Tweetovi
- Tweetovi, trenutna stranica.
- Tweetovi i odgovori
- Medijski sadržaj
Blokirali ste korisnika/cu @wcbowling
Jeste li sigurni da želite vidjeti te tweetove? Time nećete deblokirati korisnika/cu @wcbowling
-
Prikvačeni tweet
So yes, there was an RCE in the hidden zoom web server... Great work by
@JLLeitschuh for the initial research, for more details on if you're affected see https://twitter.com/JLLeitschuh/status/1149420685405708295 … CVE-2019-13567pic.twitter.com/6qGHH5HsF5Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
William Bowling proslijedio/la je Tweet
GitLab disclosed a bug submitted by vakzz: https://hackerone.com/reports/658013 - Bounty: $12,000
#hackerone#bugbountypic.twitter.com/044d42C5Mp
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
After reading
@nyan_gawa's excellent hackerone report on argument injection in GitLab, I started looking around for similar issues. Turns out securely calling git is hard... https://about.gitlab.com/blog/2019/08/12/critical-security-release-gitlab-12-dot-1-dot-6-released/#multiple-command-line-flag-injection-vulnerabilities … https://enterprise.github.com/releases/2.17.6/notes … https://confluence.atlassian.com/bitbucketserver/bitbucket-server-security-advisory-2019-09-18-976762635.html …https://about.gitlab.com/blog/2019/09/30/security-release-gitlab-12-dot-3-dot-2-released/#git-command-injection-via-api …Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Here are the details on the Zoom RCE (CVE-2019-13567) that we sent to mitre, worked on the latest (and last) ZoomOpener which had the host check and signature verificationhttps://gist.github.com/wbowling/13f9f90365c171806b9ffba2c841026b …
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
William Bowling proslijedio/la je Tweet
RingCentral (and Zhumu, and likely all of Zoom’s white labels) are vulnerable to another, slightly different, RCE. They are not automatically removed by Apple. CVE-2019-13576 & CVE-2019-13586 Follow these instructions to protect yourself: https://gist.github.com/karanlyons/1fde1c63bd7bb809b04323be3f519f7e …pic.twitter.com/c66hvGb1wm
Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Here's my writeup for Secure Boot from
#GoogleCTF, was a fun one
https://devcraft.io/2019/06/25/secure-boot-google-ctf-2019-quals.html …Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Congrats to the winners of
#GoogleCTF, was a great competition! Here’s my writeup for JIT (we got first blood
)https://devcraft.io/2019/06/24/jit-google-ctf-quals-2019.html …Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
William Bowling proslijedio/la je Tweet
Grab snacks and energy drinks, the
#GoogleCTF is approaching fast! Team registration and Beginner's Quest will open tomorrow Friday 21 June 12:00 GMT at http://g.co/ctf . We will start releasing the main CTF challenges on Sat 22 June 00:01 GMT. Have fun!Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
William Bowling proslijedio/la je Tweet
All the balls are the same color — and that color is *brown*!pic.twitter.com/JriPXHnNYR
Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
William Bowling proslijedio/la je Tweet
You raided a journalist because they informed the public about secret plans to spy on them. Over a year ago. And you waited until after the election to do it.https://twitter.com/AusFedPolice/status/1135774910792339462 …
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
ZombieLoad (CVE-2018-12130) and Fallout (CVE-2018-12126) POCs to break KASLR, taken pretty much straight from the papers. https://github.com/wbowling/cpu.fail …https://asciinema.org/a/246920?speed=2 …
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
William Bowling proslijedio/la je Tweet
Having trouble keeping all the CPU vulns that dropped today straight? Understandable. There's a lot. This is going to be a thread.
Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
William Bowling proslijedio/la je Tweet
Just posted my writeup for INS'Hack 2019's "Bypasses Everywhere" XSS challenge - Bypassing CSP and Chrome's XSS auditor with Iframes - https://corb3nik.github.io/blog/ins-hack-2019/bypasses-everywhere …
Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Just received my coin from
@TwistlockLabs T19 ctf, looks awesome!pic.twitter.com/rFrrpWk9tf
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
My writeup for p4fmt from CONFidence
#CTF teaser by@p4_team, was a great kernel challenge!https://devcraft.io/2019/03/19/p4fmt-confidence-ctf-2019-teaser.html …Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
William Bowling proslijedio/la je Tweet
CVE-2019-9824 QEMU: Slirp: information leakage in tcp_emu() due to uninitialized stack variables: Posted by P J P on Mar 18 Hello, An information leakage issue was found in the SLiRP networking implementation of the QEMU emulator. It occurs in tcp_emu()… http://dlvr.it/R12YW7
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Quick poc of using of using https://bugs.chromium.org/p/project-zero/issues/detail?id=1792 … to make an old kernel bug (CVE-2018-5333) exploitablehttps://gist.github.com/wbowling/9d32492bd96d9e7c3bf52e23a0ac30a4 …
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
William Bowling proslijedio/la je Tweet
Big thanks to
@BSidesSF for throwing a great CTF. Third place for OpenToAll! congrats to DCUA and Perfect Blue for 1st and 2nd (respectively). Last hour was ridiculous.pic.twitter.com/3u0dD369WO
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Since the embargoed exploit code for CVE-2019-5736 has now been released, here is the Dockerfile used in the above demohttps://gist.github.com/wbowling/bba941ce19f67769fa7b66d0e416efbf …
Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
William Bowling proslijedio/la je Tweet
Our very own
@boryspop and@adam_iwaniuk writing about the process they undertook to discover and exploit CVE-2019-5736: https://blog.dragonsector.pl/2019/02/cve-2019-5736-escape-from-docker-and.html …Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi
Čini se da učitavanje traje već neko vrijeme.
Twitter je možda preopterećen ili ima kratkotrajnih poteškoća u radu. Pokušajte ponovno ili potražite dodatne informacije u odjeljku Status Twittera.