MinhCuong

That's a wrap on #Pwn2Own Toronto 2023! We awarded $1,038,250 for 58 unique 0-days during the event. Congratulations to Team Viettel (@vcslab) for winning Master of Pwn with $180K and 30 points. We'll see you at Pwn2Own Automotive in Tokyo next January.

Success! Synacktiv was able to execute a heap-based buffer overflow in the kernel triggered via WiFi and leading to RCE against the Wyze Cam v3. They earn $15,000 and 3 Master of Pwn points. #Pwn2Own

Linux debugging, profiling and tracing training Very cool course by @bootlincom Slides: bootlin.com/doc/training/d… Lab exercises: bootlin.com/doc/training/d… Lab material (.tar.xz): bootlin.com/doc/training/d… #Linux

Bypassing #SecurePoint UTM’s Authentication (CVE-2023-22620) by @MrTuxracer rcesecurity.com/2023/04/secure…

Highlights from Day 3 of #Pwn2Own Toronto: Team Viettel vs the Canon printer

I highly recommend the training class “Hunting Zero-Days in Embedded Devices” by @pedrib1337 and @RabbitPro. I had a blast!

@rskvp93, @huyna89, @hoangnx99, @_q5ca, @ngcaobaolong from Team Viettel (@vcslab) celebrates their successful SOHO SMASHUP pwn at #P2OToronto with a little 🍾🍾 !! #Pwn2Own

On the first win of Day 3 of #P2OToronto, @biennd279 and @rskvp93 from Team Viettel (@vcslab) used a command injection on a WD NAS to help add a little extra holiday decoration to the venue! This nets the team another $20K and 4 MoP points! #Pwn2Own

Another full win for team Viettel! #Pwn2Own #P2OToronto

Claroty Research was able to execute a chain of 3 bugs (2x Missing Auth for Critical Function and an Auth Bypass) attack against the Synology DiskStation DS920+ in the NAS category. They earn $40K and 4 Master of Pwn points. #Pwn2Own #P2OToronto

Starting Day 2 of #P2OToronto in style with a full win! #Pwn2Own

Team Viettel (@rskvp93, @_q5ca, @hoangnx99 from @vcslab) with another win! #P2OToronto #Pwn2Own

@hoangnx99, @KmaHaToan, @QuangHV99 from @vcslab achieves a 2-bug successful attack at #P2OToronto. #Pwn2Own

SOHO entry bugs get killed during registration. Am I sad? Yes Can I do anything? No 😂😂😂😂😂😂 iotworkers.com/hacking/pwn2ow…

Blogpost by @TalosSecurity about vulnerabilities in TCL LinkHub Mesh Wi-Fi system. blog.talosintelligence.com/vulnerability-… #iot #embedded #infosec #cybersecurity

A few years old but still a super interesting case study of Wi-Fi stack exploitation by Gal Beniamini. The case of Broadcom chipsets. Part 1: googleprojectzero.blogspot.com/2017/04/over-a… Part 2: googleprojectzero.blogspot.com/2017/04/over-a… Part 3: googleprojectzero.blogspot.com/2017/10/over-a… #wifi #80211 #infosec #cybersecurity #hacking

@TheMoonCarl Whyy is everyonee silent about thiss??? youtube.com/watch?app=NJRV… .

Good morning, #crypto Twitter! 🌅 It’s a new week full of opportunities. What are you cashing in on?

@TheMoonCarl Coins public GİVE is LİVE🚀 50k bnb🐋 youtube.com/watch/-pAgM05I… .

@ic3sw0rd Hi friend, Can I ask how you unpack the firmware? Thank you

S7+:Crash，The vulnerabilities that have been addressed so far are CVE-2021-37185、CVE-2021-37204、CVE-2021-37205. The S7-1500 with access protection enabled is still affected by these vulnerabilities and goes into critical failure mode. youtu.be/XNDo0iAaT14