[EN/ID] Naoko Shoto Works • #ShitpostGANG
Dump by @naokoshoto // co admin w/ lumxumboy, aanja, emilio Personal Bio: @naokoshoto_bio Discussion Group: @naokoshoto_discuss Design Commissions: https://naokoshoto.carrd.co/ Part of @shitpost_gang
Mostrar más223
Suscriptores
Sin datos24 horas
-17 días
Sin datos30 días
Distribuciones de tiempo de publicación
Carga de datos en curso...
Find out who reads your channel
This graph will show you who besides your subscribers reads your channel and learn about other sources of traffic.
Análisis de publicación
| Mensajes | Vistas | Acciones | Ver dinámicas |
01 Media files | 11 | 0 | Loading... |
02 OH NOE | 23 | 0 | Loading... |
03 somebody help me unseen it pls | 23 | 0 | Loading... |
04 Microsoft Discovers Dirty Stream Vulnerability in Android Apps
Microsoft has discovered a critical security loophole dubbed "Dirty Stream," which could allow malicious Android apps to overwrite files in another application's home directory, potentially leading to arbitrary code execution and stealing valuable user information.
The flaw arises from the improper use of Android's content provider system, typically designed to facilitate secure data exchange between different applications on a device. It includes safeguards such as strict isolation of data, URIs (Uniform Resource Identifiers), and thorough validation of file paths to ward off unauthorized access.
When implemented incorrectly, custom intents, which are messaging objects that facilitate communication between components across Android apps, could bypass these security measures.
For example, vulnerable apps may fail to adequately check file names or paths, allowing a malicious app to sneak in harmful code camouflaged as legitimate files.
Microsoft’s investigation revealed that this vulnerability is NOT an isolated issue, as the research found incorrect implementations of the content provider system prevalent across many popular Android apps.
Affected apps include Xiaomi’s File Manager (1B+ downloads) and WPS Office (500M+ installs)
Follow @TechLeaksZone | 21 | 1 | Loading... |
05 New York Times source code stolen using exposed GitHub token
The New York Times confirmed that its internal source code and data were leaked on 4chan after being stolen from its GitHub repositories in January 2024. The breach occurred due to an exposed GitHub token, resulting in a leak of 273GB of data, including IT documentation, infrastructure tools, and source code.
There are around 5 thousand repos (out of them less than 30 are additionally encrypted I think), 3.6 million files total, uncompressed tar.
The Times stated the breach was quickly addressed and there was no unauthorized access to internal systems or operational impact.
🔗 Bleeping Computer
🧑💻 @agamtechtricks | 18 | 1 | Loading... |
06 🍃 Wah, Ayah jago bikin bakcang ya! Yang manis sama yang asin, dua-duanya enak banget! Aku sama Man Chai ambil beberapa buat bagi-bagi sama teman ya!
Oh iya, aku tidak makan malam di rumah ya, jadi Ayah tidak perlu nunggu ... Nungguinnya di ujung jalan sana saja! Aku bakal bikin pertunjukan Tarian Wushou di sana malam ini, jadi begitu beres, mungkin kita bisa ke kedai teh bareng ....
Terima kasih Siya untuk karyanya yang luar biasa!
Kunjungi akun TikTok Genshin Impact! | 20 | 0 | Loading... |
07 Me fr | 37 | 0 | Loading... |
08 Media files | 37 | 0 | Loading... |
09 fucking based | 37 | 0 | Loading... |
10 based | 36 | 0 | Loading... |
11 kek | 37 | 0 | Loading... |
12 LGA 1851 & Intel Core "Ultra" 200 series u can't hide them at all Intel | 36 | 0 | Loading... |
13 for decades | 35 | 0 | Loading... |
14 everybody fucking knew | 35 | 0 | Loading... |
15 Stop fucking hiding out of nowhere Pat Gelsinger | 37 | 0 | Loading... |
16 Yo this guy doing the right job | 35 | 0 | Loading... |
17 https://www.youtube.com/watch?v=pL4jBOQKw8k | 34 | 0 | Loading... |
18 Bruh 💀 | 31 | 0 | Loading... |
19 Wife | 31 | 0 | Loading... |
20 Мастер меча Март 7
Выдается за сюжет как ГГ разных путей.
