Hacker News new | past | comments | ask | show | jobs | submit | from login

Exploiting Exchange PowerShell After ProxyNotShell: Part 3 (thezdi.com) 2 points by Bender 7 months ago | past The ZDI Vanguard Awards (thezdi.com) 1 point by todsacerdoti 8 months ago | past Unpatched Powerful SSRF in Exchange OWA – Getting Response Through Attachments (thezdi.com) 1 point by freedude on Nov 7, 2023 | past | 1 comment Zero Day Initiative – Pwn2Own Toronto 2023 Schedule (thezdi.com) 2 points by transpute on Oct 24, 2023 | past Revealing the Targets and Rules for the First Pwn2Own Automotive (thezdi.com) 1 point by freedude on Aug 31, 2023 | past Exploiting a Flaw in Bitmap Handling in Windows User-Mode Printer Drivers (thezdi.com) 50 points by freedude on Aug 4, 2023 | past | 6 comments Exploiting the Sonos One Speaker Three Different Ways: A Pwn2Own Toronto Highli (thezdi.com) 2 points by todsacerdoti on June 8, 2023 | past Bash Privileged-Mode Vulnerabilities in Parallels Desktop and Cdpath Handling I (thezdi.com) 1 point by todsacerdoti on April 7, 2023 | past Pwn2Own Vancouver – Day 3 Results (thezdi.com) 2 points by belter on March 26, 2023 | past | 1 comment Activation Context Cache Poisoning: Exploiting Csrss for Privilege Escalation (thezdi.com) 2 points by todsacerdoti on Jan 24, 2023 | past Analyzing BSD Kernels for Uninitialized Memory Disclosures Using Binary Ninja (thezdi.com) 2 points by jayp1418 on Sept 23, 2022 | past Analyzing BSD Kernels for Uninitialized Memory Disclosures Using Binary Ninja (thezdi.com) 1 point by todsacerdoti on Sept 21, 2022 | past But You Told Me You Were Safe: Attacking the Mozilla Firefox Renderer (Part 2) (thezdi.com) 24 points by todsacerdoti on Aug 23, 2022 | past | 2 comments But You Told Me You Were Safe: Attacking the Mozilla Firefox Renderer (Part 1) (thezdi.com) 114 points by todsacerdoti on Aug 18, 2022 | past | 10 comments Riding the InfoRail to Exploit Ivanti Avalanche (thezdi.com) 1 point by todsacerdoti on July 25, 2022 | past Microsoft Windows Network File System v4 Remote Code Execution (thezdi.com) 104 points by todsacerdoti on July 14, 2022 | past | 42 comments Exploiting a heap overflow in the FreeBSD wi-fi stack (thezdi.com) 137 points by todsacerdoti on June 16, 2022 | past | 27 comments PWN2OWN Vancouver 2022 – The Results (thezdi.com) 2 points by pjmlp on May 24, 2022 | past CVE-2021-20226: A Bug in the Linux io_uring Subsystem (thezdi.com) 4 points by gavinhoward on April 23, 2021 | past | 1 comment CVE-2020-7468: Turning Imprisonment to Advantage in the FreeBSD ftpd chroot Jail (thezdi.com) 3 points by g0xA52A2A on Dec 22, 2020 | past Detailing Two VMware Workstation Toctou Vulnerabilities (thezdi.com) 1 point by todsacerdoti on Oct 23, 2020 | past CVE-2020-7460: FreeBSD Kernel Privilege Escalation (thezdi.com) 17 points by todsacerdoti on Sept 1, 2020 | past CVE-2020-8835: Linux kernel privilege escalation via improper eBPF verification (thezdi.com) 5 points by chris_overseas on April 17, 2020 | past CVE-2020-0688: Remote Code Execution on Microsoft Exchange Server (thezdi.com) 91 points by d4n on Feb 26, 2020 | past | 20 comments Forgot2kEyXCHANGE CVE-2020-0688: Remote Code Execution Microsoft Exchange Server (thezdi.com) 1 point by pentestercrab on Feb 26, 2020 | past | 1 comment Comprehensive Analysis of a Remote Desktop Services Vulnerability (thezdi.com) 2 points by tastesfunny on May 29, 2019 | past RCE Without Native Code: Exploitation of a Write-What-Where in Internet Explorer (thezdi.com) 54 points by twoodfin on May 26, 2019 | past | 9 comments CVE-2019-0604: Details of a Microsoft Sharepoint RCE Vulnerability (thezdi.com) 1 point by infosecau on March 23, 2019 | past Pwn2Own Vancouver 2019: Tesla, VMWare, Microsoft, and more (thezdi.com) 301 points by Down_n_Out on Jan 15, 2019 | past | 169 comments Vmware Escapology – How to Houdini the Hypervisor (thezdi.com) 2 points by peter_d_sherman on Oct 30, 2018 | past

Consider applying for YC's Summer 2025 batch! Applications are open till May 13 Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact Search: