There are new available articles, click to refresh the page.

Before yesterday/r/netsec - Information Security News & Discussion

/r/netsec - Information Security News & Discussion
Easy Pentest Reporting Tool SysReptor released (Community Edition)
May 2^nd 2023 at 13:52

Easy Pentest Reporting Tool SysReptor released (Community Edition)

By /u/Pleasant-Drawer729

submitted by /u/Pleasant-Drawer729
[link] [comments]

Related tags
- ❌
- r/netsec
May 2^nd 2023 at 13:52

/r/netsec - Information Security News & Discussion
Databricks platform root privilege escalation and bypassing cluster isolation
May 2^nd 2023 at 13:12

Databricks platform root privilege escalation and bypassing cluster isolation

By /u/0x9000

submitted by /u/0x9000
[link] [comments]

Related tags
- ❌
- r/netsec
May 2^nd 2023 at 13:12

/r/netsec - Information Security News & Discussion
Exploiting an Order of Operations Bug to Achieve RCE in Oracle Opera
May 2^nd 2023 at 04:19

Exploiting an Order of Operations Bug to Achieve RCE in Oracle Opera

By /u/Mempodipper

submitted by /u/Mempodipper
[link] [comments]

Related tags
- ❌
- r/netsec
May 2^nd 2023 at 04:19

/r/netsec - Information Security News & Discussion
CoinMiner (KONO DIO DA) Distributed to Linux SSH Servers
May 2^nd 2023 at 03:23

CoinMiner (KONO DIO DA) Distributed to Linux SSH Servers

By /u/montouesto

submitted by /u/montouesto
[link] [comments]

Related tags
- ❌
- r/netsec
May 2^nd 2023 at 03:23

/r/netsec - Information Security News & Discussion
[PAPERBUG] Nomadic Octopus’ Paperbug Campaign
May 1^st 2023 at 16:36

[PAPERBUG] Nomadic Octopus’ Paperbug Campaign

By /u/wtfse

submitted by /u/wtfse
[link] [comments]

Related tags
- ❌
- r/netsec
May 1^st 2023 at 16:36

/r/netsec - Information Security News & Discussion
Practical Risks to Machine Learning Systems -- Pickle Serialization of Shared Models
May 1^st 2023 at 15:41

Practical Risks to Machine Learning Systems -- Pickle Serialization of Shared Models

By /u/SUPACOMPUTA

submitted by /u/SUPACOMPUTA
[link] [comments]

Related tags
- ❌
- r/netsec
May 1^st 2023 at 15:41

Azure DevOps CICD Pipelines - Command Injection with Parameters, Variables and a discussion on Runner hijacking

By /u/MysteriousHotel3017

submitted by /u/MysteriousHotel3017
[link] [comments]

Related tags
- ❌
- r/netsec
May 1^st 2023 at 08:42

/r/netsec - Information Security News & Discussion
Sharing a tool I developed to help Blue Teamers discover Persistence on Windows - please check it out!
April 30^th 2023 at 13:52

Sharing a tool I developed to help Blue Teamers discover Persistence on Windows - please check it out!

By /u/panscanner

submitted by /u/panscanner
[link] [comments]

Related tags
- ❌
- r/netsec
April 30^th 2023 at 13:52

/r/netsec - Information Security News & Discussion
Elastic Security Labs discovers the LOBSHOT malware
April 30^th 2023 at 12:10

Elastic Security Labs discovers the LOBSHOT malware

By /u/montouesto

submitted by /u/montouesto
[link] [comments]

Related tags
- ❌
- r/netsec
April 30^th 2023 at 12:10

assetnote/ghostbuster: Eliminate dangling elastic IPs by performing analysis on your resources within all your AWS accounts.

