Login
FreshRSS
Login
About FreshRSS
Main stream
Favourites (0)
Security
/r/netsec - Information Security News & Discussion
Dark Reading:
http://blog.trendmicro.com/feed
ICS-CERT Alert Feed
Infosec Island Latest Articles
InfoSec Resources
Krebs on Security
McAfee Blogs
Naked Security
News β Packet Storm
Paul's Security Weekly
SANS Internet Storm Center, InfoCON: green
Security β Cisco Blog
SecurityFocus News
The first stop for security news | Threatpost
The Hacker News
The Register - Security
Threatpost | The first stop for security news
Troy Hunt
Verisign Blog
WeLiveSecurity
WIRED
ZDNet | security RSS
Tools
Security Tool Files β Packet Storm
ToolsWatch.org β The Hackers Arsenal Tools Portal
Vulnerabilities
Advisory Files β Packet Storm
Exploit-DB Updates
Full Disclosure
SecurityFocus Vulnerabilities
There are new available articles, click to refresh the page.
Before yesterday
/r/netsec - Information Security News & Discussion
/r/netsec - Information Security News & Discussion
CVE-2022-28345 - Signal client for iOS version 5.33.2 and below are vulnerable to RTLO Injection URI Spoofing using malicious URLs such as gepj.net/selif#/moc.elpmaxe which would appear as example.com/#files/ten.jpeg
April 14
th
2022 at 17:25Β
CVE-2022-28345 - Signal client for iOS version 5.33.2 and below are vulnerable to RTLO Injection URI Spoofing using malicious URLs such as gepj.net/selif#/moc.elpmaxe which would appear as example.com/#files/ten.jpeg
By
/u/docker-osx
submitted by
/u/docker-osx
[link]
[comments]
Related tags
β
r/netsec
April 14
th
2022 at 17:25
/r/netsec - Information Security News & Discussion
Blinding Snort: Breaking the Modbus OT Preprocessor
April 14
th
2022 at 19:55Β
Blinding Snort: Breaking the Modbus OT Preprocessor
By
/u/derp6996
submitted by
/u/derp6996
[link]
[comments]
Related tags
β
r/netsec
April 14
th
2022 at 19:55
/r/netsec - Information Security News & Discussion
Diving Deeper into WatchGuard Pre-Auth RCE - CVE-2022-26318
April 14
th
2022 at 21:56Β
Diving Deeper into WatchGuard Pre-Auth RCE - CVE-2022-26318
By
/u/Mempodipper
submitted by
/u/Mempodipper
[link]
[comments]
Related tags
β
r/netsec
April 14
th
2022 at 21:56
/r/netsec - Information Security News & Discussion
iViewed your API keys
April 15
th
2022 at 12:58Β
iViewed your API keys
By
/u/Gallus
submitted by
/u/Gallus
[link]
[comments]
Related tags
β
r/netsec
April 15
th
2022 at 12:58
/r/netsec - Information Security News & Discussion
Turncoat - Extract private messages from malware/phishing Telegram Bots
April 15
th
2022 at 14:42Β
Turncoat - Extract private messages from malware/phishing Telegram Bots
By
/u/DoOrDieCalm
submitted by
/u/DoOrDieCalm
[link]
[comments]
Related tags
β
r/netsec
April 15
th
2022 at 14:42
/r/netsec - Information Security News & Discussion
Multiple Vulnerabilities in Cisco Expressway
April 15
th
2022 at 17:31Β
Multiple Vulnerabilities in Cisco Expressway
By
/u/FireFart
submitted by
/u/FireFart
[link]
[comments]
Related tags
β
r/netsec
April 15
th
2022 at 17:31
/r/netsec - Information Security News & Discussion
New tool to exploit TURN servers - create a socks proxy into the internal network
April 15
th
2022 at 17:34Β
New tool to exploit TURN servers - create a socks proxy into the internal network
By
/u/FireFart
submitted by
/u/FireFart
[link]
[comments]
Related tags
β
r/netsec
April 15
th
2022 at 17:34
/r/netsec - Information Security News & Discussion
