wdormann.infosec.exchange.ap.brid.gy
I play with vulnerabilities and exploits.
I used to be https://twitter.com/wdormann but Twitter has become unbearable, so here I am.
[bridged from https://infosec.exchange/@wdormann on the fediverse by https://fed.brid.gy/ ]
169 posts
80 followers
3 following
Regular Contributor
Active Commenter
comment in response to
post
If I fire up my time machine, we can see that I noticed a problem with the driver block list about 2.5 years ago and broadcasted my concern publicly on Twitter. (With no response). I didn't pull the thread further at the time as I had more pressing tasks […]
[Original post on infosec.exchange]
comment in response to
post
@GossiTheDog
😂
comment in response to
post
In the process of reporting vulnerabilities to MSRC, you are asked if it affects Insider Canary. **FINE**... I'll update my VM and test. Maybe they've already fixed it?
Get real.
Windows 11 Insider Canary is **WORSE** than both Windows 10 and Windows 11 […]
[Original post on infosec.exchange]
comment in response to
post
@tychotithonus
Signal Desktop popped up a yellow banner saying that it was disconnected.
Signal mobile would just have a spinning circle next to a message that was attempted to be sent.
comment in response to
post
@signalapp
Ah, is seems to be back. 🤷♂️
comment in response to
post
This problem is pretty egregious. One might wonder if this is a regression, or if it never worked right. The answer?
**YES**
How so? With Windows 10, there is no GUI-exposed "Microsoft Vulnerable Driver Blocklist" option in the Windows Security app. But […]
[Original post on infosec.exchange]
comment in response to
post
@jernej__s
Yeah. Anyway, my point of this thread is:
Windows does
WinRAR does
7-Zip does
My hope is that there's explicit documentation about why one should choose the secure route.
comment in response to
post
@jernej__s
Eh, that's pretty dated.
At least starting with 7.01 (the fix for CVE-2024-30370), WinRAR applies the MotW to more files beyond just Office. (But still not all for some unfortunate reson).
https://infosec.exchange/@wdormann/113642074449342650
comment in response to
post
A yet-another large vendor, after having received the vulnerability report through the mechanism of their choice (PGP email):
> would be possible provide .zip attachment with password protected?
comment in response to
post
A different vendor (Broadcom):
> We encourage finders to use encrypted communication channels to protect the confidentiality of vulnerability reports. Our PGP public key is available at the following link:
The PGP key:
comment in response to
post
@Viss
"These people are looking to help us make money" think a disappointingly non-zero amount of people to themselves on a daily basis. 😱
comment in response to
post
[Uspol, Twitter]
Apparently someone was able to get the Grok prompt instructions, and yes, Grok has been given guidance that Musk and Trump cannot be said to share misinformation.
comment in response to
post
There we go.
I think plant babies will like this once they're strung up.
comment in response to
post
Related:
What's people's go-to software/website for making circuit diagrams? Ideally for free. 😀
I tried a handful of open-source apps, and they were all terrifyingly bad. I ended up on the SmartDraw website, and it was fine. But the end result is pretty […]
[Original post on infosec.exchange]
comment in response to
post
In the process of troubleshooting the thing, I quickly realized that status LEDs would be useful.
The first LED is for indicating when it's in the process of connecting to Wi-Fi. The second is an indicator of when it has checked in with the online relay host.
comment in response to
post
For info about what sorts of things can test USB cables that you might have handy:
https://infosec.exchange/@wdormann/114042175114913216
comment in response to
post
@ferrix
I mean, it's somewhere in the spectrum of "charge only" to "Thunderbolt 4"
Good luck?
comment in response to
post
Note that probably only somebody with a USB cable testing device would ever make such a comment.
I am such a person, obviously.
comment in response to
post
Due to the fact that this is something that the victim needs to willingly participate in (`UI:R` in CVSS parlance), this isn't something that Parallels users really need to worry too much about being attacked with.
However, if you're a non-admin user on an Intel Mac with Parallels installed […]
comment in response to
post
[Uspol]
@truh
Sounds like it. 😨
comment in response to
post
[Twitter]
Since the guy running the US government is already blocking Signal on his stupid website, how much longer will it be before we need to enable the Censorship Circumvention option to connect to Signal on the network level? 🤔
comment in response to
post
With the release of ICS 22.7R2.6, Ivanti has apparently discovered the value of compiling in exploit mitigations. (many of which have been around for 22 years)
With R2.6, the web server, despite still being 32-bit, has stack canaries, full relro, and some fortify.
Baby steps, I suppose...
comment in response to
post
@Viss
comment in response to
post
The list of calendar entries that Google chose to remove from their calendar:
• Pride Month
• Black History Month
• Holocaust Remembrance Day
• Jewish Heritage
• Hispanic Heritage
• Indigenous People Month
HOLOCAUST. REMEMBRANCE. DAY.
😱