| Tweetovi |
|
Max
@_mxms
|
2. lis |
|
There’s also a format string bug going the opposite direction (when your phones name is %p%p%p...) twitter.com/fransrosen/sta… pic.twitter.com/QqEfSRVIot
|
||
|
|
||
| Max proslijedio/la je tweet | ||
|
yrp
@yrp604
|
2. lis |
|
The second annual infosec fat bear bracket is here. Let’s gamble on some fat bears for charity. Brackets due ASAP.
dpaste.de/OZ1U
|
||
|
|
||
|
Max
@_mxms
|
5. ruj |
|
No CFG :(
|
||
|
|
||
| Max proslijedio/la je tweet | ||
|
Justin Campbell
@metr0
|
13. kol |
|
It's not obvious from the advisory, but the same code runs in RDP client. The issues have been patched in both.
This would have allowed a malicious server to compromise a client without any alerting behavior, or a MitM attack with a warning confirmation.
|
||
|
|
||
| Max proslijedio/la je tweet | ||
|
Justin Campbell
@metr0
|
13. kol |
|
August Patch Tuesday includes fixes for our internal finds in RDP, including RCE and remote info disclosure, and affecting Win 10 latest. The team successfully built a full exploit chain using some of these, so it's likely someone else will as well.
Patch and enable NLA. twitter.com/msftsecrespons…
|
||
|
|
||
|
Max
@_mxms
|
12. kol |
|
Did anyone find / exploit the serialization bugs in TelOoOgram during DEF CON CTF?
|
||
|
|
||
| Max proslijedio/la je tweet | ||
|
Perri Adams
@perribus
|
24. tra |
|
|
||
|
|
||
| Max proslijedio/la je tweet | ||
|
Justin Campbell
@metr0
|
14. velj |
|
We've built tools for fuzzing based on emulation of a process snapshot captured via minidump. We're considering open sourcing the tool, and I'm curious about interest level from the rest of the world. (1/3)
|
||
|
|
||
|
Max
@_mxms
|
13. pro 2018. |
|
Last year RPISEC was at the RPI club fair, and a person of color came to our table and saw the book, and asked the same thing. I’m incredibly happy they asked instead of assuming
|
||
|
|
||
| Max proslijedio/la je tweet | ||
|
Real World CTF
@RealWorldCTF
|
1. pro 2018. |
|
#RealWorldCTF2018 RPISEC has successfully pwned the Safari browser and spawned a calculator on the victim host at their first attampt during the demostration! pic.twitter.com/jksNTVxHqy
|
||
|
|
||
| Max proslijedio/la je tweet | ||
|
Brandon Falk
@gamozolabs
|
19. lis 2018. |
|
Print your own Android 0day with the World's Worst Android Kernel Fuzzer
gamozolabs.github.io/fuzzing/2018/1…
|
||
|
|
||
| Max proslijedio/la je tweet | ||
|
Brandon Falk
@gamozolabs
|
15. lis 2018. |
|
Vectorized Emulation: Hardware accelerated taint tracking at 2 trillion instructions per second
gamozolabs.github.io/fuzzing/2018/1…
|
||
|
|
||
| Max proslijedio/la je tweet | ||
|
Gabby Roncone
@gabby_roncone
|
6. lis 2018. |
|
After Trump was elected, I felt unsafe. I thought that electing a man as president who has assaulted women would normalize that behavior, make assault seem inconsequential to a perpetrator. Right now, I feel worse. It’s normalized, all right.
|
||
|
|
||
|
Max
@_mxms
|
17. ruj 2018. |
|
So what’re we supposed to be doing about the ongoing calls from numbers in our area code? It’s old...
|
||
|
|
||
| Max proslijedio/la je tweet | ||
|
RPISEC
@RPISEC
|
16. ruj 2018. |
|
Came in 1st in CSAW 2018 Quals! Kudos to all who played, it was a tough competition this year! See y'all at finals! twitter.com/CSAW_NYUTandon…
|
||
|
|
||
|
Max
@_mxms
|
15. ruj 2018. |
|
|
||
|
|
||
| Max proslijedio/la je tweet | ||
|
Winnona
@__winn
|
3. ruj 2018. |
|
Honored to be speaking at the Forbes 30 under 30 cyber security panel in Boston this October! #under30summit pic.twitter.com/M8KK1uOJcB
|
||
|
|
||
| Max proslijedio/la je tweet | ||
|
Hawkheart
@Hwakheart
|
30. kol 2018. |
|
Control my living room lightbulb: lights.hawkhe.art
|
||
|
|
||
|
Max
@_mxms
|
28. kol 2018. |
|
I had two 😟
|
||
|
|
||
| Max proslijedio/la je tweet | ||
|
Winnona
@__winn
|
16. kol 2018. |
|
My first technical analysis piece at @RecordedFuture! TL;DR:
1) Chinese backdoor with a daily 180 second entry-window found in Tibet
2) Qinghua University infrastructure, connected to backdoor, scanning #BeltandRoad partners/ US gov entities denouncing #USChinaTradeWar. twitter.com/RecordedFuture…
|
||
|
|
||