[Techmonitor.ai] Failed cyberattack on Ukraine's electricity grid could indicate Russia's growing willingness to attack critical infrastructure
April 15
th
2022 at 20:55Β
[Techmonitor.ai] Failed cyberattack on Ukraine's electricity grid could indicate Russia's growing willingness to attack critical infrastructure
By
/u/NoStarchPress
submitted by
/u/NoStarchPress
[link]
[comments]
Related tags
β
r/netsec
April 15
th
2022 at 20:55
/r/netsec - Information Security News & Discussion
PYSA Ransomware Group Technical Analysis
April 15
th
2022 at 21:03Β
PYSA Ransomware Group Technical Analysis
By
/u/wtfse
submitted by
/u/wtfse
[link]
[comments]
Related tags
β
r/netsec
April 15
th
2022 at 21:03
/r/netsec - Information Security News & Discussion
GitHub: Security alert - Attack campaign involving stolen OAuth user tokens issued to two third-party integrators (Heroku and Travis CI)
April 16
th
2022 at 01:19Β
GitHub: Security alert - Attack campaign involving stolen OAuth user tokens issued to two third-party integrators (Heroku and Travis CI)
By
/u/DAMNIT_RENZO
submitted by
/u/DAMNIT_RENZO
[link]
[comments]
Related tags
β
r/netsec
April 16
th
2022 at 01:19
/r/netsec - Information Security News & Discussion
Spock SLAF is a Shared Library for Application Firewall "SLAF". It has the purpose to protect any service that uses the OpenSSL library. The SLAF inserts hooking to intercept all communication to detect security anomalies and block and log attac
April 17
th
2022 at 01:35Β
Spock SLAF is a Shared Library for Application Firewall "SLAF". It has the purpose to protect any service that uses the OpenSSL library. The SLAF inserts hooking to intercept all communication to detect security anomalies and block and log attac
By
/u/CoolerVoid
submitted by
/u/CoolerVoid
[link]
[comments]
Related tags
β
r/netsec
April 17
th
2022 at 01:35
/r/netsec - Information Security News & Discussion
Packets Remystified: Broadcast BrujerΓa
April 17
th
2022 at 06:28Β
Packets Remystified: Broadcast BrujerΓa
By
/u/0xdea
submitted by
/u/0xdea
[link]
[comments]
Related tags
β
r/netsec
April 17
th
2022 at 06:28
/r/netsec - Information Security News & Discussion
Semgrep rules for smart contracts based on DeFi exploits
April 17
th
2022 at 19:28Β
Semgrep rules for smart contracts based on DeFi exploits
By
/u/iterablewords
submitted by
/u/iterablewords
[link]
[comments]
Related tags
β
r/netsec
April 17
th
2022 at 19:28
/r/netsec - Information Security News & Discussion
THCon CTF Writeup - SHA-1 exploitation, PHP LFI and RCE
April 17
th
2022 at 21:05Β
THCon CTF Writeup - SHA-1 exploitation, PHP LFI and RCE
By
/u/GuyLewin
submitted by
/u/GuyLewin
[link]
[comments]
Related tags
β
r/netsec
April 17
th
2022 at 21:05
/r/netsec - Information Security News & Discussion
MITRE Engenuity ATT&CK results are out
April 18
th
2022 at 23:15Β
MITRE Engenuity ATT&CK results are out
By
/u/DanielWalker12
submitted by
/u/DanielWalker12
[link]
[comments]
Related tags
β
r/netsec
April 18
th
2022 at 23:15
/r/netsec - Information Security News & Discussion
CVE-2022-26809 : Remote Procedure Call Runtime Vulnerability
April 19
th
2022 at 01:53Β
CVE-2022-26809 : Remote Procedure Call Runtime Vulnerability
By
/u/Late_Ice_9288
submitted by
/u/Late_Ice_9288
[link]
[comments]
Related tags
β
r/netsec
April 19
th
2022 at 01:53
/r/netsec - Information Security News & Discussion
