Bio. of Lingtong(Seven) Shen

Working experinces

2010~, TrendMicro, solution developer&security researcher
2008~2010, Nokia networks(NSN), Embedded SW deveoper
2007~2008, Viaon tech, Embedded SW developer

Education

2004~2007,Nanjing University of Posts and Telecommunications, Master in computer software and theory
2000~2004, Nanjing Tech University, Bachelor in Bioengineering

Blogs

A Denial-of-Service vulnerability can remotely crash Android messenger App
In Review: 2016’s Mobile Threat Landscape Brings Diversity, Scale, and Scope*
Mediaserver Vulnerabilities Highlight Android’s March Security Bulletin*
Security Update Patches 13 Android Vulnerabilities Discovered by Trend Micro*
Setting the Record Straight on Moplus SDK and the Wormhole Vulnerability
Android Security Update Includes Fix for Stagefright Vulnerabilities Discovered by Trend Micro*
German Users Hit By Dirty Mobile Banking Malware Posing As PayPal App
Two New Android Bugs Mess up Messaging; May Lead to Multiple Send Charges
Apache Cordova Remote Vulnerability leads to One-Click Modification of Android Apps
The Fine Line Between Ad and Adware: A Closer Look at the MDash SDK
Repackaging HTML5 Apps into Android Malware
Android Malware Use SSL for Evasion
(*partial contributed)

Disclosed CVEs

-CVE-2015-1835:Remote modify Cordova configurations, poc
-CVE-2015-3839:DoS Messaging app
-CVE-2015-3840:MMS/SMS status modify
-CVE-2015-3847:Arbitrary SMS removal
-CVE-2015-3851:Phone DoS/SIP profile removal
-CVE-2015-3852:Device continue reboot
-CVE-2015-6600:Remote heap buffer overflow in media server
-CVE-2015-6610:Local heap buffer overflow in media server
-CVE-2016-0803:Remote heap buffer overflow in media server
-CVE-2016-2064:Qualcomm sound driver buffer overflow
-CVE-2016-2065:Qualcomm sound driver buffer overflow
-CVE-2016-2066:Qualcomm sound driver buffer overflow
-CVE-2016-2068:Qualcomm sound driver buffer overflow
-CVE-2016-3894:Qualcomm DMA driver info leak
-CVE-2016-3931:Qualcomm QSEE driver buffer overflow
-CVE-2016-6693:Qualcomm sound driver buffer overflow
-CVE-2016-6694:Qualcomm sound driver buffer overflow
-CVE-2016-6695:Qualcomm sound driver buffer overflow
-CVE-2016-6685:kernel info leak
-CVE-2016-6683:Kernel info leak
-CVE-2016-6680:Qualcomm wlan driver info leak
-CVE-2016-6679:Qualcomm wlan driver info leak
-CVE-2016-3903:Qualcomm camera driver use-after-free
-CVE-2016-6748:Kernel info leak
-CVE-2016-6749:Kernel info leak
-CVE-2016-6750:Kernel info leak
-CVE-2016-6753:Kernel info leak
-CVE-2016-6757:Kernel info leak
-CVE-2016-8466:Broadcom Wi-Fi driver Buffer overflow
-CVE-2016-8418:Qualcomm crypto driver RCE
-CVE-2017-0449:Broadcom Wi-Fi driver buffer overflow
-CVE-2017-0452:Kernel info leak
-CVE-2017-0578:DTS sound driver race condition
-CVE-2016-5853:Qualcomm sound driver heap overflow
-CVE-2016-5860:Qualcomm camera driver heap overflow
-CVE-2016-5859:Qualcom sound driver heap overflow
-CVE-2016-5867:Qualcomm sound driver heap overflow
-CVE-2016-5346:Qualcomm timer info leak
-CVE-2016-10231:Qualcomm sound codec driver EoP
-CVE-2017-0586:Qualcomm sound driver information disclosure
-CVE-2017-8246:Qualcomm ALSA PCM Playback UAF
-CVE-2016-5862:[Qualcomm sound codec driver type confusion]
-CVE-2016-5858:[Qualcomm sound codec driver information leakage]
-CVE-2017-0608:[Qualcomm sound codec driver buffer overflow]
-CVE-2016-5347:Qualcomm sound codec driver information leakage
-CVE-2017-7369:ALSA framework stack overflow
-CVE-2017-6247:NVIDIA ASoC buffer overflow
-CVE-2017-6248:NVIDIA ASoC buffer overflow
-CVE-2017-6249:NVIDIA ASoC buffer overflow

Confereces&Papers

Shakacon2017: Reviewing the security of ASoC drivers in Android kernel
一种基于非完全公正方的对等网络公证协议. 计算机工程07年20期
An Improved Multilevel Fuzzy Comprehensive Evaluation Algorithm for Security Performance,The Journal of China Universities of Posts and Telecommunications. 2006.12, 13(4):48-53
入侵检测系统中的特征选择与可视化. 计算机应用研究, 2005年12月增刊: 214-215