Login
FreshRSS
Login
/r/netsec - Information Security News & Discussion
Exploiting Hardcoded Keys to achieve RCE in Yellowfin BI
By
/u/Mempodipper
β January 25
th
2023 at 04:30
submitted by
/u/Mempodipper
[link]
[comments]
/r/netsec - Information Security News & Discussion
GitHub - Free Python scanner for CVE-2022-47966
By
/u/vonahisec
β January 24
th
2023 at 17:39
submitted by
/u/vonahisec
[link]
[comments]
/r/netsec - Information Security News & Discussion
Operatorβs Guide to the Meterpreter BOFLoader
By
/u/n00py
β January 24
th
2023 at 16:20
submitted by
/u/n00py
[link]
[comments]
/r/netsec - Information Security News & Discussion
CVE-2023-0210 β Linux Kernel Unauthenticated Remote Heap Overflow Within KSMBD
By
/u/MiguelHzBz
β January 24
th
2023 at 15:43
submitted by
/u/MiguelHzBz
[link]
[comments]
/r/netsec - Information Security News & Discussion
Gato (Github Attack TOolkit), a tool to enumerate, attack, and defend GitHub Actions self-hosted runners
By
/u/exploding_nun
β January 24
th
2023 at 15:16
submitted by
/u/exploding_nun
[link]
[comments]
/r/netsec - Information Security News & Discussion
A website to get latest security advisories from multiple sources
By
/u/karimhabush
β January 24
th
2023 at 11:42
submitted by
/u/karimhabush
[link]
[comments]
/r/netsec - Information Security News & Discussion
Tampering User Attributes In AWS Cognito User Pools
By
/u/nibblesec
β January 24
th
2023 at 09:48
submitted by
/u/nibblesec
[link]
[comments]
/r/netsec - Information Security News & Discussion
Reverse-engineering the conditional jump circuitry in the 8086 processor
By
/u/Gallus
β January 24
th
2023 at 06:17
submitted by
/u/Gallus
[link]
[comments]
/r/netsec - Information Security News & Discussion
Bitwarden design flaw: Server side iterations
By
/u/Gallus
β January 24
th
2023 at 06:16
submitted by
/u/Gallus
[link]
[comments]
/r/netsec - Information Security News & Discussion
Pwning the all Google phone with a non-Google bug | The GitHub Blog
By
/u/smaury
β January 23
rd
2023 at 21:07
submitted by
/u/smaury
[link]
[comments]
/r/netsec - Information Security News & Discussion
A step-by-step introduction to the use of ROP gadgets to bypass DEP
By
/u/CyberMasterV
β January 23
rd
2023 at 15:04
submitted by
/u/CyberMasterV
[link]
[comments]
/r/netsec - Information Security News & Discussion
NSA CSI IPv6 Security Guidance
By
/u/sanitybit
β January 23
rd
2023 at 08:12
submitted by
/u/sanitybit
[link]
[comments]
/r/netsec - Information Security News & Discussion
OSINT Search Engine | Cylect.io
By
/u/brekfasbaksetz
β January 23
rd
2023 at 06:00
submitted by
/u/brekfasbaksetz
[link]
[comments]
/r/netsec - Information Security News & Discussion
CVE-2020-36109 POC - ASUS routers stack overflow
By
/u/NoPaleontologist7419
β January 22
nd
2023 at 16:59
submitted by
/u/NoPaleontologist7419
[link]
[comments]
/r/netsec - Information Security News & Discussion
CVE-2021-20294 POC - readelf stack overflow
By
/u/NoPaleontologist7419
β January 22
nd
2023 at 16:44
submitted by
/u/NoPaleontologist7419
[link]
[comments]
/r/netsec - Information Security News & Discussion
(In)Security of the "Pass" password manager
By
/u/Gallus
β January 22
nd
2023 at 16:18
submitted by
/u/Gallus
[link]
[comments]
/r/netsec - Information Security News & Discussion
Studying Conformance of MANRS Members (routing security)
By
/u/danyork
β January 22
nd
2023 at 14:04
submitted by
/u/danyork
[link]
[comments]
/r/netsec - Information Security News & Discussion
Git repository of Linux forensic/monitoring scripts (small side project for implementing ideas and testing stuff I read somewhere)
By
/u/sqall01
β January 22
nd
2023 at 11:55
submitted by
/u/sqall01
[link]
[comments]
/r/netsec - Information Security News & Discussion
Using a service with markdown capabilities? Good chance it's vulnerable and attackers can easily take it down
By
/u/roy_6472
β January 22
nd
2023 at 08:15
submitted by
/u/roy_6472
[link]
[comments]
/r/netsec - Information Security News & Discussion
Researchers release PoC for iTLB-multihit bug affecting Intel cpus (crashes host from guest in most hypervisors).
