Nicholas Miles
@_NickMiles_
Followers
61
Following
61
Media
10
Statuses
60
Hardware Hacker, Zero Day Researcher @TenableSecurity (he/him)
Kentucky, USA
Joined September 2012
Confirmed! In his #Pwn2Own debut Evan Grant (@stargravy) used an OS command injection bug to exploit the Kenwood DMX958XR in the last attempt of the contest. His unique approach earns him $10,000 and 2 Master of Pwn points. #P2OAuto
0
4
10
We have another bug collision. The Tenable Group used a stack-based buffer overflow to exploit the Lorex 2K camera, but the bug had already been used in the contest. They still earn $3,750 and 1.5 Master of Pwn points. #Pwn2Own #P2OIreland
0
3
10
Today is the day ! Wrestlers is out on @netflix !! Please continue to help spread the word and thank you everyone for your support ! I hope you enjoy the docuseries .
71
308
1K
Making pixel art for a hobby game. Can anyone guess the animal? :)
0
0
2
We just launched a moon rocket, and look what is at the top of the news? Not the launch. I think we can do better.
0
0
1
Really interesting blog from a coworker on a backdoor she found in some Chinese router firmware: https://t.co/n3yZwQhaek.
medium.com
Reversing and Subverting Phicomm’s Backdoor Protocols
0
3
6
"Sharing isn't moral, it's a moral imperative." - Aaron Swartz
0
0
3
Some afternoon reading: @DinoBytes did a great writeup of an Arris modem teardown (featuring some NAND chip removal/reading magic from @_NickMiles_ ). https://t.co/84xrQw5jQk
medium.com
Picked up one of these a little while back at the behest of a good friend.
0
2
1
Here's my new writeup on finding an integer overflow in a ManageEngine product and turning it into an RCE. cve-2021-20082 https://t.co/KRGj3PGwiC
medium.com
A couple months back, Chris Lyne and I had a look at ManageEngine ServiceDesk Plus. This product consists of a server / agent model in…
2
105
287
Pictures taken at 11:12 from Bicentennial Park, facing North East.
0
0
0
Quad SPI flash memory extraction off an unspecified target :)
0
0
2
“Examining Crypto and Bypassing Authentication in Schneider Electric PLCs (M340/M580)” by Nicholas Miles https://t.co/BcdfPWqNxp
2
5
9
.@MicrosoftTeams Users Dodge Bullet with Latest Severe Vulnerability
channelfutures.com
A severe vulnerability discovered by Tenable Research could have seriously impacted Microsoft Teams users. Attackers could have gained control of accounts.
0
1
1
The #bug could have gotten an attacker persistent read/write access to a victim’s whole @Microsoft shebang: email, #Teams chats, #OneDrive, #Sharepoint, et. al #cybersecurity #vulnerability
https://t.co/JaBIYB06SC
threatpost.com
Attackers could have used the bug to get read/write privileges for a victim user’s email, Teams chats, OneDrive, Sharepoint and loads of other services.
0
13
8