Chi Tran

16 posts

Chi Tran

@imspicynoodles

Vietnamese spicy noodles restaurant owner

Texas, USA Katılım Aralık 2022

918 Takip Edilen137 Takipçiler

Chi Tran@imspicynoodles·10 May

@Frichette_n I personally didn’t see it worth renewing, given my curreny position. I feel unless I am actively looking for a job in consulting and need immediate valid creds, I don’t see it bring any values IMO

English

Nick Frichette@Frichette_n·10 May

To renew or not renew…

English

821

Chi Tran@imspicynoodles·27 Mar

@testanull The feeling of someone making something on the news from your own state-of-art is the best! Enjoy the flashback with peterjson 🤣

English

Janggggg@testanull·25 Mar

They deserved this :) Responsible disclosure is a joke!

Germán Fernández@1ZRR4H

So, rose87168 said he used CVE-2021-35587 to compromise the login[.]us2[.]oraclecloud[.]com server. Oracle then denied the attack and remains silent but quickly disconnected the server from the Internet (probably to investigate? also unknown). The problem is that Oracle has, at least, 14 other servers under *.oraclecloud[.]com with the same vulnerable version mentioned by the attacker (could it have persistence on other instances?). Something doesn't look so good. "Copyright @ 2009, Oracle. All rights reserved."

English

3.2K

Chi Tran retweetledi

Doyensec@Doyensec·18 Mar

🥳The latest !exploitable is here! We're sharing all the joy that comes with exploiting an arbitrary file write in GitLab, while cruising the Mediterranean. 🚢 Everything from onerous configurations to spotty internet! Enjoy! #doyensec #appsec #security blog.doyensec.com/2025/03/18/exp…

English

115

6.9K

Chi Tran@imspicynoodles·28 Eyl

Such a nice troll lol

Brandon Falk@gamozolabs

I'm dropping a 10.0 CVSS Linux vulnerability in all Linuxes next week. Make sure your turn off your internet facing telnet servers

English

350

Chi Tran retweetledi

Rebane@rebane2001·19 Eyl

new blogpost time!! this one's a fun writeup on a vulnerability chain i found across multiple google services that earned me a $4133.70 bounty lots of fun css as usual! i had to recreate a bunch of drive/docs/gmail/youtube UIs c: have fun! lyra.horse/blog/2024/09/u…

English

168

751

70.2K

Chi Tran@imspicynoodles·20 Tem

@pwn0sec what say you?

Janggggg@testanull

I don’t really care much about the credit story, but this guy is trying to clone my blog post and claim all of credits in the org post. I have no idea about their purpose but be careful while working with them

English

Chi Tran retweetledi

TrendAI Zero Day Initiative@thezdi·15 Tem

Uncoordinated Vulnerability Disclosure: After more than a decade of CVD, has it benefited vendors or researchers more? Have the number of bugs increased to where vendors simply cannot cope with CVD? @dustin_childs has some thoughts - & lots of questions. zerodayinitiative.com/blog/2024/7/15…

English

148

83.3K

Chi Tran@imspicynoodles·15 Kas

@_jsoo_ @starlabs_sg On the bright side, so many damn people wanna work for STAR 😬

English

125

Chi Tran retweetledi

Amitai Cohen@AmitaiCo·7 Eyl

Sketched current understanding of @msftsecurity's newly released investigation findings (msrc.microsoft.com/blog/2023/09/r…), specifically as they relate to how Storm-0558 acquired the MSA signing key. See our latest blogpost for more information (wiz.io/blog/key-takea…).

English

3.9K

Chi Tran retweetledi

ϻг_ϻε@steventseeley·8 Ağu

Even at Pwn2Own, there are vendors such as @InductiveAuto who play security theatre by patching bugs that require auth inductiveautomation.com/blog/inductive… yet don’t bother patching pre-auth RCE such as zerodayinitiative.com/advisories/ZDI… and zerodayinitiative.com/advisories/ZDI… because “wE t4k3 sEcUriTY sErioUsLy”

English

10K

Chi Tran@imspicynoodles·6 Haz

@notdurson wanna try some asian food Dan?

English