Login
FreshRSS
Login
/r/netsec - Information Security News & Discussion
An EBPF based open source stateful linux firewall that integrates with OpenZiti Zero Trust Framework
By
/u/e_secure5592
β February 28
th
2024 at 23:20
submitted by
/u/e_secure5592
[link]
[comments]
/r/netsec - Information Security News & Discussion
Comparison of Enterprise SAST/DAST Products
By
/u/bcdefense
β February 28
th
2024 at 20:56
submitted by
/u/bcdefense
[link]
[comments]
/r/netsec - Information Security News & Discussion
Lazarus and the FudModule Rootkit: Beyond BYOVD with an Admin-to-Kernel Zero-Day
By
/u/stashing_the_smack
β February 28
th
2024 at 13:28
submitted by
/u/stashing_the_smack
[link]
[comments]
/r/netsec - Information Security News & Discussion
ThreatCheck alternative that can work with any antivirus, given a config file.
By
/u/Immediate-Fruit3833
β February 28
th
2024 at 11:30
submitted by
/u/Immediate-Fruit3833
[link]
[comments]
/r/netsec - Information Security News & Discussion
Revitalizing MouseJacking: Another Pen Test Story
By
/u/needmorejava
β February 28
th
2024 at 11:13
submitted by
/u/needmorejava
[link]
[comments]
/r/netsec - Information Security News & Discussion
Hacking Terraform state to gain code execution and privilege escalation
By
/u/dagrz-cloudsec
β February 28
th
2024 at 04:34
submitted by
/u/dagrz-cloudsec
[link]
[comments]
/r/netsec - Information Security News & Discussion
APT29 adopts new TTPs, according to a bunch of agencies
By
/u/Betterworldguys
β February 27
th
2024 at 22:40
submitted by
/u/Betterworldguys
[link]
[comments]
/r/netsec - Information Security News & Discussion
LOTP - Living Off the Pipeline
By
/u/fproulx
β February 27
th
2024 at 22:12
submitted by
/u/fproulx
[link]
[comments]
/r/netsec - Information Security News & Discussion
Data Scientists Targeted by Malicious Hugging Face ML Models with Silent Backdoor
By
/u/SRMish3
β February 27
th
2024 at 16:02
submitted by
/u/SRMish3
[link]
[comments]
/r/netsec - Information Security News & Discussion
New Server Side Prototype Pollution Gadgets Scanner from Doyensec
By
/u/ds_at
β February 27
th
2024 at 15:53
submitted by
/u/ds_at
[link]
[comments]
/r/netsec - Information Security News & Discussion
CVE-2023-52161: inet-wireless daemon (iwd) APs allowed clients to connect with a NULL key, bypassing the WiFi password
By
/u/supernetworks
β February 26
th
2024 at 22:10
submitted by
/u/supernetworks
[link]
[comments]
/r/netsec - Information Security News & Discussion
Windows Sysinternals - Sysmon - A practical guide to implementation and essential tips
By
/u/clod81
β February 26
th
2024 at 20:44
submitted by
/u/clod81
[link]
[comments]
/r/netsec - Information Security News & Discussion
It's now possible to find the AWS Account ID for any S3 Bucket (private or public)
By
/u/tracebit
β February 26
th
2024 at 15:22
submitted by
/u/tracebit
[link]
[comments]
/r/netsec - Information Security News & Discussion
Advanced CyberChef Techniques for Configuration Extraction - Detailed Walkthrough and Examples
By
/u/Embeere
β February 26
th
2024 at 14:30
submitted by
/u/Embeere
[link]
[comments]
/r/netsec - Information Security News & Discussion
QR Code Phishing with EvilGophish
By
/u/fin3ss3g0d
β February 26
th
2024 at 14:58
submitted by
/u/fin3ss3g0d
[link]
[comments]
/r/netsec - Information Security News & Discussion
βSubdoMailingβ β Thousands of Hijacked Major-Brand Subdomains Found Bombarding Users With Millions of Malicious Emails
By
/u/pinpepnet
β February 26
th
2024 at 14:32
submitted by
/u/pinpepnet
[link]
[comments]
/r/netsec - Information Security News & Discussion
Security Incident & Vulnerability Response Playbooks
By
/u/zootea100
β February 26
th
2024 at 12:56
submitted by
/u/zootea100
[link]
[comments]
/r/netsec - Information Security News & Discussion
Exploiting inconsistent UTF-8 handling in mbstring to bypass an XSS filter in Joomla
By
/u/albinowax
β February 26
th
2024 at 08:45
submitted by
/u/albinowax
[link]
[comments]
/r/netsec - Information Security News & Discussion
Join us in Seoul this May. Last chance to submit you talk for TyphoonCon 2024!
