infosex.exchange <3

You are probably looking for the infosec.exchange Mastodon instance

This host is mostly for my random stuff, and in little part acts like a well-intentioned placeholder for the typosquatted domain.

Discoverability and Archiving

Currently I'm using this host for saving the items from my own feeds to the Wayback Machine and provide in-links for search engines. I hate that I have to do this, but the non-sense ideology of Mastodon pretty much ruined the search feature for Fediverse as a whole, and this wasn't changed by the fact that they owned their mistake and implemented search eventually.

Yes, I (or anyone else) could do similar things with other peoples published feeds, regardless of the tantrum. No, you can't defederate this, because the process doesn't rely on an instance.

Gluttony Section for Search Engines

The fact that this blows so many peoples minds (mine included) shows how awfully shit UI discoverability on mobile is.
this post | permalink
Sooo...MS still doesn't like publishing mpengine PDB's?
this post | permalink
@mattblaze "We understand genocide, we do it sometimes!" - Jerry Smith
this post | permalink
[RSS] Local Privilege Escalation Vulnerability in Ant Media Server (CVE-2024-32656)

https://www.praetorian.com/blog/local-privilege-escalation-vulnerability-in-ant-media-server-cve-2024-32656/
this post | permalink
[RSS] Judge0 Sandbox Escape - CVE-2024-29021, CVE-2024-28185 and CVE-2024-28189

https://tantosec.com/blog/judge0/
this post | permalink
[RSS] Fuzzer Development 1: The Soul of a New Machine (2023.11.04)

https://h0mbre.github.io/New_Fuzzer_Project/

I wouldn%27t post the n+1. new fuzzer attempt, but h0mbre%27s works always worth checking out!
this post | permalink
[RSS] Souls without bodies, phantom types shenanigans

https://www.synacktiv.com/en/publications/souls-without-bodies-phantom-types-shenanigans

"In this article, we will present strange data types that only exists in the realm of types, called phantom types. We will also briefly introduce GADTs, and how to emulate some of their safety guarantees in languages where they are not available."
this post | permalink
[RSS] [PlayStation] high - Remote vulnerabilities in spp (12500.00USD)

https://hackerone.com/reports/2177925
this post | permalink
Series of DICOM parser vulnerabilities disclosed by @TalosSecurity :

CVE-2024-22373 - Grassroot DICOM JPEG2000Codec::DecodeByStreamsCommon out-of-bounds write vulnerability

CVE-2024-22391 - Mathieu Malaterre Grassroot DICOM LookupTable::SetLUT out-of-bounds write vulnerability

CVE-2024-25569 - Grassroot DICOM RAWCodec::DecodeBytes out-of-bounds read vulnerability

https://talosintelligence.com/vulnerability_reports/TALOS-2024-1935
https://talosintelligence.com/vulnerability_reports/TALOS-2024-1924
https://talosintelligence.com/vulnerability_reports/TALOS-2024-1944
this post | permalink
[RSS] Micropatches Released for Windows MSHTML Platform Remote Code Execution Vulnerability (CVE-2023-35628)

https://blog.0patch.com/2024/04/micropatches-released-for-windows_25.html
this post | permalink
Next Page