solidsnail@infosec.pubEnglish · 7 months agoIt’s not a Feature, It’s a Vulnerabilityplus-squareblog.solidsnail.comexternal-linkmessage-square0fedilinkarrow-up13arrow-down10
arrow-up13arrow-down1external-linkIt’s not a Feature, It’s a Vulnerabilityplus-squareblog.solidsnail.comsolidsnail@infosec.pubEnglish · 7 months agomessage-square0fedilink
Reddit x-poster@infosec.pubBEnglish · 9 months agoCurl: Severity HIGH security problem to be announced with curl 8.4.0plus-squaregithub.comexternal-linkmessage-square0fedilinkarrow-up110arrow-down10
arrow-up110arrow-down1external-linkCurl: Severity HIGH security problem to be announced with curl 8.4.0plus-squaregithub.comReddit x-poster@infosec.pubBEnglish · 9 months agomessage-square0fedilink
Reddit x-poster@infosec.pubBEnglish · 9 months agoPitfalls of relying on eBPF for security monitoring (and some solutions)plus-squareblog.trailofbits.comexternal-linkmessage-square0fedilinkarrow-up11arrow-down10
arrow-up11arrow-down1external-linkPitfalls of relying on eBPF for security monitoring (and some solutions)plus-squareblog.trailofbits.comReddit x-poster@infosec.pubBEnglish · 9 months agomessage-square0fedilink
Reddit x-poster@infosec.pubBEnglish · 9 months agoPoC exploit for CVE-2023-4911 "Looney Tunables"plus-squaregithub.comexternal-linkmessage-square0fedilinkarrow-up16arrow-down10
arrow-up16arrow-down1external-linkPoC exploit for CVE-2023-4911 "Looney Tunables"plus-squaregithub.comReddit x-poster@infosec.pubBEnglish · 9 months agomessage-square0fedilink
Reddit x-poster@infosec.pubBEnglish · 9 months agoExploring the STSAFE-A110plus-squarewww.elttam.comexternal-linkmessage-square0fedilinkarrow-up12arrow-down10
arrow-up12arrow-down1external-linkExploring the STSAFE-A110plus-squarewww.elttam.comReddit x-poster@infosec.pubBEnglish · 9 months agomessage-square0fedilink
Reddit x-poster@infosec.pubBEnglish · 9 months agoroot with a single command: sudo logrotateplus-squarejoshua.huexternal-linkmessage-square0fedilinkarrow-up13arrow-down10
arrow-up13arrow-down1external-linkroot with a single command: sudo logrotateplus-squarejoshua.huReddit x-poster@infosec.pubBEnglish · 9 months agomessage-square0fedilink
Reddit x-poster@infosec.pubBEnglish · 9 months agoCisco advisory: Reports about bad Actors Hiding in Router Firmwareplus-squaresec.cloudapps.cisco.comexternal-linkmessage-square0fedilinkarrow-up17arrow-down10
arrow-up17arrow-down1external-linkCisco advisory: Reports about bad Actors Hiding in Router Firmwareplus-squaresec.cloudapps.cisco.comReddit x-poster@infosec.pubBEnglish · 9 months agomessage-square0fedilink
Reddit x-poster@infosec.pubBEnglish · 9 months agoDNS Debugging: What you need to knowplus-squarewww.checklyhq.comexternal-linkmessage-square0fedilinkarrow-up13arrow-down10
arrow-up13arrow-down1external-linkDNS Debugging: What you need to knowplus-squarewww.checklyhq.comReddit x-poster@infosec.pubBEnglish · 9 months agomessage-square0fedilink
Reddit x-poster@infosec.pubBEnglish · 9 months agoAnalysis of CVE-2023-38831 Zero-Day vulnerability in WinRARplus-squareblog.securelayer7.netexternal-linkmessage-square0fedilinkarrow-up19arrow-down10
arrow-up19arrow-down1external-linkAnalysis of CVE-2023-38831 Zero-Day vulnerability in WinRARplus-squareblog.securelayer7.netReddit x-poster@infosec.pubBEnglish · 9 months agomessage-square0fedilink
Reddit x-poster@infosec.pubBEnglish · 9 months agoOver 400K Buckets and 10.4B Files Are Public Due to Cloud Misconfigurationsplus-squaresocradar.ioexternal-linkmessage-square0fedilinkarrow-up111arrow-down10
arrow-up111arrow-down1external-linkOver 400K Buckets and 10.4B Files Are Public Due to Cloud Misconfigurationsplus-squaresocradar.ioReddit x-poster@infosec.pubBEnglish · 9 months agomessage-square0fedilink
