DEVCORE 戴夫寇爾

Join us at the end of August for OffSec's Live Training in-person courses in Taiwan, featuring top OffSec instructors from around the world! 🙌 Meet Our Instructors: 🔍 EXP-401 (OSEE) ▶︎ Vixx: A seasoned developer and pentester with multiple certifications (OSCP, OSWE, OSEP, OSED, OSCP3, OSEE). ▶︎ ac3: An experienced expert in both offensive and defensive cybersecurity realms, and holds the following certifications, OSWP, OSCP, OSWE, OSEP, OSED, OSCP3. 🔍 WEB-200 (OSWA) ▶︎ servus: A former software engineer, now a cybersecurity specialist with a passion for exploring the inner workings of operating systems and computer architecture. 🔍 SOC-200 (OSDA) ▶︎ Kiwi: A former New Zealand Air Force officer with industry and academic experience. Kiwi has held CISO and Technical Director roles in the telecommunications industry and brings a wealth of blue team experiences. 🔍 PEN-200 (OSCP) ▶︎ apple: A pentester with extensive professional experiences as well as certifications (OSWP, OSCP, OSDA, OSWA, OSWE, OSEP, OSED, OSMR, OSCE3). Apple will also be delivering the first PEN-200 in-person training in Chinese! Don’t miss out on the opportunity to meet the OffSec instructors. Registration is open until August 9. Learn more about the courses 👉 https://training.devco.re/

🔊 DEVCORE 第 6 屆實習生計畫招募開張 如果，你對資安研究員的生活感興趣、或憧憬成為紅隊的一員， 就用 DEVCORE 實習生計畫一起來體驗日常，進入駭客思維 🥷 的世界吧！ 📍 時間：2024 年 9 月至 2025 年 1 月，每週工作兩天。 📍 對象：具有一定程度資安背景的學生，歷屆實習生可以重複應徵！ 📍 薪資：每月新台幣 16,000 元 📍 應徵流程：書面審查及面試 📍 預計招收名額：Research 組 2 - 3 人，Red Team 組 2 - 3 人 ⏰ 書面報名截止日期：2024 年 8 月 9 日 ⏰ 完整資訊請見 👉 https://lnkd.in/efz3tUck

🛎️ 2024 戴夫寇爾臺科大資訊安全獎學金得主餐敘落幕 🎊 從 2021 年首次舉辦以來，我們很開心每年收到的申請和發出的獎學金，都比前一年更多。今年我們也邀請獲獎同學們及指導老師一起來吃飯聊聊，藉此機會分享公司及團隊的工作日常，也聽聽大家對於資安和技術的想法，深深感受到還有許多充滿熱情的人，和我們一樣在資安這條路上持續努力著！也希望今天來參加的同學和老師都有所收穫 💪 接下來，2024 年度戴夫寇爾全國資訊安全獎學金計畫很快將開跑，開放給全台大專院校的學生，想申請的同學們歡迎先準備好資料囉！ 📍 獎學金常見問題： https://lnkd.in/gGNA5pVa #DEVCORE #戴夫寇爾資安獎學金 #資安人才

🥷 DEVCORE 紅隊演練專家應徵指南 🎯 如果你也有以下煩惱： 💡 擁有高強的技術本領，想要短時間內快速地把履歷寫好 💡 很會打 CTF，但想不到面試要分享什麼 💡 想成為厲害的紅隊演練、滲透測試專家 我們最新出爐的文章可以成為你的一帖良藥！你將會了解履歷呈現的重點、線上測驗的進行方式、面試要準備的內容、從哪些面向自我精進。 https://lnkd.in/gVurviag 以下職缺持續招募中，期待你們的強力支援，一起變得更強大： ✅ 紅隊演練專家 ✅ 滲透測試工程師 ✅ 資安研究員 ✅ 技術專案經理 另外，對研發替代役有興趣的同學們，我們也有研發替代役的名額，歡迎把握在學期間來申請 🔥

