azorius.net

netsec - netsec@lemmy.world - https://lemmy.world/c/netsec

About

Technical news and discussion of information security.

Rules:

Be excellent to each other
Keep it on topic
Absolutely no PII or doxing
No disclosure posts

Alleged SYN-scans of known Honeypots from spoofed source IPs of Tor nodes (delroth.net)
in netsec@lemmy.world from da_peda@lemmings.world on 04 Nov 16:49
comments (0)

BBoT 2.0 Released! (blog.blacklanternsecurity.com)
in netsec@lemmy.world from Aconite33@lemmy.world on 09 Aug 2024 14:15
comments (0)

3TOFU: Verifying Unsigned Releases (tech.michaelaltfield.net)
in netsec@lemmy.world from maltfield@monero.town on 05 Aug 2024 15:02
comments (0)

Microsoft left internal passwords exposed in latest security blunder (www.theverge.com)
in netsec@lemmy.world from homesweethomeMrL@lemmy.world on 10 Apr 2024 20:41
comments (1)

Galactical Bug Hunting: How we discovered new issues in CD Projekt Red’s Gaming Platform (www.anvilsecure.com)
in netsec@lemmy.world from repostbot33@lemmy.world on 05 Apr 2024 18:00
comments (0)

Don't trust the cache :Exposing Web cache vulnerabilities (anasbetis023.medium.com)
in netsec@lemmy.world from repostbot33@lemmy.world on 05 Apr 2024 18:00
comments (0)

Wifi credential dumping (www.r-tec.net)
in netsec@lemmy.world from repostbot33@lemmy.world on 05 Apr 2024 12:00
comments (0)

Diving Deeper into AI Package Hallucinations (www.lasso.security)
in netsec@lemmy.world from repostbot33@lemmy.world on 05 Apr 2024 09:00
comments (0)

Security Advisory: Systems with a SONIX Technology Webcam vulnerable to DLL hijacking attack allowing attackers to execute malicious DLL and escalate privileges (herolab.usd.de)
in netsec@lemmy.world from repostbot33@lemmy.world on 05 Apr 2024 09:00
comments (0)

unch 😗: Hides message with invisible Unicode characters (github.com)
in netsec@lemmy.world from repostbot33@lemmy.world on 04 Apr 2024 00:00
comments (0)

Gram - Self-hosted Threat Modeling Webapp (github.com)
in netsec@lemmy.world from repostbot33@lemmy.world on 03 Apr 2024 21:00
comments (0)

Kobold letters – Why HTML emails are a risk to your organization (lutrasecurity.com)
in netsec@lemmy.world from repostbot33@lemmy.world on 03 Apr 2024 18:00
comments (0)

Showcasing Incinerator a Powerful Android Malware Reversing Tool (boschko.ca)
in netsec@lemmy.world from repostbot33@lemmy.world on 03 Apr 2024 18:00
comments (0)

Attacking Active Directory Certificate Service Part 2 (vandanpathak.com)
in netsec@lemmy.world from repostbot33@lemmy.world on 03 Apr 2024 09:00
comments (0)

Persistence - DLL Proxy Loading (pentestlab.blog)
in netsec@lemmy.world from repostbot33@lemmy.world on 03 Apr 2024 09:00
comments (0)

Adventures in Stegoland - Adventures with a stego shellcode loader (tierzerosecurity.co.nz)
in netsec@lemmy.world from repostbot33@lemmy.world on 03 Apr 2024 03:00
comments (0)

/r/netsec's Q2 2024 Information Security Hiring Thread (www.reddit.com)
in netsec@lemmy.world from repostbot33@lemmy.world on 02 Apr 2024 21:00
comments (0)

XZ-actly What You Need (CVE 2024-3094): Detecting Exploitation with Oligo (www.oligo.security)
in netsec@lemmy.world from repostbot33@lemmy.world on 02 Apr 2024 18:00
comments (1)

