Explore >> Select a destination
|
You are here 
|
east-ee.com | ||
| | | | |
adnanthekhan.com
|
|
| | | | | Learn about how I used a custom tool to find a Google-owned repository vulnerable to GitHub Actions Poisoned Pipeline Execution Attack and earned a $7,500 bug bounty! | |
| | | | |
positive.security
|
|
| | | | | Chaining a misconfiguration in IE11/Edge Legacy with an argument injection in a Windows 10/11 default URI handler and a bypass for a previous Electron patch, we developed a drive-by RCE exploit for Windows 10. The main vulnerability in the ms-officecmd URI handler has not been patched yet and can also be triggered through other browsers (requires confirmation of an inconspicuous dialog) and desktop applications that allow URI opening. | |
| | | | |
www.grc.com
|
|
| | | | | Security Now! Weekly Internet Security Podcast: This week we note the completion of the first virtual Black Hat and Defcon conferences. We also examine the latest academic work to emerge from the Graz University, which dramatically advances our understanding of the past few years of performance optimizing processor vulnerabilities. We look at the ransomware attack on Canon, a mishandled vBulletin vulnerability disclosure, the forthcoming support for DoH on Windows 10, and the result of Troy Hunt's yearlo... | |
| | | | |
defuse.ca
|
|
| | | Why are websites so insecure? What design patterns will help solve these problems? | ||
