Björn Ruytenberg's home page

About me

I am Björn Ruytenberg, MSc student in Computer Science and Engineering, specializing in Information Security, at TU/e and RU. Being a technology enthusiast, I hold a BSc in Electrical Engineering as well as Computer Science (cum laude). Aside from my work as a software developer, I'm an active participant in bug bounty programs. My vulnerability research mainly focuses on sandboxing technology in widely deployed enterprise products, including Adobe Flash, Microsoft Office and Foxit Reader.

You can get in touch with me by email: bjornbjornwebnl (PGP), Twitter (@0Xiphorus), and Freenode IRC (Xiphorus).

Blog

My blog is a collection of articles. Here are the most recent entries:

Security vulnerabilities

I report security vulnerabilities whenever I find them. Some are listed below:

CVE-2017-4939 - VMware Workstation DLL Hijacking Arbitrary Code Execution
SSD-3463 - Microsoft Office Host Machine Information and Windows User Credentials Disclosure
CVE-2017-3085 - Adobe Flash Remote Sandbox Windows User Credentials Disclosure
CVE-2016-4271 - Adobe Flash Local Data Exfiltration and Windows User Credentials Disclosure
ZDI-16-395 - Foxit Reader Arbitrary Code Execution and Information Disclosure

Talks

On the Spectre of Meltdown: Analysing the Attacks and Mitigations - Guest lecture for Embedded Systems course on Parallelization, Compilers and Platforms, Eindhoven University of Technology (03/2018)
Playing in the Sandbox: Bypassing Adobe Flash Input Validation - Invited talk at OWASP Netherlands Chapter Meeting, Radboud University Nijmegen (10/2017)
Scribbles: Dissecting the Vault7 Office Tracker Implant - Information Security seminar, Eindhoven University of Technology (06/2017)

Miscellaneous

Whenever I have an urge to drop a file somewhere, I usually do this in my files section.

blog feed archive

About me

Blog

Security vulnerabilities

Talks

Miscellaneous