Exploiting, detecting, and correcting IAM security misconfigurations
April 19
th
2022 at 11:24Β
Exploiting, detecting, and correcting IAM security misconfigurations
By
/u/MiguelHzBz
submitted by
/u/MiguelHzBz
[link]
[comments]
Related tags
β
r/netsec
April 19
th
2022 at 11:24
/r/netsec - Information Security News & Discussion
Teaching Burp a new HTTP Transport Encoding
April 19
th
2022 at 13:53Β
Teaching Burp a new HTTP Transport Encoding
By
/u/0xdea
submitted by
/u/0xdea
[link]
[comments]
Related tags
β
r/netsec
April 19
th
2022 at 13:53
/r/netsec - Information Security News & Discussion
Shielder - Printing Fake Fiscal Receipts - An Italian Job p.1
April 19
th
2022 at 17:50Β
Shielder - Printing Fake Fiscal Receipts - An Italian Job p.1
By
/u/smaury
submitted by
/u/smaury
[link]
[comments]
Related tags
β
r/netsec
April 19
th
2022 at 17:50
/r/netsec - Information Security News & Discussion
US Govt Cloud Security Needs ("SCuBA"): including Technical Reference Architecture and Extensible Visibility Reference Framework (eVRF) Guidebook links
April 19
th
2022 at 21:41Β
US Govt Cloud Security Needs ("SCuBA"): including Technical Reference Architecture and Extensible Visibility Reference Framework (eVRF) Guidebook links
By
/u/ScottContini
submitted by
/u/ScottContini
[link]
[comments]
Related tags
β
r/netsec
April 19
th
2022 at 21:41
/r/netsec - Information Security News & Discussion
AWS's Log4Shell HotPatch Vulnerable to Container Escape and Privilige Escalation
April 19
th
2022 at 22:50Β
AWS's Log4Shell HotPatch Vulnerable to Container Escape and Privilige Escalation
By
/u/YuvalAvra
submitted by
/u/YuvalAvra
[link]
[comments]
Related tags
β
r/netsec
April 19
th
2022 at 22:50
/r/netsec - Information Security News & Discussion
CVE-2022-21449: Psychic Signatures in Java
April 20
th
2022 at 01:56Β
CVE-2022-21449: Psychic Signatures in Java
By
/u/Gallus
submitted by
/u/Gallus
[link]
[comments]
Related tags
β
r/netsec
April 20
th
2022 at 01:56
/r/netsec - Information Security News & Discussion
SSRF Attack Examples and Mitigations
April 20
th
2022 at 16:22Β
SSRF Attack Examples and Mitigations
By
/u/benarent
submitted by
/u/benarent
[link]
[comments]
Related tags
β
r/netsec
April 20
th
2022 at 16:22
/r/netsec - Information Security News & Discussion
A Detailed Analysis of The SunCrypt Ransomware
April 20
th
2022 at 17:00Β
A Detailed Analysis of The SunCrypt Ransomware
By
/u/CyberMasterV
submitted by
/u/CyberMasterV
[link]
[comments]
Related tags
β
r/netsec
April 20
th
2022 at 17:00
/r/netsec - Information Security News & Discussion
CVE-2022-21449 detector - Finds possibly vulnerable JAR/WAR files
April 20
th
2022 at 18:30Β
CVE-2022-21449 detector - Finds possibly vulnerable JAR/WAR files
By
/u/SRMish3
submitted by
/u/SRMish3
[link]
[comments]
Related tags
β
r/netsec
April 20
th
2022 at 18:30
/r/netsec - Information Security News & Discussion
Threat Hunting for Phishing Pages
April 20
th
2022 at 19:11Β
Threat Hunting for Phishing Pages
By
/u/mstfknn
submitted by
/u/mstfknn
[link]
[comments]
Related tags
β
r/netsec
April 20
th
2022 at 19:11
/r/netsec - Information Security News & Discussion
CVE-2022-21449 PoC demonstrating TLS MITM
April 21
st
2022 at 08:08Β
CVE-2022-21449 PoC demonstrating TLS MITM
By
/u/kmhn
submitted by
/u/kmhn
[link]
[comments]
Related tags
β
r/netsec
April 21
st
2022 at 08:08
/r/netsec - Information Security News & Discussion
