Login
FreshRSS
Login
/r/netsec - Information Security News & Discussion
How to completely own an airline in 3 easy steps
By
/u/_vavkamil_
โ January 20
th
2023 at 02:18
submitted by
/u/_vavkamil_
[link]
[comments]
/r/netsec - Information Security News & Discussion
Aerleon a vendor agnostic firewall management system
By
/u/ankenyr
โ January 19
th
2023 at 18:49
submitted by
/u/ankenyr
[link]
[comments]
/r/netsec - Information Security News & Discussion
New Remcos RATversion uses direct syscalls to evade detection.
By
/u/woja111
โ January 19
th
2023 at 17:19
submitted by
/u/woja111
[link]
[comments]
/r/netsec - Information Security News & Discussion
Simple, open-source, lightweight stress testing tool
By
/u/chrisy_e
โ January 19
th
2023 at 16:08
submitted by
/u/chrisy_e
[link]
[comments]
/r/netsec - Information Security News & Discussion
POC Exploit for CVE-2022-47966 affecting multiple ManageEngine products
By
/u/scopedsecurity
โ January 19
th
2023 at 13:22
submitted by
/u/scopedsecurity
[link]
[comments]
/r/netsec - Information Security News & Discussion
SeeProxy: Golang reverse proxy with CobaltStrike malleable profile validation.
By
/u/bambo_gambo
โ January 19
th
2023 at 12:12
submitted by
/u/bambo_gambo
[link]
[comments]
/r/netsec - Information Security News & Discussion
Exploiting CVE-2021-3490 for Container Escapes
By
/u/Gallus
โ January 19
th
2023 at 11:31
submitted by
/u/Gallus
[link]
[comments]
/r/netsec - Information Security News & Discussion
Centreon Map plugin allows pre-auth remote process memory dump (CVSS 8.3) - PoC
By
/u/qwerty0x41
โ January 19
th
2023 at 07:03
submitted by
/u/qwerty0x41
[link]
[comments]
/r/netsec - Information Security News & Discussion
Sudoedit can edit arbitrary files (CVE-2023-22809)
By
/u/0xdea
โ January 18
th
2023 at 20:29
submitted by
/u/0xdea
[link]
[comments]
/r/netsec - Information Security News & Discussion
Gold Digger: a simple tool to quickly discover credentials/sensitive information in files recursively
By
/u/ustayready
โ January 18
th
2023 at 17:02
submitted by
/u/ustayready
[link]
[comments]
/r/netsec - Information Security News & Discussion
Java XML security issues and how to address them
By
/u/got_nations
โ January 18
th
2023 at 16:32
submitted by
/u/got_nations
[link]
[comments]
/r/netsec - Information Security News & Discussion
Nothing new under the Sun - Discovering and exploiting a CDE bug chain
By
/u/0xdea
โ January 18
th
2023 at 09:00
submitted by
/u/0xdea
[link]
[comments]
/r/netsec - Information Security News & Discussion
Tailscale bug allowed a person to share nodes from other tailnets without auth
By
/u/Security_Chief_Odo
โ January 18
th
2023 at 01:40
submitted by
/u/Security_Chief_Odo
[link]
[comments]
/r/netsec - Information Security News & Discussion
Hacking ICS Historians: The Pivot Point From IT to OT
By
/u/derp6996
โ January 17
th
2023 at 20:40
submitted by
/u/derp6996
[link]
[comments]
/r/netsec - Information Security News & Discussion
Security audit of Git
By
/u/joernchen
โ January 17
th
2023 at 19:50
submitted by
/u/joernchen
[link]
[comments]
/r/netsec - Information Security News & Discussion
AWS CloudTrail vulnerability: Undocumented API allows CloudTrail bypass | Datadog Security Labs
By
/u/RedTermSession
โ January 17
th
2023 at 16:03
submitted by
/u/RedTermSession
[link]
[comments]
/r/netsec - Information Security News & Discussion
Creating a polymorphic malware using ChatGPT
By
/u/ES_CY
โ January 17
th
2023 at 15:19
submitted by
/u/ES_CY
[link]
[comments]
/r/netsec - Information Security News & Discussion
Introducing RPC Investigator
By
/u/Gallus
โ January 17
th
2023 at 14:13
submitted by
/u/Gallus
[link]
[comments]
/r/netsec - Information Security News & Discussion
Russia aiming to Disrupt Czech Presidential Election - attacks ongoing today
By
/u/Proof-Tip2688
โ January 13
th
2023 at 20:13
submitted by
/u/Proof-Tip2688
[link]
[comments]
/r/netsec - Information Security News & Discussion
The misadventures of SPF: Delivering SPF authenticated emails on behalf of the Ukrainian MoD, MIT and 1000+ others.
By
/u/Jumpy_Resolution3089
โ January 17
th
2023 at 06:10
submitted by
/u/Jumpy_Resolution3089
[link]
[comments]
/r/netsec - Information Security News & Discussion
rsbkb: a Rust CLI tool to easily chain operations (CyberChef-like) through pipes. Other utils as a bonus.