By /u/Mempodipper

submitted by /u/Mempodipper
[link] [comments]

Related tags
- ❌
- r/netsec
April 30^th 2023 at 12:08

/r/netsec - Information Security News & Discussion
Automate Burp Certificate Installation on Android with ChatGPT's Python Tool
April 30^th 2023 at 05:25

Automate Burp Certificate Installation on Android with ChatGPT's Python Tool

By /u/Ano_F

submitted by /u/Ano_F
[link] [comments]

Related tags
- ❌
- r/netsec
April 30^th 2023 at 05:25

/r/netsec - Information Security News & Discussion
State of DNS Rebinding in 2023
April 29^th 2023 at 00:50

State of DNS Rebinding in 2023

By /u/Tough_Indication_710

submitted by /u/Tough_Indication_710
[link] [comments]

Related tags
- ❌
- r/netsec
April 29^th 2023 at 00:50

/r/netsec - Information Security News & Discussion
How Cloud Environments Are Exploited for Smishing Campaigns
April 28^th 2023 at 17:55

How Cloud Environments Are Exploited for Smishing Campaigns

By /u/permis0

submitted by /u/permis0
[link] [comments]

Related tags
- ❌
- r/netsec
April 28^th 2023 at 17:55

/r/netsec - Information Security News & Discussion
Chinese Alloy Taurus Updates PingPull Malware
April 28^th 2023 at 12:54

Chinese Alloy Taurus Updates PingPull Malware

By /u/EspoJ

submitted by /u/EspoJ
[link] [comments]

Related tags
- ❌
- r/netsec
April 28^th 2023 at 12:54

/r/netsec - Information Security News & Discussion
Finding XSS in a million websites (cPanel CVE-2023-29489)
April 27^th 2023 at 01:12

Finding XSS in a million websites (cPanel CVE-2023-29489)

By /u/Mempodipper

submitted by /u/Mempodipper
[link] [comments]

Related tags
- ❌
- r/netsec
April 27^th 2023 at 01:12

/r/netsec - Information Security News & Discussion
Microsoft Exchange Powershell Remoting Deserialization leading to RCE (CVE-2023-21707)
April 28^th 2023 at 10:39

Microsoft Exchange Powershell Remoting Deserialization leading to RCE (CVE-2023-21707)

By /u/scopedsecurity

submitted by /u/scopedsecurity
[link] [comments]

Related tags
- ❌
- r/netsec
April 28^th 2023 at 10:39

CVE-2022-37955: Vulnerability in Microsoft Windows Group Policy Updates Leads to Improper Link Resolution Before File Access (Privilege Escalation CWE-59)

By /u/usdAG

submitted by /u/usdAG
[link] [comments]

Related tags
- ❌
- r/netsec
April 28^th 2023 at 09:13

/r/netsec - Information Security News & Discussion
Dissecting Npm Malware: Five Packages And Their Evil Install Scripts
April 28^th 2023 at 07:48

Dissecting Npm Malware: Five Packages And Their Evil Install Scripts

By /u/sculabobone

submitted by /u/sculabobone
[link] [comments]

Related tags
- ❌
- r/netsec
April 28^th 2023 at 07:48

/r/netsec - Information Security News & Discussion
Android greybox fuzzing with AFL++ Frida mode
April 27^th 2023 at 16:36

Android greybox fuzzing with AFL++ Frida mode

By /u/jeandrew

submitted by /u/jeandrew
[link] [comments]

Related tags
- ❌
- r/netsec
April 27^th 2023 at 16:36

/r/netsec - Information Security News & Discussion
Odoo: Get your Content Type right, or else! (CVE-2023-1434)
April 27^th 2023 at 13:59

Odoo: Get your Content Type right, or else! (CVE-2023-1434)

By /u/monoimpact

submitted by /u/monoimpact
[link] [comments]

Related tags
- ❌
- r/netsec
April 27^th 2023 at 13:59

/r/netsec - Information Security News & Discussion
User impersonation via stolen UUID code in KeyCloak (CVE-2023-0264)
April 27^th 2023 at 12:30

