Grzegorz Blinowski
@gjbl.bsky.social
''Who needs more then 8 bits?''
Reposted by Grzegorz Blinowski
Uncle Sam abruptly turns off funding for CVE program. Yes, that CVE program
Uncle Sam abruptly turns off funding for CVE program. Yes, that CVE program
Because vulnerability management has nothing to do with national security, right?
US government funding for the world's CVE program – the centralized Common Vulnerabilities and Exposures database of product security flaws – ends Wednesday.…
dlvr.it
April 16, 2025 at 12:06 AM
Uncle Sam abruptly turns off funding for CVE program. Yes, that CVE program
April 16, 2025 at 12:53 PM
To all interested in the topic of "migration to IPv6" I recommend the article by G.Huston from APNIC:
www.potaroo.net/ispcol/2024-...
This paper is exhaustive & very interesting, both in the historical part, in the analysis of the current state & presentation of the perspective for the coming years
www.potaroo.net/ispcol/2024-...
This paper is exhaustive & very interesting, both in the historical part, in the analysis of the current state & presentation of the perspective for the coming years
ISP Column - October 2024
www.potaroo.net
March 25, 2025 at 4:56 PM
To all interested in the topic of "migration to IPv6" I recommend the article by G.Huston from APNIC:
www.potaroo.net/ispcol/2024-...
This paper is exhaustive & very interesting, both in the historical part, in the analysis of the current state & presentation of the perspective for the coming years
www.potaroo.net/ispcol/2024-...
This paper is exhaustive & very interesting, both in the historical part, in the analysis of the current state & presentation of the perspective for the coming years
Funny, but sad at the same time, that so many IT security people fell for this trivial hoax.
#rsabackdoor #rsa
#rsabackdoor #rsa
March 13, 2025 at 10:57 AM
Funny, but sad at the same time, that so many IT security people fell for this trivial hoax.
#rsabackdoor #rsa
#rsabackdoor #rsa
A to ciekawe - klasyczny problem z zakresu systemów operacyjnych i synchronizacji procesów i (kosmiczna!) praktyka.
In 1997, NASA’s Pathfinder encountered a critical issue.
System resets kept wiping out mission data before it could be transmitted back to earth.
The culprit? Priority Inversion.
It's a classic computer science problem that threatened a $200 Million dollar project.
System resets kept wiping out mission data before it could be transmitted back to earth.
The culprit? Priority Inversion.
It's a classic computer science problem that threatened a $200 Million dollar project.
January 28, 2025 at 8:07 PM
A to ciekawe - klasyczny problem z zakresu systemów operacyjnych i synchronizacji procesów i (kosmiczna!) praktyka.
Good summary of some Unix system / kernel concepts on this blog. The ELF entry is quite nice and concise!
Understanding ELF File Layout in Memory
open.substack.com/pub/chessman...
open.substack.com/pub/chessman...
Understanding ELF File Layout in Memory
Understanding Section-to-Segment Relationships
open.substack.com
January 23, 2025 at 11:40 AM
Good summary of some Unix system / kernel concepts on this blog. The ELF entry is quite nice and concise!
EUROCERT to nie jest jakaś fabryka gumowych ludzików. Kompromitacja dla instytucji zaufania publicznego.
Poważny atak EUROCERT[.]pl, dostawcę podpisów cyfrowych do rządowych instytucji w Polsce. Wyciekły nie tylko numery dowodów ale i wizerunki 🥸urzędników oraz innych klientów.
Przestępcy twierdzą, że wykradli 65GB danych. Próbkę już opublikowali. Zobacz: niebezpiecznik.pl/post/atak-ra...
Przestępcy twierdzą, że wykradli 65GB danych. Próbkę już opublikowali. Zobacz: niebezpiecznik.pl/post/atak-ra...
January 16, 2025 at 3:38 PM
EUROCERT to nie jest jakaś fabryka gumowych ludzików. Kompromitacja dla instytucji zaufania publicznego.
Interesting. US is considering a ban on TP-Link routers (TP-L has 65% percent share in US SOHO market!). TP-Link has 2 vulnerabilities listed by CISA (CISCO 74, D-Link 20). So, why the ban? Politics? Yes, but not only...
innovirtuoso.com/technology/t...
innovirtuoso.com/technology/t...
The US Ban on TP-Link Routers: Political Motivations
The recent ban on TP-Link routers by the US government raises questions about the motivations behind such actions. Decision influenced by political strategies
innovirtuoso.com
January 15, 2025 at 2:40 PM
Interesting. US is considering a ban on TP-Link routers (TP-L has 65% percent share in US SOHO market!). TP-Link has 2 vulnerabilities listed by CISA (CISCO 74, D-Link 20). So, why the ban? Politics? Yes, but not only...
innovirtuoso.com/technology/t...
innovirtuoso.com/technology/t...
BASIC in C (well, sort of...)
This is so magnificently ugly!
This is so magnificently ugly!
January 15, 2025 at 2:35 PM
BASIC in C (well, sort of...)
This is so magnificently ugly!
This is so magnificently ugly!
It was bound to happen: on OS designed solely to destroy data
github.com/PartialVolum...
github.com/PartialVolum...
GitHub - PartialVolume/shredos.x86_64: Shredos Disk Eraser 64 bit for all Intel 64 bit processors as well as processors from AMD and other vendors which make compatible 64 bit chips. ShredOS - Secure ...
Shredos Disk Eraser 64 bit for all Intel 64 bit processors as well as processors from AMD and other vendors which make compatible 64 bit chips. ShredOS - Secure disk erasure/wipe - PartialVolume/sh...
github.com
January 11, 2025 at 11:23 AM
It was bound to happen: on OS designed solely to destroy data
github.com/PartialVolum...
github.com/PartialVolum...
