| Tweetovi |
| Andrey Lovyannikov proslijedio/la je tweet | ||
|
Synacktiv
@Synacktiv
|
14. sij |
|
Fifty shades darker: no safe wor(l)d in SMM by @BrunoPujos
synacktiv.com/posts/exploit/…
|
||
|
|
||
| Andrey Lovyannikov proslijedio/la je tweet | ||
|
Siguza
@s1guza
|
7. sij |
|
New blog post. ARM hardware bug. In the specification.
siguza.github.io/PAN/
|
||
|
|
||
| Andrey Lovyannikov proslijedio/la je tweet | ||
|
|
bdcht
@bdcht
|
4. sij |
|
I've just released ccrawl (github.com/bdcht/ccrawl). Its a #clang-based tool that allows to collect and query various properties of C/C++ data structures, and to translate them for example to ctypes (including on C++ class instances.)
|
||
|
|
||
| Andrey Lovyannikov proslijedio/la je tweet | ||
|
KEENLAB
@keen_lab
|
2. sij |
|
Exploiting Wi-Fi stack on Tesla Model S. Details of vulnerabilities and exploition: keenlab.tencent.com/en/2020/01/02/…
|
||
|
|
||
| Andrey Lovyannikov proslijedio/la je tweet | ||
|
Underfox
@Underfox3
|
30. pro |
|
In this paper, researchers have demonstrated JackHammer, a novel and efficient Rowhammer from the FPGA to the host’s main memory, showing to be 25% faster than a CPU rowhammer attack in a realistic fault attack on the WolfSSL RSA signing implementation.
arxiv.org/pdf/1912.11523… pic.twitter.com/xte7xVlYAa
|
||
|
|
||
| Andrey Lovyannikov proslijedio/la je tweet | ||
|
Matthew Risck
@Mateusz_Jozef
|
28. pro |
|
D-Link DIR-859 — RCE UnAutenticated (CVE-2019–17621) [EN] by @s1kr10s link.medium.com/RUYhUEgBH2
|
||
|
|
||
| Andrey Lovyannikov proslijedio/la je tweet | ||
|
~
@xerub
|
28. pro |
|
github.com/xerub/acorn untethered+unsandboxed code execution based on media.ccc.de/v/36c3-11034-t… /cc @littlelailo @s1guza @ZecOps @_bazad
|
||
|
|
||
| Andrey Lovyannikov proslijedio/la je tweet | ||
|
Igor Skochinsky
@IgorSkochinsky
|
28. pro |
|
Cable with a LED strip showing packet type by color, really cool! youtu.be/5yJyNpHeRzg
|
||
|
|
||
| Andrey Lovyannikov proslijedio/la je tweet | ||
|
Emad Shanab
@Alra3ees
|
27. pro |
|
Mobile Application Pentesting :
Part 1:-
medium.com/@patilpiyush/m…
Part 2:-
medium.com/@patilpiyush/m…
Part 3:-
medium.com/@patilpiyush/m…
Part 4:-
medium.com/@patilpiyush/m…
Part 5:-
medium.com/@patilpiyush/m…
Part 6:-
medium.com/@patilpiyush/m…
|
||
|
|
||
| Andrey Lovyannikov proslijedio/la je tweet | ||
|
bunnie
@bunniestudios
|
27. pro |
|
Can we build trustable hardware? I think it’s possible if we:
1) simplify the hardware
2) verify the entire system, not just chips
3) empower users to check and seal their devices
Our new Betrusted project embodies these principles, read more at: bunniestudios.com/blog/?p=5706 pic.twitter.com/OKyMxHDBUj
|
||
|
|
||
| Andrey Lovyannikov proslijedio/la je tweet | ||
|
grsecurity
@grsecurity
|
26. pro |
|
Pretty handy for those who don't have something like this: github.com/marin-m/vmlinu… see also: github.com/jonoberheide/k…
|
||
|
|
||
| Andrey Lovyannikov proslijedio/la je tweet | ||
|
Bert JW Regeer (0x58)
@bertjwregeer
|
24. pro |
|
NGINX fixed the security issue that @francisco_oca and I found recently.
See our report: bertjwregeer.keybase.pub/2019-12-10%20-…
The fix was made public here:
hg.nginx.org/nginx/rev/d0d6…
We found various places that provided recommended configurations that are vulnerable.
|
||
|
|
||
| Andrey Lovyannikov proslijedio/la je tweet | ||
|
BC Security
@BCSecurity1
|
23. pro |
|
Empire 3.0 is officially here
...and just in time for Christmas!
Blog: bc-security.org/post/the-empir…
GitHub: github.com/BC-SECURITY/Em…
#Powershell #Cybersecurity #infosec
|
||
|
|
||
| Andrey Lovyannikov proslijedio/la je tweet | ||
|
nafod
@_nafod
|
21. pro |
|
Pwning VMWare, Part 1: RWCTF 2018 Station-Escape
nafod.net/blog/2019/12/2…
|
||
|
|
||
| Andrey Lovyannikov proslijedio/la je tweet | ||
|
dragosr
@dragosr
|
20. pro |
|
The entropy depletion cult and brokenness in the Linux random number generation. research.nccgroup.com/2019/12/19/on-…
|
||
|
|
||
| Andrey Lovyannikov proslijedio/la je tweet | ||
|
Ivan Krstić
@radian
|
20. pro |
|
Now live!
🔺The new Apple Security Bounty! developer.apple.com/security-bount…
🔺The new Apple Platform Security guide, featuring Mac for the first time!
support.apple.com/guide/security…
(PDF version: manuals.info.apple.com/MANUALS/1000/M…)
🔺My Black Hat 2019 talk: youtube.com/watch?v=3byNNU…
Happy holidays! 🎄
|
||
|
|
||
| Andrey Lovyannikov proslijedio/la je tweet | ||
|
Jeremy Howard
@jeremyphoward
|
18. pro |
|
For all of you who have been asking for a tutorial on how to develop complete python projects with @ProjectJupyter and nbdev - we now have step-by-step video and webpage tutorials for you!
(The video is immediately after the table of contents.)
nbdev.fast.ai/tutorial
|
||
|
|
||
| Andrey Lovyannikov proslijedio/la je tweet | ||
|
James / ジェームズ
@jgerity
|
17. pro |
|
This is one of the most cursed things I've ever seen:
$ python2
>>> import string
>>> string.letters
'abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ'
>>> help(string)
>>> string.letters
'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz'
|
||
|
|
||
| Andrey Lovyannikov proslijedio/la je tweet | ||
|
Unix tool tip
@UnixToolTip
|
18. pro |
|
Can convert different bases to base 10 at the bash prompt with base#number.
> echo $((2#111))
7
> echo $((16#FF))
255
> echo $((36#ZEBRA))
59454982
|
||
|
|
||
| Andrey Lovyannikov proslijedio/la je tweet | ||
|
Mislav Marohnić
@mislav
|
17. pro |
|
The `git checkout` command was confusingly named and too overloaded in functionality.
“How do I switch to a branch?” - checkout
“How do I restore a file to a previous version?” - checkout
Enter Git 2.23:
- `git switch <branch>`
- `git restore <file>`
github.com/git/git/blob/m…
|
||
|
|
||