Tweetovi
- Tweetovi, trenutna stranica.
- Tweetovi i odgovori
- Medijski sadržaj
Blokirali ste korisnika/cu @marcinguy
Jeste li sigurni da želite vidjeti te tweetove? Time nećete deblokirati korisnika/cu @marcinguy
-
Scaling AFL to a 256 thread machine -https://gamozolabs.github.io/fuzzing/2018/09/16/scaling_afl.html …
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Getting feet wet with a simple QL/CodeQL query that will find a bug where you reassign for variable in the condition. Below the query and defect code.pic.twitter.com/4QFD8XN6Wg
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
CodeQL is actually amazing. Scanning my Codebase for the whole classes of security defects and custom queries ... just like this. My CPU is melting .... need some RAM too :)
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Getting feet wet with crunching some code with CodeQL. Cool Stuff!
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
List compiled by
@wdormann https://gist.github.com/wdormann/874198c1bd29c7dd2157d9fc1d858263 … Get it patched folks!Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Viber Version from Sep 2019 is vulnerable (11.6.0.15) to CVE-2019-11932 (double free in libpl_droidsonroids_gif). Latest 11.9.1 not anymore. Stacktrace from vuln version: https://gist.github.com/marcinguy/c4ed223b27f0bd354b43ff23de875ffe …. Great work from
@wdormann to compile list of apps using the frameworkPrikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
And it seems that quite a few (24) of those 28k+ apps other than WhatsApp that use android-gif-drawable have install bases just as large as the WhatsApp install base (1 billion+, per Google Play). Check your dependencies.
Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
CVE-2019-11932 is a vulnerability in the android-gif-drawable library. Yet the CVE text doesn't mention "android-gif-drawable". It only mentions WhatsApp. There could be over 28,400 free Android apps that use this library.
Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi
-
This document was written by developers for developers to assist those new to secure development - https://www.owasp.org/images/b/bc/OWASP_Top_10_Proactive_Controls_V3.pdf …
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Marcin Kozlowski proslijedio/la je Tweet
Introducing the Github Security Lab
• Find vulnerabilities
• Build tools to secure open source codebases
• Connect to the work of developers and researchers around the world
https://securitylab.github.com
#GitHubUniverseHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Marcin Kozlowski proslijedio/la je Tweet
Hi
we are the GitHub Security Lab. Find more information about us here:https://securitylab.github.com Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Sweet was able to bypass Knox 3.1 on Samsung S7 Edge: https://github.com/marcinguy/CVE-2019-2215/blob/master/README.md#update-5 … Root should be possible then ... I hope and guess
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Good summary of adding security into agile development: 1. Rely on developers and testers more than security specialists. 2. Secure while we work more than after we're done. 3. Implement features securely more than adding on security features. 4. Mitigate risks more than fix bugs
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi
-
Well, invisible for Enduser, visible for the Attacker (detection/protection) and visible insecurities in terms of visibility of what you protect and the attacks/threats. Awareness is also good, so this could also balance this out on all levels.
Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
"Security has a bad reputation, but it is an enabler, and when it works, it is invisible" peer's comment which I can +1 in the spirit of catching up with Cybersecurity Awareness month
Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Samsung Knox saving the "root" shell. Will see if I can bypass it. Android Binder Use After Free CVE 2019 2215 on Samsung S7 Edge -https://github.com/marcinguy/CVE-2019-2215#update-3 …
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Marcin Kozlowski proslijedio/la je Tweet
This should be on your first slide at "Smart City Expo"
https://twitter.com/mikko/status/808291670072717312?s=09 …Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
CVE 2019-2215 Android Binder Use After Free - Check out https://github.com/marcinguy/CVE-2019-2215/blob/master/README.md#update-1 … (Kernel 3.4.0) If you know how to replicate this using C (native) this can be brought further, since this is the behavior needed for exploitation.
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi
Čini se da učitavanje traje već neko vrijeme.
Twitter je možda preopterećen ili ima kratkotrajnih poteškoća u radu. Pokušajte ponovno ili potražite dodatne informacije u odjeljku Status Twittera.