User impersonation via stolen UUID code in KeyCloak (CVE-2023-0264)

By /u/Offensity

submitted by /u/Offensity
[link] [comments]

Related tags
- ❌
- r/netsec
April 27^th 2023 at 12:30

/r/netsec - Information Security News & Discussion
Introducing DeepSecrets: a better appsec tool for secrets scanning
April 27^th 2023 at 12:03

Introducing DeepSecrets: a better appsec tool for secrets scanning

By /u/surfaceflinger

submitted by /u/surfaceflinger
[link] [comments]

Related tags
- ❌
- r/netsec
April 27^th 2023 at 12:03

/r/netsec - Information Security News & Discussion
Smash PostScript Interpreters Using a Syntax-Aware Fuzzer
April 27^th 2023 at 09:36

Smash PostScript Interpreters Using a Syntax-Aware Fuzzer

By /u/Gallus

submitted by /u/Gallus
[link] [comments]

Related tags
- ❌
- r/netsec
April 27^th 2023 at 09:36

/r/netsec - Information Security News & Discussion
Fastly 0day: Malformed HTTP/1.1 Request Causes out of Memory Error Within H2O Server
April 27^th 2023 at 06:22

Fastly 0day: Malformed HTTP/1.1 Request Causes out of Memory Error Within H2O Server

By /u/geoffreyhuntley

submitted by /u/geoffreyhuntley
[link] [comments]

Related tags
- ❌
- r/netsec
April 27^th 2023 at 06:22

RDP is susceptible to a transparent Net-NTLMv2 hash-stealing attack. When disclosed, Microsoft responded: “not a vulnerability, […] by design”.

By /u/obilodeau

submitted by /u/obilodeau
[link] [comments]

Related tags
- ❌
- r/netsec
April 26^th 2023 at 14:43

/r/netsec - Information Security News & Discussion
Secure Your Infrastructure as Code with These DevOps Best Practices (+ Free Cheat Sheet)
April 26^th 2023 at 13:25

Secure Your Infrastructure as Code with These DevOps Best Practices (+ Free Cheat Sheet)

By /u/segtekdev

submitted by /u/segtekdev
[link] [comments]

Related tags
- ❌
- r/netsec
April 26^th 2023 at 13:25

/r/netsec - Information Security News & Discussion
So you think you can block Macros?
April 26^th 2023 at 07:42

So you think you can block Macros?

By /u/munrobotic

A great blog post from Outflank, and a must-read for CISOs and technical blue teams! The post outlines common controls and strategies deployed to mitigate Microsoft Office macro security issues. They also introduce LOLdocs from a recent Brucon talk, detailing how vulnerabilities in signed #microsoft Office content might be abused to bypass even strictly configured MS Office installs. Awesome.

submitted by /u/munrobotic
[link] [comments]

Related tags
- ❌
- r/netsec
April 26^th 2023 at 07:42

TheR1D/shell_gpt: A command-line productivity tool powered by ChatGPT, will help you accomplish your tasks faster and more efficiently.

By /u/meowerguy

submitted by /u/meowerguy
[link] [comments]

Related tags
- ❌
- r/netsec
April 26^th 2023 at 05:26

/r/netsec - Information Security News & Discussion
codingo/dorky: A tool to automate dorking of Github/Shodan and a variety of other sources
April 26^th 2023 at 05:26

codingo/dorky: A tool to automate dorking of Github/Shodan and a variety of other sources

By /u/meowerguy

submitted by /u/meowerguy
[link] [comments]

Related tags
- ❌
- r/netsec
April 26^th 2023 at 05:26

/r/netsec - Information Security News & Discussion
Capturing the Flag with GPT-4
April 25^th 2023 at 15:45

Capturing the Flag with GPT-4

By /u/_vavkamil_

submitted by /u/_vavkamil_
[link] [comments]

