/r/netsec - Information Security News & Discussion
We had a security incident. Here’s what we know.
February 9^th 2023 at 20:29

We had a security incident. Here’s what we know.

By /u/sanitybit

submitted by /u/sanitybit
[link] [comments]

Related tags
- ❌
- r/netsec
February 9^th 2023 at 20:29

/r/netsec - Information Security News & Discussion
Exploit Vector Analysis of Emerging 'ESXiArgs' Ransomware
February 9^th 2023 at 19:48

Exploit Vector Analysis of Emerging 'ESXiArgs' Ransomware

By /u/DrinkMoreCodeMore

submitted by /u/DrinkMoreCodeMore
[link] [comments]

Related tags
- ❌
- r/netsec
February 9^th 2023 at 19:48

/r/netsec - Information Security News & Discussion
Neo4jection: Secrets, Data, and Cloud Exploits - Attacking Neo4j
February 9^th 2023 at 14:56

Neo4jection: Secrets, Data, and Cloud Exploits - Attacking Neo4j

By /u/lowlandsmarch

submitted by /u/lowlandsmarch
[link] [comments]

Related tags
- ❌
- r/netsec
February 9^th 2023 at 14:56

/r/netsec - Information Security News & Discussion
Offphish - Phishing revisited in 2023
February 9^th 2023 at 10:10

Offphish - Phishing revisited in 2023

By /u/0xcsandker

submitted by /u/0xcsandker
[link] [comments]

Related tags
- ❌
- r/netsec
February 9^th 2023 at 10:10

/r/netsec - Information Security News & Discussion
OpenSSH Pre-Auth Double Free - CVE-2023-25136 - Writeup and Proof-of-Concept
February 8^th 2023 at 17:33

OpenSSH Pre-Auth Double Free - CVE-2023-25136 - Writeup and Proof-of-Concept

By /u/n0llbyte

submitted by /u/n0llbyte
[link] [comments]

Related tags
- ❌
- r/netsec
February 8^th 2023 at 17:33

/r/netsec - Information Security News & Discussion
A Year in Review 2022: 100 vulnerabilities you should prioritize - PRIOn
February 8^th 2023 at 15:34

A Year in Review 2022: 100 vulnerabilities you should prioritize - PRIOn

By /u/gfekkas

submitted by /u/gfekkas
[link] [comments]

Related tags
- ❌
- r/netsec
February 8^th 2023 at 15:34

/r/netsec - Information Security News & Discussion
Rustproofing Linux (Part 1, Leaking Addresses)
February 8^th 2023 at 15:04

Rustproofing Linux (Part 1, Leaking Addresses)

By /u/Gallus

submitted by /u/Gallus
[link] [comments]

Related tags
- ❌
- r/netsec
February 8^th 2023 at 15:04

/r/netsec - Information Security News & Discussion
Top 10 web hacking techniques of 2022
February 8^th 2023 at 14:25

Top 10 web hacking techniques of 2022

By /u/Fugitif

submitted by /u/Fugitif
[link] [comments]

Related tags
- ❌
- r/netsec
February 8^th 2023 at 14:25

/r/netsec - Information Security News & Discussion
Fearless CORS: a design philosophy for CORS middleware libraries (and a Go implementation) :: jub0bs.com
February 8^th 2023 at 13:57

Fearless CORS: a design philosophy for CORS middleware libraries (and a Go implementation) :: jub0bs.com

By /u/jub0bs

submitted by /u/jub0bs
[link] [comments]

Related tags
- ❌
- r/netsec
February 8^th 2023 at 13:57

/r/netsec - Information Security News & Discussion
Dota 2 Under Attack: How a V8 Bug Was Exploited in the Game
February 8^th 2023 at 10:00

Dota 2 Under Attack: How a V8 Bug Was Exploited in the Game

By /u/stashing_the_smack

submitted by /u/stashing_the_smack
[link] [comments]

