baseband javascript rce nightmare scenario

@randomdross

♫♪♫♪ I got something to say... I killed your 0day today. And it doesn't matter much to me, as long as it's dead. ♪♫♪♫

nineteen ninety eight
Vrijeme pridruživanja: srpanj 2008.
102 fotografije ili videozapisa Fotografije i videozapisi

Tweetovi

Blokirali ste korisnika/cu @randomdross

Jeste li sigurni da želite vidjeti te tweetove? Time nećete deblokirati korisnika/cu @randomdross

  1. proslijedio/la je Tweet
    prije 16 sati

    Dropbox's bug bounty has been lucky to work with some of the best researchers in the world to help keep Dropbox safe. We recently hit 1M USD payout and Nate wrote a great blog post on some of the best findings over the years

    1 reply 15 proslijeđenih tweetova 61 korisnik označava da mu se sviđa
    Poništi
  2. 2. velj

    If you're in Seattle there's a ferry that goes over there. Great day trip.

    1 korisnik označava da mu se sviđa
    Prikaži ovu nit
    Prikaži ovu nit
    Poništi
  3. 2. velj

    By the way, if you've never been to Bainbridge, you've gotta check it out. Unbelievably beautiful. is amazing.

    1 reply 1 korisnik označava da mu se sviđa
    Prikaži ovu nit
    Prikaži ovu nit
    Poništi
  4. 2. velj

    Oh damn, somehow Apple figured out Bainbridge island has so much security talent.

    7 korisnika označava da im se sviđa
    Prikaži ovu nit
    Prikaži ovu nit
    Poništi
  5. 31. sij

    YES

    New in Emoji 13.0: Bubble Tea
    Prikaži ovu nit
    Poništi
  6. 29. sij

    oof, that chart on the lower left. 😦

    1 korisnik označava da mu se sviđa
    Poništi
  7. 29. sij

    How to detect if something tampers with your CSP:

    Odgovor korisnicima @randomdross @we1x @ndm
    You could include a script that gets blocked by your CSP. If the header is removed, it will execute and inform you.
    1 proslijeđeni tweet 3 korisnika označavaju da im se sviđa
    Poništi
  8. proslijedio/la je Tweet
    28. sij

    When you enter the US Northwest Angle (Minnesota) from Canada, a sign says you must report to the U.S. CBP "via the videophone at Jim's Corner."

    1 proslijeđeni tweet 1 korisnik označava da mu se sviđa
    Poništi
  9. 29. sij

    Kaspersky too.

    1 reply
    Prikaži ovu nit
    Prikaži ovu nit
    Poništi
  10. 29. sij

    and both do this.

    1 reply 1 korisnik označava da mu se sviđa
    Prikaži ovu nit
    Prikaži ovu nit
    Poništi
  11. 29. sij

    Heh, catching stuff that modifies CSP headers on responses before they are processed by the browser. (Adding "safe" script sources) Doesn't know about strict-dynamic so removes it. CSP reporting then exposes the header corruption.

    1 reply 1 proslijeđeni tweet 3 korisnika označavaju da im se sviđa
    Prikaži ovu nit
    Prikaži ovu nit
    Poništi
  12. 28. sij

    This sounds cool but... doesn't it incentivize the creation of slow lines that might not even exist otherwise? (The slower you service customers, the more money you make in line fees ??)

    1 korisnik označava da mu se sviđa
    Poništi
  13. proslijedio/la je Tweet
    28. sij

    You can now see which privacy-violating companies send your browsing activity to Facebook and disable these integrations here:

    7 replies 97 proslijeđenih tweetova 201 korisnik označava da mu se sviđa
    Poništi
  14. 28. sij

    Strict, nonce-based CSP now deployed on a good portion of . Yay!

    3 proslijeđena tweeta 8 korisnika označava da im se sviđa
    Poništi
  15. proslijedio/la je Tweet
    27. sij

    Remade this in shader toy for fun.

    This is a recently discovered illusion, and it’s really quite striking. The strange effect is called the ‘curvature blindness’ illusion
    57 proslijeđenih tweetova 190 korisnika označava da im se sviđa
    Prikaži ovu nit
    Prikaži ovu nit
    Poništi
  16. proslijedio/la je Tweet
    26. sij

    BREAKING: Kobe Bryant Has Died In A Helicopter Crash

    245.269 proslijeđenih tweetova 479.468 korisnika označava da im se sviđa
    Poništi
  17. proslijedio/la je Tweet
    25. sij

    Amazing tribute to the innovation of the Internet Explorer team, authored by the fantastic . IE4-6 introduced a tremendous amount of features, admittedly non-standard, but still truly impressive.

    5 replies 73 proslijeđena tweeta 152 korisnika označavaju da im se sviđa
    Poništi
  18. proslijedio/la je Tweet
    25. sij

    byte's out

    457 replies 1.738 proslijeđenih tweetova 7.122 korisnika označavaju da im se sviđa
    Poništi
  19. proslijedio/la je Tweet
    21. sij

    I think it’s awesome you can now rack mount your employees

    860 proslijeđenih tweetova 2.779 korisnika označava da im se sviđa
    Poništi
  20. 23. sij

    Has anyone done research on iab.autofill.js? Looks like the FB app injects this autofill script into secure web content when viewed in the FB app.

    Poništi

@randomdross još nije objavio nijedan Tweet.

Čini se da učitavanje traje već neko vrijeme.

Twitter je možda preopterećen ili ima kratkotrajnih poteškoća u radu. Pokušajte ponovno ili potražite dodatne informacije u odjeljku Status Twittera.

    Možda bi vam se svidjelo i ovo:

    ·