Login
FreshRSS
Login
/r/netsec - Information Security News & Discussion
Producing a POC for CVE-2022-42475 (Fortinet RCE)
By
/u/BlackCatNeo
β March 15
th
2023 at 07:51
submitted by
/u/BlackCatNeo
[link]
[comments]
/r/netsec - Information Security News & Discussion
Exploiting CVE-2023-23397: Microsoft Outlook Elevation of Privilege Vulnerability
By
/u/Gallus
β March 15
th
2023 at 01:25
submitted by
/u/Gallus
[link]
[comments]
/r/netsec - Information Security News & Discussion
BeyondTrust AD Bridge Open Post-Exploitation
By
/u/v1brio
β March 14
th
2023 at 23:05
submitted by
/u/v1brio
[link]
[comments]
/r/netsec - Information Security News & Discussion
Examining OpenSSH Sandboxing and Privilege Separation β Attack Surface Analysis
By
/u/n0llbyte
β March 14
th
2023 at 17:13
submitted by
/u/n0llbyte
[link]
[comments]
/r/netsec - Information Security News & Discussion
Vulnerabilities in the TPM 2.0 reference implementation code
By
/u/guedou
β March 14
th
2023 at 12:49
submitted by
/u/guedou
[link]
[comments]
/r/netsec - Information Security News & Discussion
Bootkit Showcase: Real-World Examples of Infrastructure Security Threats
By
/u/hardenedvault
β March 14
th
2023 at 11:26
submitted by
/u/hardenedvault
[link]
[comments]
/r/netsec - Information Security News & Discussion
Kali Linux 2023.1 introduces 'Purple' distro for defensive security
By
/u/MrNobody136
β March 14
th
2023 at 10:55
submitted by
/u/MrNobody136
[link]
[comments]
/r/netsec - Information Security News & Discussion
"Understanding a Payload's Life (featuring Meterpreter & other guests)". Understanding the life of a Meterpreter payload from its generation to its execution. How all the pieces fit together!
By
/u/attl4s
β March 14
th
2023 at 08:28
submitted by
/u/attl4s
[link]
[comments]
/r/netsec - Information Security News & Discussion
Dolibarr ERP/CRM 16.x is vulnerable to a pre-auth customer database theft
By
/u/qwerty0x41
β March 14
th
2023 at 06:55
submitted by
/u/qwerty0x41
[link]
[comments]
/r/netsec - Information Security News & Discussion
Dissecting Exfiltrator-22: A Post-Exploitation Framework
By
/u/navneetmuffin
β March 14
th
2023 at 05:40
submitted by
/u/navneetmuffin
[link]
[comments]
/r/netsec - Information Security News & Discussion
Vendor Acknowledges Smart Intercom RCE Vulns
By
/u/derp6996
β March 13
th
2023 at 19:31
submitted by
/u/derp6996
[link]
[comments]
/r/netsec - Information Security News & Discussion
DEV-1101 enables high-volume AiTM campaigns with open-source phishing kit
By
/u/SCI_Rusher
β March 13
th
2023 at 16:22
submitted by
/u/SCI_Rusher
[link]
[comments]
/r/netsec - Information Security News & Discussion
Persistence β Context Menu
By
/u/netbiosX
β March 13
th
2023 at 15:41
submitted by
/u/netbiosX
[link]
[comments]
/r/netsec - Information Security News & Discussion
Pinduoduo malicious code sample and sheller
By
/u/sysadminsith
β March 13
th
2023 at 04:20
submitted by
/u/sysadminsith
[link]
[comments]
/r/netsec - Information Security News & Discussion
Clipchamp ( Microsoft Office Product) - Google IAP Authorization bypass allowed access to Internal Environment Leading to Zero Interaction Account takeover
By
/u/vikzsharma
β March 12
th
2023 at 11:04
submitted by
/u/vikzsharma
[link]
[comments]
/r/netsec - Information Security News & Discussion
New Cosmos Blockchain API DoS
By
/u/SharpAd1823
β March 12
th
2023 at 01:01
submitted by
/u/SharpAd1823
[link]
[comments]
/r/netsec - Information Security News & Discussion
Crawlector - A threat hunting framework designed for scanning websites for malicious objects.
