Posts
2521
Following
647
Followers
1462
"I'm interested in all kinds of astronomy."
repeated
@wdormann @kimzetter Maybe @thezdi can shed some light on that candidate ID?
1
0
2
repeated

Early 2020 I wrote this blog post about how exports malformed files that cannot be unzipped by widely-used tools (this only happens for large, > 4GB ZIP files):

https://www.bitsgalore.org/2020/03/11/does-microsoft-onedrive-export-large-ZIP-files-that-are-corrupt

Fast-forward 4.5 years, and Microsoft *still* hasn't fixed this!

Just ran into this again with a 6.5 GB file! Luckily the Fix-OneDrive-Zip tool by Paul Marquess helped me out again:

https://github.com/pmqs/Fix-OneDrive-Zip

1
3
0
@cR0w There's room for actors in different timezones
0
0
1
Quick, release your #0day, US is preoccupied with the election! ;)
0
0
3
repeated

Was it a mistake to teach fonts how to think? https://github.com/nevesnunes/z80-sans

2
5
0
repeated

@0xabad1dea so many times.

also:

client: can you test this web service?

me: sure!

client: ok it's at this URL

me: can you provide some docs, tests, sample requests / code, an app that exercises that service endpoint, and/or the source for the web service itself? web services are pretty much opaque without additional info

client: ........... we have a WSDL?

1
2
1
[RSS] Introducing lightyear: a new way to dump files in PHP

https://www.ambionics.io/blog/lightyear-file-dump
0
2
2
repeated
repeated

Performance isn't the enemy of security: we care about both. Today's patches finish off a set of security/performance improvements to eBPF. Below we show a ~30x speedup vs vanilla in running the eBPF selftests with every single option enabled!

1
3
0
repeated
Edited 8 months ago

In a new Q&A, Philip Bump, columnist for The Washington Post, reflects on why archiving the news goes beyond saving stories. From holding leaders accountable to capturing moments in culture, Bump shares insights on the need to preserve digital media.

🔗 https://blog.archive.org/2024/11/04/vanishing-culture-qa-with-philip-bump-the-washington-post/

0
6
0
@cR0w This is the literal translation of how we call these things around here o.O (aside of the "hasitasi" ("belly-baggy") slang,which is much more fun ofc)
0
1
2
repeated
New assessment for topic: CVE-2024-37404

Topic description: "Improper Input Validation in the admin portal of Ivanti Connect Secure before 22.7R2.1 and 9.1R18.9, or Ivanti Policy Secure before 22.7R1.1 allows a remote authenticated attacker to achieve remote code execution. ..."

"Ivanti Connect Secure versions prior to 22.7R2.1 and 22.7R2.2, and Ivanti Policy Secure versions prior to 22.7R1 are vulnerable to [CRLF injection](https://owasp.org/www-community/vulnerabilities/CRLF_Injection), which leads to remote code execution with the privileges of the user `root` ..."

Link: https://attackerkb.com/assessments/34ea5769-e0d6-4c65-bfc3-510c679ef515
0
1
1
repeated

Don’t miss out—RE//verse tickets are on sale now! https://shop.binary.ninja/products/re-verse

0
1
0
repeated
repeated

Announcement: ph0wn registration is opening today at 2pm!

The Ph0wn/Pico fan shop is already open. You'll find there hoodies, t-shirts, bags and many other items with or without @picolecroco . All items are sold at cost price and there's a 25% discount for 10 days.
Wear your item on the day of ph0wn!

https://ph0wn.myspreadshop.fr/

1
2
0
repeated
repeated

Hotdog or not hotdog?? 🌭

Let's take a look into a machine learning app that can detect hotdogs. How does it work? Can we change it into a pizza detector 🍕 app?

https://youtu.be/e2kosWm2vag

0
2
0
repeated

🔥💀After 40 hours of constant reversing of weird looking c++ and no sleep, I Finally cooked the
CVE-2024-47575 fortimanager unauthenticated RCE 🩸

https://bird.makeup/@watchtowrcyber/1853262240822276534

1
3
0
Show older