Login
FreshRSS
Login
/r/netsec - Information Security News & Discussion
Your Security Program Is Shit
By
/u/burpadurp
β February 1
st
2024 at 19:29
submitted by
/u/burpadurp
[link]
[comments]
/r/netsec - Information Security News & Discussion
Opera zero Day vulnerability for cross platform execution "MyFlaw"
By
/u/Altrntiv-to-security
β February 1
st
2024 at 18:18
submitted by
/u/Altrntiv-to-security
[link]
[comments]
/r/netsec - Information Security News & Discussion
De4py: A toolkit for python reverse engineering
By
/u/AhmedMinegames
β February 1
st
2024 at 16:17
submitted by
/u/AhmedMinegames
[link]
[comments]
/r/netsec - Information Security News & Discussion
Frog4Shell β FritzFrog Botnet Adds One-Days to Its Arsenal
By
/u/oridavid1231
β February 1
st
2024 at 15:29
submitted by
/u/oridavid1231
[link]
[comments]
/r/netsec - Information Security News & Discussion
π Dive into the RedLine Stealer Infection Chain - Part 1 - Securityinbits
By
/u/securityinbits
β February 1
st
2024 at 10:23
submitted by
/u/securityinbits
[link]
[comments]
/r/netsec - Information Security News & Discussion
SmuggleFuzz: HTTP Downgrade detection fuzzer - Feedback welcome
By
/u/Moopanger
β February 1
st
2024 at 05:14
submitted by
/u/Moopanger
[link]
[comments]
/r/netsec - Information Security News & Discussion
Leaky Vessels: Docker and runc Container Breakout Vulnerabilities - January 2024
By
/u/pentesticals
β January 31
st
2024 at 20:54
Multiple vulns in Docker disclosed by Snyk Security Labs
submitted by
/u/pentesticals
[link]
[comments]
/r/netsec - Information Security News & Discussion
Defending against the Attack of the Clone[d website]s!
By
/u/ranok
β January 31
st
2024 at 20:44
submitted by
/u/ranok
[link]
[comments]
/r/netsec - Information Security News & Discussion
Softing Update Fixes RCE Vulns in its OPC UA Integration Server
By
/u/derp6996
β January 31
st
2024 at 18:29
submitted by
/u/derp6996
[link]
[comments]
/r/netsec - Information Security News & Discussion
Technical Analysis of the poorly written PLAY ransomware.
By
/u/jat0369
β January 31
st
2024 at 14:23
submitted by
/u/jat0369
[link]
[comments]
/r/netsec - Information Security News & Discussion
CVE-2023-6246: Heap-based buffer overflow in the glibc's syslog()
By
/u/netsec_burn
β January 31
st
2024 at 13:39
submitted by
/u/netsec_burn
[link]
[comments]
/r/netsec - Information Security News & Discussion
Ivanti Connect Secure patch released to address CVE-2023-46805 & CVE-2024-21887 - comes with disclosure of new vulnerabilities: CVE-2024-21888 and CVE-2024-21893
By
/u/TheDarthSnarf
β January 31
st
2024 at 13:34
submitted by
/u/TheDarthSnarf
[link]
[comments]
/r/netsec - Information Security News & Discussion
Kasseika Ransomware Deploys BYOVD Attacks Abuses PsExec and Exploits Martini Driver
By
/u/dimhum547
β January 31
st
2024 at 10:46
submitted by
/u/dimhum547
[link]
[comments]
/r/netsec - Information Security News & Discussion
Faction: Open-source pentesting report generation and collaboration framework - Help Net Security
By
/u/ascetik
β January 30
th
2024 at 19:39
submitted by
/u/ascetik
[link]
[comments]
/r/netsec - Information Security News & Discussion
Intro to Websockets & Writing a WebSocket Server in Rust - any feedback welcome!