IBIS hotel check-in terminal keypad-code leakage (www.pentagrid.ch)
in netsec@lemmy.world from repostbot33@lemmy.world on 02 Apr 2024 12:00
comments (1)

NetScout - An OSINT tool I've been working on that finds domains, subdomains, directories and files based on a given URL (github.com)
in netsec@lemmy.world from repostbot33@lemmy.world on 01 Apr 2024 21:00
comments (0)

Bypassing DOMPurify with good old XML (flatt.tech)
in netsec@lemmy.world from repostbot33@lemmy.world on 01 Apr 2024 18:00
comments (0)

Xzbot: exploit demo for the xz backdoor (CVE-2024-3094) (github.com)
in netsec@lemmy.world from repostbot33@lemmy.world on 01 Apr 2024 18:00
comments (0)

Last part of Lord Of The Ring0 (idov31.github.io)
in netsec@lemmy.world from repostbot33@lemmy.world on 01 Apr 2024 15:00
comments (0)

How Complex Systems Fail (how.complexsystems.fail)
in netsec@lemmy.world from repostbot33@lemmy.world on 01 Apr 2024 15:00
comments (0)

xz/liblzma Backdoor: Open Source Nuke? Maybe Not That Bad! (hardenedvault.net)
in netsec@lemmy.world from repostbot33@lemmy.world on 01 Apr 2024 15:00
comments (0)

BGGP4: PleaseMom, QUANTUM, Rat? (remyhax.xyz)
in netsec@lemmy.world from repostbot33@lemmy.world on 01 Apr 2024 15:00
comments (0)

From OneNote to RansomNote: An Ice Cold Intrusion (thedfirreport.com)
in netsec@lemmy.world from repostbot33@lemmy.world on 01 Apr 2024 12:00
comments (0)

What is Deception Technology? - Fidelis Security (fidelissecurity.com)
in netsec@lemmy.world from repostbot33@lemmy.world on 01 Apr 2024 09:00
comments (0)

Fine-tuning Semgrep for Ruby Security: Pundit and SQL injection (blog.siddarthadukia.com)
in netsec@lemmy.world from repostbot33@lemmy.world on 01 Apr 2024 09:00
comments (0)

ROP Emporium - ret2win Buffer Overflow Challenge (vandanpathak.com)
in netsec@lemmy.world from repostbot33@lemmy.world on 01 Apr 2024 06:00
comments (0)

Vulnerability Management Lifecycle in DevSecOps (blog.gitguardian.com)
in netsec@lemmy.world from repostbot33@lemmy.world on 31 Mar 2024 21:00
comments (0)

Hijacking Chatbots: Dangerous Methods Manipulating GPTs (medium.com)
in netsec@lemmy.world from repostbot33@lemmy.world on 30 Mar 2024 00:00
comments (0)

oss-security - Backdoor in upstream xz/liblzma leading to ssh server compromise (www.openwall.com)
in netsec@lemmy.world from repostbot33@lemmy.world on 29 Mar 2024 18:00
comments (0)

Bref Security Audit - Shielder (www.shielder.com)
in netsec@lemmy.world from repostbot33@lemmy.world on 29 Mar 2024 15:00
comments (0)

Mind the Patch Gap: Exploiting an io_uring Vulnerability in Ubuntu - Exodus Intelligence (blog.exodusintel.com)
in netsec@lemmy.world from repostbot33@lemmy.world on 28 Mar 2024 21:00
comments (1)

PyPI Suspends New User Registration In Wake of Large Typosquatting Campaign (blog.phylum.io)
in netsec@lemmy.world from repostbot33@lemmy.world on 28 Mar 2024 18:00
comments (0)

After almost 7 years, new version of drozer was released (github.com)
in netsec@lemmy.world from repostbot33@lemmy.world on 28 Mar 2024 15:00
comments (0)

Introducing SharpConflux (labs.nettitude.com)
in netsec@lemmy.world from repostbot33@lemmy.world on 28 Mar 2024 12:00
comments (0)