Related tags
- ❌
- r/netsec
February 8^th 2023 at 10:00

/r/netsec - Information Security News & Discussion
Recovery script for ESXiArgs ransomware
February 8^th 2023 at 00:36

Recovery script for ESXiArgs ransomware

By /u/YogiBerra88888

submitted by /u/YogiBerra88888
[link] [comments]

Related tags
- ❌
- r/netsec
February 8^th 2023 at 00:36

/r/netsec - Information Security News & Discussion
🔑 Introducing Matano Identity Data Lake for Open Source Cloud-Native SIEM!
February 7^th 2023 at 19:41

🔑 Introducing Matano Identity Data Lake for Open Source Cloud-Native SIEM!

By /u/shaeqahmed

submitted by /u/shaeqahmed
[link] [comments]

Related tags
- ❌
- r/netsec
February 7^th 2023 at 19:41

/r/netsec - Information Security News & Discussion
Post-Exploitation: Abusing the KeePass Plugin Cache
February 7^th 2023 at 18:27

Post-Exploitation: Abusing the KeePass Plugin Cache

By /u/guedou

submitted by /u/guedou
[link] [comments]

Related tags
- ❌
- r/netsec
February 7^th 2023 at 18:27

/r/netsec - Information Security News & Discussion
GitHub - mazen160/secrets-patterns-db: Secrets Patterns DB: A comprehensive open-source regex database for secret detection.
February 7^th 2023 at 16:24

GitHub - mazen160/secrets-patterns-db: Secrets Patterns DB: A comprehensive open-source regex database for secret detection.

By /u/mazen160

submitted by /u/mazen160
[link] [comments]

Related tags
- ❌
- r/netsec
February 7^th 2023 at 16:24

/r/netsec - Information Security News & Discussion
Discovering a weakness leading to a partial bypass of the login rate limiting in the AWS Console
February 7^th 2023 at 16:14

Discovering a weakness leading to a partial bypass of the login rate limiting in the AWS Console

By /u/thorn42

submitted by /u/thorn42
[link] [comments]

Related tags
- ❌
- r/netsec
February 7^th 2023 at 16:14

/r/netsec - Information Security News & Discussion
Tracing the Linux kernel using Exein Pulsar: a 5 Minute Tutorial
February 7^th 2023 at 14:59

Tracing the Linux kernel using Exein Pulsar: a 5 Minute Tutorial

By /u/hdtrinh

submitted by /u/hdtrinh
[link] [comments]

Related tags
- ❌
- r/netsec
February 7^th 2023 at 14:59

/r/netsec - Information Security News & Discussion
A Detailed Analysis of a New Stealer called Stealerium
February 7^th 2023 at 14:57

A Detailed Analysis of a New Stealer called Stealerium

By /u/CyberMasterV

submitted by /u/CyberMasterV
[link] [comments]

Related tags
- ❌
- r/netsec
February 7^th 2023 at 14:57

/r/netsec - Information Security News & Discussion
NETGEAR Nighthawk upnpd Pre-authentication Buffer Overflow
February 7^th 2023 at 09:55

NETGEAR Nighthawk upnpd Pre-authentication Buffer Overflow

By /u/luci_morningstart

submitted by /u/luci_morningstart
[link] [comments]

Related tags
- ❌
- r/netsec
February 7^th 2023 at 09:55

/r/netsec - Information Security News & Discussion
I Built a Self-Destructing USB Drive Part 3
February 7^th 2023 at 03:52

I Built a Self-Destructing USB Drive Part 3

By /u/Machinehum

submitted by /u/Machinehum
[link] [comments]

Related tags
- ❌
- r/netsec
February 7^th 2023 at 03:52

/r/netsec - Information Security News & Discussion
Hacking into Toyota's global supplier management network
February 6^th 2023 at 16:39

Hacking into Toyota's global supplier management network

By /u/EatonZ

submitted by /u/EatonZ
[link] [comments]

