Gonçalo Valério @dethos@s.ovalerio.net

"Stop using ridiculously low DNS TTLs"

https://00f.net/2019/11/03/stop-using-low-dns-ttls/

#dns

[CVE-2019-14615]

"When an application uses the GPU, some private data inevitably get stored in GPU. We find the graphics driver fails to wipe them after the application finishes, so the data preserve in the GPU. Therefore, an attacker can run a GPU spyware to steal these private data."

https://github.com/HE-Wenjian/iGPU-Leak

#security #infosec #intel #gpu

Nice description of the "pledge()" and "unveil()" mechanisms, now available on 2 operating systems.

https://awesomekling.github.io/pledge-and-unveil-in-SerenityOS/

#infosec #security

Explanation of how bash history works and how to change its behavior:

https://secbytes.net/Hiding-Your-Tracks-Bash-History/

#bash #linux #unix #digitalforensics

Ohh... c'mon, its 2020 and we still have to use websites that do this kind of stuff 🤦‍♂️

#security #webdev

How Google Groups can be used to sign in into certain services as a member of given company:

https://medium.com/@milanmagyar/ggvulnz-how-i-hacked-hundreds-of-companies-through-google-groups-b69c658c8924

#security #infosec #netsec

"Why API responses should be signed"

https://shkspr.mobi/blog/2020/01/why-api-responses-should-be-signed/

🤔

"Banning Facial Recognition Isn’t Enough"

https://www.nytimes.com/2020/01/20/opinion/facial-recognition-ban-privacy.html

#privacy

Detailed summary of all 44 AppSec Cali 2019 talks

https://tldrsec.com/blog/appsec-cali-2019

#security #appsec #infosec

"Critical Windows 10 vulnerability used to Rickroll the NSA and Github"

https://arstechnica.com/information-technology/2020/01/researcher-develops-working-exploit-for-critical-windows-10-vulnerability/

Detailed info here: https://research.kudelskisecurity.com/2020/01/15/cve-2020-0601-the-chainoffools-attack-explained-with-poc/

#security #infosec #windows

"EU mulls five-year ban on facial recognition tech in public areas"

https://www.reuters.com/article/us-eu-ai/eu-mulls-five-year-ban-on-facial-recognition-tech-in-public-areas-idUSKBN1ZF2QL

🤔 makes sense

#privacy #eu #europe

"Six design patterns to avoid when designing computer systems."

https://www.ncsc.gov.uk/whitepaper/security-architecture-anti-patterns

#security #netsec #infosec

"Even Google forgets to renew its domains"

https://shkspr.mobi/blog/2020/01/even-google-forgets-to-renew-its-domains/

#security #dns

"Writing Software to Last 50 Years"

https://bytes.yingw787.com/posts/2020/01/13/50years/

SSH: Overview and pentesting guide.

https://community.turgensec.com/ssh-hacking-guide/

#security #netsec #ssh

"The Bug That Exposed Your PayPal Password"

https://medium.com/@alex.birsan/the-bug-that-exposed-your-paypal-password-539fc2896da9

#security #infosec

"Are you ready to work remotely?"

https://letterstoanewdeveloper.com/2020/01/06/are-you-ready-to-work-remotely/

#remotework