Show threadKevin Karhan Feb 8

@n_dimension @Lacze +9001%

That's just an insultingly low amount.

  • Pretty shure #Zerodium would at least 10x that amount!
Show threadKevin Karhan Dec 19
@DarkWebInformer I wounder why they don't cotact #zerodium and get some #Monero that way?
Show threadKevin Karhan Nov 11
@metacurity espechally since #Zerodium and other #ExploitBrokers propably offers double that, paid in #Monero, no questions asked.
Kevin Karhan May 18, 2025

@[email protected] @SchreibeEinfach nickt zustimmend IMHO verdient @Lilith nen #Bundesverdienstkreuz denn die hätte viel weniger Stress wenn diese statt "#ResponsibleDisclosure" jene Lücken gegen #Monero an #ExploitHändler wie #Zerodium verkauft hätte.

  • Glücklicherweise hat Sie Prinzipien…
Show threadKevin Karhan Nov 22, 2024

@dbof Their "friction" is mere lazyness to distribute the Secret Key among their devs.

And if #JitsiMeet devs can't be assed to do something that trivial then maybe folks who want to stay anonymous won't contact them, but instead send their exploit in a #PGP/MIME-encrypted eMail to #Zerodium where they get paid in #XMR with no questions asked.

  • IOW: If they make it hard to do "the right thing" then people won't do it.

I asked on behalf of a friend who wanted to stay anonymous and doesn't have a #GitHub or #HackerOne account and can't signup to either due to unacceptable #ToS.

  • If that's outside of their imagination then maybe they are unfit to debelop and maintain such a software...

#rant #ITsec #InfoSec #OpSec #ComSec #ResponsibleDisclosure

Show threadgaryOct 21, 2024
@jerry Combined data from Google's Threat Analysis Group (TAG) and Mandiant shows 97 zero-day vulnerabilities were exploited in 2023; a big increase over the 62 zero-day vulnerabilities identified in 2022, but still less than 2021's peak of 106 zero-days.
#zero day trends #cve #zerodium
Show threadKevin Karhan Aug 16, 2024

@lunch So you just admitted that you vomitted #FUD into my mentions without evidence?

If you're so smart, then why don't you sell your #exploit / #ProofOfConcept / #Whitepaper to the highest bidder?

  • I'm shure #Zerodium and all the LEAs would try to outbid each other...

Alas, your messages are just hot air, and not substantiated by anything...

At best your info is 2+ years outdated...

Monero Has Received Some Upgrades

YouTube
Tarnkappe.infoApr 6, 2024
📬 Zero-Day-Exploits immer teurer: Unternehmen schützen ihre Produkte besser
#ITSicherheit #Crowdfense #HackerAngriff #Hacking #Schwarzmarkt #SpywareBranche #ZeroDayExploit #Zerodium https://sc.tarnkappe.info/5c6bdb
Zero-Day-Exploits immer teurer: Unternehmen schützen ihre Produkte besser

Zero-Day-Exploits werden immer lukrativer gehandelt. Ein Grund dafür ist das gestiegene Sicherheitsbewusstsein großer Unternehmen.

Tarnkappe.info
Show threadKevin Karhan Dec 20, 2023

@thijs usually that should be written in the #ResponsibleDisclosure terms & conditions.

Exploit dealers like #Zerodium are able and willing to pay #Monero  and just send #XMR to a wallet of choosing.

Others may offer cash-on-delivery or a cheque to redeem at a bank...

Again: This should've been thought of beforehand!

Personally I'd do offer payment using XMR if I had any bounties to fulfil, but that's just me...

Maybe ask @ChickenPwny what's prefered?

Show threadKevin Karhan Sep 13, 2023
@north olease let me know.if they start #ShootungTheMessenger so others can spare the time and effort to contact them and just sell the code to #Zerodium and other #exploit buyers...