|
ratbert90 posted:https://arstechnica.com/information-technology/2020/01/researchers-find-serious-flaws-in-wordpress-plugins-used-on-400k-sites/ wordpress has to be the single most exploited piece of software ever
|
# ? Jan 17, 2020 18:19 |
|
|
# ? Jun 7, 2024 20:37 |
|
akadajet posted:wordpress has to be the single most exploited piece of software ever tbf, this sounds like a plugin doing something absurdly stupid, like using hardcoded or trivially predictable admin credentials for remote admin
|
# ? Jan 17, 2020 18:26 |
|
lol https://twitter.com/casey/status/1218196881735503872
|
# ? Jan 17, 2020 18:30 |
|
Soricidus posted:it had been leaked yeah, the shadow brokers were trying to sell it for bitcoin Yeah that was totally what they were really doing and not a distraction at all.
|
# ? Jan 17, 2020 18:56 |
|
Is there some sane place in the registry where you can pull the full build number for windows? HKLM\Software\Windows NT\Current Version doesn't give the hotfix # and the place I can seem to find it is buried in HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Update\TargetingInfo\Installed\Client.OS.rs2.amd64 which feels sketchy as gently caress and I'm not confident all the various major win10 releases use it consistently
|
# ? Jan 17, 2020 22:17 |
|
does it need to be in the registry or can you get it from like wmi?
|
# ? Jan 17, 2020 22:21 |
|
Shaggar posted:does it need to be in the registry or can you get it from like wmi? registry only, unfortunately. I'm doing it with some janky ladder logic that's included in the SEP client because this garbage AV has twice the deployment base of our loving sccm platform e: MAYBE I could have it fire off a wmi cli command to have it write the full build info to a reg key I specify and then query it from that. Would be completely stupid but that's life for you
|
# ? Jan 17, 2020 22:41 |
|
if you created your own key hierarchy for that kind of thing it wouldn't be the worst. you could have a gpo write a bunch of diagnostic type info to your place in the registry and use that for filtering or w/e SEP does. ReleaseId, currentbuild, and UBR under currentversion seem to be consistent w/ whats in winver on a couple comps I checked. if you cant do stuff based on the combination of those then its probably not useful
|
# ? Jan 17, 2020 22:55 |
|
https://twitter.com/malwarejake/status/1218234923271753728?s=21
|
# ? Jan 18, 2020 00:57 |
|
one time spotify somehow caused a collision between someone else's account and my own, which deleted a bunch of my playlists but let me broadcast music to their computer being a lovely memelord i played smash mouth at full volume, but then i changed my password to be safe and that fixed it somehow
|
# ? Jan 18, 2020 01:28 |
|
smash mouth change the password
|
# ? Jan 18, 2020 01:42 |
|
Djeser posted:one time spotify somehow caused a collision between someone else's account and my own, which deleted a bunch of my playlists but let me broadcast music to their computer facebook as auth bites another company in the rear end, I guess
|
# ? Jan 18, 2020 02:30 |
|
OhNo!Auth
|
# ? Jan 18, 2020 03:33 |
|
... and I felt old just going "eh I'll mirror this with dd what's the worst that can happen". (Sector misalignment. That's the worst that can happen.)
|
# ? Jan 18, 2020 03:37 |
|
endlessmonotony posted:... and I felt old just going "eh I'll mirror this with dd what's the worst that can happen". drive geometry is a harsh mistress
|
# ? Jan 18, 2020 03:39 |
|
spotify facebook auth is some weird poo poo. i used to use it as holdover from the dumb times when they required it, and someone was able to use my account repeatedly, despite me logging out all devices several times and confirming that nothing that wasn't me had logged into my facebook account. no idea how that would happen, but thankfully they let you remove the facebook link now
|
# ? Jan 18, 2020 05:46 |
|
|
# ? Jan 19, 2020 00:59 |
|
|
# ? Jan 19, 2020 01:04 |
|
Such timing, isn't that company having labor strikes right now?