Hello all, I have release a new version of SCodeScanner v2.1.0 where it contains advance rules and some additonal features. Features includes removing false positives, send outputfile directly to jira and Slack, more info - https://github.com/agrawalsmart
April 21
st
2022 at 11:04Β
Hello all, I have release a new version of SCodeScanner v2.1.0 where it contains advance rules and some additonal features. Features includes removing false positives, send outputfile directly to jira and Slack, more info - https://github.com/agrawalsmart
By
/u/agrawal7
submitted by
/u/agrawal7
[link]
[comments]
Related tags
β
r/netsec
April 21
st
2022 at 11:04
/r/netsec - Information Security News & Discussion
JBoss EAP/AS <= 6.* RCE - A little bit beyond \xAC\xED
April 21
st
2022 at 13:00Β
JBoss EAP/AS <= 6.* RCE - A little bit beyond \xAC\xED
By
/u/j_jjjj
submitted by
/u/j_jjjj
[link]
[comments]
Related tags
β
r/netsec
April 21
st
2022 at 13:00
/r/netsec - Information Security News & Discussion
Null ECDSA Signatures - Proof of concept for bypassing JWT signature checks using CVE-2022-21449
April 22
nd
2022 at 05:45Β
Null ECDSA Signatures - Proof of concept for bypassing JWT signature checks using CVE-2022-21449
By
/u/thorn42
submitted by
/u/thorn42
[link]
[comments]
Related tags
β
r/netsec
April 22
nd
2022 at 05:45
/r/netsec - Information Security News & Discussion
Abusing Azure Container Registry Tasks from Specter-Ops
April 22
nd
2022 at 06:46Β
Abusing Azure Container Registry Tasks from Specter-Ops
By
/u/gdraperi
submitted by
/u/gdraperi
[link]
[comments]
Related tags
β
r/netsec
April 22
nd
2022 at 06:46
/r/netsec - Information Security News & Discussion
Hardware Security Talks Announced! Hardwear.io
April 22
nd
2022 at 09:49Β
Hardware Security Talks Announced! Hardwear.io
By
/u/hardweario
submitted by
/u/hardweario
[link]
[comments]
Related tags
β
r/netsec
April 22
nd
2022 at 09:49
/r/netsec - Information Security News & Discussion
Smashing the Modern Web Tech Stack β Part 1: The Evolving Threat Landscape in 2022 and DOM-based XSS in Cloud-Native React Apps
April 22
nd
2022 at 00:02Β
Smashing the Modern Web Tech Stack β Part 1: The Evolving Threat Landscape in 2022 and DOM-based XSS in Cloud-Native React Apps
By
/u/MalwareJoe
submitted by
/u/MalwareJoe
[link]
[comments]
Related tags
β
r/netsec
April 22
nd
2022 at 00:02
/r/netsec - Information Security News & Discussion
WSO2 RCE (CVE-2022-29464) exploit and writeup
April 22
nd
2022 at 13:53Β
WSO2 RCE (CVE-2022-29464) exploit and writeup
By
/u/0xdea
submitted by
/u/0xdea
[link]
[comments]
Related tags
β
r/netsec
April 22
nd
2022 at 13:53
/r/netsec - Information Security News & Discussion
The Illustrated QUIC Connection
April 22
nd
2022 at 14:07Β
The Illustrated QUIC Connection
By
/u/syncsynchalt
submitted by
/u/syncsynchalt
[link]
[comments]
Related tags
β
r/netsec
April 22
nd
2022 at 14:07
/r/netsec - Information Security News & Discussion
No Hardware, No Problem: Emulation and Exploitation
April 22
nd
2022 at 17:57Β
No Hardware, No Problem: Emulation and Exploitation
By
/u/0xdea
submitted by
/u/0xdea
[link]
[comments]
Related tags
β
r/netsec
April 22
nd
2022 at 17:57
/r/netsec - Information Security News & Discussion
Cliam: better cloud agnostic IAM permissions enumerator. Covers AWS and GCP, but more to come!
April 23
rd
2022 at 01:39Β
Cliam: better cloud agnostic IAM permissions enumerator. Covers AWS and GCP, but more to come!