By
/u/MFMokbel
β March 11
th
2023 at 22:28
submitted by
/u/MFMokbel
[link]
[comments]
/r/netsec - Information Security News & Discussion
πββοΈ ProtoDeep - Decode and analyze protobuf efficiently
By
/u/mxrchreborn
β March 11
th
2023 at 14:52
submitted by
/u/mxrchreborn
[link]
[comments]
/r/netsec - Information Security News & Discussion
A Comprehensive Synopsis of 217 Subdomain Takeover Reports - by Cyjax researcher @_nynan
By
/u/ObscureError
β March 11
th
2023 at 12:43
submitted by
/u/ObscureError
[link]
[comments]
/r/netsec - Information Security News & Discussion
WebGL fuzzer based on IDL definition by @ant4g0nist
By
/u/ant4g0nist
β March 11
th
2023 at 11:06
submitted by
/u/ant4g0nist
[link]
[comments]
/r/netsec - Information Security News & Discussion
Fixing cringeworthy bugs in the OpenBSD console code
By
/u/Gallus
β March 11
th
2023 at 02:05
submitted by
/u/Gallus
[link]
[comments]
/r/netsec - Information Security News & Discussion
Bypassing Asymmetric Client Side Encryption Without Private Key by @Ano_F_
By
/u/Ano_F
β March 10
th
2023 at 21:39
submitted by
/u/Ano_F
[link]
[comments]
/r/netsec - Information Security News & Discussion
Unauthorized access to organization secrets in GitHub
By
/u/albinowax
β March 10
th
2023 at 15:54
submitted by
/u/albinowax
[link]
[comments]
/r/netsec - Information Security News & Discussion
The oldest privesc: injecting careless administratorsβ terminals using TTY pushback
By
/u/gquere
β March 10
th
2023 at 12:38
submitted by
/u/gquere
[link]
[comments]
/r/netsec - Information Security News & Discussion
Infra-Red, In Situ (IRIS) Inspection of Silicon
By
/u/Gallus
β March 10
th
2023 at 08:47
submitted by
/u/Gallus
[link]
[comments]
/r/netsec - Information Security News & Discussion
I know what pizza you ordered!
By
/u/df_works
β March 10
th
2023 at 08:11
submitted by
/u/df_works
[link]
[comments]
/r/netsec - Information Security News & Discussion
Leveraging ssh-keygen for Arbitrary Execution (and Privilege Escalation)
By
/u/SeanPesce
β March 10
th
2023 at 02:54
submitted by
/u/SeanPesce
[link]
[comments]
/r/netsec - Information Security News & Discussion
EJS - Server Side Prototype Pollution gadgets to RCE
By
/u/Gallus
β March 9
th
2023 at 23:44
submitted by
/u/Gallus
[link]
[comments]
/r/netsec - Information Security News & Discussion
Pwning Akuvox E11 Smart Intercom
By
/u/sh0n1z
β March 9
th
2023 at 19:00
submitted by
/u/sh0n1z
[link]
[comments]
/r/netsec - Information Security News & Discussion
Phineas Fisher's Hacktivist Writeups and Guides
By
/u/gabriel_schneider
β March 9
th
2023 at 11:22
submitted by
/u/gabriel_schneider
[link]
[comments]
/r/netsec - Information Security News & Discussion
The Threat on Your Desk: Building an Evil USB-C Dock
By
/u/Acceptable-Doubt-878
β March 9
th
2023 at 01:21
submitted by
/u/Acceptable-Doubt-878
[link]
[comments]
/r/netsec - Information Security News & Discussion
Jailbreaking LLM (ChatGPT) Sandboxes Using Linguistic Hacks
By
/u/alxjsn
β March 8
th
2023 at 19:45
submitted by
/u/alxjsn
[link]
[comments]
/r/netsec - Information Security News & Discussion
CorePlague: Severe Vulnerabilities in Jenkins Server Lead to Remote Code Execution
By
/u/ilay789
β March 8
th
2023 at 16:08
submitted by
/u/ilay789
[link]
[comments]
/r/netsec - Information Security News & Discussion
Fog of War - How the Ukraine Conflict Transformed the οΌ£yber Threat Landscape
By
/u/mycall
β March 8
th
2023 at 14:35
submitted by
/u/mycall
[link]
[comments]
/r/netsec - Information Security News & Discussion
ESXi Ransomware β A case study of Royal Ransomware
By
/u/CyberMasterV
β March 8
th
2023 at 13:02
submitted by
/u/CyberMasterV
[link]
[comments]
/r/netsec - Information Security News & Discussion
Beating an old PHP source code protector
By
/u/gid0rah
β March 8
th
2023 at 12:10
submitted by
/u/gid0rah
[link]
[comments]
/r/netsec - Information Security News & Discussion
Persistence β Event Log Online Help
By
/u/netbiosX
β March 8
th
2023 at 08:38
submitted by
/u/netbiosX
[link]
[comments]
/r/netsec - Information Security News & Discussion
I made a VS Code extension to view nmap results in a graph view. Helpful if you like to keep notes in MarkDown. Let me know what you think about it.
