Research presented on DEF CON 31 that demonstrates how the Windows containers isolation framework (wcifs.sys), which is loaded on every modern Windows system by default, can be abused to bypass EDR file system malware protection, file/folder write restrictions and I/O ETW log-based correlations.

submitted by /u/Daniel24z25
[link] [comments]

Related tags
- ❌
- r/netsec
August 31^st 2023 at 07:42

/r/netsec - Information Security News & Discussion
Bypassing Defender’s LSASS dump detection and PPL protection In Go
August 30^th 2023 at 17:00

Bypassing Defender’s LSASS dump detection and PPL protection In Go

By /u/tasty-pepperoni

submitted by /u/tasty-pepperoni
[link] [comments]

Related tags
- ❌
- r/netsec
August 30^th 2023 at 17:00

/r/netsec - Information Security News & Discussion
NosyMonkey: API hooking and code injection made easy! - Anvil Secure
August 30^th 2023 at 16:30

NosyMonkey: API hooking and code injection made easy! - Anvil Secure

By /u/anvilventures

submitted by /u/anvilventures
[link] [comments]

Related tags
- ❌
- r/netsec
August 30^th 2023 at 16:30

/r/netsec - Information Security News & Discussion
GitHub - APT64/EternalHushFramework: EternalHush - new free advanced open-source c2 framework
August 30^th 2023 at 15:47

GitHub - APT64/EternalHushFramework: EternalHush - new free advanced open-source c2 framework

By /u/novkira03

submitted by /u/novkira03
[link] [comments]

Related tags
- ❌
- r/netsec
August 30^th 2023 at 15:47

/r/netsec - Information Security News & Discussion
Anti-Deepfake Proposal
August 30^th 2023 at 13:44

Anti-Deepfake Proposal

By /u/endless

submitted by /u/endless
[link] [comments]

Related tags
- ❌
- r/netsec
August 30^th 2023 at 13:44

/r/netsec - Information Security News & Discussion
NetHunter Hacker VIII: Wi-Fi hacking using wifite, deauthentication and wardriving
August 30^th 2023 at 11:57

NetHunter Hacker VIII: Wi-Fi hacking using wifite, deauthentication and wardriving

By /u/barakadua131

submitted by /u/barakadua131
[link] [comments]

Related tags
- ❌
- r/netsec
August 30^th 2023 at 11:57

/r/netsec - Information Security News & Discussion
Extending Burp Suite for fun and profit - The Montoya way - Part 4
August 30^th 2023 at 10:34

Extending Burp Suite for fun and profit - The Montoya way - Part 4

By /u/0xdea

submitted by /u/0xdea
[link] [comments]

Related tags
- ❌
- r/netsec
August 30^th 2023 at 10:34

/r/netsec - Information Security News & Discussion
nvflashk - Flash any BIOS to NVIDIA GPUs - Safe board ID bypass up to 4xxx series
August 30^th 2023 at 10:23

nvflashk - Flash any BIOS to NVIDIA GPUs - Safe board ID bypass up to 4xxx series

By /u/hardenedvault

submitted by /u/hardenedvault
[link] [comments]

Related tags
- ❌
- r/netsec
August 30^th 2023 at 10:23

/r/netsec - Information Security News & Discussion
Analysis of Obfuscation Techniques Found in Apple FairPlay
August 30^th 2023 at 09:26

Analysis of Obfuscation Techniques Found in Apple FairPlay

By /u/nicolodev

submitted by /u/nicolodev
[link] [comments]

Related tags
- ❌
- r/netsec
August 30^th 2023 at 09:26

/r/netsec - Information Security News & Discussion
Diving into Starlink's User Terminal Firmware
August 30^th 2023 at 08:37

Diving into Starlink's User Terminal Firmware

By /u/guedou

submitted by /u/guedou
[link] [comments]

Related tags
- ❌
- r/netsec
August 30^th 2023 at 08:37

/r/netsec - Information Security News & Discussion
Thousands of Organizations Vulnerable to Subdomain Hijacking
August 30^th 2023 at 06:31

Thousands of Organizations Vulnerable to Subdomain Hijacking

By /u/ma-ni

submitted by /u/ma-ni
[link] [comments]

Related tags
- ❌
- r/netsec
August 30^th 2023 at 06:31

/r/netsec - Information Security News & Discussion
Getting into AWS cloud security research as a n00bcake
August 29^th 2023 at 22:28

Getting into AWS cloud security research as a n00bcake

By /u/ScottContini

submitted by /u/ScottContini
[link] [comments]

Related tags
- ❌
- r/netsec
August 29^th 2023 at 22:28

/r/netsec - Information Security News & Discussion
Google Cloud Functions are Secure, only if you know how to use them!
August 29^th 2023 at 20:51

Google Cloud Functions are Secure, only if you know how to use them!

By /u/Necessary-Reality-80

submitted by /u/Necessary-Reality-80
[link] [comments]

Related tags
- ❌
- r/netsec
August 29^th 2023 at 20:51

/r/netsec - Information Security News & Discussion
dtlspipe - like `stunnel`, but for UDP
August 29^th 2023 at 20:02

dtlspipe - like `stunnel`, but for UDP

By /u/yarmak

submitted by /u/yarmak
[link] [comments]

Related tags
- ❌
- r/netsec
August 29^th 2023 at 20:02

/r/netsec - Information Security News & Discussion
Kinsing Malware Exploits Novel Openfire Vulnerability
August 29^th 2023 at 17:23

Kinsing Malware Exploits Novel Openfire Vulnerability

By /u/Easy-Bumblebee2503

submitted by /u/Easy-Bumblebee2503
[link] [comments]

Related tags
- ❌
- r/netsec
August 29^th 2023 at 17:23

/r/netsec - Information Security News & Discussion
Grave flaws in BGP Error handling
August 29^th 2023 at 12:21

Grave flaws in BGP Error handling

By /u/moviuro

submitted by /u/moviuro
[link] [comments]

Related tags
- ❌
- r/netsec
August 29^th 2023 at 12:21

/r/netsec - Information Security News & Discussion
Reinforcement learning environment for automated blue team operations
August 29^th 2023 at 10:58

Reinforcement learning environment for automated blue team operations

By /u/limmen

submitted by /u/limmen
[link] [comments]

Related tags
- ❌
- r/netsec
August 29^th 2023 at 10:58

/r/netsec - Information Security News & Discussion
Leaking File Contents with a Blind File Oracle in Flarum
August 29^th 2023 at 03:44

Leaking File Contents with a Blind File Oracle in Flarum

By /u/Mempodipper

submitted by /u/Mempodipper
[link] [comments]

Related tags
- ❌
- r/netsec
August 29^th 2023 at 03:44

/r/netsec - Information Security News & Discussion
Multiple Vulnerabilities Found in Techview LA-5570 Wireless Gateway Home Automation Controller
August 28^th 2023 at 23:09

Multiple Vulnerabilities Found in Techview LA-5570 Wireless Gateway Home Automation Controller

By /u/9lyph

CVE-2023-34723

Vulnerability Type: Directory Indexing, allows a threat actor to list the contents of specific directories outside of the web root context.

CVE-2023-34724

Vulnerability Type: On-Chip Debug and Test Interface With Improper Access Control, allows a threat actor unrestricted access to the root filesystem using an exposed UART interface, without the need for authentication.

CVE-2023-34725

Vulnerability Type: Incorrect Access Control, allows a threat actor access to sensitive systems configuration files without proper authentication or authorisation.

submitted by /u/9lyph
[link] [comments]