Crumbled Security: Unmasking the Cookie-Stealing Malware Threat (www.cyberark.com)
in netsec@lemmy.world from repostbot33@lemmy.world on 27 Mar 2024 21:00
comments (0)

Malicious Implant to remotely control Electronic Locks via WiFi (blog.pridesec.com.br)
in netsec@lemmy.world from repostbot33@lemmy.world on 27 Mar 2024 21:00
comments (0)

ANSI Escape sequence injection in wall (util-linux) (github.com)
in netsec@lemmy.world from repostbot33@lemmy.world on 27 Mar 2024 18:00
comments (0)

“CVE-2024-21388”- Microsoft Edge’s Marketing API Exploited for Covert Extension Installation (labs.guard.io)
in netsec@lemmy.world from repostbot33@lemmy.world on 27 Mar 2024 18:00
comments (0)

11 year old security bug in util-linux (Leak user passwords on Ubuntu) (people.rit.edu)
in netsec@lemmy.world from repostbot33@lemmy.world on 27 Mar 2024 18:00
comments (0)

31 Round SHA256 Collision Proof of Concept (gist.github.com)
in netsec@lemmy.world from repostbot33@lemmy.world on 27 Mar 2024 15:00
comments (0)

Reversing a vulnerability in the Ichitaro Office Suite and Leveraging it into an FP overwrite for Silent Code Execution (RE walkthrough) (blog.talosintelligence.com)
in netsec@lemmy.world from repostbot33@lemmy.world on 27 Mar 2024 15:00
comments (0)

Flipping Pages: An analysis of a new Linux vulnerability in nf_tables and hardened exploitation techniques (pwning.tech)
in netsec@lemmy.world from repostbot33@lemmy.world on 27 Mar 2024 06:00
comments (0)

Abusing MiniFilter Altitude to blind EDR (tierzerosecurity.co.nz)
in netsec@lemmy.world from repostbot33@lemmy.world on 27 Mar 2024 03:00
comments (0)

Preventing Cross-Service UDP Loops in QUIC (bughunters.google.com)
in netsec@lemmy.world from repostbot33@lemmy.world on 26 Mar 2024 18:00
comments (0)

Releasing Substation v1.0 (medium.com)
in netsec@lemmy.world from repostbot33@lemmy.world on 26 Mar 2024 18:00
comments (0)

Linux kernel privesc proof of concept CVE-2024-1086, working on ubuntu and debian (github.com)
in netsec@lemmy.world from repostbot33@lemmy.world on 26 Mar 2024 15:00
comments (0)

Inside the shadowy global battle to tame the world’s most dangerous technology (www.politico.eu)
in netsec@lemmy.world from repostbot33@lemmy.world on 26 Mar 2024 12:00
comments (0)

Frida on Java applications and applets in 2024 (security.humanativaspa.it)
in netsec@lemmy.world from repostbot33@lemmy.world on 26 Mar 2024 12:00
comments (0)

BlueDucky automates exploitation of Bluetooth pairing vulnerability that leads to 0-click code execution (www.mobile-hacker.com)
in netsec@lemmy.world from repostbot33@lemmy.world on 26 Mar 2024 12:00
comments (0)

ShadowRay: First Known Attack Campaign Targeting AI Workloads Exploited In The Wild (www.oligo.security)
in netsec@lemmy.world from repostbot33@lemmy.world on 26 Mar 2024 12:00
comments (0)

Glitching in 3D: Low Cost EMFI Attacks (voidstarsec.com)
in netsec@lemmy.world from repostbot33@lemmy.world on 26 Mar 2024 12:00
comments (0)

ZenHammer: Rowhammer Attacks on AMD Zen-based Platforms (comsec.ethz.ch)
in netsec@lemmy.world from repostbot33@lemmy.world on 26 Mar 2024 03:00
comments (0)

GitHub - TracecatHQ/tracecat: 😼 The AI-native, open source alternative to Tines / Splunk SOAR. (github.com)
in netsec@lemmy.world from repostbot33@lemmy.world on 26 Mar 2024 03:00
comments (1)