By
/u/marduc812
β March 7
th
2023 at 17:21
submitted by
/u/marduc812
[link]
[comments]
/r/netsec - Information Security News & Discussion
Open-source Static Code Analysis tool with sensitive-data prioritization
By
/u/rukhrunnin
β March 7
th
2023 at 17:12
submitted by
/u/rukhrunnin
[link]
[comments]
/r/netsec - Information Security News & Discussion
Authentication Bypass Vulnerability in Mura CMS and Masa CMS
By
/u/albinowax
β March 7
th
2023 at 16:56
submitted by
/u/albinowax
[link]
[comments]
/r/netsec - Information Security News & Discussion
RCE in Implementations of SHA-3, SHAKE, EdDSA
By
/u/Definitely_not_gpt3
β March 7
th
2023 at 16:03
submitted by
/u/Definitely_not_gpt3
[link]
[comments]
/r/netsec - Information Security News & Discussion
Avoiding Single-Point-of-Failure and securing the Root Infrastructure: TCG TPM 2.0
By
/u/hardenedvault
β March 7
th
2023 at 11:10
submitted by
/u/hardenedvault
[link]
[comments]
/r/netsec - Information Security News & Discussion
Harvesting Active Directory credentials via HTTP Request Smuggling
By
/u/albinowax
β March 7
th
2023 at 09:16
submitted by
/u/albinowax
[link]
[comments]
/r/netsec - Information Security News & Discussion
Manipulating Encrypted Traffic using PyCript for Manual and Automation
By
/u/Ano_F
β March 6
th
2023 at 18:22
submitted by
/u/Ano_F
[link]
[comments]
/r/netsec - Information Security News & Discussion
Insecure Toyota CRM exposed Mexican customer information
By
/u/EatonZ
β March 6
th
2023 at 18:19
submitted by
/u/EatonZ
[link]
[comments]
/r/netsec - Information Security News & Discussion
Protecting Android clipboard content from unintended exposure
By
/u/SCI_Rusher
β March 6
th
2023 at 17:57
submitted by
/u/SCI_Rusher
[link]
[comments]
/r/netsec - Information Security News & Discussion
Polynonce A Novel Attack against ECDSA. Paper, Code, and associated Story
By
/u/nhamiel
β March 6
th
2023 at 14:13
submitted by
/u/nhamiel
[link]
[comments]
/r/netsec - Information Security News & Discussion
Passive Takeover - uncovering (and emulating) an expensive subdomain takeover campaign
By
/u/-nbsp-
β March 5
th
2023 at 12:20
submitted by
/u/-nbsp-
[link]
[comments]
/r/netsec - Information Security News & Discussion
Obfuscating Rubeus using Codecepticon
By
/u/h0wlett
β March 5
th
2023 at 12:10
submitted by
/u/h0wlett
[link]
[comments]
/r/netsec - Information Security News & Discussion
Lord Of The Ring0 - Part 4 is out!
By
/u/Idov31
β March 5
th
2023 at 12:05
submitted by
/u/Idov31
[link]
[comments]
/r/netsec - Information Security News & Discussion
βStreamJackingβ - Hijacking Hundreds of YouTube Channels Per Day Propagating Elon Musk Branded Crypto Giveaway Scams
By
/u/lowlet3443
β March 5
th
2023 at 09:30
submitted by
/u/lowlet3443
[link]
[comments]
/r/netsec - Information Security News & Discussion
Hacking the Nintendo DSi Browser
By
/u/Gallus
β March 4
th
2023 at 07:17
submitted by
/u/Gallus
[link]
[comments]
/r/netsec - Information Security News & Discussion
Reverse SSH - A Fast, Stable Reverse Shell Handler
By
/u/Acceptable-Doubt-878
β March 3
rd
2023 at 00:40
submitted by
/u/Acceptable-Doubt-878
[link]
[comments]
/r/netsec - Information Security News & Discussion
Nosey Parker, a fast secrets detector, now enumerates GitHub repos, writes SARIF output, and has 90 default rules
By
/u/exploding_nun
β March 3
rd
2023 at 00:01
submitted by
/u/exploding_nun
[link]
[comments]
/r/netsec - Information Security News & Discussion
Backups of ALL customer vault data, including encrypted passwords and decrypted authenticator seeds, exfiltrated in 2022 LastPass breach, You will need to regenerate OTP KEYS for all services and if you have a weak master password or low iteration count,
By
/u/alexanderpas
β March 2
nd
2023 at 22:27
submitted by
/u/alexanderpas
[link]
[comments]
/r/netsec - Information Security News & Discussion
Lesser Known Persistence Techniques of WinXP are still effective on Win 10 and 11.
By
/u/jat0369
β March 2
nd
2023 at 19:37
submitted by
/u/jat0369
[link]
[comments]
/r/netsec - Information Security News & Discussion
Taking over booking.com accounts by abusing OAuth 2.0
By
/u/ynvb
β March 2
nd
2023 at 13:20
submitted by
/u/ynvb
[link]
[comments]
/r/netsec - Information Security News & Discussion
BlackLotus UEFI bootkit: Myth confirmed
By
/u/hardenedvault
β March 2
nd
2023 at 08:41
submitted by
/u/hardenedvault
[link]
[comments]
/r/netsec - Information Security News & Discussion
SSH PKI on top of Web PKI
By
/u/ptman
β March 2
nd
2023 at 08:10
submitted by
/u/ptman
[link]
[comments]
/r/netsec - Information Security News & Discussion
Gitpod remote code execution 0-day vulnerability via WebSockets
By
/u/lirantal
β March 1
st
2023 at 23:25
submitted by
/u/lirantal
[link]
[comments]
Load more articles