There are new available articles, click to refresh the page.

Before yesterday/r/netsec - Information Security News & Discussion

/r/netsec - Information Security News & Discussion
Evolution of UNC4990: Uncovering USB Malware's Hidden Depths
February 12^th 2024 at 10:10

Evolution of UNC4990: Uncovering USB Malware's Hidden Depths

By /u/lormayna

submitted by /u/lormayna
[link] [comments]

Related tags
- ❌
- r/netsec
February 12^th 2024 at 10:10

/r/netsec - Information Security News & Discussion
SQLMap Cheat Sheet - Commands & Examples
February 12^th 2024 at 09:43

SQLMap Cheat Sheet - Commands & Examples

By /u/HighOnCoffee

submitted by /u/HighOnCoffee
[link] [comments]

Related tags
- ❌
- r/netsec
February 12^th 2024 at 09:43

/r/netsec - Information Security News & Discussion
ChatGPT Account Takeover via Wildcard Web Cache Deception
February 12^th 2024 at 08:21

ChatGPT Account Takeover via Wildcard Web Cache Deception

By /u/albinowax

submitted by /u/albinowax
[link] [comments]

Related tags
- ❌
- r/netsec
February 12^th 2024 at 08:21

/r/netsec - Information Security News & Discussion
Breach Analysis: APT29’s Attack on Microsoft - Password Spray & OAuth abuse.
February 12^th 2024 at 03:39

Breach Analysis: APT29’s Attack on Microsoft - Password Spray & OAuth abuse.

By /u/jat0369

submitted by /u/jat0369
[link] [comments]

Related tags
- ❌
- r/netsec
February 12^th 2024 at 03:39

NidhoggScript is a tool to generate "script" file that allows execution of multiple commands and creating playbooks for Nidhogg (https://github.com/Idov31/Nidhogg)

By /u/Idov31

submitted by /u/Idov31
[link] [comments]

Related tags
- ❌
- r/netsec
February 11^th 2024 at 14:54

/r/netsec - Information Security News & Discussion
A Beginner's Guide to Tracking Malware Infrastructure
February 11^th 2024 at 13:04

A Beginner's Guide to Tracking Malware Infrastructure

By /u/Embeere

submitted by /u/Embeere
[link] [comments]

Related tags
- ❌
- r/netsec
February 11^th 2024 at 13:04

/r/netsec - Information Security News & Discussion
Troy Hunt: How Spoutible’s Leaky API Spurted out a Deluge of Personal Data
February 11^th 2024 at 12:38

Troy Hunt: How Spoutible’s Leaky API Spurted out a Deluge of Personal Data

By /u/campuscodi

submitted by /u/campuscodi
[link] [comments]

Related tags
- ❌
- r/netsec
February 11^th 2024 at 12:38

/r/netsec - Information Security News & Discussion
appsec.guide just got a new chapter on fuzzing!
February 11^th 2024 at 09:57

appsec.guide just got a new chapter on fuzzing!

By /u/maxammann

submitted by /u/maxammann
[link] [comments]

Related tags
- ❌
- r/netsec
February 11^th 2024 at 09:57

/r/netsec - Information Security News & Discussion
Practical WPA2 Security Assessment of Wireless Routers
February 10^th 2024 at 15:45

Practical WPA2 Security Assessment of Wireless Routers

By /u/wirelessbits

submitted by /u/wirelessbits
[link] [comments]

Related tags
- ❌
- r/netsec
February 10^th 2024 at 15:45

/r/netsec - Information Security News & Discussion
I Know What Your Password Was Last Summer...
February 9^th 2024 at 18:46

I Know What Your Password Was Last Summer...

By /u/ZephrX112

submitted by /u/ZephrX112
[link] [comments]

Related tags
- ❌
- r/netsec
February 9^th 2024 at 18:46

/r/netsec - Information Security News & Discussion
How is the NVD being used by security analysts? Are there any problems with the NVD? Help us in an academic survey!
February 8^th 2024 at 17:11

How is the NVD being used by security analysts? Are there any problems with the NVD? Help us in an academic survey!