🚀 Final Call 🚀 OffSec 線上課程優惠價，倒數兩天！ 包含五種優惠方案，無論是個人、企業或組織，這些課程都能滿足你的需求： ✅ Course and Certification Exam Bundle ✅ Learn Unlimited ✅ OffSec Learn One ✅ OffSec Learn Enterprise ✅ OffSec Cyber Range (Offensive / Defensive / Enterprise) 🔥 報名傳送門：https://lnkd.in/gv6vye-3 👉 溫馨提醒，2024/6/15 23:59 前送出申請，才享有特惠價！ 如果對 EXP-401 (OSEE)、PEN-200 (OSCP)、WEB-200 (OSWA)、SOC-200 (OSDA)  證照有興趣，也別忘記報名在今年八月底登場，由 DEVCORE 和 OffSec 獨家提供的 Live Training 實體課程！！🎯 https://training.devco.re/ #DEVCORE #OffSec #OffSec線上課程

PHP 最新發布的安全更新，修補由 DEVCORE 研究團隊在 5 月 7 日回報的重大 RCE 零時差漏洞 CVE-2024-4577。這是一個 CVSS 風險評分達 9.8 的漏洞。漏洞影響範圍包含 Windows 作業系統上繁體中文、簡體中文、日文三個語系的所有 PHP 版本。 需注意的人員包含： 1. 在 Windows 作業系統上使用 PHP 的使用者 2. 安裝 XAMPP for Windows 的使用者，且未更改 XAMPP 預設設定（預設即存在風險） 提醒相關使用者或開發者，應盡快更新至 PHP 官方最新 8.3.8、8.2.20、8.1.29 版本，降低資訊外洩風險。非上述三語系使用情境的使用者，也需全面盤點資產、確認使用情境並將 PHP 更新至最新版本。針對 PHP 官方已不再維護的版本，包含 PHP 8.0 分支、PHP 7、PHP 5，請參考官網 blog [修補建議] 段落的暫時緩解措施。 漏洞相關資訊及修補措施請參考： 1. DEVCORE 官方網站 blog：https://lnkd.in/e_-c-Sn6 2. PHP 官方更新：https://www.php.net/ #DEVCORE #戴夫寇爾

Interested in OffSec courses and certificates? Here’s the scoop! We’re bringing expert instructors from OffSec to Taiwan for Live Training courses covering PEN-200(OSCP), WEB-200(OSWA), SOC-200(OSDA), and EXP-401 (OSEE). It's not just training, but an adventure into the #hackermindsets, where you'll understand common attacks, master techniques for monitoring and detecting them. Check out the courses here: https://training.devco.re/, and don’t miss out on exclusive discounts at our booth during #CYBERSEC2024! What’s more, until June 15th, learners interested in OffSec online courses can get special offers for courses spanning from Learn Unlimited as well as Learn One for individuals to OffSec Cyber Range, and more. For registration inquiries, reach out to us at: https://lnkd.in/gv6vye-3! #DEVCORE #CYBERSEC

Our Research Team successfully exploited Windows 11 at #Pwn2Own Vancouver 2024 in almost 0 seconds! This time, we scored a total of 4 points in the Local Escalation of Privilege Category: 1. Exploiting Kernel vulnerabilities that targeted two bugs, including a TOCTOU Race Condition bug, we compromised Windows 11 in seconds, earning 3 Master of Pwn points and a $30,000 award. 2. Our researcher also successfully demonstrated a LPE on Ubuntu Linux in his first Pwn2Own. This marks our first Windows OS exploit at Pwn2Own. We'll keep digging for more impressive vulnerabilities! 🎉 #DEVCOREResearchTeam #DEVCORE #Pwn2Own #P2OVancouver #Zeroday

DEVCORE’s New Official Website Is LIVE Now! To celebrate our 10th anniversary, we are pleased to announce the launch of our redesigned website. It is live now and located at the same address: https://devco.re/en/ With massive support from Able Studio Co., Ltd. and RISE DESIGN, we updated the website’s visual to the cityscape, representing our expanded capabilities and Red Team Assessment service, aligned with the evolving needs of our clients from vast industries. Also, you can expect a better view of all the latest news, including job openings, details of our scholarship and internship programs, and much more. Stay tuned for more articles revealing how we discover CVE vulnerabilities and bring home prizes from worldwide hacking competitions. Wanna know more about us? Visit our new website via the link below!