Reddit | HSR Leaks | #новости | 24 | 0 | Loading... |
21 Jalinan Navigasi Rel Bintang | March 7th
"Maafkan kelakuanku!"
March 7th yang mengenakan pakaian khas Xianzhou. Seorang gadis pendekar pedang.
Berguru pada Yunli dan Yanqing. Dia sudah tidak sabar untuk meninggalkan lebih banyak "kenangan" indah di Xianzhou.
Tips Pom-Pom: Ikuti event untuk membuka Path baru "March 7th". Harap nantikan ya, pom~ | 28 | 0 | Loading... |
22 In response of criticism towards Recall, Microsoft officially commented the situation and is already preparing drastic changes. Its SQLite database and snapshots will now be encrypted, and additional Windows Hello biometric authentication will be required to access the feature, among other changes.
Before June 18, the Redmond software giant will make several changes, with a preview version of updated Recall to become available to all users of Copilot+ devices.
* Microsoft will update the Windows OOBE/initial setup on Copilot+ devices so that users can decide whether they want to have Recall enabled on their device.
* Enabling Recall now requires Windows Hello authentication. Windows Hello confirmation is required to access the timeline and search in Recall. The data in Recall will be decrypted and accessible only after the user is authorized.
* The SQLite database is now encrypted. | 27 | 0 | Loading... |
23 Apple finally confirms how long it will support iPhones
Apple has confirmed it will provide security updates for iPhones for a minimum of 5 years, following the UK’s PSTI regulation. This is Apple's first official commitment to a support period, starting with the iPhone 15 series.
However, this five-year period is less than the seven years guaranteed by Samsung and Google for their flagship devices.
Historically, Apple has often provided updates for longer than five years. This change means Apple no longer offers the longest guaranteed support. Users will need to hope Apple doesn't cut off support after the five-year minimum.
📹 Compliance Statement
🔗 Android Authority
🧑💻 @agamtechtricks | 26 | 0 | Loading... |
24 Media files | 28 | 0 | Loading... |
25 Yes, you can now see everything on your own data in Recall
Xaitax, a cybersecurity advisor, recently published a Python tool named "TotalRecall" that used to "extracts and displays data from the Recall feature in Windows 11, providing an easy way to access information about your PC's activity snapshots" on his own GitHub.
And today, Mental Outlaw just showed us how easily he could access to his own activities data saved inside Recall by using that tool, that moreover, in details (time, date,...). Even further, these screenshots taken by Recall won't even properly encrypted and can be viewed using an image viewer (like IrfanView) & all extracted from AppData which won't required administrator permission too.
Imagine if you entering a sensitive info like password, card number,... and you accidentally "showed" them on your screen, you knew what would come to you.
🔗 TotalRecall (GitHub) | Mental Outlaw's video
🧑💻 @agamtechtricks | 35 | 0 | Loading... |
26 They would | 45 | 0 | Loading... |
27 there won't be any privacy here except only if the EU do sth | 44 | 0 | Loading... |
28 as the name | 44 | 0 | Loading... |
29 Spycrosoft | 48 | 0 | Loading... |
30 Spycrosoft still ever themselves | 53 | 0 | Loading... |
31 Fun fact: Millions of iPhone users have already been texting over RCS, they just haven't been aware of it.
In Japan, the +Message app, available on iOS and Android, uses RCS.
More details can be found in this article on Android Authority. | 37 | 0 | Loading... |
32 Apple no longer offers the best security support timeline in the smartphone world. Both Google and Samsung beat them, as Apple has FINALLY committed to a minimum support window for the iPhone (hint: it's less than 7 years).
More details can be found in my latest article for Android Authority. | 25 | 0 | Loading... |
33 Despite all claims, Windows Recall is not that private or even safe. A researcher has discovered that all the info is not encrypted and can be accessed without much effort.
Recall is one of the key AI features of the upcoming Windows 11 version 24H2. It can analyze everything that happens on your screen by storing snapshots, screenshots and so on. The stored data can be searched, and the apps and documents can be restored to their state at the specific moment of time.
Microsoft claimed that data processing is performed locally without access to cloud services, and all collected information is stored encrypted. In fact, your data is only protected by Device Protection and BitLocker.
