nmonkee

over 1 year ago

CONFIRMED!! Ken Gannon (@yogehi) of NCC Group (@NCCGroupInfosec) used 5 different bugs, including a path traversal, to get a shell & install an app on the #Samsung Galaxy S24. He earns $50,000 and 5 Master of Pwn points. #Pwn2Own #P2OIreland

thezdi's tweet photo. CONFIRMED!! Ken Gannon (@yogehi) of NCC Group (@NCCGroupInfosec) used 5 different bugs, including a path traversal, to get a shell & install an app on the #Samsung Galaxy S24. He earns $50,000 and 5 Master of Pwn points. #Pwn2Own #P2OIreland https://t.co/2Mt5Jc0P2t

14

693

97

121

62K

Interrupt Labs @InterruptLabs

over 1 year ago

Yay Ken Yay \0/ https://t.co/qcxHmylNkQ

0

2

0

138

nmonkee retweeted

about 2 years ago

No days like 0days! Recently we've been speaking at conferences about the logic bugs we've been using at the Pwn2Own contests against Samsung and Xiaomi phones for a very long time. Our @offensive_con slides are up now: https://t.co/QSGgpnIte1

1

169

55

79

21K

Who to follow

Ben Turner 🇬🇧

@benpturner

Creator of Things #PoshC2 / https://t.co/boSPPKtIVx | Advisory Services’ Lead & Red Teamer @Nettitude_labs (CCSAS & CCSAM)

Deputy Chief, Red Team, CISA && BJJ && Veil Framework / Open Source Dev, @christruncer.bsky.social

about 2 years ago

@ha888t 1. It’s a proper shame. Over the years it’s got worse and worse. Used to be a lovely city to visit. Was on my fav list. 2. You’ve been going to different Vegas parties at hacker summer camp in Vegas to me then.

0

92

nmonkee retweeted

over 2 years ago

Confirmed! NCC Group EDG (@nccgroupinfosec, @_mccaulay, and @alexjplaskett) successfully used a 2-bug chain against the Alpine Halo9 iLX-F509. Style points for playing DOOM on the device! #Pwn2Own

thezdi's tweet photo. Confirmed! NCC Group EDG (@nccgroupinfosec, @_mccaulay, and @alexjplaskett) successfully used a 2-bug chain against the Alpine Halo9 iLX-F509. Style points for playing DOOM on the device! #Pwn2Own https://t.co/WIVnJ4EVl5

0

60

9

1

27K

nmonkee retweeted

over 2 years ago

Success! The folks from NCC Group EDG (@nccgroupinfosec, @_mccaulay, and @alexjplaskett) were able to exploit the Phoenix Contact CHARX SEC-3100 and provided a light show as confirmation. #Pwn2Own #P2OAuto

0

74

12

5

18K

over 2 years ago

Already thinking about Xmas lights 2024, prototype came out good, quite a few more to build…

0

7

0

410

over 2 years ago

@ha888t Not guilty. Only @jukelennings used my Pun services these days. Still rejects most suggestions.

1

0

483

over 2 years ago

2/4 of these done…

over 2 years ago

77 days 9 hrs 45 mins until Xmas Lights Day. Better get ready….

0

5

0

685

0

2

0

309

over 2 years ago

#YayKenYay

CyberUp Campaign @CyberUpCampaign

over 2 years ago

Correction – Success! Ken (@yogehi) and Ilyes (@040xZx) of NCC Group (@nccgroupinfosec) were able to execute their attack against the Xiaomi 13 Pro. They earn $20,000 and 4 Master of Pwn points. #Pwn2Own

thezdi's tweet photo. Correction – Success! Ken (@yogehi) and Ilyes (@040xZx) of NCC Group (@nccgroupinfosec) were able to execute their attack against the Xiaomi 13 Pro. They earn $20,000 and 4 Master of Pwn points. #Pwn2Own https://t.co/WFvdoi9b8A

2

54

16

2

28K

0

6

1

0

2K

nmonkee retweeted

over 2 years ago

There's just one week left to complete our research survey! If you want the Government to understand how the 1990 Computer Misuse Act affects your cyber security research, then be sure to fill it in 👾 https://t.co/gQTkCQiUn8 #CMA #cybersecurity

0

5

4

0

498

Luke Jennings @jukelennings

over 2 years ago

77 days 9 hrs 45 mins until Xmas Lights Day. Better get ready….

0

5

0

685

nmonkee retweeted

almost 3 years ago

1/ I kinda accidentally owned myself with my own shadow workflow attack. I definitely think they are going to become a standard technique. I mean they are pretty much the offensive powershell of the SaaS world! So how did this happen?

1

10

6

1

774

NCC Group Research & Technology @NCCGroupInfosec

almost 3 years ago

Oh yeah baby, it’s time to start planning Xmas https://t.co/l2KdvT523t @TwinklyLED

0

1

0

203

nmonkee retweeted

almost 3 years ago

Slides from @alexjplaskett talk at @syspwnx have now been released: https://t.co/geZXYYaOsp Covering vulnerability research for Pwn2Own, Soho-smashup and printer vulns.

0

40

13

10

6K