By
/u/securisec
submitted by
/u/securisec
[link]
[comments]
Related tags
β
r/netsec
April 23
rd
2022 at 01:39
/r/netsec - Information Security News & Discussion
Are vulnerability scores misleading you? Understanding CVSS severity and using them effectively
April 23
rd
2022 at 06:58Β
Are vulnerability scores misleading you? Understanding CVSS severity and using them effectively
By
/u/MiguelHzBz
submitted by
/u/MiguelHzBz
[link]
[comments]
Related tags
β
r/netsec
April 23
rd
2022 at 06:58
/r/netsec - Information Security News & Discussion
Writing a zero findings pentest report
April 23
rd
2022 at 17:16Β
Writing a zero findings pentest report
By
/u/DiabloHorn
submitted by
/u/DiabloHorn
[link]
[comments]
Related tags
β
r/netsec
April 23
rd
2022 at 17:16
/r/netsec - Information Security News & Discussion
FREE ICS related CTF prested by CISA
April 24
th
2022 at 01:14Β
FREE ICS related CTF prested by CISA
By
/u/1winway
submitted by
/u/1winway
[link]
[comments]
Related tags
β
r/netsec
April 24
th
2022 at 01:14
/r/netsec - Information Security News & Discussion
Password peppering and salting
April 25
th
2022 at 02:05Β
Password peppering and salting
By
/u/wpg4665
submitted by
/u/wpg4665
[link]
[comments]
Related tags
β
r/netsec
April 25
th
2022 at 02:05
/r/netsec - Information Security News & Discussion
Static unpacker and decoder for Hello Kitty Packer
April 25
th
2022 at 17:57Β
Static unpacker and decoder for Hello Kitty Packer
By
/u/GelosSnake
submitted by
/u/GelosSnake
[link]
[comments]
Related tags
β
r/netsec
April 25
th
2022 at 17:57
/r/netsec - Information Security News & Discussion
New CloudGoat scenario: Vulnerable-by-Design Lambda functions
April 26
th
2022 at 16:45Β
New CloudGoat scenario: Vulnerable-by-Design Lambda functions
By
/u/hackers_and_builders
submitted by
/u/hackers_and_builders
[link]
[comments]
Related tags
β
r/netsec
April 26
th
2022 at 16:45
/r/netsec - Information Security News & Discussion
Thinkstscapes Q1 2022 research round-up
April 26
th
2022 at 20:19Β
Thinkstscapes Q1 2022 research round-up
By
/u/ranok
submitted by
/u/ranok
[link]
[comments]
Related tags
β
r/netsec
April 26
th
2022 at 20:19
/r/netsec - Information Security News & Discussion
Introduction to VirtualBox security research and fuzzing
April 26
th
2022 at 20:23Β
Introduction to VirtualBox security research and fuzzing
By
/u/nibblesec
submitted by
/u/nibblesec
[link]
[comments]
Related tags
β
r/netsec
April 26
th
2022 at 20:23
/r/netsec - Information Security News & Discussion
KrbRelayUp - local privilege escalation in Windows domain environments where LDAP signing is not enforced
April 26
th
2022 at 20:26Β
KrbRelayUp - local privilege escalation in Windows domain environments where LDAP signing is not enforced
By
/u/0xdea
submitted by
/u/0xdea
[link]
[comments]
Related tags
β
r/netsec
April 26
th
2022 at 20:26
/r/netsec - Information Security News & Discussion
CVE-2021-22204 : Exploiting remote code execution within VirusTotal platform in order to gain access to its various scans capabilities
April 27
th
2022 at 03:56Β
CVE-2021-22204 : Exploiting remote code execution within VirusTotal platform in order to gain access to its various scans capabilities
By
/u/Late_Ice_9288
submitted by
/u/Late_Ice_9288
[link]
[comments]
Related tags
β
r/netsec
April 27
th
2022 at 03:56
/r/netsec - Information Security News & Discussion
Package Planting: Are You [Unknowingly] Maintaining Poisoned Packages?
April 27
th
2022 at 05:06Β
Package Planting: Are You [Unknowingly] Maintaining Poisoned Packages?