By
/u/Ch0pdr0p
β January 21
st
2023 at 18:06
submitted by
/u/Ch0pdr0p
[link]
[comments]
/r/netsec - Information Security News & Discussion
Somnium: Script to test netsec detection capabilities.
By
/u/Th4ray
β January 21
st
2023 at 06:27
submitted by
/u/Th4ray
[link]
[comments]
/r/netsec - Information Security News & Discussion
U-Boot β Unchecked Download Size and Direction in USB DFU (CVE-2022-2347)
By
/u/Gallus
β January 21
st
2023 at 05:05
submitted by
/u/Gallus
[link]
[comments]
/r/netsec - Information Security News & Discussion
libgit2 fails to verify SSH keys by default
By
/u/bascule
β January 21
st
2023 at 01:08
submitted by
/u/bascule
[link]
[comments]
/r/netsec - Information Security News & Discussion
The SSL Certificate Issuer Field is a Lie
By
/u/self
β January 20
th
2023 at 23:33
submitted by
/u/self
[link]
[comments]
/r/netsec - Information Security News & Discussion
CVE-2022-25637 - Multiple TOCTOU vulns in peripheral devices (Razer, EVGA, MSI, AMI)
By
/u/jat0369
β January 20
th
2023 at 19:47
submitted by
/u/jat0369
[link]
[comments]
/r/netsec - Information Security News & Discussion
Abusing Adopted Authority on IBM i
By
/u/buherator
β January 20
th
2023 at 13:33
submitted by
/u/buherator
[link]
[comments]
/r/netsec - Information Security News & Discussion
Building a io_uring based network scanner in Rust
By
/u/Gallus
β January 20
th
2023 at 11:38
submitted by
/u/Gallus
[link]
[comments]
/r/netsec - Information Security News & Discussion
How to completely own an airline in 3 easy steps
By
/u/_vavkamil_
β January 20
th
2023 at 02:18
submitted by
/u/_vavkamil_
[link]
[comments]
/r/netsec - Information Security News & Discussion
Aerleon a vendor agnostic firewall management system
By
/u/ankenyr
β January 19
th
2023 at 18:49
submitted by
/u/ankenyr
[link]
[comments]
/r/netsec - Information Security News & Discussion
New Remcos RATversion uses direct syscalls to evade detection.
By
/u/woja111
β January 19
th
2023 at 17:19
submitted by
/u/woja111
[link]
[comments]
/r/netsec - Information Security News & Discussion
Simple, open-source, lightweight stress testing tool
By
/u/chrisy_e
β January 19
th
2023 at 16:08
submitted by
/u/chrisy_e
[link]
[comments]
/r/netsec - Information Security News & Discussion
POC Exploit for CVE-2022-47966 affecting multiple ManageEngine products
By
/u/scopedsecurity
β January 19
th
2023 at 13:22
submitted by
/u/scopedsecurity
[link]
[comments]
/r/netsec - Information Security News & Discussion
SeeProxy: Golang reverse proxy with CobaltStrike malleable profile validation.
By
/u/bambo_gambo
β January 19
th
2023 at 12:12
submitted by
/u/bambo_gambo
[link]
[comments]
/r/netsec - Information Security News & Discussion
Exploiting CVE-2021-3490 for Container Escapes
By
/u/Gallus
β January 19
th
2023 at 11:31
submitted by
/u/Gallus
[link]
[comments]
/r/netsec - Information Security News & Discussion
Centreon Map plugin allows pre-auth remote process memory dump (CVSS 8.3) - PoC
By
/u/qwerty0x41
β January 19
th
2023 at 07:03
submitted by
/u/qwerty0x41
[link]
[comments]
/r/netsec - Information Security News & Discussion
Sudoedit can edit arbitrary files (CVE-2023-22809)
By
/u/0xdea
β January 18
th
2023 at 20:29
submitted by
/u/0xdea
[link]
[comments]
/r/netsec - Information Security News & Discussion
Gold Digger: a simple tool to quickly discover credentials/sensitive information in files recursively
By
/u/ustayready
β January 18
th
2023 at 17:02
submitted by
/u/ustayready
[link]
[comments]
/r/netsec - Information Security News & Discussion
Java XML security issues and how to address them
By
/u/got_nations
β January 18
th
2023 at 16:32
submitted by
/u/got_nations
[link]
[comments]
/r/netsec - Information Security News & Discussion
Nothing new under the Sun - Discovering and exploiting a CDE bug chain
By
/u/0xdea
β January 18
th
2023 at 09:00
submitted by
/u/0xdea
[link]
[comments]
/r/netsec - Information Security News & Discussion
Tailscale bug allowed a person to share nodes from other tailnets without auth
By
/u/Security_Chief_Odo
β January 18
th
2023 at 01:40
submitted by
/u/Security_Chief_Odo
[link]
[comments]
/r/netsec - Information Security News & Discussion
Hacking ICS Historians: The Pivot Point From IT to OT
By
/u/derp6996
β January 17
th
2023 at 20:40
submitted by
/u/derp6996
[link]
[comments]
/r/netsec - Information Security News & Discussion
Security audit of Git
By
/u/joernchen
β January 17
th
2023 at 19:50
submitted by
/u/joernchen
[link]
[comments]
/r/netsec - Information Security News & Discussion
AWS CloudTrail vulnerability: Undocumented API allows CloudTrail bypass | Datadog Security Labs
By
/u/RedTermSession
β January 17
th
2023 at 16:03
submitted by
/u/RedTermSession
[link]
[comments]
/r/netsec - Information Security News & Discussion
Creating a polymorphic malware using ChatGPT
By
/u/ES_CY
β January 17
th
2023 at 15:19
submitted by
/u/ES_CY
[link]
[comments]
/r/netsec - Information Security News & Discussion
Introducing RPC Investigator
By
/u/Gallus
β January 17
th
2023 at 14:13
submitted by
/u/Gallus
[link]
[comments]
/r/netsec - Information Security News & Discussion
Russia aiming to Disrupt Czech Presidential Election - attacks ongoing today
By
/u/Proof-Tip2688
β January 13
th
2023 at 20:13
submitted by
/u/Proof-Tip2688
[link]
[comments]
/r/netsec - Information Security News & Discussion
The misadventures of SPF: Delivering SPF authenticated emails on behalf of the Ukrainian MoD, MIT and 1000+ others.