By /u/faui1-study

submitted by /u/faui1-study
[link] [comments]

Related tags
- ❌
- r/netsec
February 8^th 2024 at 17:11

/r/netsec - Information Security News & Discussion
JSON Smuggling: A far-fetched intrusion detection evasion technique
February 9^th 2024 at 10:16

JSON Smuggling: A far-fetched intrusion detection evasion technique

By /u/Robbedoes_

submitted by /u/Robbedoes_
[link] [comments]

Related tags
- ❌
- r/netsec
February 9^th 2024 at 10:16

/r/netsec - Information Security News & Discussion
Blog - Github PoC Exploits Data Analysis "Prediction" for the year 2024
February 9^th 2024 at 08:37

Blog - Github PoC Exploits Data Analysis "Prediction" for the year 2024

By /u/gfekkas

submitted by /u/gfekkas
[link] [comments]

Related tags
- ❌
- r/netsec
February 9^th 2024 at 08:37

/r/netsec - Information Security News & Discussion
Distributed rate limiting, a new approach to prevent Bruteforce, DDOS, Credential Stuffing, etc.
February 9^th 2024 at 06:11

Distributed rate limiting, a new approach to prevent Bruteforce, DDOS, Credential Stuffing, etc.

By /u/gitcommitshow

Open Source code - https://github.com/fluxninja/aperture
Architecture
How is it different than a simple Firewall and API Gateway - This new approach separates rate limit infrastructure from application code and integrates using SDK. This helps with distributed architecture and makes it resilient to attacks at scale that could have brought down the app because while allowing access to users who need to send a burst of traffic for legitimate usage.

submitted by /u/gitcommitshow
[link] [comments]

Related tags
- ❌
- r/netsec
February 9^th 2024 at 06:11

/r/netsec - Information Security News & Discussion
Ivanti Connect Secure CVE-2024-22024 - Are We Now Part Of Ivanti? - watchTowr Labs
February 9^th 2024 at 05:01

Ivanti Connect Secure CVE-2024-22024 - Are We Now Part Of Ivanti? - watchTowr Labs

By /u/dx7r__

submitted by /u/dx7r__
[link] [comments]

Related tags
- ❌
- r/netsec
February 9^th 2024 at 05:01

/r/netsec - Information Security News & Discussion
Form Tools Remote Code Execution: We Need To Talk About PHP - watchTowr Labs
February 9^th 2024 at 02:02

Form Tools Remote Code Execution: We Need To Talk About PHP - watchTowr Labs

By /u/dx7r__

submitted by /u/dx7r__
[link] [comments]

Related tags
- ❌
- r/netsec
February 9^th 2024 at 02:02

/r/netsec - Information Security News & Discussion
IncludeSec's part 2 of understanding of prompt injection via the internals of transformer-based LLMs
February 9^th 2024 at 01:39

IncludeSec's part 2 of understanding of prompt injection via the internals of transformer-based LLMs

By /u/907jessejones

submitted by /u/907jessejones
[link] [comments]

Related tags
- ❌
- r/netsec
February 9^th 2024 at 01:39

/r/netsec - Information Security News & Discussion
Java applet + serialization in 2024! What could go wrong?
February 8^th 2024 at 13:36

Java applet + serialization in 2024! What could go wrong?

By /u/0xdea

submitted by /u/0xdea
[link] [comments]

Related tags
- ❌
- r/netsec
February 8^th 2024 at 13:36

New TOTOLINK vulnerability allows remote unauthenticated attackers to become authenticated due to a stack overflow vulnerability in the web interface!

By /u/Status_Resolve2971

submitted by /u/Status_Resolve2971
[link] [comments]

Related tags
- ❌
- r/netsec
February 8^th 2024 at 10:33

/r/netsec - Information Security News & Discussion
Shellcode evasion using Wasm/Wat and Rust
February 8^th 2024 at 09:56

Shellcode evasion using Wasm/Wat and Rust

By /u/flamedpt

submitted by /u/flamedpt
[link] [comments]

Related tags
- ❌
- r/netsec
February 8^th 2024 at 09:56

/r/netsec - Information Security News & Discussion
ShmooCon 2024 Videos are up!
February 7^th 2024 at 20:21

ShmooCon 2024 Videos are up!

