"Basic Electron Framework Exploitation"
> A lot of Chromebook and Chromebox users don't realize this, but all ChromeOS devices have an expiration date.
🤦♂️ put linux on it or don't buy this kind of stuff.
"Security analysis of <portal> element"
Some tips to increase the security of your kubernetes cluster:
Mysterious iOS Attack Changes Everything We Know About iPhone Hacking. For two years, a handful of websites have indiscriminately hacked thousands of iPhones.
Fun fact: wizzair.com let's you set a long password, but behind the scenes it truncates it to 16 characters (because obviously every byte is precious these days, I guess?).
When you try to log-in with your long long password, it fails. You have to *know* to truncate it yourself to 16 chars.
This is a major airline in 2019.
What happens when you launch your browser for the first time:
Interesting read. I was kind of disappointed to learn that:
"The http://mozilla.org tab discussing the importance of Privacy loads in the background, bringing along with it the Google Tag Manager and Google Analytics. Hello, Google."
Hey #cccamp19, you know everything you buy from Decathlon has a long-range UHF RFID tag on it, and I have a reader with 10m range?
145 unique tags scanned from a quick walk around the Milliways area.
Typechecking Django and DRF
Yikes. "The fingerprints of over 1 million people, as well as facial recognition information... was discovered on a publicly accessible database for a company used by the likes of the UK Metropolitan police, defence contractors and banks." https://www.theguardian.com/technology/2019/aug/14/major-breach-found-in-biometrics-system-used-by-banks-uk-police-and-defence-firms
Matrix of affected web servers: https://vuls.cert.org/confluence/pages/viewpage.action?pageId=56393752
"HTTP/2 Denial of Service Advisory"
"It turns out it was possible to reach across sessions and violate NT security boundaries for nearly twenty years, and nobody noticed."
Someone was able to put some ransomware in a DSLR Camera, exploiting the PTP protocol implementation.