Related tags
- ❌
- r/netsec
April 25^th 2023 at 15:45

/r/netsec - Information Security News & Discussion
CVE-2023-27524: Insecure Default Configuration in Apache Superset Leads to Remote Code Execution
April 25^th 2023 at 11:53

CVE-2023-27524: Insecure Default Configuration in Apache Superset Leads to Remote Code Execution

By /u/scopedsecurity

submitted by /u/scopedsecurity
[link] [comments]

Related tags
- ❌
- r/netsec
April 25^th 2023 at 11:53

/r/netsec - Information Security News & Discussion
Intel Trust Domain Extensions (TDX) Security Review by Google Project Zero
April 25^th 2023 at 07:40

Intel Trust Domain Extensions (TDX) Security Review by Google Project Zero

By /u/poltess0

submitted by /u/poltess0
[link] [comments]

Related tags
- ❌
- r/netsec
April 25^th 2023 at 07:40

/r/netsec - Information Security News & Discussion
KeepassXC audit report
April 25^th 2023 at 06:13

KeepassXC audit report

By /u/Blocikinio

submitted by /u/Blocikinio
[link] [comments]

Related tags
- ❌
- r/netsec
April 25^th 2023 at 06:13

/r/netsec - Information Security News & Discussion
How AI helps keeping Gmail inboxes malware free
April 25^th 2023 at 02:05

How AI helps keeping Gmail inboxes malware free

By /u/ebursztein

submitted by /u/ebursztein
[link] [comments]

Related tags
- ❌
- r/netsec
April 25^th 2023 at 02:05

/r/netsec - Information Security News & Discussion
New .NET Malware “WhiteSnake” Targets Python Developers, Uses Tor for C&C Communication
April 24^th 2023 at 19:24

New .NET Malware “WhiteSnake” Targets Python Developers, Uses Tor for C&C Communication

By /u/SRMish3

submitted by /u/SRMish3
[link] [comments]

Related tags
- ❌
- r/netsec
April 24^th 2023 at 19:24

/r/netsec - Information Security News & Discussion
Book Review: Red Team Blues
April 24^th 2023 at 17:31

Book Review: Red Team Blues

By /u/feross

submitted by /u/feross
[link] [comments]

Related tags
- ❌
- r/netsec
April 24^th 2023 at 17:31

/r/netsec - Information Security News & Discussion
3D-Printable BusKill (USB Dead Man Switch) Prototype
April 24^th 2023 at 17:22

3D-Printable BusKill (USB Dead Man Switch) Prototype

By /u/maltfield

submitted by /u/maltfield
[link] [comments]

Related tags
- ❌
- r/netsec
April 24^th 2023 at 17:22

/r/netsec - Information Security News & Discussion
c0c0n XVI | The cy0ps c0n - Call For Papers & Call For Workshops
April 24^th 2023 at 15:48

c0c0n XVI | The cy0ps c0n - Call For Papers & Call For Workshops

By /u/pr4jwal

submitted by /u/pr4jwal
[link] [comments]

Related tags
- ❌
- r/netsec
April 24^th 2023 at 15:48

/r/netsec - Information Security News & Discussion
Detecting and decrypting Sliver C2 – a threat hunter's guide
April 24^th 2023 at 15:00

Detecting and decrypting Sliver C2 – a threat hunter's guide

By /u/kev-thehermit

submitted by /u/kev-thehermit
[link] [comments]

Related tags
- ❌
- r/netsec
April 24^th 2023 at 15:00

/r/netsec - Information Security News & Discussion
Eating 4 Day Old Sushi - Replicating the SushiSwap Blockchain Hack (Blog and Live Video)
April 24^th 2023 at 14:49

Eating 4 Day Old Sushi - Replicating the SushiSwap Blockchain Hack (Blog and Live Video)

By /u/mdulin2

submitted by /u/mdulin2
[link] [comments]