By /u/mubix

submitted by /u/mubix
[link] [comments]

Related tags
- ❌
- r/netsec
February 7^th 2024 at 20:21

/r/netsec - Information Security News & Discussion
Unpack RedLine stealer to extract config using pe-sieve -Part 2 - Securityinbits
February 7^th 2024 at 13:22

Unpack RedLine stealer to extract config using pe-sieve -Part 2 - Securityinbits

By /u/securityinbits

submitted by /u/securityinbits
[link] [comments]

Related tags
- ❌
- r/netsec
February 7^th 2024 at 13:22

/r/netsec - Information Security News & Discussion
How to create a Secure, Random Password with JavaScript
February 7^th 2024 at 06:39

How to create a Secure, Random Password with JavaScript

By /u/hannob

submitted by /u/hannob
[link] [comments]

Related tags
- ❌
- r/netsec
February 7^th 2024 at 06:39

/r/netsec - Information Security News & Discussion
Enumerate AWS tags, account ids, and org ids of accessible AWS resources
February 7^th 2024 at 03:02

Enumerate AWS tags, account ids, and org ids of accessible AWS resources

By /u/dagrz-cloudsec

submitted by /u/dagrz-cloudsec
[link] [comments]

Related tags
- ❌
- r/netsec
February 7^th 2024 at 03:02

apk.sh makes reverse engineering Android apps easier, automating some repetitive tasks like pulling, decoding, rebuilding and patching an APK.

By /u/recovo_recovo

submitted by /u/recovo_recovo
[link] [comments]

Related tags
- ❌
- r/netsec
February 6^th 2024 at 21:38

/r/netsec - Information Security News & Discussion
NTLM Relay Gat: Automating Mass Exploitation of ntlmrelayx Authenticated Sessions
February 6^th 2024 at 19:57

NTLM Relay Gat: Automating Mass Exploitation of ntlmrelayx Authenticated Sessions

By /u/ad0nis

submitted by /u/ad0nis
[link] [comments]

Related tags
- ❌
- r/netsec
February 6^th 2024 at 19:57

/r/netsec - Information Security News & Discussion
Using Scapy for Network Fuzzing on Vsftpd
February 6^th 2024 at 18:38

Using Scapy for Network Fuzzing on Vsftpd

By /u/Altrntiv-to-security

submitted by /u/Altrntiv-to-security
[link] [comments]

Related tags
- ❌
- r/netsec
February 6^th 2024 at 18:38

/r/netsec - Information Security News & Discussion
Trends in Phishing, Fraud, 'Dark AI Models', and how to better protect yourself.
February 6^th 2024 at 16:57

Trends in Phishing, Fraud, 'Dark AI Models', and how to better protect yourself.

By /u/Seaerkin2

submitted by /u/Seaerkin2
[link] [comments]

Related tags
- ❌
- r/netsec
February 6^th 2024 at 16:57

/r/netsec - Information Security News & Discussion
Rust Won't Save Us: An Analysis of 2023's Known Exploited Vulnerabilities – Horizon3.ai
February 6^th 2024 at 11:18

Rust Won't Save Us: An Analysis of 2023's Known Exploited Vulnerabilities – Horizon3.ai

By /u/scopedsecurity

submitted by /u/scopedsecurity
[link] [comments]

Related tags
- ❌
- r/netsec
February 6^th 2024 at 11:18

/r/netsec - Information Security News & Discussion
WordPress Security Providers Falsely Claimed Cloudflare's Plugin Contained Vulnerability
February 5^th 2024 at 18:25

WordPress Security Providers Falsely Claimed Cloudflare's Plugin Contained Vulnerability