By
/u/mkatch
submitted by
/u/mkatch
[link]
[comments]
Related tags
β
r/netsec
April 27
th
2022 at 05:06
/r/netsec - Information Security News & Discussion
Kubernetes Security Series - https://smart7.in/2022/03/30/Kubernetes-Cluster-Attack-Defense-Importance-of-Network-Policies.html
April 27
th
2022 at 06:10Β
Kubernetes Security Series - https://smart7.in/2022/03/30/Kubernetes-Cluster-Attack-Defense-Importance-of-Network-Policies.html
By
/u/agrawal7
submitted by
/u/agrawal7
[link]
[comments]
Related tags
β
r/netsec
April 27
th
2022 at 06:10
/r/netsec - Information Security News & Discussion
Encrypting our way to SSRF in VMWare Workspace One UEM/Airwatch (CVE-2021-22054)
April 27
th
2022 at 09:53Β
Encrypting our way to SSRF in VMWare Workspace One UEM/Airwatch (CVE-2021-22054)
By
/u/FireFart
submitted by
/u/FireFart
[link]
[comments]
Related tags
β
r/netsec
April 27
th
2022 at 09:53
/r/netsec - Information Security News & Discussion
Hands-on lab for exploiting Psychic Signatures in JWTs
April 27
th
2022 at 12:35Β
Hands-on lab for exploiting Psychic Signatures in JWTs
By
/u/DebugDucky
submitted by
/u/DebugDucky
[link]
[comments]
Related tags
β
r/netsec
April 27
th
2022 at 12:35
/r/netsec - Information Security News & Discussion
Reverse Engineering PsExec for fun and knowledge
April 27
th
2022 at 15:12Β
Reverse Engineering PsExec for fun and knowledge
By
/u/CyberMasterV
submitted by
/u/CyberMasterV
[link]
[comments]
Related tags
β
r/netsec
April 27
th
2022 at 15:12
/r/netsec - Information Security News & Discussion
DEGU: userland kit that doesn't use sys_clone/sys_execve call to run
April 27
th
2022 at 20:36Β
DEGU: userland kit that doesn't use sys_clone/sys_execve call to run
By
/u/Background-Degree-50
submitted by
/u/Background-Degree-50
[link]
[comments]
Related tags
β
r/netsec
April 27
th
2022 at 20:36
/r/netsec - Information Security News & Discussion
Looking For Vulnerable Redis Servers (CVE-2022-0543)
April 27
th
2022 at 21:10Β
Looking For Vulnerable Redis Servers (CVE-2022-0543)
By
/u/chicksdigthelongrun
submitted by
/u/chicksdigthelongrun
[link]
[comments]
Related tags
β
r/netsec
April 27
th
2022 at 21:10
/r/netsec - Information Security News & Discussion
Commit Level Vulnerability Dataset
April 28
th
2022 at 05:15Β
Commit Level Vulnerability Dataset
By
/u/paran0ide
submitted by
/u/paran0ide
[link]
[comments]
Related tags
β
r/netsec
April 28
th
2022 at 05:15
/r/netsec - Information Security News & Discussion
Elevation of privilege Linux vulnerability: Nimbuspwn
April 28
th
2022 at 06:31Β
Elevation of privilege Linux vulnerability: Nimbuspwn
By
/u/0xdea
submitted by
/u/0xdea
[link]
[comments]
Related tags
β
r/netsec
April 28
th
2022 at 06:31
/r/netsec - Information Security News & Discussion
FindFunc: An IDA plugin for advanced function matching by assembly template, constants, string/name/byte reference
April 28
th
2022 at 06:53Β
FindFunc: An IDA plugin for advanced function matching by assembly template, constants, string/name/byte reference
By
/u/feberx
submitted by
/u/feberx
[link]
[comments]
Related tags
β
r/netsec
April 28
th
2022 at 06:53
/r/netsec - Information Security News & Discussion
nimbuspwn detector (CVE-2022-29799 & CVE-2022-29800) - check whether local system is possibly vulnerable
April 28
th
2022 at 12:43Β
nimbuspwn detector (CVE-2022-29799 & CVE-2022-29800) - check whether local system is possibly vulnerable
By
/u/SRMish3
submitted by
/u/SRMish3
[link]
[comments]
Related tags
β
r/netsec
April 28
th
2022 at 12:43
/r/netsec - Information Security News & Discussion
ExtraReplica: cross-account database vulnerability in Azure PostgreSQL
April 28
th
2022 at 13:29Β
ExtraReplica: cross-account database vulnerability in Azure PostgreSQL
By
/u/sagitz_
submitted by
/u/sagitz_
[link]
[comments]
Related tags
β
r/netsec
April 28
th
2022 at 13:29
/r/netsec - Information Security News & Discussion
How to master Google Hacking (Dorking)
April 28
th
2022 at 16:03Β
How to master Google Hacking (Dorking)
By
/u/hisfuntie
submitted by
/u/hisfuntie
[link]
[comments]
Related tags
β
r/netsec
April 28
th
2022 at 16:03
Load more articles