By
/u/alain_proviste
โ January 16
th
2023 at 21:58
submitted by
/u/alain_proviste
[link]
[comments]
/r/netsec - Information Security News & Discussion
Unauthenticated Configuration Export in Multiple WAGO Products
By
/u/g_e_r_h_a_r_d
โ January 16
th
2023 at 10:52
submitted by
/u/g_e_r_h_a_r_d
[link]
[comments]
/r/netsec - Information Security News & Discussion
[CVE-2023-0179] Linux kernel stack buffer overflow in nftables: PoC and writeup
By
/u/qwerty0x41
โ January 16
th
2023 at 08:25
submitted by
/u/qwerty0x41
[link]
[comments]
/r/netsec - Information Security News & Discussion
DLL Hijacking outside DllMain, using Spartacus
By
/u/h0wlett
โ January 15
th
2023 at 08:17
submitted by
/u/h0wlett
[link]
[comments]
/r/netsec - Information Security News & Discussion
Analysis of FG-IR-22-398 โ FortiOS - heap-based buffer overflow in SSLVPNd
By
/u/Gallus
โ January 14
th
2023 at 21:18
submitted by
/u/Gallus
[link]
[comments]
/r/netsec - Information Security News & Discussion
Impact of the CircleCI Security Incident on the Datadog Agent
By
/u/dlorenc
โ January 14
th
2023 at 18:29
submitted by
/u/dlorenc
[link]
[comments]
/r/netsec - Information Security News & Discussion
santa-linux: a proof of concept binary authorization system for linux, based on Google's Santa
By
/u/ahigherporpoise
โ January 14
th
2023 at 16:49
submitted by
/u/ahigherporpoise
[link]
[comments]
/r/netsec - Information Security News & Discussion
CircleCI incident report for January 4, 2023 security incident
By
/u/baty0man_
โ January 13
th
2023 at 22:26
submitted by
/u/baty0man_
[link]
[comments]
/r/netsec - Information Security News & Discussion
A Public Git repository & misconfiguration detection tool
By
/u/nicksthehacker_
โ January 13
th
2023 at 20:01
submitted by
/u/nicksthehacker_
[link]
[comments]
/r/netsec - Information Security News & Discussion
๐ Announcing Matano + Suricata: Build your own Security Data Lake on AWS using Suricata Logs
By
/u/shaeqahmed
โ January 13
th
2023 at 15:19
submitted by
/u/shaeqahmed
[link]
[comments]
/r/netsec - Information Security News & Discussion
Announcing a stable release of sigstore-python
By
/u/yossarian_flew_away
โ January 13
th
2023 at 15:09
submitted by
/u/yossarian_flew_away
[link]
[comments]
/r/netsec - Information Security News & Discussion
Crassus: Windows privilege escalation discovery tool
By
/u/Fugitif
โ January 13
th
2023 at 14:21
submitted by
/u/Fugitif
[link]
[comments]
/r/netsec - Information Security News & Discussion
Clear communication is crucial: why writing effective vulnerability reports matters
By
/u/glum-platimium
โ January 13
th
2023 at 14:14
submitted by
/u/glum-platimium
[link]
[comments]
/r/netsec - Information Security News & Discussion
How to use Open Source CloudQuery for Attack Surface Management and Graph Visualization for Cloud and AWS | CloudQuery
By
/u/jsonpile
โ January 13
th
2023 at 14:01
submitted by
/u/jsonpile
[link]
[comments]
/r/netsec - Information Security News & Discussion
Bad things come in large packages: .pkg signature verification bypass on macOS
By
/u/xnyhps
โ January 13
th
2023 at 10:09
submitted by
/u/xnyhps
[link]
[comments]
/r/netsec - Information Security News & Discussion
GraphQL exploitation โ All you need to know โ Cybervelia
By
/u/Necessary-Reality-80
โ January 12
th
2023 at 20:58
submitted by
/u/Necessary-Reality-80
[link]
[comments]
/r/netsec - Information Security News & Discussion
Keeping the wolves out of wolfSSL (Protocol Fuzzing)
By
/u/maxammann
โ January 12
th
2023 at 20:03
submitted by
/u/maxammann
[link]
[comments]
/r/netsec - Information Security News & Discussion
Avoiding API Key Exposures: The Importance of Strong Fundamentals and the Limitations of AI
By
/u/DevOpsMuffin39
โ January 12
th
2023 at 15:58
submitted by
/u/DevOpsMuffin39
[link]
[comments]
/r/netsec - Information Security News & Discussion
Exfiltration Over a Blocked Port on a Next-Gen Firewall
By
/u/cuptugout
โ January 12
th
2023 at 09:07
submitted by
/u/cuptugout
[link]
[comments]
/r/netsec - Information Security News & Discussion
