• ABOUT
  • CONTACT
  • VISIT SENTINELONE.COM
Back
  • ABOUT
  • CONTACT
  • VISIT SENTINELONE.COM

Max Van Amerongen

Max Van Amerongen is a Vulnerability Researcher at SentinelOne focusing on identifying security holes in critical software. Before joining SentinelOne, he had previously worked at F-Secure Labs where he successfully participated in the Pwn2Own hacking contest a number of times.
Security Research

Firefox JIT Use-After-Frees | Exploiting CVE-2020-26950

Max Van Amerongen / February 3, 2022

Learn how to dive into JIT compilers in JavaScript engines and follow along as we find a new set of exploit primitives in this previously patched bug.

Read More
Security Research

CVE-2021-45608 | NetUSB RCE Flaw in Millions of End User Routers

Max Van Amerongen / January 11, 2022

SentinelLabs has discovered a high severity flaw in NetUSB which could be remotely exploited to execute code in the kernel.

Read More
Security Research

GSOh No! Hunting for Vulnerabilities in VirtualBox Network Offloads

Max Van Amerongen / November 23, 2021

Inspired by Pwn2Own, SentinelLabs' researcher Max Van Amerongen discovered three CVEs, including two privilege escalations, in VirtualBox. Read more here.

Read More
Security Research

CVE-2021-43267: Remote Linux Kernel Heap Overflow | TIPC Module Allows Arbitrary Code Execution

Max Van Amerongen / November 4, 2021

SentinelLabs has discovered a heap overflow vulnerability in the TIPC module of the Linux Kernel, which can allow attackers to compromise an entire system.

Read More

SentinelLabs

In the era of interconnectivity, when markets, geographies, and jurisdictions merge in the melting pot of the digital domain, the perils of the threat ecosystem become unparalleled. Crimeware families achieve an unparalleled level of technical sophistication, APT groups are competing in fully-fledged cyber warfare, while once decentralized and scattered threat actors are forming adamant alliances of operating as elite corporate espionage teams.

Latest Tweet

  • The Centre for Cybersecurity Belgium (CCB) kindly invites you to its online CCB Share & Connect event – previousl… https://t.co/7yoL03kHyp13 days ago
  • New on #SentinelLabs! We have disclosed 10.0 CVSS vulnerabilities on Microsoft’s Azure Defender for IoT allowing u… https://t.co/cEnYqccXrV48 days ago
  • RT @VentureBeat: Five critical vulnerabilities in #Microsoft Azure Defender for #IoT could result in "full network compromise," researchers…48 days ago
  • Join us right now on a live Threat Intel Webinar starting at this moment on #UkraineRussianWar by @TomHegel… https://t.co/qViZm4g0i066 days ago

Recent Posts

  • Putting Things in Context | Timelining Threat Campaigns
    Putting Things in Context | Timelining Threat Campaigns
    May 11, 2022
  • Vulnerabilities in Avast And AVG Put Millions At Risk
    Vulnerabilities in Avast And AVG Put Millions At Risk
    May 5, 2022
  • Moshen Dragon’s Triad-and-Error Approach | Abusing Security Software to Sideload PlugX and ShadowPad
    Moshen Dragon’s Triad-and-Error Approach | Abusing Security Software to Sideload PlugX and ShadowPad
    May 2, 2022

Sign Up

Get notified when we post new content.

Thanks! Keep an eye out for new content!

  • Twitter
  • LinkedIn
©2022 SentinelOne, All Rights Reserved.