/r/netsec - Information Security News & Discussion

Exploiting ASP.NET TemplateParser — Part I: Sitecore (CVE-2023-35813)

By /u/scopedsecurity — September 26^th 2023 at 11:42

submitted by /u/scopedsecurity
[link] [comments]

/r/netsec - Information Security News & Discussion

The De Vinci of DirtyPipe Local Privilege Escalation - CVE-2022-0847 - vsociety

By /u/vsociety_ — September 26^th 2023 at 09:02

submitted by /u/vsociety_
[link] [comments]

/r/netsec - Information Security News & Discussion

CVE-2023-36664: Command injection with Ghostscript PoC + exploit - vsociety

By /u/vsociety_ — September 26^th 2023 at 08:57

submitted by /u/vsociety_
[link] [comments]

/r/netsec - Information Security News & Discussion

A tale about a Red Team exercise and the Forcepoint Endpoint One DLP client - vsociety

By /u/vsociety_ — September 26^th 2023 at 08:43

submitted by /u/vsociety_
[link] [comments]

/r/netsec - Information Security News & Discussion

The bogus CVE problem

By /u/yqopmin — September 26^th 2023 at 08:05

submitted by /u/yqopmin
[link] [comments]

/r/netsec - Information Security News & Discussion

Telegram Search Engine for CTI, Data Breach Discovery and Monitoring and More

By /u/ari_ben_am — September 26^th 2023 at 07:10

submitted by /u/ari_ben_am
[link] [comments]

/r/netsec - Information Security News & Discussion

DNS Debugging: What you need to know

By /u/odd950 — September 26^th 2023 at 06:41

submitted by /u/odd950
[link] [comments]

/r/netsec - Information Security News & Discussion

GDBleed: Binary instrumentation and hooking framework built on top of GDB for pentesters and IoT security researchers

By /u/NoPaleontologist7419 — September 25^th 2023 at 21:52

submitted by /u/NoPaleontologist7419
[link] [comments]

/r/netsec - Information Security News & Discussion

SocketSleuth: Improving security testing for WebSocket applications | The Snyk blog

By /u/lirantal — September 25^th 2023 at 20:42

submitted by /u/lirantal
[link] [comments]

/r/netsec - Information Security News & Discussion

Analysis of CVE-2023-38831 Zero-Day vulnerability in WinRAR

By /u/SL7reach — September 25^th 2023 at 20:03

submitted by /u/SL7reach
[link] [comments]

/r/netsec - Information Security News & Discussion

Over 400K Buckets and 10.4B Files Are Public Due to Cloud Misconfigurations

By /u/ziyahanalbeniz — September 25^th 2023 at 12:47

submitted by /u/ziyahanalbeniz
[link] [comments]

/r/netsec - Information Security News & Discussion

From ScreenConnect to Hive Ransomware in 61 hours

By /u/TheDFIRReport — September 25^th 2023 at 12:24

submitted by /u/TheDFIRReport
[link] [comments]

/r/netsec - Information Security News & Discussion

[P2O Vancouver 2023] SharePoint Pre-Auth RCE chain (CVE-2023–29357 & CVE-2023–24955)

By /u/scopedsecurity — September 25^th 2023 at 11:50

submitted by /u/scopedsecurity
[link] [comments]

/r/netsec - Information Security News & Discussion

Insecure URL handler (Electron) in iRacing leading to RCE in the client - bug discovery and exploit

By /u/ss2342- — September 25^th 2023 at 10:28

submitted by /u/ss2342-
[link] [comments]

/r/netsec - Information Security News & Discussion

A Prime on Client-side JavaScript Instrumentation

By /u/nibblesec — September 25^th 2023 at 08:28

submitted by /u/nibblesec
[link] [comments]

/r/netsec - Information Security News & Discussion

Defeating Visual Studio Code embedded reverse shell

By /u/ipfyx — September 22^nd 2023 at 19:43

Here is a blogpost that covers some techniques to block vscode tunnel. Any feedback will be greatly apreciated.

submitted by /u/ipfyx
[link] [comments]

/r/netsec - Information Security News & Discussion

Cryptomining malware detected on a Russian thesaurus with 5 Million+ monthly visits

By /u/nareksays — September 22^nd 2023 at 11:35

submitted by /u/nareksays
[link] [comments]

/r/netsec - Information Security News & Discussion

Critical DICOM Server Misconfigurations Lead to Exposure of 1.6M Medical Records

By /u/ziyahanalbeniz — September 22^nd 2023 at 10:52

submitted by /u/ziyahanalbeniz
[link] [comments]

/r/netsec - Information Security News & Discussion

The WebP 0day

By /u/MegaManSec2 — September 21^st 2023 at 19:33

submitted by /u/MegaManSec2
[link] [comments]

/r/netsec - Information Security News & Discussion

New ways to inject system CA certificates in Android 14

By /u/pimterry — September 21^st 2023 at 12:35

submitted by /u/pimterry
[link] [comments]

