Tweetovi
- Tweetovi, trenutna stranica.
- Tweetovi i odgovori
- Medijski sadržaj
Blokirali ste korisnika/cu @wdormann
Jeste li sigurni da želite vidjeti te tweetove? Time nećete deblokirati korisnika/cu @wdormann
-
Will Dormann proslijedio/la je Tweet
Holy shit. Researcher discovers that TeamViewer stores user passwords encrypted and finds the encryption key and initialization vector in the windows registry https://whynotsecurity.com/blog/teamviewer/ …
#InfosecHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Will Dormann proslijedio/la je Tweet
OK Google: bypass the authentication! Fascinating blog - highlighting the risks when so many complex systems interact. https://techblog.mediaservice.net/2020/01/ok-google-bypass-the-authentication/ …
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Will Dormann proslijedio/la je Tweet
And here’s a wonderful post by OpenSMTPD’s main developer
@PoolpOrg: https://poolp.org/posts/2020-01-30/opensmtpd-advisory-dissected/ … Very interesting insight on how a bug enters the code and becomes exploitable over time.https://twitter.com/0xdea/status/1223908588671918080 …
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Will Dormann proslijedio/la je Tweet
Qualys Security Advisory: LPE and RCE (CVE-2020-7247) in OpenSMTPD, OpenBSD's mail server. Erroneous logic in smtp_mailaddr() which validates user and domain. More details and PoC at: https://www.openwall.com/lists/oss-security/2020/01/28/3 … PS: "Did you ever play tic-tac-toe?"
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
I think I'd like to have a word with the folks involved with the creation/distribution of this sign. https://www.rubiconglobal.com/blog/aspirational-recycling/ …pic.twitter.com/vkj0MunesC
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Will Dormann proslijedio/la je Tweet
macOS 10.15.3 is out, fixing a bunch of nasty (remote) bugs!

https://support.apple.com/en-us/HT210919
...go patch!
pic.twitter.com/m7u73AFEjd
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Will Dormann proslijedio/la je Tweet
BREAKING: We’ve confirmed that the Ring doorbell app on Android covertly shares personally identifiable information on its users with third-party companies, including Facebook.https://www.eff.org/deeplinks/2020/01/ring-doorbell-app-packed-third-party-trackers …
Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Will Dormann proslijedio/la je Tweet
New: leaked documents, data, contracts show how hugely popular antivirus Avast now harvests internet browsing data and sells it for millions of dollars. Clients included Home Depot, Google, Microsoft. Documents show a product called "All Clicks Feed"https://www.vice.com/en_us/article/qjdkq7/avast-antivirus-sells-user-browsing-data-investigation …
Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
I'll move to Hyper-V for virtualization on my home computer... Smaller attack surface, and enables the ability to use extra exploit mitigations. 1) Broadcom network driver causes BSODs when Hyper-V bridges a VM to that network. 2) Hyper-V NAT doesn't even provide DHCP. Sigh...pic.twitter.com/EOzzVywXHG
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Hey
@Chase , Find somebody at your organization that appreciates the difference between HTTP and HTTPS, and listen to them. Thanks.pic.twitter.com/keFUzkbQBw
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Will Dormann proslijedio/la je Tweet
Mini-scoop: Hackers exploited a zero-day in the Trend Micro OfficeScan antivirus to plant malicious files on Mitsubishi Electric servers https://www.zdnet.com/article/trend-micro-antivirus-zero-day-used-in-mitsubishi-electric-hack/ …pic.twitter.com/JL6vnxgJpz
Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Will Dormann proslijedio/la je TweetHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi
-
Based on suggestions from
@RonnyTNL and@__adh__ I've updated https://gist.github.com/wdormann/0a6ee811627ba5610c945f4af4dd987f … No longer requires dumpbin.exe or listdlls.exe (if Python pefile and psutil are available). Also exports the findings as a CSV. Any reported app is a good candidate for EMET or WDEG force ASLR!pic.twitter.com/oTSzeElm2d
Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
I would love to see a "wall of shame" to call out vendors/applications that aren't ASLR compliant. Anybody who runs this script on a real-world system would be able to help contribute!
Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Since this doesn't seem to be a thing, I've created a rudimentary python script that does it. Seems useful. https://gist.github.com/wdormann/0a6ee811627ba5610c945f4af4dd987f … Note: For now it requires both Sysinternals ListDLLs and Microsoft dumpbin.exepic.twitter.com/UuhUrzpcC6
Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Are there any tools to auto-enumerate any running processes in Windows that don't leverage ASLR themselves, or have libraries loaded that don't leverage ASLR? Sort of like what's outlined at
@DidierStevens https://blog.didierstevens.com/2011/01/18/quickpost-checking-aslr/ … but without requiring any user interaction.pic.twitter.com/sFqNLNI75f
Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Will Dormann proslijedio/la je Tweet
There is a high probability that Citrix ADC servers with no mitigation applied on or after January 9, 2020, have been taken over and their TLS certificates and associated keys have been stolen. [2/2] Please patch AND revoke your certificates.
Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi
-
Will Dormann proslijedio/la je Tweet
I suspected this was true ever since Apple released iCloud Keychain and did nothing interesting with it. Government pressure works.https://www.reuters.com/article/us-apple-fbi-icloud-exclusive-idUSKBN1ZK1CT …
Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Will Dormann proslijedio/la je Tweet
Last month I canceled a random charge for $4.99 per month from HP called "InstantInk". Wasn't sure what it was for. I've had it for over a year but had no idea what it did. I just found out what it didpic.twitter.com/lsFLDR5grv
Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi
Čini se da učitavanje traje već neko vrijeme.
Twitter je možda preopterećen ili ima kratkotrajnih poteškoća u radu. Pokušajte ponovno ili potražite dodatne informacije u odjeljku Status Twittera.