Related tags
- ❌
- r/netsec
February 6^th 2023 at 16:39

/r/netsec - Information Security News & Discussion
CVE-2022-44268 - Arbitrary File Read PoC - PNG generator
February 5^th 2023 at 19:22

CVE-2022-44268 - Arbitrary File Read PoC - PNG generator

By /u/voidz0r

submitted by /u/voidz0r
[link] [comments]

Related tags
- ❌
- r/netsec
February 5^th 2023 at 19:22

StarHound - CLI tool for importing BloodHound's Active Directory and Azure data (for latest SharpHound/AzureHound data collectors)

By /u/malacupa

submitted by /u/malacupa
[link] [comments]

Related tags
- ❌
- r/netsec
February 5^th 2023 at 11:56

/r/netsec - Information Security News & Discussion
The Defender's Guide to OneNote MalDocs
February 5^th 2023 at 10:46

The Defender's Guide to OneNote MalDocs

By /u/SuaveHobo

submitted by /u/SuaveHobo
[link] [comments]

Related tags
- ❌
- r/netsec
February 5^th 2023 at 10:46

/r/netsec - Information Security News & Discussion
Reversing UK mobile rail tickets
February 5^th 2023 at 05:28

Reversing UK mobile rail tickets

By /u/Gallus

submitted by /u/Gallus
[link] [comments]

Related tags
- ❌
- r/netsec
February 5^th 2023 at 05:28

/r/netsec - Information Security News & Discussion
DoS and arbitrary file read in (ImageMagick: The hidden vulnerability behind your online images)
February 4^th 2023 at 22:11

DoS and arbitrary file read in (ImageMagick: The hidden vulnerability behind your online images)

By /u/Mini_True

submitted by /u/Mini_True
[link] [comments]

Related tags
- ❌
- r/netsec
February 4^th 2023 at 22:11

/r/netsec - Information Security News & Discussion
Gartner Peer Insights widget - postMessage DOM XSS vulnerability
February 3^rd 2023 at 23:01

Gartner Peer Insights widget - postMessage DOM XSS vulnerability

By /u/Gallus

submitted by /u/Gallus
[link] [comments]

Related tags
- ❌
- r/netsec
February 3^rd 2023 at 23:01

/r/netsec - Information Security News & Discussion
PixPirate: a new Brazilian Banking Trojan | Cleafy LABS
February 3^rd 2023 at 14:38

PixPirate: a new Brazilian Banking Trojan | Cleafy LABS

By /u/f3d_0x0

submitted by /u/f3d_0x0
[link] [comments]

Related tags
- ❌
- r/netsec
February 3^rd 2023 at 14:38

/r/netsec - Information Security News & Discussion
Adobe Acrobat Reader - resetForm - CAgg UaF - RCE Exploit - CVE-2023-21608
February 3^rd 2023 at 02:58

Adobe Acrobat Reader - resetForm - CAgg UaF - RCE Exploit - CVE-2023-21608

By /u/hacksysteam

submitted by /u/hacksysteam
[link] [comments]

Related tags
- ❌
- r/netsec
February 3^rd 2023 at 02:58

/r/netsec - Information Security News & Discussion
Pre-Auth RCE in Aspera Faspex: Case Guide for Auditing Ruby on Rails
February 3^rd 2023 at 02:51

Pre-Auth RCE in Aspera Faspex: Case Guide for Auditing Ruby on Rails

By /u/Mempodipper

submitted by /u/Mempodipper
[link] [comments]

Related tags
- ❌
- r/netsec
February 3^rd 2023 at 02:51

/r/netsec - Information Security News & Discussion
TC39 proposal for mitigating prototype pollution
February 3^rd 2023 at 00:42

TC39 proposal for mitigating prototype pollution

By /u/Gallus

submitted by /u/Gallus
[link] [comments]

Related tags
- ❌
- r/netsec
February 3^rd 2023 at 00:42

/r/netsec - Information Security News & Discussion
Discovering Six Critical Docker Desktop Privilege Escalation Vulnerabilities. (Bonus: New OSS Tool!)
February 2^nd 2023 at 19:34

Discovering Six Critical Docker Desktop Privilege Escalation Vulnerabilities. (Bonus: New OSS Tool!)

