Posts
2524Following
646Followers
1461
repeated
Hexacorn 
hexacorn@infosec.exchange
The delayed import-table phantomDLL opportunities
https://hexacorn.com/blog/2024/09/14/the-delayed-import-table-phantomdll-opportunities/
1
1
0
repeated
Devine Lu Linvega
neauoire@merveilles.townI've implemented Conway's Game Of Life, in Conway's Fractran, in 416 fractions.
https://paste.sr.ht/~rabbits/046a86f42b74789fd5ea08657d253287b3847ffc
0
3
0
buherator
buheratorhttps://www.asiafinancial.com/openais-8-5-billion-bills-spark-bankruptcy-speculation
0
0
1
buherator
buherator#FreshRSS works pretty well so far: I use newsboat as client, and can even use the built-in scraper to follow sites that don't publish syndication feeds! The downside is that I have to use XPath...
0
0
8
repeated
Looks like Newag isn't satisfied with how their civil lawsuit against us in Warsaw is going - because they just filed another one, this time in Gdańsk, and from another corporate entity they manage. And to add to the pile of arbitrary accusations, this time it's about unfair competition (again) and violation of their corporate personality rights (slander?).
3
7
2
repeated
screaminggoat
screaminggoat@infosec.exchangeGoogle Security Blog: A new path for Kyber on the web
- Chrome 131 will switch from supporting Kyber post-quantum algorithm to Module Lattice Key Encapsulation Mechanism (ML-KEM).
- Chrome will not support Kyber and ML-KEM at the same time.
- Chrome will offer a key share prediction for hybrid ML-KEM (codepoint 0x11EC)
- The PostQuantumKeyAgreementEnabled flag and enterprise policy will apply to both Kyber and ML-KEM
- Chrome will no longer support hybrid Kyber (codepoint 0x6399)
#postquantum #chrome #kyber #mlkem #security #infosec #cybersecurity
0
1
0
buherator
buheratorhttps://www.reddit.com/r/scihub/comments/12detqs/standard_template_construct_store_and_search_the/
#ShadowLibrary
0
0
0
repeated
Vinoth (Mobile security)
vinoth@infosec.exchangeMy response when people ask me about the state of computer security:
(Modified from https://xkcd.com/2030/)
1
3
0
repeated
Slashdot 
slashdot@mastodon.cloud
34th First Annual Ig Nobel Prizes Awarded https://slashdot.org/story/24/09/13/226200/34th-first-annual-ig-nobel-prizes-awarded?utm_source=rss1.0mainlinkanon
0
2
0
repeated
radare
radareorg@infosec.exchange
🔥 The initial schedule for #r2con2024 is now public! The CFP is still open, but we may only accept now if you are fine submitting them for the “Online Sunday” in video format. https://radare.org/con/2024/
🎟️ Conference tickets and other details will be made available soon. Stay tuned, we will meet us all again in less than two months!
0
7
0
repeated
buherator
buheratorhttps://www.horizon3.ai/attack-research/attack-blogs/cve-2024-29847-deep-dive-ivanti-endpoint-manager-agentportal-deserialization-of-untrusted-data-remote-code-execution-vulnerability/
0
1
0
buherator
buheratorhttps://www.synacktiv.com/en/publications/defend-against-vampires-with-10-gbps-network-encryption
0
0
2
repeated
screaminggoat
screaminggoat@infosec.exchangeSolarWinds: SolarWinds Access Rights Manager (ARM) Deserialization of Untrusted Data Remote Code Execution Vulnerability (CVE-2024-28991)
CVE-2024-28991 (9.0 critical, disclosed 12 September 2024) SolarWinds Access Rights Manager (ARM) was found to be susceptible to a remote code execution vulnerability. If exploited, this vulnerability would allow an authenticated user to abuse the service, resulting in remote code execution.
Reported by Piotr Bazydlo (@chudypb) of Trend Micro Zero Day Initiative. No mention of exploitation.
EDIT: Piotr states that CVE-2024-28991 can be chained with CVE-2024-28990 (6.3 medium) SolarWinds Access Rights Manager (ARM) Hardcoded Credentials Authentication Bypass Vulnerability for pre-authenticated remote code execution.
2
2
0
repeated
Prof. Emily M. Bender(she/her)
emilymbender@dair-community.socialI talk to the press largely to *combat* AI hype. It's beyond frustrating to be misquoted in ways that contribute to it instead.
New newsletter post:
https://buttondown.com/maiht3k/archive/correcting-the-record/
1
4
0