Joined November 2019
- Tweets 313
- Following 10
- Followers 6,001
- Likes 278
11 Photos and videos
Pinned Tweet
4 Apr 2021
A friendly reminder: hundreds of organizations develop, and sell / resell offensive cyber capabilities vs. smartphones. Oftentimes, zero-clicks.
And yet, as of April 4th, 2021 - the sandbox developed by @Apple and @Google actively helps them to hide.
It's time to #FreeTheSandbox
1
6
59
17 Aug 2022
You may want to stay on 15.6 if you aim for full access to your device. This is unfortunate that we must keep the device in a vulnerable state to get a local admin on our phone... but this is the reality. Hopefully it will be fixed soon with #FreeTheSandbox
17 Aug 2022
[IMPORTANT] Using an iPhone or iPad? make sure to update to the latest iOS and iPadOS that fixes two vulnerabilities that may have been exploited in the wild in one-click and potentially also zero-click attacks!
More details on Apple's website: support.apple.com/en-us/HT21…
1
6
36
#FreeTheSandbox retweeted
16 Aug 2022
Fake Droids: Your New Android Device is Actually an Old Android 6 via @ZecOps Blog blog.zecops.com/research/fak…
1
9
20
#FreeTheSandbox retweeted
10 Feb 2022
Surprise surprise! Another day another 0day exploited in the wild bleepingcomputer.com/news/se…
Incremental patches/mitigations will never work against determined individuals. The only thing that will help to reduce mass surveillance on mobile phones is more eyes. #FreeTheSandbox 👊
1
18
49
#FreeTheSandbox retweeted
5 Jan 2022
6
20
42
#FreeTheSandbox retweeted
4 Jan 2022
[New Research] iOS Persistence without "Persistence": Meet The Ultimate Persistence Bug - #NoReboot via @ZecOps Blog blog.zecops.com/research/per…
10
71
231
#FreeTheSandbox retweeted
14 Dec 2021
iOS 15.2 is out and it is wild. Many remote and local security issues. If you care about your iPhone/iPad security you should update soon.
[Source: support.apple.com/en-us/HT21…]
10
93
188
#FreeTheSandbox retweeted
4 Nov 2021
How iOS Malware Can Spy on Users Silently? blog.zecops.com/research/how… via @ZecOps blog (POC included)
4
59
156
3 Nov 2021
The day is coming. Consumers are waking up. Saying "no more" - you can't secure the platform 100% by definition - let us try too. #FreeTheSandbox #LocalAdminOnMobile #TheSpiceMustFlow
3 Nov 2021
Mobile is a platform where attackers gets a better access than the victim trying to protect themselves, example #28241: Google Warns of New Android 0-Day Vulnerability Under Active Targeted Attacks thehackernews.com/2021/11/go…
2
4
27 Oct 2021
<3 @ZecOps
27 Oct 2021
[iOS 15.1 Update]: Use-After-Free in Voice Control: CVE-2021-30902 Write-up via @ZecOps Blog blog.zecops.com/research/use…
20
17 Oct 2021
Hackers continuously able to break the iOS (and most of the time Android too) security models. Successfully compromising devices remotely while obtaining full access. Hackers have better access than what device-owners are allowed to have !
Why ?
16 Oct 2021
Team PangU pwned iPhone13 Pro remote jailbreak on the day1 of TianfuCup, will take $300k as reward and ranked as #1 currently.
1
4
29
17 Oct 2021
[2/N] How are we supposed to defend ourselves when it's not a level playing field? It's time to give users local-admin rights. It's time to #FreeTheSandbox and level the playing field.
2
14
17 Oct 2021
[3/3] Let's acknowledge the reality: time after time, attack after another, smartphones are as breakable, if not even more than our computers.
We rely on smartphones for everything. We have to be able to secure them.
#LocalAdminOnSmartphones #FreeTheSandbox #DeviceNeutrality
14
16 Oct 2021
Team PangU pwned iPhone13 Pro remote jailbreak on the day1 of TianfuCup, will take $300k as reward and ranked as #1 currently.
2
3
19
#FreeTheSandbox retweeted
14 Oct 2021
[BREAKING] CVE-2021-30858 iOS WebKit RCE 0-day in the wild: googleprojectzero.github.io/… including POC. Can be chained with CVE-2021-30883 and used in 1-clicks and water-holing attacks against iOS users.
Update to the latest version as soon as possible.
5
79
170
#FreeTheSandbox retweeted
12 Oct 2021
We can confirm that the recently patched iOS 15.0.2 vulnerability, CVE-2021-30883, is also accessible from the browser: perfect for 1-click & water-holing mobile attacks. This vulnerability is exploited in the wild. Update as soon as possible.
11 Oct 2021
[BREAKING] @Apple just released iOS 15.0.2 and patched CVE-2021-30883, yet another vulnerability in IOMobileFrameBuffer, that was *exploited in the wild*.
[ACTION REQUIRED] Update your iOS devices as soon as you can.
3
73
158
11 Oct 2021
The time has come 🥶. #FreeTheSandbox
11 Oct 2021
Some technical details and POC of the IOMFB Integer (CVE-2021-30883) Overflow are already available by the fantastic @AmarSaar saaramar.github.io/IOMFB_int…
5
7
53
#FreeTheSandbox retweeted
11 Oct 2021
This vulnerability is possibly related to: CVE-2021-30807, also in IOMobileFrameBuffer, that was patched in iOS 14.7.1. The vulnerability provides to attackers kernel privileges after they already gained initial code execution capabilities on the device.
3
15
55
#FreeTheSandbox retweeted
11 Oct 2021
[BREAKING] @Apple just released iOS 15.0.2 and patched CVE-2021-30883, yet another vulnerability in IOMobileFrameBuffer, that was *exploited in the wild*.
[ACTION REQUIRED] Update your iOS devices as soon as you can.
7
145
305