|
# ? Jan 19, 2020 01:54 |
|
Dumb Lowtax posted:Such timing, isn't that company having labor strikes right now? Its a video game company with name recognition so probably not. There are 50000 people who will work for minimum wage for the privilege of working at The Video Game Company waiting to replace anybody who strikes
|
# ? Jan 19, 2020 02:41 |
|
Ah I was thinking of the organized walkout from back in May, which just popped up in the news again as things escalate https://www.latimes.com/business/technology/story/2020-01-07/major-union-launches-campaign-to-organize-video-game-and-tech-workers
|
# ? Jan 19, 2020 03:30 |
|
https://twitter.com/RiotSupport/status/1218333629606055936 lol the link has changed to a bitly to this twitter post. Pretty sure this is an attempt pretending that it was just poor communication and not actually that they just got owned.
|
# ? Jan 19, 2020 05:02 |
|
no, it was always l/I confusion
|
# ? Jan 19, 2020 05:10 |
|
for those experiencing the blank friends list issue, try making some friends you loving loser
|
# ? Jan 19, 2020 11:21 |
|
loser can have a little friends
|
# ? Jan 19, 2020 14:28 |
|
https://twitter.com/dosnostalgic/status/1218916376817164288 Happy Birthday to the first virus for DOS.
|
# ? Jan 19, 2020 17:41 |
|
I can’t imagine much worse data to leak than this Adult Site Leaks 20GB of Porn Cam Models Data, Including Names, Passport Scans
|
# ? Jan 19, 2020 20:40 |
|
worse: a snapchat dump which contains every image ever sent on the service
|
# ? Jan 19, 2020 20:43 |
|
Shifty Pony posted:I was actually pleasantly surprised at how quickly the agency I work for responded. They sent out the "save your poo poo" warning email at 6PM ET on Tuesday then pushed the patch at midnight. Nice to see they prioritize security over a bunch of people possibly losing open work because they had already left for the day. Bulgakov posted:bummed that we might never know about the actual reasons the NSA decided to get big responsible disclosure press from this crypto problem
|
# ? Jan 19, 2020 21:27 |
|
irpoweroutlet posted:I can’t imagine much worse data to leak than this There was a talk I watched like 12 years ago about how a lot of porn producers were so freaked out over being accused of underage performers that they did stupid poo poo like have driver's license scans available on their website or in similarly insecure places. I'm not shocked that stupid things are still being done with performer PII in lazy attempts to protect producers.
|
# ? Jan 19, 2020 23:54 |
|
There was a guy who went to court on child porn charges for having material of a woman who looked underage. The defense subpoenaed the actress' passport to prove his innocence.
|
# ? Jan 20, 2020 00:10 |
|
that was anne howe, who testified she wasn't a child and the prosecutors went ahead and got convictions anyway because acab
|
# ? Jan 20, 2020 00:15 |
|
I looked it up and the case I was talking about was with Little Lupe.
|
# ? Jan 20, 2020 00:22 |
|
spankmeister posted:I looked it up and the case I was talking about was with Little Lupe. she actually showed up in court with proof of her age had she not done that, the guy would have gone to prison based solely on the testimony of some random pediatrician who incorrectly swore that she was underage
|
# ? Jan 20, 2020 00:48 |
|
The_Franz posted:she actually showed up in court with proof of her age Revoke their medical licence.
|
# ? Jan 20, 2020 02:10 |
|
Expert witnesses are basically a sham. You can get a professional expert witness to say whatever you want.
|
# ? Jan 20, 2020 02:16 |
|
Mr.Radar posted:https://twitter.com/dosnostalgic/status/1218916376817164288 Shouldn't "DOS Nostalgic" be running 32 bit Windows? (as far as I can tell it would still work fine in win10...)
|
# ? Jan 20, 2020 03:03 |
|
in any other thread Brain is still categorized as "severe" should be the title but the current is much better right now
|
# ? Jan 20, 2020 03:13 |
|
Agile Vector posted:in any other thread Brain is still categorized as "severe" should be the title but the current is much better right now The article is on the wrong side of “little”.
|
# ? Jan 20, 2020 03:16 |
|
|
# ? Jun 7, 2024 20:37 |
|
Platystemon posted:
gently caress off prescriptivist
|
# ? Jan 20, 2020 05:31 |