By
/u/vaktibabat
β January 30
th
2024 at 18:56
submitted by
/u/vaktibabat
[link]
[comments]
/r/netsec - Information Security News & Discussion
[KIS-2024-01] XenForo <= 2.2.13 (ArchiveImport.php) Zip Slip Vulnerability
By
/u/eg1x
β January 30
th
2024 at 18:17
submitted by
/u/eg1x
[link]
[comments]
/r/netsec - Information Security News & Discussion
Analysis Of Multiple Vulnerabilities In Ofbiz
By
/u/appsec1337
β January 30
th
2024 at 17:00
submitted by
/u/appsec1337
[link]
[comments]
/r/netsec - Information Security News & Discussion
New Visual Studio Code plugin for IaC security (plus collaboration, semgrep integration)
By
/u/nibblesec
β January 30
th
2024 at 16:40
submitted by
/u/nibblesec
[link]
[comments]
/r/netsec - Information Security News & Discussion
Post-auth blind Python code injection vulnerabilities detected in personal cloud storage device
By
/u/BugProve
β January 30
th
2024 at 15:04
submitted by
/u/BugProve
[link]
[comments]
/r/netsec - Information Security News & Discussion
Hunting for (Un)authenticated n-days in Asus Routers - Shielder
By
/u/smaury
β January 30
th
2024 at 13:34
submitted by
/u/smaury
[link]
[comments]
/r/netsec - Information Security News & Discussion
GitHub - mlcsec/SigFinder: Identify binaries with Authenticode digital signatures signed to an internal CA/domain
By
/u/Frequent_Passenger82
β January 30
th
2024 at 13:15
submitted by
/u/Frequent_Passenger82
[link]
[comments]
/r/netsec - Information Security News & Discussion
bof-launcher: Beacon Object File (BOF) launcher - library for executing BOF files in C/C++/Zig applications
By
/u/mzet-
β January 30
th
2024 at 08:32
submitted by
/u/mzet-
[link]
[comments]
/r/netsec - Information Security News & Discussion
Exploring secureCodeBox β An Open-Source Continuous Security Testing Solution for DevSecOps
By
/u/theowni
β January 29
th
2024 at 21:06
submitted by
/u/theowni
[link]
[comments]
/r/netsec - Information Security News & Discussion
LLM Assisted Jailbreak & Doxing
By
/u/katahdinsecurity
β January 29
th
2024 at 20:19
submitted by
/u/katahdinsecurity
[link]
[comments]
/r/netsec - Information Security News & Discussion
Import Device Tree Information onto your Ghidra memory map in order to simplify bootloader, kernel and driver reverse engineering
By
/u/AssociationTop7723
β January 29
th
2024 at 20:05
submitted by
/u/AssociationTop7723
[link]
[comments]
/r/netsec - Information Security News & Discussion
Using client-side JavaScript to build a tool for Port-scanning and LAN Host Detection.
By
/u/Vsimpro
β January 29
th
2024 at 19:14
submitted by
/u/Vsimpro
[link]
[comments]
/r/netsec - Information Security News & Discussion
Your Firewalls and Proxies are about to be blind to real TLS destinations: Learn about Encrypted Client Hello
By
/u/Shu_asha
β January 29
th
2024 at 18:44
submitted by
/u/Shu_asha
[link]
[comments]
/r/netsec - Information Security News & Discussion
Sys:All: How A Simple Loophole in Google Kubernetes Engine Puts Clusters at Risk of Compromise
By
/u/shulginlegacy
β January 29
th
2024 at 15:46
submitted by
/u/shulginlegacy
[link]
[comments]
/r/netsec - Information Security News & Discussion
βScammers Paradiseβ βExploring Telegramβs Dark Markets, Breeding Ground for Modern Phishing Operations
By
/u/figgymmr
β January 29
th
2024 at 15:03
submitted by
/u/figgymmr
[link]
[comments]
/r/netsec - Information Security News & Discussion
Buzzing on Christmas Eve: Trigona Ransomware in 3 Hours
By
/u/TheDFIRReport
β January 29
th
2024 at 14:28
submitted by
/u/TheDFIRReport
[link]
[comments]
/r/netsec - Information Security News & Discussion
TyphoonCon 2024 early bird ticket are now on sale!
