CVE-2022-36572 Sinsiu Sinsiu Enterprise Website System v1.1.1.0 was discovered to contain a remote code execution (RCE) vulnerability via the componen...

RT The ASGAARD Lab: Super congrats to @finlaymacklon, @taesiri, Stefan and @viggiato who had their paper "Automatically Detecting Visual Bugs in HTML5...

Inside the World’s Biggest Hacker Rickroll | WIRED

汇率离年初说的7不远了，9月份应该就能看到。国内刚降息就遭到当头一棒。

20000和1500没撑住，老鲍的讲话影响有点大。只能看两周后的cpi数据有没有救了。1500抄了一部分eth，剩下的在1200-1500之间做了个v3接货

这个厉害了//@网络安全俱乐部:转发微博

呵呵

这处罚轻了，为啥这个时候不套用口袋罪了？//@牛仔帽:挺傻逼的，以为路是他家开的。//@安全北北:这什么傻逼啊//@iCoA第一特工:有病吧？//@霜叶: 行政拘留都轻了，这种人疯了吧//@赏味不足:神经病//@PS3保罗:病的不轻//@老蘇老了:这种傻货……这驾照不吊销了？

感觉水平有点低啊。//@牛仔帽:还好有百度，还好流调人员有好学的精神，要不然就给你赋黄马甲了。

不明觉厉

cby的日常(before 2022.7.21)

RT DCG 201 :: August CANCELED, SEE YOU IN SEPTEMBER!: 20 years of @defcon be like:

RT Saito: My favorite @defcon moment, I'm sitting down in linecon at about 8 or 9 Wednesday night, and someone comes up to us, and tells us it's their...

Re @akudryk007 @BonusPlay3 Spam

August 26th, Montenegro's Agency for National Security (ANB) reported a coordinated and continuous cyberattack from the Russian government. They warn ...

Re @hubermanlab Diet Coke is amazing

Re Please share some things in this thread which are working for you in life & that others may find helpful!

Re @cb_doge @NorthmanTrader Yeah, I lift a little …

Re @NorthmanTrader Over 20 lbs down from my (unhealthy) peak weight

From time to time, I will share some things that seem to be working for me, in case you find it helpful

Re The Zero fasting app is quite good

On advice of a good friend, I’ve been fasting periodically & feel healthier

Re @nypost Yes, but I’ve done a lot with the place!

If you want to learn more Offensive Security tradecraft check out my books 💯 Bug Bounty Playbook - Bug Bounty Playbook 2 - Cloud Hacking Playbook -...

CVE-2022-38571 Tenda M3 V1.0.0.12(4856) was discovered to contain a buffer overflow in the function formSetGuideListItem.

CVE-2022-38570 Tenda M3 V1.0.0.12(4856) was discovered to contain a stack overflow in the function formDelPushedAd. This vulnerability allows attacker...

CVE-2022-38569 Tenda M3 V1.0.0.12(4856) was discovered to contain a stack overflow in the function formDelAd.

CVE-2022-38568 Tenda M3 V1.0.0.12(4856) was discovered to contain a heap buffer overflow vulnerability in the function formSetFixTools. This vulnerabi...

CVE-2022-38567 Tenda M3 V1.0.0.12(4856) was discovered to contain a stack overflow vulnerability in the function formSetAdConfigInfo. This vulnerabili...

CVE-2022-38566 Tenda M3 V1.0.0.12(4856) was discovered to contain a heap buffer overflow vulnerability in the function formEmailTest. This vulnerabili...

CVE-2022-38565 Tenda M3 V1.0.0.12(4856) was discovered to contain a heap buffer overflow vulnerability in the function formEmailTest. This vulnerabili...

CVE-2022-38564 Tenda M3 V1.0.0.12(4856) was discovered to contain a buffer overflow vulnerability in the function formSetPicListItem. This vulnerabili...

CVE-2022-38563 Tenda M3 V1.0.0.12(4856) was discovered to contain a heap buffer overflow vulnerability in the function formSetFixTools. This vulnerabi...

CVE-2022-38562 Tenda M3 V1.0.0.12(4856) was discovered to contain a heap buffer overflow vulnerability in the function formSetFixTools. This vulnerabi...

CVE-2022-38557 D-Link DIR845L v1.00-v1.03 contains a Static Default Credential vulnerability in /etc/init0.d/S80telnetd.sh.

CVE-2022-38556 Trendnet TEW733GR v1.03B01 contains a Static Default Credential vulnerability in /etc/init0.d/S80telnetd.sh.

CVE-2022-38555 Linksys E1200 v1.0.04 is vulnerable to Buffer Overflow via ej_get_web_page_name.

CVE-2022-37057 D-Link Go-RT-AC750 GORTAC750_revA_v101b03 and GO-RT-AC750_revB_FWv200b02 are vulnerable to Command Injection via cgibin, ssdpcgi_main.

CVE-2022-37056 D-Link GO-RT-AC750 GORTAC750_revA_v101b03 and GO-RT-AC750_revB_FWv200b02 is vulnerable to Command Injection via /cgibin, hnap_main,

CVE-2022-37055 D-Link Go-RT-AC750 GORTAC750_revA_v101b03 and GO-RT-AC750_revB_FWv200b02 are vulnerable to Buffer Overflow via cgibin, hnap_main,

CVE-2022-37053 TRENDnet TEW733GR v1.03B01 is vulnerable to Command injection via /htdocs/upnpinc/gena.php.

CVE-2022-36756 DIR845L A1 v1.00-v1.03 is vulnerable to command injection via /htdocs/upnpinc/gena.php.

CVE-2022-36755 D-Link DIR845L A1 contains a authentication vulnerability via an AUTHORIZED_GROUP=1 value, as demonstrated by a request for getcfg.php.

Re @moyix Yes.

Re @moyix At least this is my intuitive understanding of the two concepts. One is concerned with the magnitude. The other is concerned with the validi...

Re @moyix If 10 throws of one fair dice gives you all sixes and 10 throws of another fair dice gives you a fairly uniform distribution, you get a larg...

Re @moyix Technically, they are two different concepts. Whichever effect size you estimate and however large you may estimate it - may not be valid. T...

Re @moyix Not being able to reject the null means there may not be an effect, at all.

Re @stherbold Looks really interesting! Idea is to combine data exploration and visualisation.

Re @ChristophLaaber Nice! I'm using boot, as well, and I know about Hmisc, but PMCMRPlus look super-useful, too!