By /u/PluginVulns

submitted by /u/PluginVulns
[link] [comments]

Related tags
- ❌
- r/netsec
February 5^th 2024 at 18:25

/r/netsec - Information Security News & Discussion
Persistence – Windows Setup Script
February 5^th 2024 at 11:30

Persistence – Windows Setup Script

By /u/netbiosX

submitted by /u/netbiosX
[link] [comments]

Related tags
- ❌
- r/netsec
February 5^th 2024 at 11:30

/r/netsec - Information Security News & Discussion
How I Hacked My Air Purifier to Remove Cloud Dependency [Detailed Write-Up]
February 4^th 2024 at 23:52

How I Hacked My Air Purifier to Remove Cloud Dependency [Detailed Write-Up]

By /u/jmswrnr

submitted by /u/jmswrnr
[link] [comments]

Related tags
- ❌
- r/netsec
February 4^th 2024 at 23:52

Deluder: Python utility for intercepting traffic of applications. Deluder can be used as an alternative for EchoMirage. It supports OpenSSL, GnuTLS, SChannel, WinSock and Linux Sockets out of the box. There is also support for remote hosts and optional GU

By /u/vutmajk

submitted by /u/vutmajk
[link] [comments]

Related tags
- ❌
- r/netsec
February 3^rd 2024 at 15:45

/r/netsec - Information Security News & Discussion
There Are Too Many Damn Honeypots
February 2^nd 2024 at 21:23

There Are Too Many Damn Honeypots

By /u/chicksdigthelongrun

submitted by /u/chicksdigthelongrun
[link] [comments]

Related tags
- ❌
- r/netsec
February 2^nd 2024 at 21:23

/r/netsec - Information Security News & Discussion
ModSecurity: Path Confusion and easy bypass on v2 and v3
February 2^nd 2024 at 10:54

ModSecurity: Path Confusion and easy bypass on v2 and v3

By /u/theMiddleBlue

submitted by /u/theMiddleBlue
[link] [comments]

Related tags
- ❌
- r/netsec
February 2^nd 2024 at 10:54

/r/netsec - Information Security News & Discussion
Your Security Program Is Shit
February 1^st 2024 at 19:29

Your Security Program Is Shit

By /u/burpadurp

submitted by /u/burpadurp
[link] [comments]

Related tags
- ❌
- r/netsec
February 1^st 2024 at 19:29

/r/netsec - Information Security News & Discussion
Opera zero Day vulnerability for cross platform execution "MyFlaw"
February 1^st 2024 at 18:18

Opera zero Day vulnerability for cross platform execution "MyFlaw"

By /u/Altrntiv-to-security

submitted by /u/Altrntiv-to-security
[link] [comments]

Related tags
- ❌
- r/netsec
February 1^st 2024 at 18:18

/r/netsec - Information Security News & Discussion
De4py: A toolkit for python reverse engineering
February 1^st 2024 at 16:17

De4py: A toolkit for python reverse engineering

By /u/AhmedMinegames

submitted by /u/AhmedMinegames
[link] [comments]

Related tags
- ❌
- r/netsec
February 1^st 2024 at 16:17

/r/netsec - Information Security News & Discussion
Frog4Shell — FritzFrog Botnet Adds One-Days to Its Arsenal
February 1^st 2024 at 15:29

Frog4Shell — FritzFrog Botnet Adds One-Days to Its Arsenal

By /u/oridavid1231

submitted by /u/oridavid1231
[link] [comments]

Related tags
- ❌
- r/netsec
February 1^st 2024 at 15:29

/r/netsec - Information Security News & Discussion
🔍 Dive into the RedLine Stealer Infection Chain - Part 1 - Securityinbits
February 1^st 2024 at 10:23

🔍 Dive into the RedLine Stealer Infection Chain - Part 1 - Securityinbits

By /u/securityinbits

submitted by /u/securityinbits
[link] [comments]

Related tags
- ❌
- r/netsec
February 1^st 2024 at 10:23

/r/netsec - Information Security News & Discussion
SmuggleFuzz: HTTP Downgrade detection fuzzer - Feedback welcome
February 1^st 2024 at 05:14

