Aska

@flutsunami_is_aska@infosec.exchange
115 Followers
122 Following
45 Posts

RE team lead @synacktiv - Former @AirbusSecLab lead

@flutsunami on twitter

As the team is growing, Synacktiv is looking for an additional team leader for its Reverse-Engineering Team!
Find out if you are a good candidate by reading our offer (🇫🇷).

https://www.synacktiv.com/responsable-de-lequipe-reverse-engineering

Responsable de l'équipe Reverse-Engineering

Synacktiv
Comme tous les ans, le #SSTIC est visionnable en direct, gratuitement, sur https://streaming.sstic.org
Retrouvez aussi les vidéos enregistrées sur la page de chaque conférence : https://sstic.org/2023/programme/, normalement quelques heures après.
SSTIC 2025 » Live stream

SSTIC 2025 Live video stream

NEW: Three vulnerabilities in Tesla cars that could have allowed hackers to turn off the lights, honk the horn, open the trunk, activate the windshield wipers, and mess with the infotainment system.

Tesla is rolling out patches soon, researchers told us.

https://techcrunch.com/2023/03/28/hackers-could-remotely-turn-off-lights-honk-mess-with-teslas-infotainment-system/

TechCrunch is part of the Yahoo family of brands

Success! Thomas Imbert from Synacktiv used a UAF against Microsoft Windows 11. They earn $30,000 and 3 Master of Pwn points. #Pwn2Own #P2OVancouver
Take a look behind the scenes of #Pwn2Own Vancouver and watch as @Synacktiv attempts to combine all of their Tesla exploits into one demonstration. https://youtu.be/3pMCh3HEP8Y
Behind the scenes of Pwn2Own Vancouver 2023

YouTube
CONFIRMED! Synacktiv used a heap overflow & an OOB write to exploit the Infotainment system on the Tesla. When they gave us the details, we determined they actually qualified for a Tier 2 award! They win $250,000 and 25 Master of Pwn points. The first ever Tier 2 award. Congratulations to David Berard and Vincent Dehors on their huge win!
Day 2 wraps up with another success! Tanguy Dubroca from Synacktiv used an incorrect pointer scaling leading to privilege escalation on Ubuntu Desktop. They earn $30,000 and 3 Master of Pwn points. #P2OVancouver #Pwn2Own
That concludes Day 2 of #P2OVancouver – we awarded $475,000 for 10 unique zero-days today, bringing the total awarded to $850,000! Stay tuned tomorrow for the final day of the competition. #Pwn2Own
#Pwn2Own Vancouver Day 2 begins with the team from Synacktiv demonstrating an attack against Oracle VirtualBox. They're off to the disclosure room for confirmation. Follow us here or on our blog for live updates throughout the day. #P2OVancouver https://www.zerodayinitiative.com/blog/2023/3/23/pwn2own-vancouver-2023-day-two-results
Zero Day Initiative — Pwn2Own Vancouver 2023 - Day Two Results

Welcome to Day 2 of Pwn2Own Vancouver 2023! We’ll be updating this blog in real time as results become available. We’re excited to say that all unique winning entries will receive the full payout during this year’s contest. We’ll update this blog throughout the day with results as they come in.

Zero Day Initiative
Success! Synacktiv used a TOCTOU bug to escalate privileges on Apple macOS. They earn $40,000 and 4 Master of Pwn points. #Pwn2Own #P2OVancouver