Related tags
- ❌
- r/netsec
April 24^th 2023 at 14:49

/r/netsec - Information Security News & Discussion
PaperCut CVE-2023-27350 Deep Dive, Indicators of Compromise, and Exploit POC
April 24^th 2023 at 11:23

PaperCut CVE-2023-27350 Deep Dive, Indicators of Compromise, and Exploit POC

By /u/scopedsecurity

submitted by /u/scopedsecurity
[link] [comments]

Related tags
- ❌
- r/netsec
April 24^th 2023 at 11:23

/r/netsec - Information Security News & Discussion
First-Ever Attack Leveraging Kubernetes RBAC to Backdoor Clusters
April 22^nd 2023 at 02:28

First-Ever Attack Leveraging Kubernetes RBAC to Backdoor Clusters

By /u/RetiredReverser

submitted by /u/RetiredReverser
[link] [comments]

Related tags
- ❌
- r/netsec
April 22^nd 2023 at 02:28

/r/netsec - Information Security News & Discussion
RCE via WebView; Telegram Web, external links; and IP leak; Leak users behind anonymous channel posts.
April 21^st 2023 at 12:38

RCE via WebView; Telegram Web, external links; and IP leak; Leak users behind anonymous channel posts.

By /u/davtur19

submitted by /u/davtur19
[link] [comments]

Related tags
- ❌
- r/netsec
April 21^st 2023 at 12:38

/r/netsec - Information Security News & Discussion
GCP Cloud Function Abuse
April 24^th 2023 at 01:14

GCP Cloud Function Abuse

By /u/debifrank

submitted by /u/debifrank
[link] [comments]

Related tags
- ❌
- r/netsec
April 24^th 2023 at 01:14

/r/netsec - Information Security News & Discussion
Generative AI Design Best Practices for Web Applications
April 23^rd 2023 at 13:31

Generative AI Design Best Practices for Web Applications

By /u/kerberosmansour

submitted by /u/kerberosmansour
[link] [comments]

Related tags
- ❌
- r/netsec
April 23^rd 2023 at 13:31

ThePhish: an automated phishing email analysis tool - A new version will come when the Python API for TheHive 5 becomes stable, so stay tuned!

By /u/emalderson

submitted by /u/emalderson
[link] [comments]

Related tags
- ❌
- r/netsec
April 22^nd 2023 at 11:55

/r/netsec - Information Security News & Discussion
Vulkan Files
April 22^nd 2023 at 10:54

Vulkan Files

By /u/Snoo_27235

submitted by /u/Snoo_27235
[link] [comments]

Related tags
- ❌
- r/netsec
April 22^nd 2023 at 10:54

/r/netsec - Information Security News & Discussion
The Most Dangerous Codec in the World: Finding and Exploiting Vulnerabilities in H.264 Decoders
April 22^nd 2023 at 02:49

The Most Dangerous Codec in the World: Finding and Exploiting Vulnerabilities in H.264 Decoders

By /u/1esproc

submitted by /u/1esproc
[link] [comments]

Related tags
- ❌
- r/netsec
April 22^nd 2023 at 02:49

/r/netsec - Information Security News & Discussion
Hiding in Plain Sight: Unlinking Malicious DLLs from the PEB
April 21^st 2023 at 20:35

Hiding in Plain Sight: Unlinking Malicious DLLs from the PEB

By /u/thorn42

submitted by /u/thorn42
[link] [comments]

Related tags
- ❌
- r/netsec
April 21^st 2023 at 20:35

/r/netsec - Information Security News & Discussion
Compromising Garmin's Sport Watches: A Deep Dive into GarminOS and its MonkeyC Virtual Machine - Anvil Secure
April 21^st 2023 at 16:42

Compromising Garmin's Sport Watches: A Deep Dive into GarminOS and its MonkeyC Virtual Machine - Anvil Secure

By /u/anvilventures

submitted by /u/anvilventures
[link] [comments]