Metasploit Framework 6.4 Released (www.rapid7.com)
in netsec@lemmy.world from repostbot33@lemmy.world on 25 Mar 2024 15:00
comments (0)

New OpenSecurityTraining2 class: "Architecture 1005: RISC-V Assembly" by Xeno Kovah (~28 hours) (ost2.fyi)
in netsec@lemmy.world from repostbot33@lemmy.world on 25 Mar 2024 12:00
comments (0)

Security Advisory: Remote Command Execution in Cisco Access Point WAP Products (onekey.com)
in netsec@lemmy.world from repostbot33@lemmy.world on 25 Mar 2024 09:00
comments (0)

GitHub - ZephrFish/ChunkyIngress: Chunking Text Ingress (github.com)
in netsec@lemmy.world from repostbot33@lemmy.world on 24 Mar 2024 06:00
comments (1)

Bootfuzz: MBR-based Fuzzer (github.com)
in netsec@lemmy.world from repostbot33@lemmy.world on 24 Mar 2024 06:00
comments (0)

Wi-Fi “First Aid” Kit (wirelessbits.net)
in netsec@lemmy.world from repostbot33@lemmy.world on 24 Mar 2024 00:00
comments (0)

How to continue learning without any rewards. (tryhackme.com)
in netsec@lemmy.world from repostbot33@lemmy.world on 23 Mar 2024 18:00
comments (0)

What are Honeypots, their Uses and how to set one up for networks (www.darkrelay.com)
in netsec@lemmy.world from repostbot33@lemmy.world on 23 Mar 2024 18:00
comments (0)

Tool to quickly extract all URLs and paths from web pages. (github.com)
in netsec@lemmy.world from repostbot33@lemmy.world on 23 Mar 2024 15:00
comments (0)

Basic script to generate reverse shell payloads, generally most used in ctf. (github.com)
in netsec@lemmy.world from repostbot33@lemmy.world on 23 Mar 2024 15:00
comments (0)

Bluetooth vulnerability allows unauthorized user to record and play audio on Bluetooth speaker without user awareness (www.mobile-hacker.com)
in netsec@lemmy.world from repostbot33@lemmy.world on 22 Mar 2024 09:00
comments (8)

Side-Channel Attack on Apple M1 Chip Prefetcher (GoFetch) (gofetch.fail)
in netsec@lemmy.world from repostbot33@lemmy.world on 22 Mar 2024 03:00
comments (1)

Fake-SMS: A Malware Hunting Story (medium.com)
in netsec@lemmy.world from repostbot33@lemmy.world on 22 Mar 2024 00:00
comments (0)

Unsaflok: Master Keys for dormakaba Saflok Hotel Locks (unsaflok.com)
in netsec@lemmy.world from repostbot33@lemmy.world on 21 Mar 2024 18:00
comments (0)

CVE-2023-48788: Fortinet FortiClientEMS SQL Injection Deep Dive and IOCs (www.horizon3.ai)
in netsec@lemmy.world from repostbot33@lemmy.world on 21 Mar 2024 15:00
comments (0)

OpenBSD RCE to be released at t2.fi (www.signedness.org)
in netsec@lemmy.world from repostbot33@lemmy.world on 21 Mar 2024 15:00
comments (0)

GitHub - riza/indextree: Generates the tree of the directory listing page. (github.com)
in netsec@lemmy.world from repostbot33@lemmy.world on 21 Mar 2024 09:00
comments (0)

One Line Backdoors in Classic ASP, Flask, Node.js, and PHP (FOSS Tool) (github.com)
in netsec@lemmy.world from repostbot33@lemmy.world on 21 Mar 2024 00:00
comments (0)

Threat actors leverage document publishing sites for ongoing credential and session token theft (blog.talosintelligence.com)
in netsec@lemmy.world from repostbot33@lemmy.world on 20 Mar 2024 18:00
comments (0)

