Olivia
Online
Ivan Fratric 💙💛
@ifsecure
Tech lead and security researcher at Google Project Zero. Author: Jackalope, TinyInst, WinAFL, Domato. PhD. Tweets are my own.
Backup @[email protected]
Joined August 2011
209 Following
18.9K Followers
1.3K Posts
Pinned Tweet
The slides for my Black Hat talk "XMPP Stanza Smuggling or How I Hacked Zoom" are now available at https://t.co/wZNGaBxKoa
My and @natashenka 's talk from OffensiveCon is now available on YouTube! Watch for a tour of a zero-click to root exploit chain across multiple generations of Google Pixel!
https://t.co/9xvilxMUpM
Offensivecon's talks are now available on our YouTube channel!
🔗 https://t.co/cBmHPsj7qV
@stdoutput Thanks! Will share the slides soon.
Who to follow
TrendAI Zero Day Initiative 
@thezdi
TrendAI Zero Day Initiative™ (ZDI) is a program designed to reward security researchers for responsibly disclosing vulnerabilities.
Project Zero Bugs
@ProjectZeroBugs
A bot that posts the latest blog posts and disclosures from Google's Project Zero
Samuel Groß
@5aelo
Working on Project Zero, Big Sleep, and V8 Security. Personal account. Also @[email protected] and https://t.co/aVitnPjBie
In my OffensiveCon talk on Site Isolation yesterday, a question was asked that I didn't quite get at the moment so my answer was probably irrelevant. My apologies, especially since the question, as I understand it now, totally makes sense. Answering it here:
I imagine the question was asked in reference to my 2nd demo, which admittedly wasn't very good in the sense that it showed a (partial) redirect url leak, but the url in that demo wasn't user specific.
For that to happen, the request needs to be made with the user's (victim's) cookies. This is also the reason why disabling 3rd party cookies mitigates the attack.
@julianor Details in 30 days :)
CVE-2026-28920 (Apple, zlib, found by Brendon Tiszka of Google Project Zero) sure looks fun :)
Turns out adapting our 0click chain to work on Pixel 10 wasn't that hard... at least if you're into Android drivers as much as @__sethJenkins.
.@__sethJenkins updated our 0-click exploit chain to work on a Pixel 10 with an eye-popping driver bug!
We’ll be presenting this work Saturday @offensive_con
https://t.co/KVWG3e7Rx0
.@__sethJenkins updated our 0-click exploit chain to work on a Pixel 10 with an eye-popping driver bug!
We’ll be presenting this work Saturday @offensive_con
https://t.co/KVWG3e7Rx0
The fuzzer that found https://t.co/Y5DOo7QGHE (and a number of issues prior to that as well) is now open-source: https://t.co/zCdbHCpJ4z
It uses pkeys, trap-handling and single-stepping to intercept and mutate in-sandbox reads (see trap-fuzzer.h). Definitely had fun writing it!
Just derestricted a now-fixed kernel bug in Pixel 10. I think this ranks as the most easily exploited kernel bug of all time😬
Thanks to @tehjh for collab'ing on this driver and full credits for noticing this bug in the first 5 minutes of auditing😂
https://t.co/hebHBfXB4F
@cl4sm Yes, exactly, coverage is poor aproximation for state. I don't think better state approximation and mutational fuzzing are mutually exclusive, mutational fuzzer benefits from better state.
I wrote a short blogpost on the quirks of grammar fuzzing (and, more generally, structure-aware fuzzing) and a simple trick I used to get more bugs out of it more quickly. https://t.co/65enmHATIb
Jackalope and Tinyinst have been working on arm64 macs for a while, but now you should also be able to run against arm64e binaries (i.e. binaries that ship with the os) with some modification to the system. For details, see https://t.co/MTHmGCo3sA
In the final part of his blog series, @tiraniddo tells the story of how a bug was introduced into a Windows API.
Code re-writes can improve security, but it’s important not to forget the security properties the code needs to enforce in the process.
https://t.co/MZHNks6eGc
How a single feature was responsible for 5 Windows Administrator Protection bypasses, in a new Project Zero blog post by @tiraniddo
New Project Zero blogpost by @dillon_franke on exploiting a coreaudiod bug on macOS. Quite a journey with a lot of unexpected roadblocks and how Dillon pulled it off in the end. https://t.co/j4UdAgyJTX
Most Popular Users
Elon Musk
@elonmusk
240.1M followers
Barack Obama
@barackobama
119.3M followers
Donald J. Trump
@realdonaldtrump
111.6M followers
Cristiano Ronaldo
@cristiano
108.7M followers
Narendra Modi
@narendramodi
106.9M followers
Rihanna
@rihanna
97.2M followers
NASA
@nasa
92.1M followers
Justin Bieber
@justinbieber
90.5M followers
KATY PERRY
@katyperry
86.7M followers
Taylor Swift
@taylorswift13
80.5M followers
Lady Gaga
@ladygaga
72.1M followers
Kim Kardashian
@kimkardashian
69.3M followers
YouTube
@youtube
68.6M followers
Virat Kohli
@imvkohli
68.4M followers
Bill Gates
@billgates
63.3M followers
The Ellen Show
@theellenshow
62.5M followers
CNN
@cnn
61.9M followers
Neymar Jr
@neymarjr
60.9M followers
X
@x
60.9M followers
CNN Breaking News
@cnnbrk
59.9M followers