Related tags
- ❌
- r/netsec
April 21^st 2023 at 16:42

/r/netsec - Information Security News & Discussion
Qakbot Malware Continues to Morph
April 21^st 2023 at 15:59

Qakbot Malware Continues to Morph

By /u/RetiredReverser

submitted by /u/RetiredReverser
[link] [comments]

Related tags
- ❌
- r/netsec
April 21^st 2023 at 15:59

/r/netsec - Information Security News & Discussion
8220 Gang Uses Log4Shell Vulnerability to Install CoinMiner
April 21^st 2023 at 15:58

8220 Gang Uses Log4Shell Vulnerability to Install CoinMiner

By /u/RetiredReverser

submitted by /u/RetiredReverser
[link] [comments]

Related tags
- ❌
- r/netsec
April 21^st 2023 at 15:58

/r/netsec - Information Security News & Discussion
The Case Against Automatic Dependency Updates
April 21^st 2023 at 15:49

The Case Against Automatic Dependency Updates

By /u/DevSec23

Are automatic dependency updates always a good idea?

submitted by /u/DevSec23
[link] [comments]

Related tags
- ❌
- r/netsec
April 21^st 2023 at 15:49

/r/netsec - Information Security News & Discussion
Windows Secrets Extraction
April 21^st 2023 at 14:26

Windows Secrets Extraction

By /u/Gallus

submitted by /u/Gallus
[link] [comments]

Related tags
- ❌
- r/netsec
April 21^st 2023 at 14:26

/r/netsec - Information Security News & Discussion
8220 Gang Uses Log4Shell Vulnerability to Install CoinMiner
April 21^st 2023 at 05:40

8220 Gang Uses Log4Shell Vulnerability to Install CoinMiner

By /u/montouesto

submitted by /u/montouesto
[link] [comments]

Related tags
- ❌
- r/netsec
April 21^st 2023 at 05:40

/r/netsec - Information Security News & Discussion
Multiple Vulnerabilities found in Docker Desktop - privesc, code execution, file overwrite/delete and more.
April 20^th 2023 at 14:53

Multiple Vulnerabilities found in Docker Desktop - privesc, code execution, file overwrite/delete and more.

By /u/jat0369

submitted by /u/jat0369
[link] [comments]

Related tags
- ❌
- r/netsec
April 20^th 2023 at 14:53

/r/netsec - Information Security News & Discussion
The Fuzzing Guide to the Galaxy: An Attempt with Android System Services
April 20^th 2023 at 13:39

The Fuzzing Guide to the Galaxy: An Attempt with Android System Services

By /u/poltess0

submitted by /u/poltess0
[link] [comments]

Related tags
- ❌
- r/netsec
April 20^th 2023 at 13:39

/r/netsec - Information Security News & Discussion
Generating Deserialization Payloads for MessagePack C#’s Typeless Mode
April 20^th 2023 at 12:57

Generating Deserialization Payloads for MessagePack C#’s Typeless Mode

By /u/NetwrixSecurity

submitted by /u/NetwrixSecurity
[link] [comments]

Related tags
- ❌
- r/netsec
April 20^th 2023 at 12:57

/r/netsec - Information Security News & Discussion
CVE-2023-29084 Command injection in ManageEngine ADManager Plus
April 20^th 2023 at 12:08

CVE-2023-29084 Command injection in ManageEngine ADManager Plus

By /u/nirohf

submitted by /u/nirohf
[link] [comments]

Related tags
- ❌
- r/netsec
April 20^th 2023 at 12:08

/r/netsec - Information Security News & Discussion
‘AuKill’ EDR killer malware abuses Process Explorer driver
April 19^th 2023 at 23:41

‘AuKill’ EDR killer malware abuses Process Explorer driver

By /u/montouesto

submitted by /u/montouesto
[link] [comments]

Related tags
- ❌
- r/netsec
April 19^th 2023 at 23:41