By /u/jat0369

submitted by /u/jat0369
[link] [comments]

Related tags
- ❌
- r/netsec
February 2^nd 2023 at 19:34

/r/netsec - Information Security News & Discussion
GitHub - adityatelange/bhhb: Tool to view HTTP history exported from Burp Suite Community Edition
February 2^nd 2023 at 17:24

GitHub - adityatelange/bhhb: Tool to view HTTP history exported from Burp Suite Community Edition

By /u/adityatelange

submitted by /u/adityatelange
[link] [comments]

Related tags
- ❌
- r/netsec
February 2^nd 2023 at 17:24

/r/netsec - Information Security News & Discussion
The missing piece: the need for product management in security teams
February 2^nd 2023 at 16:26

The missing piece: the need for product management in security teams

By /u/sullivanmatt

submitted by /u/sullivanmatt
[link] [comments]

Related tags
- ❌
- r/netsec
February 2^nd 2023 at 16:26

/r/netsec - Information Security News & Discussion
EMBA - Automated firmware security scanner v1.2.1 released
February 2^nd 2023 at 14:50

EMBA - Automated firmware security scanner v1.2.1 released

By /u/_m-1-k-3_

submitted by /u/_m-1-k-3_
[link] [comments]

Related tags
- ❌
- r/netsec
February 2^nd 2023 at 14:50

/r/netsec - Information Security News & Discussion
An easy way to preview the content of an XML nmap file, in VS Code.
February 2^nd 2023 at 14:30

An easy way to preview the content of an XML nmap file, in VS Code.

By /u/j_bono

submitted by /u/j_bono
[link] [comments]

Related tags
- ❌
- r/netsec
February 2^nd 2023 at 14:30

/r/netsec - Information Security News & Discussion
Adobe Acrobat Reader - resetForm - CAgg UaF - RCE Exploit - CVE-2023-21608
February 2^nd 2023 at 12:48

Adobe Acrobat Reader - resetForm - CAgg UaF - RCE Exploit - CVE-2023-21608

By /u/hacksysteam

submitted by /u/hacksysteam
[link] [comments]

Related tags
- ❌
- r/netsec
February 2^nd 2023 at 12:48

/r/netsec - Information Security News & Discussion
Demystifiying SMPC (Secure multi-party computation) and its threat model
February 2^nd 2023 at 11:47

Demystifiying SMPC (Secure multi-party computation) and its threat model

By /u/hardenedvault

submitted by /u/hardenedvault
[link] [comments]

Related tags
- ❌
- r/netsec
February 2^nd 2023 at 11:47

/r/netsec - Information Security News & Discussion
Unserializable, but unreachable: Remote Code Execution on vBulletin
February 2^nd 2023 at 08:29

Unserializable, but unreachable: Remote Code Execution on vBulletin

By /u/cfambionics

submitted by /u/cfambionics
[link] [comments]

Related tags
- ❌
- r/netsec
February 2^nd 2023 at 08:29

/r/netsec - Information Security News & Discussion
Ronin 2.0.0 has finally been released! Ronin is a free and Open Source Ruby toolkit for security research and development.
February 1^st 2023 at 23:09

Ronin 2.0.0 has finally been released! Ronin is a free and Open Source Ruby toolkit for security research and development.