Abusing the DHCP Administrators Group to Escalate Privileges in Windows Domains (www.akamai.com)
in netsec@lemmy.world from repostbot33@lemmy.world on 20 Mar 2024 15:00
comments (0)

Honeypots vs Canary Infra : Bringing Honeypots towards general adoption (tracebit.com)
in netsec@lemmy.world from repostbot33@lemmy.world on 20 Mar 2024 15:00
comments (0)

Oauth implementation flaws allow access to private repos via ChatGPT plugins (salt.security)
in netsec@lemmy.world from repostbot33@lemmy.world on 20 Mar 2024 12:00
comments (0)
dupe: netsec@lemmy.world (0)
dupe: netsec@lemmy.world (0)
dupe: netsec@lemmy.world (0)
dupe: netsec@lemmy.world (0)
dupe: netsec@lemmy.world (0)
dupe: netsec@lemmy.world (1)
dupe: netsec@lemmy.world (0)
dupe: netsec@lemmy.world (0)
dupe: netsec@lemmy.world (0)
dupe: netsec@lemmy.world (0)
dupe: netsec@lemmy.world (0)
dupe: netsec@lemmy.world (0)
dupe: netsec@lemmy.world (0)
dupe: netsec@lemmy.world (0)
dupe: netsec@lemmy.world (0)
dupe: netsec@lemmy.world (0)
dupe: netsec@lemmy.world (0)

How to Emulate a Ransomware Attack (practicalsecurityanalytics.com)
in netsec@lemmy.world from repostbot33@lemmy.world on 20 Mar 2024 00:00
comments (0)

Open Source - Terminal based AI Powered Ethical Hacking Assistant. (github.com)
in netsec@lemmy.world from repostbot33@lemmy.world on 20 Mar 2024 00:00
comments (1)

CVE-2024-1212: Unauthenticated Command Injection In Progress Kemp LoadMaster (rhinosecuritylabs.com)
in netsec@lemmy.world from repostbot33@lemmy.world on 19 Mar 2024 18:00
comments (0)

From Error to Entry: Cracking the Code of Password-Spraying Tools (trustedsec.com)
in netsec@lemmy.world from repostbot33@lemmy.world on 19 Mar 2024 18:00
comments (0)

New Short Episode Podcast ft. Insane Stories from Real Penetration Tests (www.youtube.com)
in netsec@lemmy.world from repostbot33@lemmy.world on 19 Mar 2024 18:00
comments (0)

Weaponizing Windows Thread Pool APIs: Proxying DLL Loads Using I/O Completion Callbacks (fin3ss3g0d.net)
in netsec@lemmy.world from repostbot33@lemmy.world on 19 Mar 2024 15:00
comments (0)

How Rogue ISPs Tamper With Geofeeds (medium.com)
in netsec@lemmy.world from repostbot33@lemmy.world on 19 Mar 2024 15:00
comments (0)

Microsoft AITM honeytoken: warning the victims (zolder.io)
in netsec@lemmy.world from repostbot33@lemmy.world on 19 Mar 2024 12:00
comments (0)

Exploit Development: No Code Execution? No Problem! Living The Age of VBS, HVCI, and Kernel CFG (connormcgarr.github.io)
in netsec@lemmy.world from repostbot33@lemmy.world on 19 Mar 2024 09:00
comments (0)

Bypassing USBGuard on Linux (pulsesecurity.co.nz)
in netsec@lemmy.world from repostbot33@lemmy.world on 19 Mar 2024 09:00
comments (0)

Gaining kernel code execution on an MTE-enabled Pixel 8 (github.blog)
in netsec@lemmy.world from repostbot33@lemmy.world on 19 Mar 2024 06:00
comments (0)

Social Minefield - a higher stakes game of Minesweeper using Clickjacking (social-minefield.com)
in netsec@lemmy.world from repostbot33@lemmy.world on 18 Mar 2024 18:00
comments (0)
dupe: netsec@lemmy.world (0)

Return Oriented Programming Buffer Overflow Exploitation Part 1 - In Lab Exercise (vandanpathak.com)
in netsec@lemmy.world from repostbot33@lemmy.world on 18 Mar 2024 09:00
comments (0)