/r/netsec - Information Security News & Discussion

HDF5 - Multiple Memory Corruption Vulnerabilities

By /u/MysteriousHotel3017 — September 20^th 2023 at 22:44

submitted by /u/MysteriousHotel3017
[link] [comments]

/r/netsec - Information Security News & Discussion

LUCR-3: Scattered Spider Getting SaaS-y in the Cloud

By /u/permis0 — September 20^th 2023 at 16:23

submitted by /u/permis0
[link] [comments]

/r/netsec - Information Security News & Discussion

RCE in Tutanota Desktop: How a single email could compromise your machine

By /u/SonarPaul — September 20^th 2023 at 15:54

submitted by /u/SonarPaul
[link] [comments]

/r/netsec - Information Security News & Discussion

Howtorotate.com - Open Source Guides on Key Rotations from the Most Popular Providers

By /u/Phorcez — September 19^th 2023 at 18:57

submitted by /u/Phorcez
[link] [comments]

/r/netsec - Information Security News & Discussion

Crawlector Version 2.0 has been released. This is a milestone release.

By /u/MFMokbel — September 19^th 2023 at 13:43

submitted by /u/MFMokbel
[link] [comments]

/r/netsec - Information Security News & Discussion

#ShortAndMalicious — DarkGate

By /u/OwnPreparation3424 — September 19^th 2023 at 11:45

submitted by /u/OwnPreparation3424
[link] [comments]

/r/netsec - Information Security News & Discussion

DEF CON 31 Main Stage Talks

By /u/albinowax — September 19^th 2023 at 07:10

submitted by /u/albinowax
[link] [comments]

/r/netsec - Information Security News & Discussion

Wind River VxWorks tarExtract directory traversal vulnerability (CVE-2023-38346)

By /u/fr0r — September 19^th 2023 at 05:35

submitted by /u/fr0r
[link] [comments]

/r/netsec - Information Security News & Discussion

Zero-Knowledge Middleboxes

By /u/arrowflakes — September 18^th 2023 at 18:42

submitted by /u/arrowflakes
[link] [comments]

/r/netsec - Information Security News & Discussion

Fileless Remote Code Execution on Juniper Firewalls

By /u/chicksdigthelongrun — September 18^th 2023 at 15:25

submitted by /u/chicksdigthelongrun
[link] [comments]

/r/netsec - Information Security News & Discussion

AWS's Hidden Threat: AMBERSQUID Cloud-Native Cryptojacking Operation – Sysdig

By /u/Hallow_Rose — September 18^th 2023 at 15:08

submitted by /u/Hallow_Rose
[link] [comments]

/r/netsec - Information Security News & Discussion

When MFA isn't actually MFA

By /u/_vavkamil_ — September 18^th 2023 at 14:36

submitted by /u/_vavkamil_
[link] [comments]

/r/netsec - Information Security News & Discussion

Risks in Liechtenstein's electronic health files and new vulns in the underlying Liferay portal software (article in German)

By /u/fr0r — September 18^th 2023 at 12:50

submitted by /u/fr0r
[link] [comments]

/r/netsec - Information Security News & Discussion

Fuzzing with multiple servers in parallel: AFL++ with Network File Systems

By /u/MegaManSec2 — September 18^th 2023 at 09:59

submitted by /u/MegaManSec2
[link] [comments]

/r/netsec - Information Security News & Discussion

A Practical Approach to SBOM in CI/CD. Presenting concept of SBOM, its advantages, popular formats and practical implementations for both Java and Python projects.

By /u/theowni — September 17^th 2023 at 16:57

submitted by /u/theowni
[link] [comments]

/r/netsec - Information Security News & Discussion

Account Takeover in Canvas Apps served in Comet due to failure in Cross-Window-Message Origin validation

By /u/yqopmin — September 17^th 2023 at 13:49

submitted by /u/yqopmin
[link] [comments]

/r/netsec - Information Security News & Discussion

CVE-2022-32947: macOS GPU-launched kernel privilege escalation exploit (walkthrough slides + demo)

By /u/AsahiLina — September 17^th 2023 at 10:08

submitted by /u/AsahiLina
[link] [comments]

/r/netsec - Information Security News & Discussion

Tickling ksmbd: fuzzing SMB in the Linux kernel

By /u/buherator — September 17^th 2023 at 08:35

submitted by /u/buherator
[link] [comments]

/r/netsec - Information Security News & Discussion

CVE-2023-34040 Spring Kafka Deserialization Remote Code Execution

By /u/buherator — September 17^th 2023 at 08:33

submitted by /u/buherator
[link] [comments]

/r/netsec - Information Security News & Discussion

A Big Look at Security in OpenAPI

By /u/keissiaresa — September 17^th 2023 at 06:45

submitted by /u/keissiaresa
[link] [comments]

/r/netsec - Information Security News & Discussion

Similar issues detected in different cryptocurrency exchange backends

By /u/arrowflakes — September 16^th 2023 at 17:10

submitted by /u/arrowflakes
[link] [comments]

/r/netsec - Information Security News & Discussion

The bogus CVE problem

By /u/keissiaresa — September 16^th 2023 at 16:05

submitted by /u/keissiaresa
[link] [comments]

/r/netsec - Information Security News & Discussion

New analysis tool: donut-decryptor: Retrieve inner payloads from Donut samples

By /u/transt — September 16^th 2023 at 15:19

submitted by /u/transt
[link] [comments]

/r/netsec - Information Security News & Discussion

Correction: the previous CA injection method doesn't work on Android 14, but there is still a way.