SmuggleFuzz: HTTP Downgrade detection fuzzer - Feedback welcome

By /u/Moopanger

submitted by /u/Moopanger
[link] [comments]

Related tags
- ❌
- r/netsec
February 1^st 2024 at 05:14

/r/netsec - Information Security News & Discussion
Leaky Vessels: Docker and runc Container Breakout Vulnerabilities - January 2024
January 31^st 2024 at 20:54

Leaky Vessels: Docker and runc Container Breakout Vulnerabilities - January 2024

By /u/pentesticals

Multiple vulns in Docker disclosed by Snyk Security Labs

submitted by /u/pentesticals
[link] [comments]

Related tags
- ❌
- r/netsec
January 31^st 2024 at 20:54

/r/netsec - Information Security News & Discussion
Defending against the Attack of the Clone[d website]s!
January 31^st 2024 at 20:44

Defending against the Attack of the Clone[d website]s!

By /u/ranok

submitted by /u/ranok
[link] [comments]

Related tags
- ❌
- r/netsec
January 31^st 2024 at 20:44

/r/netsec - Information Security News & Discussion
Softing Update Fixes RCE Vulns in its OPC UA Integration Server
January 31^st 2024 at 18:29

Softing Update Fixes RCE Vulns in its OPC UA Integration Server

By /u/derp6996

submitted by /u/derp6996
[link] [comments]

Related tags
- ❌
- r/netsec
January 31^st 2024 at 18:29

/r/netsec - Information Security News & Discussion
Technical Analysis of the poorly written PLAY ransomware.
January 31^st 2024 at 14:23

Technical Analysis of the poorly written PLAY ransomware.

By /u/jat0369

submitted by /u/jat0369
[link] [comments]

Related tags
- ❌
- r/netsec
January 31^st 2024 at 14:23

/r/netsec - Information Security News & Discussion
CVE-2023-6246: Heap-based buffer overflow in the glibc's syslog()
January 31^st 2024 at 13:39

CVE-2023-6246: Heap-based buffer overflow in the glibc's syslog()

By /u/netsec_burn

submitted by /u/netsec_burn
[link] [comments]

Related tags
- ❌
- r/netsec
January 31^st 2024 at 13:39

Ivanti Connect Secure patch released to address CVE-2023-46805 & CVE-2024-21887 - comes with disclosure of new vulnerabilities: CVE-2024-21888 and CVE-2024-21893

By /u/TheDarthSnarf

submitted by /u/TheDarthSnarf
[link] [comments]

Related tags
- ❌
- r/netsec
January 31^st 2024 at 13:34

/r/netsec - Information Security News & Discussion
Kasseika Ransomware Deploys BYOVD Attacks Abuses PsExec and Exploits Martini Driver
January 31^st 2024 at 10:46

Kasseika Ransomware Deploys BYOVD Attacks Abuses PsExec and Exploits Martini Driver

By /u/dimhum547

submitted by /u/dimhum547
[link] [comments]

Related tags
- ❌
- r/netsec
January 31^st 2024 at 10:46

/r/netsec - Information Security News & Discussion
Faction: Open-source pentesting report generation and collaboration framework - Help Net Security
January 30^th 2024 at 19:39

Faction: Open-source pentesting report generation and collaboration framework - Help Net Security

By /u/ascetik

submitted by /u/ascetik
[link] [comments]

Related tags
- ❌
- r/netsec
January 30^th 2024 at 19:39

/r/netsec - Information Security News & Discussion
Intro to Websockets & Writing a WebSocket Server in Rust - any feedback welcome!
January 30^th 2024 at 18:56

Intro to Websockets & Writing a WebSocket Server in Rust - any feedback welcome!

