🔥The 9th Round of Easy Loan, Earn $40 Reward is in progress❗️ ⏰ Promotion Period: January 15th - Feburary 15th, 2025 👉 Register now and check more details at gate.io/campaigns/358

Had fun playing with the CTF.SG team and placing 3rd. Think we held our own pretty well despite facing other teams that double our size. Looking forward to next year! Cher Boon 🧣🧣🧣🧣 @waituckk Jeremias Wong #DEFCON30 #Defcon2022 #DC30

We placed 2nd in RTV CTF with the PwnerPuffGirls gang Matt Ehrnschwender Julian John Hammond Kaitlyn DeValk-Hammond Caleb Stewart @soulctf NightWolf SinisterMatrix(cxp) Congon4tor I misssed out some names but “PwnerPuffGirls” is the name you really wanna remember 😎

1st EPT bootplug zup klarz webhak 2nd Matt Ehrnschwender Julian John Hammond Kaitlyn DeValk-Hammond Caleb Stewart NightWolf SinisterMatrix(cxp) Congon4tor 3rd Winston Cher Boon 🧣🧣🧣🧣 @waituckk Jeremias Wong Thanks for playing! Hope to see you next year 😁

When #eSports meets #Cybersecurity CTF in Singapore... Finals underway!

The endorsement you want for red team tools 💪

When you fire up a VM that runs a container that runs Windows in a VM - Tutorial here: buff.ly/3qM0vUp

Recently, I was messing around with IPC communication on Windows, and that led to the discovery of CVE-2023-1862 (cve.mitre.org/cgi-bin/cvenam…). Shoutout to the cool folks at Cloudflare for their speedy response!

Who of you reported “lack of rate-limiting” to Twitter’s bug bounty???? 😠

Wow. Meta commits to dedicate three engineer-years to implement the removal of the GIL from #Python and fix upcoming compatibility and performance issues with it. All this dependent on whether the Steering Council accepts PEP 703. discuss.python.org/t/a-fast-free-…

Bug Report @TwitterSupport: I try to close Twitter by clicking on the X button, but nothing happens. Please fix.

Finally! This one was months in the making (and waiting)... Now, onto the next..

Encryption on the TETRA Protocol has been broken rtl-sdr.com/encryption-on-…

Amazon is the new source for OST 🔥🔥

CVE-2024-0313 A malicious insider exploiting this vulnerability can circumvent existing security controls put in place by the organization. On the contrary, if the victim is legitima… cve.org/CVERecord?id=C…

Cheers to the Trellix security team for being on the ball and fixing security issues like CVE-2024-0313 swiftly!

CVE-2023-41972 In some rare cases, there is a password type validation missing in Revert Password check and for some features it could be disabled. Fixed Version: Win ZApp 4.3.0.121… cve.org/CVERecord?id=C…

CVE-2023-41969 An arbitrary file deletion in ZSATrayManager where it protects the temporary encrypted ZApp issue reporting file from the unprivileged end user access and modificati… cve.org/CVERecord?id=C…

CVE-2023-41973 ZSATray passes the previousInstallerName as a config parameter to TrayManager, and TrayManager constructs the path and appends previousInstallerName to get the full path of the exe. Fixed Version: W... vulmon.com/vulnerabilityd…

Kudos to the Zscaler team for responsibly disclosing and fixing CVE-2023-41969, CVE-2023-41972, CVE-2023-41973, discovered by my colleagues and I at GovTech (Singapore) Red Team 😁

Had the honour of working alongside spaceraccoon | Eugene Lim to discover multiple vulnerabilities in the Zscaler ecosystem, 3 of which were assigned CVEs. Find out more about our exploitation journey here: medium.com/csg-govtech/ca…