Reddit x-poster@infosec.pubBEnglish · 9 months agoInsecure URL handler (Electron) in iRacing leading to RCE in the client - bug discovery and exploitplus-squareblog.ss23.geek.nzexternal-linkmessage-square0fedilinkarrow-up13arrow-down10
arrow-up13arrow-down1external-linkInsecure URL handler (Electron) in iRacing leading to RCE in the client - bug discovery and exploitplus-squareblog.ss23.geek.nzReddit x-poster@infosec.pubBEnglish · 9 months agomessage-square0fedilink
Reddit x-poster@infosec.pubBEnglish · 9 months agoThe WebP 0dayplus-squareblog.isosceles.comexternal-linkmessage-square0fedilinkarrow-up15arrow-down10
arrow-up15arrow-down1external-linkThe WebP 0dayplus-squareblog.isosceles.comReddit x-poster@infosec.pubBEnglish · 9 months agomessage-square0fedilink
N7x@infosec.pubEnglish · 9 months agoGitHub Copilot, Amazon Code Whisperer emit people's API keysplus-squarewww.theregister.comexternal-linkmessage-square11fedilinkarrow-up120arrow-down11
arrow-up119arrow-down1external-linkGitHub Copilot, Amazon Code Whisperer emit people's API keysplus-squarewww.theregister.comN7x@infosec.pubEnglish · 9 months agomessage-square11fedilink
N7x@infosec.pubEnglish · 9 months agoCommunity review - OWASP Mobile Application Security risk assessment formulaplus-squaremas.owasp.orgexternal-linkmessage-square0fedilinkarrow-up13arrow-down10
arrow-up13arrow-down1external-linkCommunity review - OWASP Mobile Application Security risk assessment formulaplus-squaremas.owasp.orgN7x@infosec.pubEnglish · 9 months agomessage-square0fedilink
Reddit x-poster@infosec.pubBEnglish · 10 months agoZero-Knowledge Middleboxesplus-squareeprint.iacr.orgexternal-linkmessage-square0fedilinkarrow-up12arrow-down11
arrow-up11arrow-down1external-linkZero-Knowledge Middleboxesplus-squareeprint.iacr.orgReddit x-poster@infosec.pubBEnglish · 10 months agomessage-square0fedilink
Reddit x-poster@infosec.pubBEnglish · 10 months agoWhen MFA isn't actually MFAplus-squareretool.comexternal-linkmessage-square0fedilinkarrow-up16arrow-down11
arrow-up15arrow-down1external-linkWhen MFA isn't actually MFAplus-squareretool.comReddit x-poster@infosec.pubBEnglish · 10 months agomessage-square0fedilink
Reddit x-poster@infosec.pubBEnglish · 10 months agoFuzzing with multiple servers in parallel: AFL++ with Network File Systemsplus-squarejoshua.huexternal-linkmessage-square0fedilinkarrow-up11arrow-down10
arrow-up11arrow-down1external-linkFuzzing with multiple servers in parallel: AFL++ with Network File Systemsplus-squarejoshua.huReddit x-poster@infosec.pubBEnglish · 10 months agomessage-square0fedilink
Reddit x-poster@infosec.pubBEnglish · 10 months agoAccount Takeover in Canvas Apps served in Comet due to failure in Cross-Window-Message Origin validationplus-squareysamm.comexternal-linkmessage-square0fedilinkarrow-up11arrow-down10
arrow-up11arrow-down1external-linkAccount Takeover in Canvas Apps served in Comet due to failure in Cross-Window-Message Origin validationplus-squareysamm.comReddit x-poster@infosec.pubBEnglish · 10 months agomessage-square0fedilink
Reddit x-poster@infosec.pubBEnglish · 10 months agoCVE-2022-32947: macOS GPU-launched kernel privilege escalation exploit (walkthrough slides + demo)plus-squareasahilina.netexternal-linkmessage-square0fedilinkarrow-up13arrow-down10
arrow-up13arrow-down1external-linkCVE-2022-32947: macOS GPU-launched kernel privilege escalation exploit (walkthrough slides + demo)plus-squareasahilina.netReddit x-poster@infosec.pubBEnglish · 10 months agomessage-square0fedilink
Reddit x-poster@infosec.pubBEnglish · 10 months agoA Big Look at Security in OpenAPIplus-squareliblab.comexternal-linkmessage-square0fedilinkarrow-up12arrow-down10
arrow-up12arrow-down1external-linkA Big Look at Security in OpenAPIplus-squareliblab.comReddit x-poster@infosec.pubBEnglish · 10 months agomessage-square0fedilink