Posts
2582
Following
627
Followers
1397
"I'm interested in all kinds of astronomy."
buherator

buherator

I implemented threading in my RSS2Bsky script so my larger posts are better propagated across networks:

https://github.com/v-p-b/rss2bsky.py

#RSS #Syndication #Bluesky #POSSE
0
0
3
buherator

buherator

#testing
Show content
This is a long test post, sorry...

Secure trust data mining linux cache poisoning encapsulation cyclic redundancy check cloud computing PKI signature FTP hijacking. Trust ephemeral port IP forwarding linux stream cipher port exponential backoff internet control message protocol race condition full duplex exposure IP spoofing. Challenge-handshake authentication protocol public key hypertext markup language topology war dialing disaster recovery plan decryption authorized. Account harvesting masquerade NAT stream cipher, cookie intranet certificates patch covert channel penetration test tunnel IP forwarding egress filtering.

https://www.securityipsum.com/

Ephemeral port reverse engineer fingerprint form-based authentication day zero. FTP UDP address resolution protocol boot sector, PPTP ransomware business continuity plan intrusion detection. IP flooding authentication disaster recovery plan corruption decryption MD5 dictionary attack socket egress filtering fragment digital signature exponential backoff worm. Reverse proxy encapsulation shell tunnel bastion host.
0
0
1
buherator
repeated
april@macaw.social

April King

Handling Cookies is a Minefield:

inconsistencies in the HTTP cookie specification and its implementations have caused a situation where countless websites (including Facebook, Netflix, Okta, WhatsApp, Apple, etc.) are one small mistake away from locking their users out.

https://grayduck.mn/2024/11/21/handling-cookies-is-a-minefield/

3
10
0
buherator
repeated
bagder@mastodon.social

daniel:// stenberg://

David Schinazi mentioned @april's cookie blog post and I'm sorry but I had to do a "I told you so".

On the httpbis list.

https://lists.w3.org/Archives/Public/ietf-http-wg/2024OctDec/0231.html

1
1
0
buherator
repeated
heydon@front-end.social

Large Heydon Collider

Code ligatures suck ass.

13
3
0
buherator
repeated
hexacorn@infosec.exchange

Hexacorn donor verified

How to debug Windows service processes in the most old-school possible way...

https://www.hexacorn.com/blog/2024/11/23/how-to-debug-windows-service-processes-in-the-most-old-school-possible-way/

0
1
1
buherator
repeated
hacksilon@infosec.exchange

Max Maass donor

We found our first bug today, in ‘s Client credential rotation feature. https://github.com/keycloak/keycloak/issues/35104

Will probably not be the last one - the runup to 2038 will be interesting.

1
5
0
buherator
repeated
2600@mastodon.online

2600 Magazine

HOPE XV videos just dropped on YouTube! https://www.youtube.com/channel2600

1
1
0
buherator
repeated
jschauma@mstdn.social

Jan Schaumann

has been doing a really good job promoting sensical practices over the last few years.

I'm not looking forward to the change in direction that Jen Easterly's departure and whatever ghastly appointees the new administration comes up with will mean.

https://www.nextgov.com/people/2024/11/cisa-director-jen-easterly-depart-inauguration-day/401036/

2
2
0
buherator

buherator

Update on Recall security and privacy architecture | Windows Experience Blog
https://blogs.windows.com/windowsexperience/2024/09/27/update-on-recall-security-and-privacy-architecture/
1
0
0
buherator

buherator

Previewing Recall with Click to Do on Copilot+ PCs with Windows Insiders in the Dev Channel
https://blogs.windows.com/windows-insider/2024/11/22/previewing-recall-with-click-to-do-on-copilot-pcs-with-windows-insiders-in-the-dev-channel/

Here we go again...
0
0
0
buherator
repeated
screaminggoat@infosec.exchange

screaminggoat

Trellix: When Guardians Become Predators: How Malware Corrupts the Protectors
A malware campaign drops a legitimate Avast Anti-Rootkit driver (BYOVD) to terminate security processes, disable protective software, and seize control of the infected system. Indicators of compromise provided.

0
1
0
buherator
repeated
cryptax@mastodon.social

cryptax

Oh hooooo: Advent of Radare2

https://www.radare.org/advent/

-all-ears cc: @radareorg

0
2
0
buherator
repeated
clearbluejar@infosec.exchange

clearbluejar

In an ideal world for reverse engineering, every function would have a name, and every variable would be correctly typed. Take a step towards that world, learn to build your own custom Ghidra Data Types in my latest post: https://medium.com/@clearbluejar/everyday-ghidra-ghidra-data-types-creating-custom-gdts-from-windows-headers-part-2-39b8121e1d82

0
2
1
buherator
repeated
freddy@security.plumbing

Frederik Braun �

Kudos to the person who registered exmaple.com.

0
2
0
buherator
repeated
microsoft@lea.pet

Microsoft

here at macrosoft we offer only the most bloated software for your SSD to fight for its life over. Because it’s not as funny when your PC isn’t on the verge of bursting into flames when it boots

0
2
0
buherator

buherator

OZZ: Identifying Kernel Out-of-Order Concurrency Bugs
with In-Vivo Memory Access Reordering

https://dl.acm.org/doi/pdf/10.1145/3694715.3695944

/via exploits.club
1
0
2
buherator

buherator

[RSS] Leveraging An Order of Operations Bug to Achieve RCE in Sitecore 8.x - 10.x

https://www.assetnote.io/resources/research/leveraging-an-order-of-operations-bug-to-achieve-rce-in-sitecore-8-x---10-x
0
0
1
buherator
repeated
sneak@sneak.berlin

sneak

the c2.com wiki (the very first wiki) now requires javascript to render. the web i knew is dead

1
1
0
buherator
repeated
Ange@mastodon.social

Ange

What's your favorite file format challenge / trick / bug / surprise / work / art ?
Bonus point if it's underrated or obscure!

1
1
0
Show older
About infosec.place

Terms of Service

This is a placeholder, overwrite this by putting a file at 

$STATIC_DIR/static/terms-of-service.html

See the Static Directory docs for more info.