By /u/pi3ch — September 15^th 2023 at 23:59

submitted by /u/pi3ch
[link] [comments]

/r/netsec - Information Security News & Discussion

Konni has entered the game: A new, possibly North Korean group exploits WinRAR vulnerability for cyberattacks.

By /u/nareksays — September 15^th 2023 at 16:00

submitted by /u/nareksays
[link] [comments]

/r/netsec - Information Security News & Discussion

A detailed analysis of the Money Message Ransomware

By /u/CyberMasterV — September 15^th 2023 at 13:03

submitted by /u/CyberMasterV
[link] [comments]

/r/netsec - Information Security News & Discussion

Meta Quest 2: Defense through offense

By /u/poltess0 — September 15^th 2023 at 10:38

submitted by /u/poltess0
[link] [comments]

/r/netsec - Information Security News & Discussion

Bypassing UAC with SSPI Datagram Contexts

By /u/splinter_code — September 14^th 2023 at 23:01

submitted by /u/splinter_code
[link] [comments]

/r/netsec - Information Security News & Discussion

Bypass SSL Pinning on Windows Application

By /u/HermaeusMora0 — September 14^th 2023 at 20:59

I have tried using CharlesProxy MITM proxy to obtain SSL traffic from a Windows Application, but Charles simply can't capture any traffic, even though it captures from my browser and other applications.

With that being said, I suspect the application uses SSL pinning, I don't want to go reverse engineer it when there's a simpler way for me to obtain their requests.

I need suggestions on what to do, and if reverse engineering is my only way, what would be recommended.

submitted by /u/HermaeusMora0
[link] [comments]

/r/netsec - Information Security News & Discussion

The GitHub Actions Worm: Compromising GitHub Repositories Through the Actions Dependency Tree

By /u/TupleType1 — September 14^th 2023 at 13:49

submitted by /u/TupleType1
[link] [comments]

/r/netsec - Information Security News & Discussion

Uncursing the ncurses: Memory corruption vulnerabilities found in library

By /u/YogiBerra88888 — September 14^th 2023 at 13:19

submitted by /u/YogiBerra88888
[link] [comments]

/r/netsec - Information Security News & Discussion

Simple PoC for demonstrating Race Conditions on Websockets

By /u/vah_13 — September 14^th 2023 at 09:13

submitted by /u/vah_13
[link] [comments]

/r/netsec - Information Security News & Discussion

Column-Level Encryption 101: What is It, implementation & Benefits

By /u/donofsue — September 14^th 2023 at 08:24

submitted by /u/donofsue
[link] [comments]

/r/netsec - Information Security News & Discussion

Split BloodHound input files to prevent import failures

By /u/Pleasant-Drawer729 — September 14^th 2023 at 08:04

submitted by /u/Pleasant-Drawer729
[link] [comments]

/r/netsec - Information Security News & Discussion

CVE-2023-38146: Arbitrary Code Execution via Windows Themes

By /u/gabe_k — September 13^th 2023 at 16:55

submitted by /u/gabe_k
[link] [comments]

/r/netsec - Information Security News & Discussion

3AM: New Ransomware Family Used As Fallback in Failed LockBit Attack

By /u/nareksays — September 13^th 2023 at 16:06

submitted by /u/nareksays
[link] [comments]

/r/netsec - Information Security News & Discussion

mXSS in Skiff: How browser mutations and Cloudflare helped to steal decrypted emails

By /u/SonarPaul — September 13^th 2023 at 08:39

submitted by /u/SonarPaul
[link] [comments]

/r/netsec - Information Security News & Discussion

Zimbra Email Users Targeted in Phishing Attack | Deeplab.com

By /u/RemarkableDatas — September 12^th 2023 at 19:32

submitted by /u/RemarkableDatas
[link] [comments]

/r/netsec - Information Security News & Discussion

From Terminal Output to Arbitrary Remote Code Execution

By /u/_solid_snail — September 12^th 2023 at 19:24

submitted by /u/_solid_snail
[link] [comments]

/r/netsec - Information Security News & Discussion

Malware distributor Storm-0324 facilitates ransomware access

By /u/SCI_Rusher — September 12^th 2023 at 17:22

submitted by /u/SCI_Rusher
[link] [comments]