infosex.exchange <3

You are probably looking for the infosec.exchange Mastodon instance

This host is mostly for my random stuff, and in little part acts like a well-intentioned placeholder for the typosquatted domain.

Discoverability and Archiving

Currently I'm using this host for saving the items from my own feeds to the Wayback Machine and provide in-links for search engines. I hate that I have to do this, but the non-sense ideology of Mastodon pretty much ruined the search feature for Fediverse as a whole, and this wasn't changed by the fact that they owned their mistake and implemented search eventually.

Yes, I (or anyone else) could do similar things with other peoples published feeds, regardless of the tantrum. No, you can't defederate this, because the process doesn't rely on an instance.

Gluttony Section for Search Engines

[Haifei Li @ X] So I just found that recently Microsoft silently patched our MS-Access bug disclosed at research.checkpoint.com/2023…[1] - A warning is now displayed when the Access trying to connect remote SQL server.

https://research.checkpoint.com/2023/abusing-microsoft-access-linked-table-feature-to-perform-ntlm-forced-authentication-attacks/
this post | permalink
[Janggggg @ X] RT by @testanull: Microsoft Exchange 2010 Arbitrary User Impersonation

https://blog.calif.io/p/microsoft-exchange-2010-arbitrary
this post | permalink
[Janggggg @ X] RT by @testanull: My detailed analysis report of SolarWinds Security Event Manager AMF Deserialization RCE (CVE-2024-0692), with two methods to achieve RCE

https://exp10it.io/2024/03/solarwinds-security-event-manager-amf-deserialization-rce-cve-2024-0692/
this post | permalink
@joxean reprogram the keytar to act as a keyboard!
this post | permalink
A nice thing about Kagi not trying to tell you what you want to search for is that queries like

proxycommand "%h"

actually give reasonable results.
this post | permalink
@booters You are doing God's work!
this post | permalink
[RSS] Secure by Design: Google’s Perspective on Memory Safety

http://security.googleblog.com/2024/03/secure-by-design-googles-perspective-on.html
this post | permalink
Toolchain Necromancy: Past Mistakes Haunting ASLR

https://grsecurity.net/toolchain_necromancy_past_mistakes_haunting_aslr
this post | permalink
[oss-security] dnf5daemon-server: Local root Exploit and Local Denial-of-Service in dnf5 D-Bus Components (CVE-2024-1929, CVE-2024-1930)

https://seclists.org/oss-sec/2024/q1/186
this post | permalink
[Alex Plaskett @ X] RT by @alexjplaskett: Try to make sudo less vulnerable to ROWHAMMER attacks.

https://github.com/sudo-project/sudo/commit/7873f8334c8d31031f8cfa83bd97ac6029309e4f
this post | permalink
Next Page