T95 Allwinner T616 Malware Analysis - "Pre-owned" Android TV Device
By
/u/sanitybit
โ January 11
th
2023 at 20:33
submitted by
/u/sanitybit
[link]
[comments]
/r/netsec - Information Security News & Discussion
Legitify supports scanning GitLab for security misconfigurations and best practices
By
/u/dotanoam
โ January 11
th
2023 at 12:24
submitted by
/u/dotanoam
[link]
[comments]
/r/netsec - Information Security News & Discussion
SANS Christmas Challenge 2022 - Write-up
By
/u/the-useless-one
โ January 11
th
2023 at 09:23
submitted by
/u/the-useless-one
[link]
[comments]
/r/netsec - Information Security News & Discussion
Cacti: Unauthenticated Remote Code Execution (CVE-2022-46169)
By
/u/monoimpact
โ January 10
th
2023 at 23:58
submitted by
/u/monoimpact
[link]
[comments]
/r/netsec - Information Security News & Discussion
How to find a Google account with a phone number
By
/u/Gallus
โ January 10
th
2023 at 23:33
submitted by
/u/Gallus
[link]
[comments]
/r/netsec - Information Security News & Discussion
Antivirus Evasion: Tearing AMSI down with 3 bytes only
By
/u/juliocesarfort
โ January 10
th
2023 at 21:21
submitted by
/u/juliocesarfort
[link]
[comments]
/r/netsec - Information Security News & Discussion
Taking over a Dead IoT Company
By
/u/phree_radical
โ January 10
th
2023 at 21:08
submitted by
/u/phree_radical
[link]
[comments]
/r/netsec - Information Security News & Discussion
Semgrep rules for Swift language (iOS mobile apps)
By
/u/brugmayq
โ January 10
th
2023 at 17:42
submitted by
/u/brugmayq
[link]
[comments]
/r/netsec - Information Security News & Discussion
How to Analyze JavaScript Malware โ A Case Study of Vjw0rm
By
/u/CyberMasterV
โ January 10
th
2023 at 15:28
submitted by
/u/CyberMasterV
[link]
[comments]
/r/netsec - Information Security News & Discussion
An electromagnetic-wave side-channel issue on ARMv8 AES instructions
By
/u/Gallus
โ January 10
th
2023 at 11:51
submitted by
/u/Gallus
[link]
[comments]
/r/netsec - Information Security News & Discussion
ImageMagick Security Policy Evaluator
By
/u/nibblesec
โ January 10
th
2023 at 11:22
submitted by
/u/nibblesec
[link]
[comments]
/r/netsec - Information Security News & Discussion
The dark side of Gmail
By
/u/osint_matter
โ January 9
th
2023 at 21:12
submitted by
/u/osint_matter
[link]
[comments]
/r/netsec - Information Security News & Discussion
Releasing hermes-dec, an open-source disassembler and decompiler for the React Native Hermes bytecode
By
/u/marin-m
โ January 9
th
2023 at 17:19
submitted by
/u/marin-m
[link]
[comments]
/r/netsec - Information Security News & Discussion
Unwrapping Ursnifs Gifts
By
/u/TheDFIRReport
โ January 9
th
2023 at 13:03
submitted by
/u/TheDFIRReport
[link]
[comments]
/r/netsec - Information Security News & Discussion
Practical Example Of Client Side Path Manipulation
By
/u/Gallus
โ January 9
th
2023 at 12:05
submitted by
/u/Gallus
[link]
[comments]
/r/netsec - Information Security News & Discussion
Reverse Engineering TikTok's VM Obfuscation (Part 2)
By
/u/Gallus
โ January 9
th
2023 at 11:16
submitted by
/u/Gallus
[link]
[comments]
/r/netsec - Information Security News & Discussion
Vulnerable Jenkins plugins exploitation
By
/u/ntknn
โ January 9
th
2023 at 09:20
submitted by
/u/ntknn
[link]
[comments]
/r/netsec - Information Security News & Discussion
How To Attack Admin Panels Successfully Part 2
By
/u/banginpadr
โ January 9
th
2023 at 01:14
submitted by
/u/banginpadr
[link]
[comments]
/r/netsec - Information Security News & Discussion
Interactive Risk Explorer for Understanding Software Supply Chain Attacks
By
/u/ewok94301
โ January 8
th
2023 at 19:10
submitted by
/u/ewok94301
[link]
[comments]
/r/netsec - Information Security News & Discussion
Bring your own vulnerable driver to the exploit party: Understanding BYOVD Attacks
By
/u/achilles4828
โ January 8
th
2023 at 16:45
submitted by
/u/achilles4828
[link]
[comments]
/r/netsec - Information Security News & Discussion
Analyzing CVE-2022-46630 (DLL Hijacking in Squirrel.Windows)
By
/u/DLLCoolJ
โ January 8
th
2023 at 15:38
submitted by
/u/DLLCoolJ
[link]
[comments]
Load more articles