Posts
2465
Following
555
Followers
1263
A drunken debugger

Heretek of Silent Signal
repeated

Please make this happen. I would love nothing more than to have an image parser run during a bugcheck

https://bird.makeup/@clemensv/1814209068082270285

1
2
1
[RSS] Was It Really GPAC? (No!) Getting a CVE Removed from CISA KEV

https://jericho.blog/2024/11/07/was-it-really-gpac-no-getting-a-cve-removed-from-cisa-kev/
0
2
3
[RSS] Introduction to Procedural Debugging through Binary Libification [USENIX paper]

https://www.usenix.org/conference/woot24/presentation/brossard

%27In this article, we introduce the notions of "libification" and "procedural debugging" to facilitate partial debugging of binaries at the procedural level. These techniques allow the transformation of arbitrary dynamically linked ELF binaries into shared libraries, and the study of memory corruption bugs by directly calling the vulnerable functions, hence separating the memory corruption intraprocedural analysis from the reachability problem. %27
0
0
1
Woohoo! My PR got merged and deployed to prod so now you can search MITRE ATT&CK with the !attack Bang with @kagihq \o/

https://github.com/kagisearch/bangs/pull/125
1
1
8
I remember a set of torrents for de-facto standard online content like Wikipedia, Arch Wiki, etc. but can't seem to find them.

Any clues?
1
1
1
repeated

bert hubert ๐Ÿ‡บ๐Ÿ‡ฆ๐Ÿ‡ช๐Ÿ‡บ

If as it appears likely that ๐Ÿ‡ช๐Ÿ‡บwill have to start defending itself against Russia ๐Ÿ‡ท๐Ÿ‡บ alone it may be good to realize our IT systems and society arenโ€™t remotely ready for that. https://berthub.eu/articles/posts/cyber-security-pre-war-reality-check/

0
5
0
@singe Didn't know that site, looks really useful! On the other hand I see 0 chance such sites would get off among the majority of the population, esp. when compared to social media.
0
0
1
@singe I was wondering how much of this is enabled by social media microtargeting (everyone gets what they want to hear, even contradictory messages work)
1
0
1
repeated

Ekoparty 2024 Binary Gecko Challenge ๐Ÿ‡ฆ๐Ÿ‡ท

Complete the challenge to get a ticket to our VIP dinner/party event in Buenos Aires during the conference.

Winners will also get an interview for a Security Researcher position at Binary Gecko.

https://github.com/Binary-Gecko/ekoparty2024_challenge

0
3
0
#music #uspol #punk
Show content
0
0
0
repeated

William Gibson talks about and , as well as the dangers of cyberspace, back in 1993.

1
3
0
@bagder I see strong correlation between bullshit bug reports (not just in curl and not just about security) and the inability to use the markup of the bug tracker
0
0
0
repeated

strcpy can cause a buffer overflow

user finds strcpy in code

user files a CRITICAL security report against for using strcpy in source code. Proof? Well he did grep the code and shows that it does indeed use strcpy...

Never a dull moment.

8
2
0
Mind the v8 patch gap: Electron's Context Isolation is insecure

https://s1r1us.ninja/posts/electron-contextbridge-is-insecure/

/via exploits.club
0
1
3
Idiomatic #Rust bindings for the #IDAPro SDK, enabling the development of standalone analysis tools using IDA v9.0โ€™s idalib.

https://github.com/binarly-io/idalib

/via exploits.club
0
1
2
repeated

@Infoseepage @tychotithonus for now at least you can uninstall notepad (right click the start icon and choose uninstall) and it'll revert to the classic version. How long that lasts I don't know. Also it breaks it being used as a target for opening .txt files as modern explorer is garbage.

1
2
0
repeated

CISA: CISA Adds Four Known Exploited Vulnerabilities to Catalog
Hot off the press!

  • CVE-2024-5910 (9.3 critical) Palo Alto Expedition Missing Authentication Vulnerability
  • CVE-2024-43093 (high) Android Framework Privilege Escalation Vulnerability
  • CVE-2024-51567 (10.0 critical ๐Ÿฅณ) CyberPanel Incorrect Default Permissions Vulnerability
  • CVE-2019-16278 (9.8 critical) Nostromo nhttpd Directory Traversal Vulnerability

1
1
0
@cR0w @Laukidh I heard Hidrogen is flammable, any plans for that?
2
0
2
Show older