By /u/postmodern

submitted by /u/postmodern
[link] [comments]

Related tags
- ❌
- r/netsec
February 1^st 2023 at 23:09

/r/netsec - Information Security News & Discussion
HeadCrab: A Novel State-of-the-Art Redis Malware in a Global Campaign
February 1^st 2023 at 18:39

HeadCrab: A Novel State-of-the-Art Redis Malware in a Global Campaign

By /u/gfdgfbal

submitted by /u/gfdgfbal
[link] [comments]

Related tags
- ❌
- r/netsec
February 1^st 2023 at 18:39

/r/netsec - Information Security News & Discussion
Precision Munitions for Denial of Service
February 1^st 2023 at 14:40

Precision Munitions for Denial of Service

By /u/DevSec23

submitted by /u/DevSec23
[link] [comments]

Related tags
- ❌
- r/netsec
February 1^st 2023 at 14:40

/r/netsec - Information Security News & Discussion
CVE-2021-34462: Exploiting the Windows AppXSvc Service Logic-Error Vulnerability
February 1^st 2023 at 07:50

CVE-2021-34462: Exploiting the Windows AppXSvc Service Logic-Error Vulnerability

By /u/Gallus

submitted by /u/Gallus
[link] [comments]

Related tags
- ❌
- r/netsec
February 1^st 2023 at 07:50

/r/netsec - Information Security News & Discussion
RCE in Avaya Aura Device Services
February 1^st 2023 at 01:03

RCE in Avaya Aura Device Services

By /u/Mempodipper

submitted by /u/Mempodipper
[link] [comments]

Related tags
- ❌
- r/netsec
February 1^st 2023 at 01:03

/r/netsec - Information Security News & Discussion
Setting you up for failure: Exploring 2FA bypasses in web application settings page functionality
January 31^st 2023 at 22:15

Setting you up for failure: Exploring 2FA bypasses in web application settings page functionality

By /u/TheCrazyAcademic

I discuss an interesting attack vector which not many people do to possibly bypass 2 factor authentication in a web application.

submitted by /u/TheCrazyAcademic
[link] [comments]

Related tags
- ❌
- r/netsec
January 31^st 2023 at 22:15

/r/netsec - Information Security News & Discussion
TimeException: A tool to find folders excluded from AV real-time scanning using a time oracle
January 31^st 2023 at 18:25

TimeException: A tool to find folders excluded from AV real-time scanning using a time oracle

By /u/sanitybit

submitted by /u/sanitybit
[link] [comments]

Related tags
- ❌
- r/netsec
January 31^st 2023 at 18:25

/r/netsec - Information Security News & Discussion
Remote Command Execution in binwalk
January 31^st 2023 at 14:09

Remote Command Execution in binwalk

By /u/Gallus

submitted by /u/Gallus
[link] [comments]

Related tags
- ❌
- r/netsec
January 31^st 2023 at 14:09

/r/netsec - Information Security News & Discussion
Learning CodeQL - Going Beyond Grep
January 31^st 2023 at 12:57

Learning CodeQL - Going Beyond Grep

By /u/Gallus

submitted by /u/Gallus
[link] [comments]

Related tags
- ❌
- r/netsec
January 31^st 2023 at 12:57

/r/netsec - Information Security News & Discussion
Github reports unauthorized access to some Github Desktop and Atom repositories
January 31^st 2023 at 12:42

Github reports unauthorized access to some Github Desktop and Atom repositories

By /u/qwerty0x41

submitted by /u/qwerty0x41
[link] [comments]

Related tags
- ❌
- r/netsec
January 31^st 2023 at 12:42

/r/netsec - Information Security News & Discussion
The Good, Bad and Compromisable Aspects of Linux eBPF
January 31^st 2023 at 12:13

The Good, Bad and Compromisable Aspects of Linux eBPF

By /u/eberkut

submitted by /u/eberkut
[link] [comments]

Related tags
- ❌
- r/netsec
January 31^st 2023 at 12:13

/r/netsec - Information Security News & Discussion
VMware vRealize Log Insight VMSA-2023-0001 Technical Deep Dive and Exploit POC
January 31^st 2023 at 12:11

VMware vRealize Log Insight VMSA-2023-0001 Technical Deep Dive and Exploit POC

By /u/scopedsecurity

submitted by /u/scopedsecurity
[link] [comments]

