infosex.exchange <3

You are probably looking for the infosec.exchange Mastodon instance

This host is mostly for my random stuff, and in little part acts like a well-intentioned placeholder for the typosquatted domain.

Discoverability and Archiving

Currently I'm using this host for saving the items from my own feeds to the Wayback Machine and provide in-links for search engines. I hate that I have to do this, but the non-sense ideology of Mastodon pretty much ruined the search feature for Fediverse as a whole, and this wasn't changed by the fact that they owned their mistake and implemented search eventually.

Yes, I (or anyone else) could do similar things with other peoples published feeds, regardless of the tantrum. No, you can't defederate this, because the process doesn't rely on an instance.

Gluttony Section for Search Engines

New x64dbg release: Type System and Modernization

https://x64dbg.com/blog/2025/06/30/release-announcement.html

#debugger #ReverseEngineering
this post | permalink
[oss-security] Xen Security Advisory 470 v2 (CVE-2025-27465) - x86: Incorrect
stubs exception handling for flags recovery

https://www.openwall.com/lists/oss-security/2025/07/01/1

(Potential impact is hypervisor DoS)
this post | permalink
@kpwn UUIDv4 can be based on CSPRNG, in that case it's just as secure as a sid with same number of (secure) random bits. Only problem is that random source can't be identified in a blackbox setting, but statistical methods can give a good estimation about its security.
this post | permalink
[RSS] Does anyone happen to know why certain profile names corrupt text elements in Tony Hawk's Pro Skater for N64?

https://banyaszvonat.github.io/breaking-videogames/2025/06/30/tony-hawks-pro-skatyr.html

#GameHacking #ReverseEngineering
this post | permalink
New sudo LPE's just dropped:

Sudo Host Option Elevation of Privilege (CVE-2025-32462):

https://www.stratascale.com/vulnerability-alert-CVE-2025-32462-sudo-host

Sudo local privilege escalation via chroot option (CVE-2025-32463):

https://www.stratascale.com/vulnerability-alert-CVE-2025-32463-sudo-chroot

Linking oss-security too, because researcher advisories don't like to load for me:

https://www.openwall.com/lists/oss-security/2025/06/30/2

https://www.openwall.com/lists/oss-security/2025/06/30/3
this post | permalink
[RSS] The hidden JTAG in your Qualcomm/Snapdragon device's USB port

https://www.linaro.org/blog/hidden-jtag-qualcomm-snapdragon-usb/
this post | permalink
[RSS] BinDSA: Efficient, Precise Binary-Level Pointer Analysis with Context-Sensitive Heap Reconstruction

https://dl.acm.org/doi/10.1145/3728928
this post | permalink
[RSS] When Backups Open Backdoors: Accessing Sensitive Cloud Data via "Synology Active Backup for Microsoft 365"

https://modzero.com/en/blog/when-backups-open-backdoors-synology-active-backup-m365/
this post | permalink
[RSS] The Journey of Bypassing Ubuntu's Unprivileged Namespace Restriction

https://u1f383.github.io/linux/2025/06/26/the-journey-of-bypassing-ubuntus-unprivileged-namespace-restriction.html
this post | permalink
[RSS] Decrement by one to rule them all: AsIO3.sys driver exploitation

https://blog.talosintelligence.com/decrement-by-one-to-rule-them-all/
this post | permalink
Next Page