By
/u/LongjumpingLime4139
β February 26
th
2024 at 08:26
submitted by
/u/LongjumpingLime4139
[link]
[comments]
/r/netsec - Information Security News & Discussion
Actively exploited open redirect in Google Web Light
By
/u/jk0pr
β February 26
th
2024 at 07:09
submitted by
/u/jk0pr
[link]
[comments]
/r/netsec - Information Security News & Discussion
SEO Poisoning to Domain Control: The Gootloader Saga Continues
By
/u/TheDFIRReport
β February 26
th
2024 at 01:16
submitted by
/u/TheDFIRReport
[link]
[comments]
/r/netsec - Information Security News & Discussion
Go Go XSS Gadgets: Chaining a DOM Clobbering Exploit in the Wild
By
/u/poltess0
β February 24
th
2024 at 17:05
submitted by
/u/poltess0
[link]
[comments]
/r/netsec - Information Security News & Discussion
Continuously fuzzing Python C extensions
By
/u/Schwag
β February 23
rd
2024 at 15:37
submitted by
/u/Schwag
[link]
[comments]
/r/netsec - Information Security News & Discussion
Code injection or backdoor: A new look at Ivanti's CVE-2021-44529
By
/u/albinowax
β February 23
rd
2024 at 11:53
submitted by
/u/albinowax
[link]
[comments]
/r/netsec - Information Security News & Discussion
Python Risk Identification Tool for generative AI (PyRIT)
By
/u/___printf_chk
β February 23
rd
2024 at 02:40
submitted by
/u/___printf_chk
[link]
[comments]
/r/netsec - Information Security News & Discussion
New TP-Link authentication Bypass!
By
/u/Status_Resolve2971
β February 22
nd
2024 at 14:50
submitted by
/u/Status_Resolve2971
[link]
[comments]
/r/netsec - Information Security News & Discussion
SHA-256 Under the Hood
By
/u/pickeydotai
β February 22
nd
2024 at 09:23
submitted by
/u/pickeydotai
[link]
[comments]
/r/netsec - Information Security News & Discussion
A stealthy threat uncovered: TeaBot on Google Play Store | Cleafy Labs
By
/u/f3d_0x0
β February 22
nd
2024 at 09:09
submitted by
/u/f3d_0x0
[link]
[comments]
/r/netsec - Information Security News & Discussion
βTo live is to fight, to fight is to live! - IBM ODM Remote Code Execution (watchTowr Labs)
By
/u/dx7r__
β February 22
nd
2024 at 09:02
submitted by
/u/dx7r__
[link]
[comments]
/r/netsec - Information Security News & Discussion
Statically detecting AWS Canary Tokens without setting them off
By
/u/wifihack
β February 21
st
2024 at 18:10
submitted by
/u/wifihack
[link]
[comments]
/r/netsec - Information Security News & Discussion
re: Zyxel VPN Series Pre-auth Remote Command Execution
By
/u/chicksdigthelongrun
β February 21
st
2024 at 16:23
submitted by
/u/chicksdigthelongrun
[link]
[comments]
/r/netsec - Information Security News & Discussion
Ongoing Malware Laced Developer Job Interviews
By
/u/louis11
β February 21
st
2024 at 15:43
submitted by
/u/louis11
[link]
[comments]
/r/netsec - Information Security News & Discussion
A deep dive into the RansomHouse encryptor
By
/u/ShadowStackRE
β February 21
st
2024 at 14:34
submitted by
/u/ShadowStackRE
[link]
[comments]
/r/netsec - Information Security News & Discussion
Detection Rules Development Framework
By
/u/netbiosX
β February 21
st
2024 at 09:36
submitted by
/u/netbiosX
[link]
[comments]
/r/netsec - Information Security News & Discussion
PEAP Phase-2 authentication in Linux's wpa_suppcliant could be bypassed
By
/u/omegga
β February 21
st
2024 at 01:47
submitted by
/u/omegga
[link]
[comments]
/r/netsec - Information Security News & Discussion
Lockbit Ransomeware global taketown
By
/u/foundapairofknickers
β February 20
th
2024 at 21:56
submitted by
/u/foundapairofknickers
[link]
[comments]
/r/netsec - Information Security News & Discussion
Exploiting Cacheable Responses
By
/u/6W99ocQnb8Zy17
β February 20
th
2024 at 15:29
submitted by
/u/6W99ocQnb8Zy17
[link]
[comments]
/r/netsec - Information Security News & Discussion
GitHub - mlcsec/FormThief: Spoofing desktop login applications with WinForms and WPF
By
/u/Frequent_Passenger82
β February 20
th
2024 at 15:25
submitted by
/u/Frequent_Passenger82
[link]
[comments]
/r/netsec - Information Security News & Discussion
GitHub - naksyn/Embedder: Embedder is a collection of sources in different languages to embed Python interpreter with minimal dependencies
By
/u/naksyn_
β February 20
th
2024 at 12:41
submitted by
/u/naksyn_
[link]
[comments]
/r/netsec - Information Security News & Discussion
Auto DNS poisoning: while charging Android smartphone via computer it is possible to perform automated and even remotely controlled DNS poisoning without any user interaction