Blind SQL Injection in update query for OSWE - PostgreSQL Database (www.mannulinux.org)
in netsec@lemmy.world from repostbot33@lemmy.world on 18 Mar 2024 06:00
comments (0)

jsmug - A PoC code for smuggling arbitrary files using insignificant bytes through JSON Smuggling (github.com)
in netsec@lemmy.world from repostbot33@lemmy.world on 18 Mar 2024 00:00
comments (0)

De4py Python RE Toolkit: v1.0.8 has been released (github.com)
in netsec@lemmy.world from repostbot33@lemmy.world on 17 Mar 2024 15:00
comments (0)

Analyzing Pipedream / Incontroller with MITRE/STIX (diablohorn.com)
in netsec@lemmy.world from repostbot33@lemmy.world on 17 Mar 2024 15:00
comments (0)

Two Bytes is Plenty: FortiGate RCE with CVE-2024-21762 (www.assetnote.io)
in netsec@lemmy.world from repostbot33@lemmy.world on 17 Mar 2024 03:00
comments (0)

K8s LAN Party - A Kubernetes Network Security CTF (k8slanparty.com)
in netsec@lemmy.world from repostbot33@lemmy.world on 17 Mar 2024 00:00
comments (0)
dupe: netsec@lemmy.world (0)
dupe: netsec@lemmy.world (0)
dupe: netsec@lemmy.world (0)
dupe: netsec@lemmy.world (0)
dupe: netsec@lemmy.world (0)
dupe: netsec@lemmy.world (0)
dupe: netsec@lemmy.world (0)
dupe: netsec@lemmy.world (0)
dupe: netsec@lemmy.world (0)
dupe: netsec@lemmy.world (0)
dupe: netsec@lemmy.world (0)
dupe: netsec@lemmy.world (0)
dupe: netsec@lemmy.world (0)

A Look at Software Composition Analysis. It’s time to ignore most of dependency alerts. (blog.doyensec.com)
in netsec@lemmy.world from repostbot33@lemmy.world on 15 Mar 2024 18:00
comments (0)

Opening Pandora’s box - Supply Chain Insider Threats in Open Source projects (boostsecurity.io)
in netsec@lemmy.world from repostbot33@lemmy.world on 15 Mar 2024 18:00
comments (0)

Virtual workshop - How to write Custom Security Tests for API security (app.getcontrast.io)
in netsec@lemmy.world from repostbot33@lemmy.world on 15 Mar 2024 12:00
comments (0)

[Blog and Video] Turnstiles from a hacker perspective - Part 1 (blog.pridesec.com.br)
in netsec@lemmy.world from repostbot33@lemmy.world on 15 Mar 2024 03:00
comments (0)

The Anatomy of an ALPHA SPIDER Ransomware Attack (www.crowdstrike.com)
in netsec@lemmy.world from repostbot33@lemmy.world on 15 Mar 2024 00:00
comments (0)

IoT Penetration Testing Part 1: The Basics (brackish.io)
in netsec@lemmy.world from repostbot33@lemmy.world on 14 Mar 2024 15:00
comments (0)

Fortinet FortiWLM Multiple Vulnerabilities Deep-Dive and IOCs (www.horizon3.ai)
in netsec@lemmy.world from repostbot33@lemmy.world on 14 Mar 2024 15:00
comments (0)

Microsoft Entra ID: The Complete Guide to Conditional Access Policies (www.rezonate.io)
in netsec@lemmy.world from repostbot33@lemmy.world on 14 Mar 2024 12:00
comments (0)

Researchers trying offensive capabilities of LLM agents (arxiv.org)
in netsec@lemmy.world from repostbot33@lemmy.world on 14 Mar 2024 06:00
comments (0)

Discovering Deserialization Gadget Chains in Rubyland - Include Security Research Blog (blog.includesecurity.com)
in netsec@lemmy.world from repostbot33@lemmy.world on 13 Mar 2024 21:00
comments (0)

