Olivia
Online
Danny
@Danny__Wei
Joined September 2014
215 Following
123 Followers
154 Posts
Version v0.10.1 has been released, supporting TLS MITM and API Key injection. Sensitive keys can now be stripped from containers to prevent leakage caused by prompt injection. https://t.co/QUAv2d2xof
vArmor on my dev Aibrix K8s. AppArmor + eBPF + Seccomp + Envoy sidecar.
Built-in AI Agent Protection because giving a random LLM unrestricted outbound is Rue with your admin password.
My kids made me watch Eurhoria and now I run TikTok's open source sec code lol
Our findings highlight security issues that could occur in any Kubernetes environment, recommended read for Kubernetes users and defenders. Read the full technical details here: https://t.co/eou3skT2AX
Tetragone: A Lesson in Security Fundamentals
https://t.co/ZFljwZn4HV
The Dirty Pipe Vulnerability
An article by Max Kellermann about Dirty Pipe — a logical bug in the memory subsystem. The provided proof-of-concept only works starting from Linux kernel version 5.8 released in August 2020.
https://t.co/U98yxYp8Ep
Who to follow
zenhumany
@zenhumany
browser security researcher;virtualization security researcher
Chance Wang
@ppdonow
Head of 3 Labs @AntGroup. Exploring the tech-business intersection. Transforming AI & Security into business momentum. AI/Risk/Data/Web3/Cyber/Red Teaming
Wen Xu
@0xtarafans
Co-founder @mumblenote
I'm not Zelda, I'm root! https://t.co/chuViRwSKU
First blog post in a short series about some vulnerabilities that I found in Ubuntu's crash reporter earlier this year. I learned a lot from working on the exploits, so I am going to share some of the tips and tricks that I learned. https://t.co/0BGOBwUpNc
"#checkm8: The iPhone Exploit That Hackers Use to Research Apple’s Most Sensitive Code"
This is what the title of this write-up would be if it was a VICE article. This is a detailed write-up of the vulnerability I found and how the exploit really works. https://t.co/B8VYUQiSKU
A fancy IDAPython cheat sheet, with SVG
https://t.co/AECWv9Nehy
@dankrutka @dmorey @TheSteinLine Take a look at other reports. Things happening in Hong Kong cannot be called freedom.
The last part of our Attacking SSL VPN series is out - The Golden Pulse Secure SSL VPN RCE Chain, with Twitter as Case Study! https://t.co/fZge5pfH13
"If you have a nuclear level weapon, when is it ready for public disclosure?"
I'm publishing some 🔥 research today, a major design flaw in Windows that's existed for almost *two decades*. I wrote a blog post on the story of the discovery all the way through to exploitation.
https://t.co/1DFW2VGQRb
@Qab The Edge’s CORS policy is so different from other browsers so that it can read files from a local domain.
Docker container with Hyper-V isolation has much less devices in compare with Windows Sandbox container (DbgKit extention for WinDBG was used - https://t.co/uQvt5Vw6pP)
@0patch @hyp3rlinx I remember that the broker will also add a Medium mandatory label for downloaded files. This can be abused in some cases.
Great post!
Re: the spraying technique used, since Windows 8, 64-bit apps that optin to high entropy ASLR (like Chrome) have ~2TB of variance in where bottom up allocations start from, hence why there is a need to spray so much (3.5TB mentioned in the blog)
It's finally out! A detailed explanation on how I could've performed a XS-Search attack on Google's bug tracker to find out vulnerable source code
https://t.co/QpgjGr8yNo #BugBounty @GoogleVRP
The default whitelist was fun and all, but here is an actual click2play bypass that would allow any domain to play Flash without user interaction: https://t.co/pyY1xzCC5J
@msftsecresponse is privileged to collaborate with some very talented people. For a recent example, see our blog on how we worked with @tiraniddo to address a bug class he identified, and how third-party driver developers can avoid it. https://t.co/HrF5LVcjSD
This blog was the result of a collaboration with @msftsecresponse on fixing an interesting Windows kernel bug class. Fixes for the the issues MSRC found should be in 19H1. Thanks to Steven and Gavin for making this happen :-)
Last Seen Users on Sotwe
สาวใหญ่นัดเยด
Seen from Thailand
Ani
jeje🦖 
Seen from Malaysia
Dorum Onsen ดอรั่ม ออนเซ็น แบริ่ง34 男同性戀和變性人溫泉桑拿
Seen from Thailand
ซุ้ม นินจาแอสซาซิน
Seen from Israel
D. draper
Seen from Italy
huyuhuyuwc
DOJ
Seen from Saudi Arabia
Mommy Mori ♠️❤️ Kaede Love
Seen from Mexico
#Uncle Lover
Seen from India
Most Popular Users
Elon Musk
@elonmusk
240.2M followers
Barack Obama
@barackobama
119.3M followers
Donald J. Trump
@realdonaldtrump
111.6M followers
Cristiano Ronaldo
@cristiano
109M followers
Narendra Modi
@narendramodi
107M followers
Rihanna
@rihanna
97.3M followers
NASA
@nasa
92.1M followers
Justin Bieber
@justinbieber
90.6M followers
KATY PERRY
@katyperry
86.8M followers
Taylor Swift
@taylorswift13
80.6M followers
Lady Gaga
@ladygaga
72.2M followers
Kim Kardashian
@kimkardashian
69.4M followers
YouTube
@youtube
68.6M followers
Virat Kohli
@imvkohli
68.6M followers
Bill Gates
@billgates
63.4M followers
The Ellen Show
@theellenshow
62.5M followers
CNN
@cnn
61.9M followers
Neymar Jr
@neymarjr
61.1M followers
X
@x
60.9M followers
Selena Gomez
@selenagomez
59.9M followers