Recall creates screenshots every few seconds. A locally running Azure AI instance processes them and saves to an SQLite database in the user folder. This file stores information about everything you've ever viewed on your computer in plain text. The database is stored in the AppData folder and can be accessed even without administrator rights, and can be viewed with any of the available SQLite clients/browsers and so on.
What is worse is that Recall has no filters. It won't record private browsing from Edge, Chrome and some other browser. But the rest of time it captures passwords, credit card numbers and other sensitive data in screenshots. According to Microsoft, all this will end up in the Recall database if the site or app does not hide the entered password. Now imagine that you press some "show password" button.
It is worth noting that you can prevent certain apps or websites from being recorded by specifying them on the Recall page in the Settings app. But if you don't filter apps and websites, Recall will collect sensitive information. | 32 | 0 | Loading... |
34 I'll be glad if someone can lend me the servers / fund me to rent a server for one week to test the patches | 51 | 1 | Loading... |
35 Good news, QPR2 GSIs booted on camellia(n) (Rising 3.2 official)
Bad news, I have no screenshot as there is alot of bugs (IMS) that I imediately flashed another rom
Apply Patches next on normal Custom ROM? 👀 | 51 | 0 | Loading... |
36 vt.tiktok.com/ZSYrsJNMp/ | 119 | 2 | Loading... |
37 Indo wehn | 69 | 0 | Loading... |
38 📣 : First Apple Store in Malaysia
🇲🇾 Apple announced plans to open its first store in Malaysia next month, marking a significant expansion into the Asia region beyond China.
📍 The store will be located at The Exchange TRX mall in Kuala Lumpur and will open on June 22 at 10 AM local time.
The new location has been in development for several years, with hiring beginning early last year. Although initially set to open in February, the store faced delays.
Apple already has stores in the wider region, including India, Thailand, and Singapore..
➤ @Tecknight | 51 | 0 | Loading... |
Repost from Tech & Leaks Zone
Microsoft Discovers Dirty Stream Vulnerability in Android Apps
Microsoft has discovered a critical security loophole dubbed "Dirty Stream," which could allow malicious Android apps to overwrite files in another application's home directory, potentially leading to arbitrary code execution and stealing valuable user information.
The flaw arises from the improper use of Android's content provider system, typically designed to facilitate secure data exchange between different applications on a device. It includes safeguards such as strict isolation of data, URIs (Uniform Resource Identifiers), and thorough validation of file paths to ward off unauthorized access.
When implemented incorrectly, custom intents, which are messaging objects that facilitate communication between components across Android apps, could bypass these security measures.
For example, vulnerable apps may fail to adequately check file names or paths, allowing a malicious app to sneak in harmful code camouflaged as legitimate files.
Microsoft’s investigation revealed that this vulnerability is NOT an isolated issue, as the research found incorrect implementations of the content provider system prevalent across many popular Android apps.
Affected apps include Xiaomi’s File Manager (1B+ downloads) and WPS Office (500M+ installs)
Follow @TechLeaksZone
Repost from Agam's Tech Tricks
Photo unavailableShow in Telegram
New York Times source code stolen using exposed GitHub token
The New York Times confirmed that its internal source code and data were leaked on 4chan after being stolen from its GitHub repositories in January 2024. The breach occurred due to an exposed GitHub token, resulting in a leak of 273GB of data, including IT documentation, infrastructure tools, and source code.
There are around 5 thousand repos (out of them less than 30 are additionally encrypted I think), 3.6 million files total, uncompressed tar.The Times stated the breach was quickly addressed and there was no unauthorized access to internal systems or operational impact. 🔗 Bleeping Computer 🧑💻 @agamtechtricks
Repost from Genshin Impact ID
Photo unavailableShow in Telegram
🍃 Wah, Ayah jago bikin bakcang ya! Yang manis sama yang asin, dua-duanya enak banget! Aku sama Man Chai ambil beberapa buat bagi-bagi sama teman ya!
Oh iya, aku tidak makan malam di rumah ya, jadi Ayah tidak perlu nunggu ... Nungguinnya di ujung jalan sana saja! Aku bakal bikin pertunjukan Tarian Wushou di sana malam ini, jadi begitu beres, mungkin kita bisa ke kedai teh bareng ....
Terima kasih Siya untuk karyanya yang luar biasa!
Kunjungi akun TikTok Genshin Impact!