Mastodon for JamesMWright.com
#vulnerability

It's a real pity my post about my car insurance vulnerability[1] didn't go mainstream. I mean, technicians read about that (HackerNews' top 10 and also HackerOne), but non-tech (and Italian) people need to know about it! Unfortunately my post both technical and written in English. I didn't manage this very well :-/

[1] andreascarpino.it/posts/how-my

#privacy #vulnerability #disclosure #iot

I know of at least one Samsung eMMC implementation using an ARM instruction set that had a #bug requiring a firmware updater to be pushed to #Android devices.
#hackathon #fediversefriday #openhardware #security #infosec #opsec #vulnerability #IoT #weekend

Greetings and welcome new #mastodon users! Here's my #introduction!

I'm an #infosec analyst for a large #electric #utility. I spend most of my days looking at #vulnerability reports and wrangling my #pki servers (CAs).

When I'm not at work I'm usually at home #writing, or working on some #3d modeling and animation.

Also hugely interested in #meshnetworking and #darknets, and I'm a bit of a #privacy nut as well.

Currently been immersing myself into all things #electroswing and loving it.

Another branded #vulnerability with probably negligible impact to day-to-day infosec. ringroadbug.com/

Oh and these security marketing geniuses also couldn't manage to set up an HTTPS cert.

‪Remote code execution found in , workaround has been issued by VMware. The flaw takes advantage of the system participating in the "customer experience improvement program", which sends anonymous data back to the vendor. Go disable it now! ‬🛠

‪https://kb.vmware.com/selfservice/microsites/search.do?language=en_US&cmd=displayKC&externalId=2149815‬