By
/u/Straight-Zombie-646
β January 28
th
2024 at 16:20
submitted by
/u/Straight-Zombie-646
[link]
[comments]
/r/netsec - Information Security News & Discussion
ExecIT: Evasive DLL-Based Shellcode Loader
By
/u/florilsk
β January 28
th
2024 at 10:35
submitted by
/u/florilsk
[link]
[comments]
/r/netsec - Information Security News & Discussion
NMAP-formatter: convert NMAP results to HTML, CSV, JSON, graphviz (dot), SQLite
By
/u/netsec_burn
β January 27
th
2024 at 18:52
submitted by
/u/netsec_burn
[link]
[comments]
/r/netsec - Information Security News & Discussion
CSIRT-CTI - Stately Taurus Targets Myanmar Amidst Concerns over Military Juntaβs Handling of Rebel Attacks
By
/u/0x5h4un
β January 27
th
2024 at 16:17
submitted by
/u/0x5h4un
[link]
[comments]
/r/netsec - Information Security News & Discussion
Building a password cracker in 2024 [Deep Dive]
By
/u/hpo1n7
β January 27
th
2024 at 00:58
submitted by
/u/hpo1n7
[link]
[comments]
/r/netsec - Information Security News & Discussion
How I hacked chess.com
By
/u/J_ake20o4
β January 26
th
2024 at 16:17
submitted by
/u/J_ake20o4
[link]
[comments]
/r/netsec - Information Security News & Discussion
AsyncRAT config decryption using CyberChef - Recipe 0x2 - Securityinbits
By
/u/securityinbits
β January 26
th
2024 at 12:06
submitted by
/u/securityinbits
[link]
[comments]
/r/netsec - Information Security News & Discussion
CVE-2024-23897 Jenkins CLI PoC
By
/u/gquere
β January 26
th
2024 at 10:36
submitted by
/u/gquere
[link]
[comments]
/r/netsec - Information Security News & Discussion
AI-exploits: Triton Inference Server RCE exploit
By
/u/FlyingTriangle
β January 25
th
2024 at 18:00
submitted by
/u/FlyingTriangle
[link]
[comments]
/r/netsec - Information Security News & Discussion
We build X.509 chains so you donβt have to
By
/u/yossarian_flew_away
β January 25
th
2024 at 16:00
submitted by
/u/yossarian_flew_away
[link]
[comments]
/r/netsec - Information Security News & Discussion
New Zyxel RCE Vulnerability allows remote attackes execute commands as root!
By
/u/Straight-Zombie-646
β January 25
th
2024 at 13:48
submitted by
/u/Straight-Zombie-646
[link]
[comments]
/r/netsec - Information Security News & Discussion
Shipping your Private Key - CVE-2023-43870, Paxton do a Lenovo.
