Larry W. Cashdollar πŸ’°πŸ’΅ 

@[email protected]
551 Followers
542 Following
80 Posts
Member of Akamai SIRT. Security Researcher & Exploit Coder. My research has been covered by Slashdot, ZDNet, Ars-technica, MSN, Yahoo etc.. Mitre CVE CNA. 300+ CVEs.
Websitehttps://vapid.dhs.org
GitHubhttps://github.com/lcashdol
Larry W. Cashdollar πŸ’°πŸ’΅ Sep 26, 2023
Looks like KmsdBot is now exploiting Tenda HG6 v3.3.0 - Remote Command Injection vulnerability. My guess is using weak login credentials via telnet/ssh isn't enough for them to build up the botnet so turning to exploits.
Larry W. Cashdollar πŸ’°πŸ’΅ Jul 25, 2023
I wrote a quick patch to @taviso PoC exploit for CVE-2023-20593 that redacts data read from memory so you're not reading secrets on multi-user systems when testing -> https://vapid.dhs.org/misc/CVE-2023-20593.txt
Larry W. Cashdollar πŸ’°πŸ’΅ Jun 13, 2023
Phishing page for Citizens Bank https://connect-citizens-account-secure01c.com/ses/?auth&apitoken=jvz7d9l53yaak43 only reachable using a mobile Browser user-agent string
Larry W. Cashdollar πŸ’°πŸ’΅ Apr 11, 2023
Currently at a speakers dinner in Strasbourg France.
Larry W. Cashdollar πŸ’°πŸ’΅ Jan 13, 2023
Look at this lame scam attempt.
Larry W. Cashdollar πŸ’°πŸ’΅ Jan 5, 2023
What is this thing used for on my gas grill?
Larry W. Cashdollar πŸ’°πŸ’΅ Dec 27, 2022
Middle block controls temp outer handle controls pressure. Took me a minute.
Larry W. Cashdollar πŸ’°πŸ’΅ Nov 24, 2022
The SGI is alive.
Larry W. Cashdollar πŸ’°πŸ’΅ Nov 20, 2022
They don’t even try to hide the underlying is from you anymore.