---
layout: default
---

<header class="header">
  <div class="container">
    

    
<nav class="nav  nav--header">
  <ul class="list  list--nav">
    

      

      <li class="item  item--nav">
        <a href="/">Home</a>
      </li>
    

      

      <li class="item  item--nav">
        <a href="/about/">About</a>
      </li>
    

      

      <li class="item  item--nav">
        <a href="/blog/">Blog</a>
      </li>
    

      

      <li class="item  item--nav">
        <a href="/tools/">Tools</a>
      </li>
    

      

      <li class="item  item--nav">
        <a href="/vulnerability-disclosure-policy/">Vulnerability Disclosure Policy</a>
      </li>
    
  </ul>
  <button class="button  button--nav" aria-label="Menu toggle">
    <svg width="16" height="16" class="icon  icon--nav" role="img" alt="Menu"><title>Menu</title><use xlink:href="#nav" fill="CurrentColor"></use></svg>

  </button>
</nav>


<script type="text/javascript">
  // Get list and button
  const navList = document.querySelector('.header .list--nav')
  const button  = document.querySelector('.header .button--nav')

  // Hide nav and apply toggle
  const collapseNav = () => {
    if (document.body.clientWidth < 640) {
      navList.style.setProperty('--listHeight', `-${navList.offsetHeight}px`)
    } else {
      navList.removeAttribute('style')
    }

    button.onclick = () => {
      navList.style.setProperty('transition', `margin .1s`)
      if (navList.style.getPropertyValue('--listHeight')) {
        navList.style.removeProperty('--listHeight')
      } else {
        navList.style.setProperty('--listHeight', `-${navList.offsetHeight}px`)
      }
    }
  }

  collapseNav()

  // Check on resize if to collapse nav
  window.addEventListener('resize', () => {
    collapseNav()
  })
</script>

  </div>

  




  <div class="feature" style="background-image: url(/images/logo-black.jpg)">
    <div class="container  typeset">
      

    </div>
  </div>



</header>


<main class="main  container">

  <article class="article  article--post  content  typeset">

    <h1>Ken is talking at DEFCON 32</h1>
    

<small class="small  post-meta">
  
  
    
      <span class="label  label--category"><a href="/categories/#general">General</a></span>
    
  &nbsp;&middot;&nbsp;<time datetime="2024-07-15T00:00:00+00:00" class="time">15 Jul 2024</time>
</small>

    <p>Ken Gannon, the CEO of Malicious Erection LLC, is talking at DEFCON 32!</p>

<p><a href="https://defcon.org/html/defcon-32/dc-32-speakers.html#54454">https://defcon.org/html/defcon-32/dc-32-speakers.html#54454</a></p>

<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>At Pwn2Own Toronto 2023, NCC Group was one of the two teams that compromised the Xiaomi 13 Pro. The exploit chain involved using a malicious HTML hyperlink and uploading a potentially malicious application to the Xiaomi app store.

However, this talk is not just about the technical details of the exploit. While researching the final exploit, NCC Group discovered how an exploit could work in one region of the world, but not in other regions, and how the researchers had to travel to Canada for a day just to test if the exploit would work in Canada. This talk also discusses just how far Xiaomi is willing to go to make sure their device isn't hacked at Pwn2Own, and why only two teams were able to successfully compromise the device during the competition.
</code></pre></div></div>

<p>When: 9 August 2024, 13:30 Las Vegas time 
Where: LVCC - L3 - W322-W327 (Warstories Track)</p>


    <div class="share">
  
</div>


    


  </article>

  

</main>