Related tags
- ❌
- r/netsec
January 31^st 2023 at 12:11

/r/netsec - Information Security News & Discussion
Exposing Secrets Via AppSec Tools: The SonarQube Case
January 31^st 2023 at 11:29

Exposing Secrets Via AppSec Tools: The SonarQube Case

By /u/roy_6472

submitted by /u/roy_6472
[link] [comments]

Related tags
- ❌
- r/netsec
January 31^st 2023 at 11:29

/r/netsec - Information Security News & Discussion
How to identify and avoid malicious code in your software supply chain
January 31^st 2023 at 11:03

How to identify and avoid malicious code in your software supply chain

By /u/n0llbyte

submitted by /u/n0llbyte
[link] [comments]

Related tags
- ❌
- r/netsec
January 31^st 2023 at 11:03

/r/netsec - Information Security News & Discussion
Lockpicking The Lockout Policy For Information Correlation: Exploring the novel web app attack…
January 31^st 2023 at 03:42

Lockpicking The Lockout Policy For Information Correlation: Exploring the novel web app attack…

By /u/TheCrazyAcademic

Discussing a under rated sub bug class of Buisness Logic Flaws in web apps that deserves more attention.

submitted by /u/TheCrazyAcademic
[link] [comments]

Related tags
- ❌
- r/netsec
January 31^st 2023 at 03:42

/r/netsec - Information Security News & Discussion
CloudGPT - Use ChatGPT to analyze AWS policies for vulnerabilities
January 31^st 2023 at 02:31

CloudGPT - Use ChatGPT to analyze AWS policies for vulnerabilities

By /u/ustayready

submitted by /u/ustayready
[link] [comments]

Related tags
- ❌
- r/netsec
January 31^st 2023 at 02:31

/r/netsec - Information Security News & Discussion
Truffle Security is proud to host a new XSSHunter, that finds new vulnerabilities
January 30^th 2023 at 16:26

Truffle Security is proud to host a new XSSHunter, that finds new vulnerabilities

By /u/wifihack

submitted by /u/wifihack
[link] [comments]

Related tags
- ❌
- r/netsec
January 30^th 2023 at 16:26

/r/netsec - Information Security News & Discussion
DDoS attacks in Europe experienced a 73% increase in 2022 compared to the previous year
January 30^th 2023 at 15:38

DDoS attacks in Europe experienced a 73% increase in 2022 compared to the previous year

By /u/shapelez

submitted by /u/shapelez
[link] [comments]

Related tags
- ❌
- r/netsec
January 30^th 2023 at 15:38

/r/netsec - Information Security News & Discussion
Metasploit Framework 6.3 Released
January 30^th 2023 at 14:15

Metasploit Framework 6.3 Released

By /u/Fugitif

submitted by /u/Fugitif
[link] [comments]

Related tags
- ❌
- r/netsec
January 30^th 2023 at 14:15

/r/netsec - Information Security News & Discussion
FIM (File Integrity Monitor) proof-of-concept implementation
January 30^th 2023 at 12:15

FIM (File Integrity Monitor) proof-of-concept implementation

By /u/CsaProtocol

submitted by /u/CsaProtocol
[link] [comments]

Related tags
- ❌
- r/netsec
January 30^th 2023 at 12:15

/r/netsec - Information Security News & Discussion
This paper reinforces the belief that RSA isn't going to fall to Shor's Algorithm anytime soon
January 27^th 2023 at 18:36

This paper reinforces the belief that RSA isn't going to fall to Shor's Algorithm anytime soon

By /u/atoponce

submitted by /u/atoponce
[link] [comments]

Related tags
- ❌
- r/netsec
January 27^th 2023 at 18:36

/r/netsec - Information Security News & Discussion
Public Disclosure for CVE-2022-42475
January 30^th 2023 at 01:44

Public Disclosure for CVE-2022-42475

By /u/BlackCatNeo

submitted by /u/BlackCatNeo
[link] [comments]

Related tags
- ❌
- r/netsec
January 30^th 2023 at 01:44