Apple knows its bug bounty was a failure.Instead of fixing,they plan to double down on exclusivity and give certain members special hw. Why not just give virtual devices to ALL developers & help arm them with the tools & knowledge to improve platform & app security?#devs4everyone

Hello everyone, long time no see! Now begins a series of blog posts about bugs I found and reported of various Android vendors. This very first one is about the exploit chain we used to get remote arbitrary application install on Galaxy S8. Plz enjoy: blog.flanker017.me/galaxy-leapfro…

Feel lucky and super excited to be #1 on this year’s MSRC most valuable security researcher list. Thanks to mj0011 and congrats to all guys on the list from AB Vulcan Team. Thanks to all MSRC guys for their kindly help! Microsoft Security @JarekMsft @SylvieMSFT

Very excited to see Corellium used as one of the Defcon CTF challenges ❤️

My last week in KeenLab. Thanks for all friends. Thank Gengming Liu and Liang Chen for bringing me here.

Good morning sunshines! Awesome start from Liang Chen(Liang Chen)! Already packed with people early in the morning Lets get it started! #POC2019

Liang Chen is giving his talk, “Exploiting IOSurface 0".

#POC2019 was grate! Pleased to meet @[email protected] James Forshaw Liang Chen Lukas Hermann @thomas_coseinc. Thank you vangelis POC_Crew ! See you at #ZeroNights ;)

🙏 We also have the utmost respect for all our engineering friends and counterparts working at Apple.

Accidentally found a v8 0day when I was preparing the challenges for 0CTF/TCTF 2020😅. It was the second RCE in this month. The exploits would be opened someday, leave the demo and hash first. [1/2] V8 exploit. Exp's MD5: 1065c8dafc2a4eea65025954acf20223 youtu.be/JHbVyQKrC0o

At last i finish my writeup of TCTF Chrome challenge and my first blog, it was really a long time😂 In addition, I give the forth challenge - Chromium Fullchain++ at the end of the writeup. Give it a try and i'll mail some gifts for the first 3 winners😜 dmxcsnsbh.github.io/2020/07/20/0CT…

Awesome team work!

Rancho Ice will present how they found some novel and unique vulnerabilities in ancient windows code, like the printer driver, in this #BHEU Briefing “Discovering 20 Years Old Vulnerabilities in Modern Windows Kernel.” Learn more here: ow.ly/NKUK50CdQiN

iOS jailbreak demo in iPhone 12 Pro running latest iOS 14.2 by Liang Chen(Liang Chen) at Singular Security Lab(SingularSecurityLab) Ask Liang Chen or SingularSecLab about the jailbreak and his talk directly.

Cann’t believe that I also missed the bug. Motived by this blog, I also prepared a blog, sharing another bug in the same extension. blog.pangu.io/?p=221

Discovery 20 Years Old Vulns From UMPD by Rancho Ice of Singular Security Lab. i.blackhat.com/eu-20/Wednesda…

First CVE in niu year

I have been working on iOS security research since iOS 5. Now iOS 15 has come out. I don’t remember how many times, after I completed a jailbreak exploit, I told myself this was the last one. However, when a new version of iOS is released, I can't help myself to start again.

My very first tech talk at XCON2008 & last one at MOSEC2020. Time to retire from vulnerability/exploit research work 🫶🏻

Although not a good player, I myself played several international CTF games such as Defcon,Plaid CTF, etc. deeply addicted into the charm of games. Unlike those held by so-called professional companies, naive mistakes by judges always discourage those hotblood on security.