By
/u/barakadua131
β February 20
th
2024 at 10:29
submitted by
/u/barakadua131
[link]
[comments]
/r/netsec - Information Security News & Discussion
AS-REP Roasting
By
/u/netbiosX
β February 20
th
2024 at 08:14
submitted by
/u/netbiosX
[link]
[comments]
/r/netsec - Information Security News & Discussion
Ivanti Connect Secure Under Attack: Uncovering Five Exploitable CVEs - XXE
By
/u/appsec1337
β February 20
th
2024 at 02:26
submitted by
/u/appsec1337
[link]
[comments]
/r/netsec - Information Security News & Discussion
Code Review Like a Pro
By
/u/HayMiz
β February 19
th
2024 at 20:49
submitted by
/u/HayMiz
[link]
[comments]
/r/netsec - Information Security News & Discussion
Top 10 web hacking techniques of 2023
By
/u/loselasso
β February 19
th
2024 at 17:08
submitted by
/u/loselasso
[link]
[comments]
/r/netsec - Information Security News & Discussion
A technical analysis of the BackMyData ransomware used to attack hospitals in Romania
By
/u/CyberMasterV
β February 19
th
2024 at 12:50
submitted by
/u/CyberMasterV
[link]
[comments]
/r/netsec - Information Security News & Discussion
TPMs Hate Him! (Some Weird Tricks To Break FDE and Bypass Attestation)
By
/u/Elastic-Platypus
β February 16
th
2024 at 18:27
submitted by
/u/Elastic-Platypus
[link]
[comments]
/r/netsec - Information Security News & Discussion
Hello Lucee! Let us hack Apple again?
By
/u/thewhippersnapper4
β February 15
th
2024 at 19:56
submitted by
/u/thewhippersnapper4
[link]
[comments]
/r/netsec - Information Security News & Discussion
SiCat - an advanced exploit search tool designed to identify and gather information about exploits from both open sources and local repositories effectively
By
/u/DrinkMoreCodeMore
β February 15
th
2024 at 18:37
submitted by
/u/DrinkMoreCodeMore
[link]
[comments]
/r/netsec - Information Security News & Discussion
CVE-2024-23724: Ghost CMS Stored XSS Leading to Owner Takeover
By
/u/hackers_and_builders
β February 13
th
2024 at 16:29
submitted by
/u/hackers_and_builders
[link]
[comments]
/r/netsec - Information Security News & Discussion
Analysis of Mirai variant leveraging CVE-2023-1389
By
/u/Permafr0stsec
β February 19
th
2024 at 06:21
submitted by
/u/Permafr0stsec
[link]
[comments]
/r/netsec - Information Security News & Discussion
Exploiting TRACE
By
/u/6W99ocQnb8Zy17
β February 16
th
2024 at 16:41
submitted by
/u/6W99ocQnb8Zy17
[link]
[comments]
/r/netsec - Information Security News & Discussion
Exploiting Unsynchronised Clocks
By
/u/6W99ocQnb8Zy17
β February 16
th
2024 at 16:39
submitted by
/u/6W99ocQnb8Zy17
[link]
[comments]
/r/netsec - Information Security News & Discussion
A Double Free vulnerability on the libdicom library and an in-depth analysis of the DICOM file format.
By
/u/voidz0r
β February 16
th
2024 at 16:22
submitted by
/u/voidz0r
[link]
[comments]
/r/netsec - Information Security News & Discussion
GitHub - deeexcee-io/duppy: python flask app which utilises ngrok and gunicorn to securely download and upload files to local machine over the internet. all handled by the bash script.
By
/u/Leading-Employer-828
β February 15
th
2024 at 21:34
submitted by
/u/Leading-Employer-828
[link]
[comments]
/r/netsec - Information Security News & Discussion
Microsoft 365 AiTM detection: the lessons learned
By
/u/wez32
β February 15
th
2024 at 17:40
submitted by
/u/wez32
[link]
[comments]
/r/netsec - Information Security News & Discussion
SOC Interview Questions
By
/u/ogunal00
β February 14
th
2024 at 21:36
submitted by
/u/ogunal00
[link]
[comments]
/r/netsec - Information Security News & Discussion
Staying ahead of threat actors in the age of AI
By
/u/SCI_Rusher
β February 14
th
2024 at 18:56
submitted by
/u/SCI_Rusher
[link]
[comments]
/r/netsec - Information Security News & Discussion
Snap Trap: The Hidden Dangers Within Ubuntu's Package Suggestion System
By
/u/ilay789
β February 14
th
2024 at 13:20
submitted by
/u/ilay789
[link]
[comments]
/r/netsec - Information Security News & Discussion
Can you Tell When A Power Outage Occurred? -- Determining How Long a Wi-Fi AP Has Been Active
By
/u/wirelessbits
β February 14
th
2024 at 11:29
submitted by
/u/wirelessbits
[link]
[comments]
/r/netsec - Information Security News & Discussion
Azure Devops Zero-Click CI/CD Vulnerability
By
/u/roy_6472
β February 13
th
2024 at 22:05
submitted by
/u/roy_6472
[link]
[comments]
Load more articles