KunlunLab

🏆

The first nomination for best RCE: None other than @KunlunLab for CVE-2022-26809, their 20 year old (!) Windows RPC Bug. You can read more about it here: msrc.microsoft.com/update-guide/v…

Excited to be #1 this quarter, got some pre-auth rce bugs, thanks for all the help from @msftsecresponse and bounty team!

Excited to see @KunlunLab researchers got 2 Pwnie nominations this year, nice work :-)

@bugch3ck @GossiTheDog @cyberkunlun Of course, enjoy the holiday! (But I am not sure if others would…)

@KunlunLab @GossiTheDog @cyberkunlun Yes, but most just assume it is the Twitter-handle 😅 Interesting vuln btw. Can you wait a week or two before you release a poc...

@bugch3ck @GossiTheDog @cyberkunlun The @ symbol there means he is from cyber Kunlun company, not a twitter handler (that’s why MSRC was not hyper-linked it)

@GossiTheDog @cyberkunlun The Twitter-handle referenced by Microsoft in the acknowledgements was unclaimed at the time it was published. I see that someone registered it and used it for good 😄

@GossiTheDog @cyberkunlun It’s a fake account. Please be careful.

@k3ym0 Hi there!

thanks a lot @CyberKunlun

@HenkPoley That domain does not belong to us but pangu team

@KunlunLab You might want to fix your certificate on pwnzen[.]com ssllabs.com/ssltest/analyz…

A lot of (36 in total) CVEs(5 critical) from Kunlun Lab fixed this month, mostly in DNS Server, SMB, LDAP, RPC runtime, Hyper-v...

@danehrlich11 @ChineseEmbinUK @mj0011sec Kunlun lab is not a company or entity , just a name of our research team, it has nothing related to the company or register stuff. Do some homework before your bullshit.

@ChineseEmbinUK Hey @mj0011sec should know all about this, as @KunlunLab has a separate slush registered for money laundering, which is called "Kunlun Labs" (not very creative) and is registered to the SAME ADDRESS as the bank above: opencorporates.com/companies/us_w…

The US is using an ultimatum to press through an infrastructure programme that is criticised of undermining #Nepal's sovereignty and local laws. They call it a gift to the Nepalese people, but it is the exact opposite of what a GIFT is supposed to be.

This patch Tuesday fixed 5 vulnerabilities discovered by @KunlunLab. 2 of them were for @TianfuCup pdf reader sandbox escape & Win10 LPE, 1 CLFS bug was caught as in the wild exploit.

First patch Tuesday of 2022! Adobe and Microsoft fixed 6 vulnerabilities reported by Kunlun lab. Two of them were demoed @TianfuCup. The CVE-2021-44706 was the RCE of PDF reader full chain and the CVE-2021-21881 was the Ntoskrnl bug for Chrome sandbox escape.

We’re excited to announce that @guhe120 is joining our team as CTO and leader of the Kunlun lab.

We’re happy to announce @HaifeiLi joining our team as senior researcher in advanced threat defense products. 🎉🎉

Google just released Chrome 95.0.4638.69 & fixed two TianfuCup bugs which become the first patch for TianfuCup 2021 chromereleases.googleblog.com/2021/10/stable… CVE-2021-38001 is the RCE from Kunlun lab & CVE-2021-38002 is the SBX from 360(RCE one silence killed)

New company but still ranked as #1 this year TianfuCup. Almost all targets are fully pwned this time(except Synology). last photo : the empty review room after 0day party

First entry for day2 of TianfuCup, Kunlun Lab pwned iPhone 13 Pro remote code execution (mobile safari) on stage with only 15 seconds

First confirmed entry for day1 of TianfuCup, Kunlun Lab @S0rryMybad pwned Google Chrome to get Windows system kernel level privilege with only two bugs. First time since 2015 as I remembered

Great work of #1 researcher from Cyber-Kunlun, our lab is ready to burn more 0days @TianfuCup tomorrow.