krogoth

joined 2 years ago
MODERATOR OF
pulse_of_truth
sorted by: new top controversial old
How the Signal Knockoff App TeleMessage Got Hacked in 20 Minutes in c/pulse_of_truth@infosec.pub
[–] krogoth@infosec.pub 7 points 21 hours ago (1 children)

«When they loaded this URL, the server responded with a Java heap dump, which is a roughly 150-MB file containing a snapshot of the server’s memory at the moment the URL was loaded.»

Comedy gold, the whole article…

Microsoft employees are banned from using DeepSeek app, president says in c/pulse_of_truth@infosec.pub
[–] krogoth@infosec.pub 2 points 1 week ago

News or not. I like the fact that the pot is calling the kettle black…

Cryptocurrency Thefts Get Physical in c/pulse_of_truth@infosec.pub
Microsoft wouldn't look at a bug report without a video. Researcher maliciously complied in c/pulse_of_truth@infosec.pub
[–] krogoth@infosec.pub 6 points 1 month ago* (last edited 1 month ago)

A tad late (the original story), but now there is an opinion piece on this topic now: https://www.theregister.com/2025/03/24/microsoft_opinion/

I like the part with "This a post-literate era, and we should expect the next demand for bughunters to express proof-of-concept as a TikTok dance short."

Hackers exploit DoS flaw to disable Palo Alto Networks firewalls in c/pulse_of_truth@infosec.pub
[–] krogoth@infosec.pub 2 points 4 months ago

OH: «by sending a malicious DNS packet to the target device», 👌🤭

Ivanti warns of maximum severity CSA auth bypass vulnerability in c/pulse_of_truth@infosec.pub
[–] krogoth@infosec.pub 1 points 5 months ago

I lost count. How many vulns this year already?

A profile of Brain Krebs, who in the past 20 years has probed and outed some of the worst cybercriminals, including the alleged hackers of Snowflake clients (Wall Street Journal) in c/pulse_of_truth@infosec.pub
How Cloudflare CTO John Graham-Cumming cracked an encrypted ZIP file containing the code for a system that helped ANC members communicate safely under apartheid (Steven Levy/Wired) in c/pulse_of_truth@infosec.pub
[–] krogoth@infosec.pub 9 points 7 months ago (2 children)

Or you could follow to the (original) blog: https://blog.jgc.org/2024/09/cracking-old-zip-file-to-help-open.html

Revolver Rabbit gang registers 500,000 domains for malware campaigns in c/pulse_of_truth@infosec.pub
[–] krogoth@infosec.pub 1 points 10 months ago

You mean like FIST but with a huge revolver? 😍

1
Google Paid 6 Billion to Be Default Search Engine in 2021 (www.bloomberg.com)
 

cross-posted from: https://infosec.pub/post/4231412

Google Paid 6 Billion to Be Default Search Engine in 2021