mitm scripts is on the public repo now! Works with our CardShark badge from PaymentVillage. Check it out! github.com/CardToolz/libn… Please feel free to report any issues @paymentvillage #emv #nfc #replay #hack

English

527

Danila Parnishchev retuiteado

PCA Cyber Security@PCACyberSec·4 Eki

@BlackHatEvents announced our talk "Over the Air: Compromise of Modern Volkswagen Group Vehicles". We will uncover now fixed vulnerabilities in MIB3 infotainment, affecting millions of vehicles. Hope to see you there! Further details of the talk: #over-the-air-compromise-of-modern-volkswagen-group-vehicles-42466" target="_blank" rel="nofollow noopener">blackhat.com/eu-24/briefing…

Black Hat@BlackHatEvents

#BHEU Briefings "Over the Air: Compromise of Modern Volkswagen Group Vehicles" will disclose a chain of critical vulnerabilities in the Infotainment System used in many Volkswagen Group vehicles including Skoda Superb III 2022. Register now>> bit.ly/3Y5MKOy

English

319

Danila Parnishchev retuiteado

PCA Cyber Security@PCACyberSec·15 Tem

Last week PCAutomotive received a cool Tesla test bench for security research. Huge thanks to @Tesla for such a present, and for funny Easter eggs!

English

1.1K

Danila Parnishchev retuiteado

TheZDIBugs@TheZDIBugs·24 Haz

[ZDI-24-844|CVE-2024-23923] (Pwn2Own) Alpine Halo9 prh_l2_sar_data_ind Use-After-Free Remote Code Execution Vulnerability (CVSS 8.8; Credit: PCAutomotive) zerodayinitiative.com/advisories/ZDI…

English

1.5K

Danila Parnishchev retuiteado

TheZDIBugs@TheZDIBugs·24 Haz

[ZDI-24-873|CVE-2024-23973] (Pwn2Own) Silicon Labs Gecko OS HTTP GET Request Handling Stack-based Buffer Overflow Remote Code Execution Vulnerability (CVSS 8.8; Credit: PCAutomotive) zerodayinitiative.com/advisories/ZDI…

English

608

Danila Parnishchev retuiteado

TheZDIBugs@TheZDIBugs·24 Haz

[ZDI-24-872|CVE-2024-24737] (Pwn2Own) Silicon Labs Gecko OS DNS Response Processing Infinite Loop Denial-of-Service Vulnerability (CVSS 6.5; Credit: PCAutomotive) zerodayinitiative.com/advisories/ZDI…

English

602

Danila Parnishchev retuiteado

paymentvillage@paymentvillage·8 Mar

The Payment Village has opened its call for volunteers at DEF CON 32. If you would like to be part of the team and will be in Las Vegas this summer, please fill out the form. We are growing and would like to add some incredible people to the team paymentvillage.org/call-for-volun…

English

3.5K

Danila Parnishchev@zero_wf·7 Haz

Isn't that case for automotive infotainment test bench cool? Designed by @A1ex_S and @moe_hw

PCA Cyber Security@PCACyberSec

Ready for @AutoISAC EU Summit! @VWGroup MIB3 test bench for security tests is 3D-designed, printed, and ready to go. Meet us live for more details about automotive ECU pentesting. Stay tuned for cool security research later this year!

English

169

Danila Parnishchev@zero_wf·29 May

After wiring several such setups I'm starting to think my job is car electrician) @ivachyou hacked component protection, @moe_hw and @A1ex_S designed a cool case for it. More photos later, live demo at Auto-ISAC summit this year

PCA Cyber Security@PCACyberSec

Excited to present our test bench at the Auto-ISAC Summit! We’re showcasing a Volkswagen MIB3 unit with speakers, a mic, and USB. See the impact of vulnerabilities we identified in 2022 at our booth 7. Full disclosure later this year. Stay tuned! #AutoISAC #CyberSecurity

English

1.6K

Danila Parnishchev retuiteado

PCA Cyber Security@PCACyberSec·29 May

English

1.9K

Danila Parnishchev retuiteado

PCA Cyber Security@PCACyberSec·9 Şub

🏆 Big win in Tokyo! Our team secured a $40K prize at #Pwn2Own Automotive with a slick UAF exploit on the Alpine Halo9 iLX-F509. Huge thanks to our team for their hard work & to @thezdi for an epic contest. #P2OAuto

English

1.3K

Danila Parnishchev@zero_wf·24 Oca

We did it! @konatabrk very cool job!

TrendAI Zero Day Initiative@thezdi

The PCAutomotive Team (@PC_Automotive) successfully targeted the Alpine Halo9 iLX-F509. Results will be confirmed in the disclosure room. #Pwn2Own

English

162

Danila Parnishchev retuiteado

TrendAI Zero Day Initiative@thezdi·24 Oca

The PCAutomotive Team (@PC_Automotive) successfully targeted the Alpine Halo9 iLX-F509. Results will be confirmed in the disclosure room. #Pwn2Own

English

5.6K

Danila Parnishchev retuiteado

PCA Cyber Security@PCACyberSec·23 Oca

We are the first ones in the Alpine Halo 9 category, and the 4th ones in Enel X JuiceBox category! @k0nata_ @_moradek_ @moe_hw good luck out there! The full schedule of #Pwn2Own Automotive 2024 is at zerodayinitiative.com/blog/2024/1/23…

English

453

Danila Parnishchev retuiteado

PCA Cyber Security@PCACyberSec·19 Oca

Next week our team will compete in #Pwn2Own Automotive in Tokyo! Organizers @thezdi and @VicOneAuto revealed targets: #Tesla, IVI, EV Chargers & OS. Last year Synacktiv's team won $75K with an impressive infotainment system exploit. #P2OAuto youtu.be/ZUs98Z-pIpY

YouTube

English

471

Danila Parnishchev retuiteado

PCA Cyber Security@PCACyberSec·8 Ara

🚗 Missed our presentation at escar Europe 2023? No worries! Watch Danila Parnishchev's talk on "Top 10 Security Issues in Modern Vehicles." Thanks to @isitsag for an amazing event in Hamburg. Catch up here ➡️ youtu.be/TslcJScwEsk

YouTube

English

214

Danila Parnishchev retuiteado

PCA Cyber Security@PCACyberSec·17 Kas

Thrilled to share that PCAutomotive presented at 21st escar Europe! Danila Parnishchev, our Head of Security Assessment, highlighted the "Top 10 Security Issues in Modern Vehicles." Big thanks to the event organizers! #escar #VehicleSecurity #PCAutomotive

English

321

Descubrir

@_moradek_ @paymentvillage @BlackHatEvents @Tesla @A1ex_S @moe_hw @ivachyou @thezdi