By
/u/Jumpy_Resolution3089
β January 17
th
2023 at 06:10
submitted by
/u/Jumpy_Resolution3089
[link]
[comments]
/r/netsec - Information Security News & Discussion
rsbkb: a Rust CLI tool to easily chain operations (CyberChef-like) through pipes. Other utils as a bonus.
By
/u/alain_proviste
β January 16
th
2023 at 21:58
submitted by
/u/alain_proviste
[link]
[comments]
/r/netsec - Information Security News & Discussion
Unauthenticated Configuration Export in Multiple WAGO Products
By
/u/g_e_r_h_a_r_d
β January 16
th
2023 at 10:52
submitted by
/u/g_e_r_h_a_r_d
[link]
[comments]
/r/netsec - Information Security News & Discussion
[CVE-2023-0179] Linux kernel stack buffer overflow in nftables: PoC and writeup
By
/u/qwerty0x41
β January 16
th
2023 at 08:25
submitted by
/u/qwerty0x41
[link]
[comments]
/r/netsec - Information Security News & Discussion
DLL Hijacking outside DllMain, using Spartacus
By
/u/h0wlett
β January 15
th
2023 at 08:17
submitted by
/u/h0wlett
[link]
[comments]
/r/netsec - Information Security News & Discussion
Analysis of FG-IR-22-398 β FortiOS - heap-based buffer overflow in SSLVPNd
By
/u/Gallus
β January 14
th
2023 at 21:18
submitted by
/u/Gallus
[link]
[comments]
/r/netsec - Information Security News & Discussion
Impact of the CircleCI Security Incident on the Datadog Agent
By
/u/dlorenc
β January 14
th
2023 at 18:29
submitted by
/u/dlorenc
[link]
[comments]
/r/netsec - Information Security News & Discussion
santa-linux: a proof of concept binary authorization system for linux, based on Google's Santa
By
/u/ahigherporpoise
β January 14
th
2023 at 16:49
submitted by
/u/ahigherporpoise
[link]
[comments]
/r/netsec - Information Security News & Discussion
CircleCI incident report for January 4, 2023 security incident
By
/u/baty0man_
β January 13
th
2023 at 22:26
submitted by
/u/baty0man_
[link]
[comments]
/r/netsec - Information Security News & Discussion
A Public Git repository & misconfiguration detection tool
By
/u/nicksthehacker_
β January 13
th
2023 at 20:01
submitted by
/u/nicksthehacker_
[link]
[comments]
/r/netsec - Information Security News & Discussion
π Announcing Matano + Suricata: Build your own Security Data Lake on AWS using Suricata Logs
By
/u/shaeqahmed
β January 13
th
2023 at 15:19
submitted by
/u/shaeqahmed
[link]
[comments]
/r/netsec - Information Security News & Discussion
Announcing a stable release of sigstore-python
By
/u/yossarian_flew_away
β January 13
th
2023 at 15:09
submitted by
/u/yossarian_flew_away
[link]
[comments]
/r/netsec - Information Security News & Discussion
Crassus: Windows privilege escalation discovery tool
By
/u/Fugitif
β January 13
th
2023 at 14:21
submitted by
/u/Fugitif
[link]
[comments]
/r/netsec - Information Security News & Discussion
Clear communication is crucial: why writing effective vulnerability reports matters
By
/u/glum-platimium
β January 13
th
2023 at 14:14
submitted by
/u/glum-platimium
[link]
[comments]
Load more articles