@cR0w link plz!

@Viss the more time I spend in this profession (or on this planet?) the more I recognize how rare those moments are

it is always a pleasure talking with sharp people who know what they're doing

Possible Bird Strike? USN E-2C flies into a flock of seagulls while working the pattern at Pt. Mugu. Note the blowup it appears part of the wing starting to wrap around the prop #USN #mugu #ptmugu #e2c #avgeek #propeller #AWACS #aviation #nikon #photography #birdstrike #aviation #seagulls #flockofseagulls

@cR0w also irish coffee!

Did you vote in America yesterday? If so, you just got doxed

This site takes voter records that can be hard to source and puts them all into one place. Name, address, voter history, for free. It turns voting into a privacy and security risk https://www.404media.co/voted-in-america-this-site-doxed-you/

We just released our Q2 & Q3 updates to the Mozilla Firefox Bug Bounty Hall of Fame. You can now find all the brilliant security researchers that helped secure Firefox in the last couple of quarters. https://www.mozilla.org/en-US/security/bug-bounty/hall-of-fame/. Thank you!

(The Mozilla web sites & services hacker hall of fame is continuously updated and available at https://hackerone.com/mozilla/hacktivity)

@tmr232 I think that'd be in the release documents, and I can't find anything promising when searching for .py's either. But that's just a quick look.

Generated docs for the latest #Ghidra 11.2.1 are now available at:

https://scrapco.de/ghidra_docs/

Differences from previous version:

https://gist.github.com/v-p-b/fb76fae8cbcb490a33039892c3feea9b

@da_667 "gone" is a bit strong phrase to use when everyone is free to copy your stream for a whole week

#Ghidra 11.2.1 released

What's New:
https://htmlpreview.github.io/?https://github.com/NationalSecurityAgency/ghidra/blob/Ghidra_11.2.1_build/Ghidra/Configurations/Public_Release/src/global/docs/WhatsNew.html

Change History:
https://htmlpreview.github.io/?https://github.com/NationalSecurityAgency/ghidra/blob/Ghidra_11.2.1_build/Ghidra/Configurations/Public_Release/src/global/docs/ChangeHistory.html

Upcoming hardening in PHP https://dustri.org/b/upcoming-hardening-in-php.html

and here's how we worked on the recent #curl CVE from it first being reported until published earlier today: https://hackerone.com/reports/2764830

@Viss best reaction I've seen so far xD

Dear Developers,

if you write #documentation, include the *context* where a piece of code/config/prayer/... should go, pretty please!

Thank you,

Your Fellow IT People

[oss-security] shell wildcard expansion (un)safety

https://seclists.org/oss-sec/2024/q4/56

CVE-2024-9681 HSTS subdomain overwrites parent cache entry

https://curl.se/docs/CVE-2024-9681.html

[RSS] On the limits of time travel in the face of undefined behavior in C

https://devblogs.microsoft.com/oldnewthing/20241104-00/?p=110466

New assessment for topic: CVE-2024-35250

Topic description: "Windows Kernel-Mode Driver Elevation of Privilege Vulnerability ..."

"The ks.sys driver on Windows is one of the core components of Kernel Streaming and is installed by default ..."

Link: https://attackerkb.com/assessments/b966571c-c90a-4055-af54-ee6af8389f53

Exciting news! I’m starting X-Force’s new offensive research team (XOR) and hiring a security researcher. Want to work with researchers (like @fuzzysec and I) to find bugs, exploit popular targets, and share your work? Apply for this unique (remote) role 😊https://careers.ibm.com/job/21219320/security-researcher-san-jose-ca/