Tweetovi

Blokirali ste korisnika/cu @marcinguy

Jeste li sigurni da želite vidjeti te tweetove? Time nećete deblokirati korisnika/cu @marcinguy

  1. 13. sij
    Poništi
  2. 9. sij

    Getting feet wet with a simple QL/CodeQL query that will find a bug where you reassign for variable in the condition. Below the query and defect code.

    Poništi
  3. 3. pro 2019.

    CodeQL is actually amazing. Scanning my Codebase for the whole classes of security defects and custom queries ... just like this. My CPU is melting .... need some RAM too :)

    Poništi
  4. 3. pro 2019.

    Getting feet wet with crunching some code with CodeQL. Cool Stuff!

    Poništi
  5. 23. stu 2019.
    Prikaži ovu nit
    Poništi
  6. 23. stu 2019.

    Viber Version from Sep 2019 is vulnerable (11.6.0.15) to CVE-2019-11932 (double free in libpl_droidsonroids_gif). Latest 11.9.1 not anymore. Stacktrace from vuln version: . Great work from to compile list of apps using the framework

    Prikaži ovu nit
    Poništi
  7. 21. stu 2019.

    And it seems that quite a few (24) of those 28k+ apps other than WhatsApp that use android-gif-drawable have install bases just as large as the WhatsApp install base (1 billion+, per Google Play). Check your dependencies.

    Prikaži ovu nit
    Poništi
  8. 21. stu 2019.

    CVE-2019-11932 is a vulnerability in the android-gif-drawable library. Yet the CVE text doesn't mention "android-gif-drawable". It only mentions WhatsApp. There could be over 28,400 free Android apps that use this library.

    Prikaži ovu nit
    Poništi
  9. 20. stu 2019.
    Poništi
  10. 18. stu 2019.

    This document was written by developers for developers to assist those new to secure development -

    Poništi
  11. proslijedio/la je Tweet
    14. stu 2019.

    Introducing the Github Security Lab ✨ • Find vulnerabilities • Build tools to secure open source codebases • Connect to the work of developers and researchers around the world

    Poništi
  12. proslijedio/la je Tweet

    Hi 👋 we are the GitHub Security Lab. Find more information about us here:

    Prikaži ovu nit
    Poništi
  13. 13. stu 2019.

    Sweet was able to bypass Knox 3.1 on Samsung S7 Edge: Root should be possible then ... I hope and guess

    Poništi
  14. 6. stu 2019.

    Good summary of adding security into agile development: 1. Rely on developers and testers more than security specialists. 2. Secure while we work more than after we're done. 3. Implement features securely more than adding on security features. 4. Mitigate risks more than fix bugs

    Poništi
  15. 31. lis 2019.

    WDYT?

    Prikaži ovu nit
    Poništi
  16. 31. lis 2019.

    Well, invisible for Enduser, visible for the Attacker (detection/protection) and visible insecurities in terms of visibility of what you protect and the attacks/threats. Awareness is also good, so this could also balance this out on all levels.

    Prikaži ovu nit
    Poništi
  17. 31. lis 2019.

    "Security has a bad reputation, but it is an enabler, and when it works, it is invisible" peer's comment which I can +1 in the spirit of catching up with Cybersecurity Awareness month

    Prikaži ovu nit
    Poništi
  18. 28. lis 2019.

    Samsung Knox saving the "root" shell. Will see if I can bypass it. Android Binder Use After Free CVE 2019 2215 on Samsung S7 Edge -

    Poništi
  19. proslijedio/la je Tweet
    22. lis 2019.
    Odgovor korisniku/ci

    This should be on your first slide at "Smart City Expo" 😁

    Poništi
  20. 19. lis 2019.

    CVE 2019-2215 Android Binder Use After Free - Check out (Kernel 3.4.0) If you know how to replicate this using C (native) this can be brought further, since this is the behavior needed for exploitation.

    Poništi

Čini se da učitavanje traje već neko vrijeme.

Twitter je možda preopterećen ili ima kratkotrajnih poteškoća u radu. Pokušajte ponovno ili potražite dodatne informacije u odjeljku Status Twittera.

    Možda bi vam se svidjelo i ovo:

    ·