김동성 ᛫ Dongsung (Donny) Kim ᛫ 🎗️🏳️‍⚧️🕯️   

Bluesky ᛫ Twitter ᛫ GitHub ᛫ Medium ᛫ LinkedIn   

Work Experience

2024 - Present ᛫ Security Office ᛫ Cybersecurity Expert   

2022 - 2024 ᛫ Truesec / Säkerhetskontoret ᛫ IT-Security Expert   

2021 - 2022 ᛫ Z Enterprise ᛫ Software Engineer   

2019 - 2020 ᛫ RIDI Corp ᛫ Software Engineer / Security Advisor   

2018 - 2019 ᛫ Move, Inc ᛫ Software Engineer   

2016 - 2018 ᛫ H.I.T. (Hackers In inTrusion) Lab ᛫ Student Researcher   

2012 - 2014 ᛫ Shakr Media ᛫ Engineer   

2012 - 2012 ᛫ Ahn-graphics, Ltd. ᛫ Engineering Intern   

Security Research

2023 ᛫ DEF CON 31 ᛫ Your Clocks Have Ears! Timing-Based Browser-Based Local Network Port Scanner   

2022 ᛫ DEF CON 30 ᛫ The CSRF Resurrections! Starring the Unholy Trinity: Service Worker of PWA, SameSite of HTTP Cookie, and Fetch ᛫ CVE-2022-0117, CVE-2022-45410   

2020 ᛫ macOS OCSP “telemetry”—Explainer and Mitigation with Noise   

2018 ᛫ DEF CON 26 ᛫ Your Watch Can Watch You! Gear Up for the Broken Privilege Pitfalls in the Samsung Gear Smartwatch ᛫ CVE-2018-16262, CVE-2018-16263, CVE-2018-16264, CVE-2018-16265, CVE-2018-16266, CVE-2018-16267, CVE-2018-16268, CVE-2018-16269, CVE-2018-16270, CVE-2018-16271, CVE-2018-16272   

2015 ᛫ Private Browsing History Leak in Apple Safari ᛫ CVE-2015-3754   

Software Development

2022 - Present ᛫ Sok Input Method   

2014 - 2015 ᛫ BeotsMusic   

2008 - 2013 ᛫ Lyrichand   

2008 - 2011 ᛫ PodBuddy