By
/u/craigsblackie
β January 25
th
2024 at 11:44
submitted by
/u/craigsblackie
[link]
[comments]
/r/netsec - Information Security News & Discussion
*nix libX11: Uncovering and exploiting a 35-year-old vulnerability β Part 2 of 2
By
/u/SRMish3
β January 25
th
2024 at 09:27
submitted by
/u/SRMish3
[link]
[comments]
/r/netsec - Information Security News & Discussion
Pwning a DLP solution: CVE-2024-22107 & CVE-2024-22108
By
/u/gid0rah
β January 25
th
2024 at 08:16
submitted by
/u/gid0rah
[link]
[comments]
/r/netsec - Information Security News & Discussion
Methodology - Security Research: How we discovered over 18,000 API secret tokens & $20M in Stripe tokens
By
/u/AlarmingApartment236
β January 24
th
2024 at 12:42
submitted by
/u/AlarmingApartment236
[link]
[comments]
/r/netsec - Information Security News & Discussion
Kubernetes Scheduling And Secure Design
By
/u/nibblesec
β January 24
th
2024 at 08:52
submitted by
/u/nibblesec
[link]
[comments]
/r/netsec - Information Security News & Discussion
15 MCQ questions for practice related to security
By
/u/eren_rndm
β January 24
th
2024 at 06:29
submitted by
/u/eren_rndm
[link]
[comments]
/r/netsec - Information Security News & Discussion
Improving LLM Security Against Prompt Injection: AppSec Guidance For Pentesters and Developers
By
/u/907jessejones
β January 23
rd
2024 at 21:20
submitted by
/u/907jessejones
[link]
[comments]
/r/netsec - Information Security News & Discussion
CVE-2024-0204: Fortra GoAnywhere MFT Authentication Bypass Deep-Dive, IOCs, and Exploit
By
/u/scopedsecurity
β January 23
rd
2024 at 20:52
submitted by
/u/scopedsecurity
[link]
[comments]
/r/netsec - Information Security News & Discussion
Windows - Data Protection API - A journey into various DPAPI potential abuses from an offensive security perspective
By
/u/clod81
β January 23
rd
2024 at 19:18
submitted by
/u/clod81
[link]
[comments]
/r/netsec - Information Security News & Discussion
A recent analysis of the Cactus Ransomware
By
/u/ShadowStackRE
β January 23
rd
2024 at 14:28
submitted by
/u/ShadowStackRE
[link]
[comments]
/r/netsec - Information Security News & Discussion
Export Controls: Explained
By
/u/zolakrystie
β January 23
rd
2024 at 11:35
submitted by
/u/zolakrystie
[link]
[comments]
/r/netsec - Information Security News & Discussion
Typhooncon 2024 has less than 2 weeks left for CFT submissions. Don't miss out!
By
/u/Straight-Zombie-646
β January 23
rd
2024 at 10:34
submitted by
/u/Straight-Zombie-646
[link]
[comments]
/r/netsec - Information Security News & Discussion
Exploiting 0-click Android Bluetooth vulnerability to inject keystrokes without pairing (CVE-2023-45866)
By
/u/barakadua131
β January 23
rd
2024 at 09:44
submitted by
/u/barakadua131
[link]
[comments]
/r/netsec - Information Security News & Discussion
[VNCERT/CC] CVE-2023-22527 realworld poc The original PoC: payload is length limited Solution: 1. Write the script file in parts 2. Run the script
By
/u/arleth94
β January 23
rd
2024 at 07:31
submitted by
/u/arleth94
[link]
[comments]
/r/netsec - Information Security News & Discussion
Many CVE Records Are Listing the Wrong Versions of Software as Being Affected
By
/u/PluginVulns
β January 22
nd
2024 at 18:56
submitted by
/u/PluginVulns
[link]
[comments]
/r/netsec - Information Security News & Discussion
EC2 Privilege Escalation Through User Data
By
/u/RedTermSession
β January 22
nd
2024 at 17:32
submitted by
/u/RedTermSession
[link]
[comments]
/r/netsec - Information Security News & Discussion
How a vulnerability in WifiKey's AC Gateway allows remote attackers to trigger a pre-auth RCE
By
/u/SSDisclosure
β January 22
nd
2024 at 16:54
submitted by
/u/SSDisclosure
[link]
[comments]
/r/netsec - Information Security News & Discussion
Vulnerability in Gambio pertains to an insecure deserialization flaw, which ultimately allows an attacker to execute remote code on affected systems.
By
/u/usdAG
β January 22
nd
2024 at 12:53
submitted by
/u/usdAG
[link]
[comments]
/r/netsec - Information Security News & Discussion
Domain Escalation β Backup Operator
By
/u/netbiosX
β January 22
nd
2024 at 11:07
submitted by
/u/netbiosX
[link]
[comments]
Load more articles