Almost 10 new WordPress vulnerabilties just today, this platform is ... broken beyond any hope. #wordpress
CVE-2024-12585 - Property Hive WordPress XSS Governance Failure
CVE ID : CVE-2024-12585
Published : Jan. 8, 2025, 6:15 a.m. | 18 minutes ago
Description : The Property Hive WordPress plugin before 2.1.1 does not sanitise and escape a parameter before outputting it back i...
CVE ID : CVE-2024-12585
Published : Jan. 8, 2025, 6:15 a.m. | 18 minutes ago
Description : The Property Hive WordPress plugin before 2.1.1 does not sanitise and escape a parameter before outputting it back i...
CVE-2024-12585 - Property Hive WordPress XSS Governance Failure
The Property Hive WordPress plugin before 2.1.1 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin.
cvefeed.io
January 8, 2025 at 8:29 AM
Almost 10 new WordPress vulnerabilties just today, this platform is ... broken beyond any hope. #wordpress
Quantum teleportation over internet? Well... yes and no (not quite). Quantum state transfer was achieved over a 30.2-km fiber carrying 400-Gbps C-band classical traffic - i.e. "in parallel" to standard traffic.
As usual: ignore click-baits and refer to the source:
arxiv.org/abs/2404.10738
As usual: ignore click-baits and refer to the source:
arxiv.org/abs/2404.10738
January 2, 2025 at 12:22 PM
Quantum teleportation over internet? Well... yes and no (not quite). Quantum state transfer was achieved over a 30.2-km fiber carrying 400-Gbps C-band classical traffic - i.e. "in parallel" to standard traffic.
As usual: ignore click-baits and refer to the source:
arxiv.org/abs/2404.10738
As usual: ignore click-baits and refer to the source:
arxiv.org/abs/2404.10738
I am quite surprised by the outcome of "API client language popularity" (as reported in the annual Cloudflare's survey). I could bet that Node.js ranks 1st, but Go wins by 2% margin.
radar.cloudflare.com/year-in-revi...
radar.cloudflare.com/year-in-revi...
December 28, 2024 at 1:09 PM
I am quite surprised by the outcome of "API client language popularity" (as reported in the annual Cloudflare's survey). I could bet that Node.js ranks 1st, but Go wins by 2% margin.
radar.cloudflare.com/year-in-revi...
radar.cloudflare.com/year-in-revi...
AS16509 (AMAZON-02 — Amazon Web Services) the largest single source of bot trafic on the internet. Also pay attention the the "Other" box. More in "Year in Review 2024" by Cloudflare:
radar.cloudflare.com/year-in-revi...
radar.cloudflare.com/traffic/as16...
radar.cloudflare.com/year-in-revi...
radar.cloudflare.com/traffic/as16...
December 19, 2024 at 2:39 PM
AS16509 (AMAZON-02 — Amazon Web Services) the largest single source of bot trafic on the internet. Also pay attention the the "Other" box. More in "Year in Review 2024" by Cloudflare:
radar.cloudflare.com/year-in-revi...
radar.cloudflare.com/traffic/as16...
radar.cloudflare.com/year-in-revi...
radar.cloudflare.com/traffic/as16...
Here is some food for your thought:
Why so much difference in http/all-traffic ratio between Germany and Poland?
radar.cloudflare.com/de
radar.cloudflare.com/pl
#httpvsallothertrafficwth?
Why so much difference in http/all-traffic ratio between Germany and Poland?
radar.cloudflare.com/de
radar.cloudflare.com/pl
#httpvsallothertrafficwth?
December 15, 2024 at 8:33 PM
Here is some food for your thought:
Why so much difference in http/all-traffic ratio between Germany and Poland?
radar.cloudflare.com/de
radar.cloudflare.com/pl
#httpvsallothertrafficwth?
Why so much difference in http/all-traffic ratio between Germany and Poland?
radar.cloudflare.com/de
radar.cloudflare.com/pl
#httpvsallothertrafficwth?
Consider submitting a paper to *Applied Sciences* Special Issue "Intelligent Systems and Information Security" tinyurl.com/25hbsb57
Selected topics:
Cloud, network, Mobile/wireless/5G & IoT security;
Intrusion detection and prevention;
Threat intelligence;
Side-channel attacks;
Fraud detection;
Selected topics:
Cloud, network, Mobile/wireless/5G & IoT security;
Intrusion detection and prevention;
Threat intelligence;
Side-channel attacks;
Fraud detection;
December 4, 2024 at 3:10 PM
Consider submitting a paper to *Applied Sciences* Special Issue "Intelligent Systems and Information Security" tinyurl.com/25hbsb57
Selected topics:
Cloud, network, Mobile/wireless/5G & IoT security;
Intrusion detection and prevention;
Threat intelligence;
Side-channel attacks;
Fraud detection;
Selected topics:
Cloud, network, Mobile/wireless/5G & IoT security;
Intrusion detection and prevention;
Threat intelligence;
Side-channel attacks;
Fraud detection;
A new paper in C&S (written with my MSc student) on fuzzing trusted operating systems with Rust proc macros.
authors.elsevier.com/a/1kA%7Enc43...
authors.elsevier.com/a/1kA%7Enc43...
November 30, 2024 at 11:52 AM
A new paper in C&S (written with my MSc student) on fuzzing trusted operating systems with Rust proc macros.
authors.elsevier.com/a/1kA%7Enc43...
authors.elsevier.com/a/1kA%7Enc43...