By /u/vaktibabat

submitted by /u/vaktibabat
[link] [comments]

Related tags
- ❌
- r/netsec
January 30^th 2024 at 18:56

/r/netsec - Information Security News & Discussion
[KIS-2024-01] XenForo <= 2.2.13 (ArchiveImport.php) Zip Slip Vulnerability
January 30^th 2024 at 18:17

[KIS-2024-01] XenForo <= 2.2.13 (ArchiveImport.php) Zip Slip Vulnerability

By /u/eg1x

submitted by /u/eg1x
[link] [comments]

Related tags
- ❌
- r/netsec
January 30^th 2024 at 18:17

/r/netsec - Information Security News & Discussion
Analysis Of Multiple Vulnerabilities In Ofbiz
January 30^th 2024 at 17:00

Analysis Of Multiple Vulnerabilities In Ofbiz

By /u/appsec1337

submitted by /u/appsec1337
[link] [comments]

Related tags
- ❌
- r/netsec
January 30^th 2024 at 17:00

/r/netsec - Information Security News & Discussion
New Visual Studio Code plugin for IaC security (plus collaboration, semgrep integration)
January 30^th 2024 at 16:40

New Visual Studio Code plugin for IaC security (plus collaboration, semgrep integration)

By /u/nibblesec

submitted by /u/nibblesec
[link] [comments]

Related tags
- ❌
- r/netsec
January 30^th 2024 at 16:40

/r/netsec - Information Security News & Discussion
Post-auth blind Python code injection vulnerabilities detected in personal cloud storage device
January 30^th 2024 at 15:04

Post-auth blind Python code injection vulnerabilities detected in personal cloud storage device

By /u/BugProve

submitted by /u/BugProve
[link] [comments]

Related tags
- ❌
- r/netsec
January 30^th 2024 at 15:04

/r/netsec - Information Security News & Discussion
Hunting for (Un)authenticated n-days in Asus Routers - Shielder
January 30^th 2024 at 13:34

Hunting for (Un)authenticated n-days in Asus Routers - Shielder

By /u/smaury

submitted by /u/smaury
[link] [comments]

Related tags
- ❌
- r/netsec
January 30^th 2024 at 13:34

/r/netsec - Information Security News & Discussion
GitHub - mlcsec/SigFinder: Identify binaries with Authenticode digital signatures signed to an internal CA/domain
January 30^th 2024 at 13:15

GitHub - mlcsec/SigFinder: Identify binaries with Authenticode digital signatures signed to an internal CA/domain

By /u/Frequent_Passenger82

submitted by /u/Frequent_Passenger82
[link] [comments]

Related tags
- ❌
- r/netsec
January 30^th 2024 at 13:15

/r/netsec - Information Security News & Discussion
bof-launcher: Beacon Object File (BOF) launcher - library for executing BOF files in C/C++/Zig applications
January 30^th 2024 at 08:32

bof-launcher: Beacon Object File (BOF) launcher - library for executing BOF files in C/C++/Zig applications

By /u/mzet-

submitted by /u/mzet-
[link] [comments]

Related tags
- ❌
- r/netsec
January 30^th 2024 at 08:32

/r/netsec - Information Security News & Discussion
Exploring secureCodeBox — An Open-Source Continuous Security Testing Solution for DevSecOps
January 29^th 2024 at 21:06

Exploring secureCodeBox — An Open-Source Continuous Security Testing Solution for DevSecOps

By /u/theowni

submitted by /u/theowni
[link] [comments]

Related tags
- ❌
- r/netsec
January 29^th 2024 at 21:06

/r/netsec - Information Security News & Discussion
LLM Assisted Jailbreak & Doxing
January 29^th 2024 at 20:19

LLM Assisted Jailbreak & Doxing

By /u/katahdinsecurity

submitted by /u/katahdinsecurity
[link] [comments]

Related tags
- ❌
- r/netsec
January 29^th 2024 at 20:19

Import Device Tree Information onto your Ghidra memory map in order to simplify bootloader, kernel and driver reverse engineering

By /u/AssociationTop7723

submitted by /u/AssociationTop7723
[link] [comments]

Related tags
- ❌
- r/netsec
January 29^th 2024 at 20:05