user avatar
clem1
@_clem1
tail -f internet | grep exploit
Joined June 2010
545
Following
6,811
Followers
  • user avatar
    clem1
    @_clem1
    Oct 17, 2023
    I just published a new RCA for CVE-2023-26369, the PDF 0-day that was used in the following campaign.
    user avatar
    Maddie Stone
    @maddiestone
    Sep 7, 2023
    North Korean actors 🇰🇵 are targeting security researchers again including use of at least one 0-day. IOCs in the blog ⬇️ If you've been in contact, please reach out blog.google/threat-analysi…
    Screenshot of top of blog. It says "Active North Korean campaign targeting security researchers"
    googleprojectzero.github.io
    CVE-2023-26369: Adobe Acrobat PDF Reader RCE when processing TTF fonts
    Information about 0-days exploited in-the-wild!
    65K
  • user avatar
    clem1
    @_clem1
    Aug 10, 2023
    Yay! 🙏☺️ #teamwork
    user avatar
    Shane Huntley
    @ShaneHuntley
    Aug 10, 2023
    Epic @PwnieAwards achievement indeed by TAG's own @_clem1 finding and killing 0day in the wild! Two years straight of awards for the team.
    15K
  • user avatar
    clem1
    @_clem1
    Feb 25, 2020
    Found and analyzed with a lot of help from @5aelo and Sergei.
    user avatar
    Antti Tikkanen
    @anttitikkanen
    Feb 24, 2020
    Latest Chrome update patches CVE-2020-6418, 0day found in the wild by @_clem1 : chromereleases.googleblog.com/2020/02/stable…
  • user avatar
    clem1
    @_clem1
    Jun 25, 2015
    Details of vulnerabilities sent by bilou to chromium VRP. code.google.com/p/chromium/iss… … Interesting stuff! :)
  • user avatar
    clem1
    @_clem1
    Mar 18, 2013
    Looks like someone pasted an exploit for Java #CVE-2013-1493 pastie.org/pastes/6581034
  • user avatar
    clem1
    @_clem1
    Apr 7, 2012
    code.google.com/p/web-malware-… huge collection of web backdoors.
  • user avatar
    clem1
    @_clem1
    May 23, 2023
    Replying to @SwitHak
    We have updated our blog to mention this CVE.
    Spyware vendors use 0-days and n-days against popular platforms
    From blog.google
    2K
  • user avatar
    clem1
    @_clem1
    Sep 4, 2012
    Nice GCC plugin to add runtime integer overflow checks forums.grsecurity.net/viewtopic.php?…
  • user avatar
    clem1
    @_clem1
    Feb 7, 2012
    libvirt-sandbox, another way to sandbox apps easily on linux, nice berrange.com/posts/2012/01/… people.redhat.com/berrange/fosde…
  • user avatar
    clem1
    @_clem1
    Aug 28, 2013
    Just uploaded slides about Netusse, #FreeBSD CVE-2013-3077 and its exploitation. code.google.com/p/netusse/down…
  • user avatar
    clem1
    @_clem1
    Jul 21, 2011
    Looking for something to reverse? Check that malwareblacklist.com/showMDL.php
  • user avatar
    clem1
    @_clem1
    Jul 24, 2013
    Interesting VML CVE-2013-2551 exploit using techniques described by @VUPEN jsunpack.jeek.org/dec/go/?report… /cc @n_joly
  • user avatar
    clem1
    @_clem1
    Jun 9, 2021
    Replying to @luc4m @malwrhunterteam and @ShaneHuntley
    It's CVE-2021-26868.
  • user avatar
    clem1
    @_clem1
    Apr 13, 2012
    #phrack68 topics disclosed on phrack.org, jemalloc, android rootkit, IIS and VLC pwnage... looks awesome hum! f5f5f5! :)