Threat Modeling on a Virtual Factory Floor (claroty.com)
in netsec@lemmy.world from repostbot33@lemmy.world on 13 Mar 2024 18:00
comments (0)

A case of missing bytes: bruteforcing your way through Jenkins’ CVE-2024-23897 (www.errno.fr)
in netsec@lemmy.world from repostbot33@lemmy.world on 13 Mar 2024 18:00
comments (0)

Building an AITM attack tool in Cloudflare Workers (174 LOC) (zolder.io)
in netsec@lemmy.world from repostbot33@lemmy.world on 13 Mar 2024 15:00
comments (0)

Google's 'BeyondCorp and the long tail of Zero Trust' article (www.usenix.org)
in netsec@lemmy.world from repostbot33@lemmy.world on 13 Mar 2024 12:00
comments (0)

Donex a new ransomware gang malware technical analysis (www.shadowstackre.com)
in netsec@lemmy.world from repostbot33@lemmy.world on 13 Mar 2024 12:00
comments (0)

Unveiling the Ultimate Pentesting Distro: Perfectly Tailored for Ubuntu Aficionados! (snoopgod.com)
in netsec@lemmy.world from repostbot33@lemmy.world on 12 Mar 2024 21:00
comments (0)

GhostRace - Exploiting and Mitigating Speculative Race Conditions (CVE-2024-2193) (www.vusec.net)
in netsec@lemmy.world from repostbot33@lemmy.world on 12 Mar 2024 21:00
comments (0)

Decoding ScamClub’s Malicious VAST Attack (www.geoedge.com)
in netsec@lemmy.world from repostbot33@lemmy.world on 12 Mar 2024 18:00
comments (1)

Introducing WebTunnel | Tor Project (blog.torproject.org)
in netsec@lemmy.world from repostbot33@lemmy.world on 12 Mar 2024 18:00
comments (1)

Malware Pulse - Proactive command and control server discovery hub (malpulse.com)
in netsec@lemmy.world from repostbot33@lemmy.world on 12 Mar 2024 15:00
comments (0)

Patch Tuesday Diffing: CVE-2024–20696 — Windows Libarchive RCE (medium.com)
in netsec@lemmy.world from repostbot33@lemmy.world on 12 Mar 2024 15:00
comments (0)

AI Powered Sensitive Information Detection (github.com)
in netsec@lemmy.world from repostbot33@lemmy.world on 12 Mar 2024 12:00
comments (0)

How we built an AI-Powered Multi Terrain Hacking Robot (www.berylliumsec.com)
in netsec@lemmy.world from repostbot33@lemmy.world on 12 Mar 2024 03:00
comments (0)

Presenting Scanme: Deep Dive into Network Scanning with Golang: Building a Port Scanner (cyberroute.github.io)
in netsec@lemmy.world from repostbot33@lemmy.world on 11 Mar 2024 21:00
comments (0)

Practical and Theoretical Attacks in the Industrial Landscape (Part 2) (claroty.com)
in netsec@lemmy.world from repostbot33@lemmy.world on 11 Mar 2024 21:00
comments (0)

ShellFeck: A BrainF*ck Inspired Shell Obfuscation Proof-of-Concept (github.com)
in netsec@lemmy.world from repostbot33@lemmy.world on 11 Mar 2024 18:00
comments (0)

CVE-2024-28084 iwd double-free in beacon parsing (www.supernetworks.org)
in netsec@lemmy.world from repostbot33@lemmy.world on 11 Mar 2024 18:00
comments (0)

CVE-2023-49785 SSRF in NextChat: An AI Chatbot That Lets You Talk to Anyone You Want To (www.horizon3.ai)
in netsec@lemmy.world from repostbot33@lemmy.world on 11 Mar 2024 15:00
comments (0)

Introduction to LLM Security (blog.cloudsecuritypartners.com)
in netsec@lemmy.world from repostbot33@lemmy.world on 11 Mar 2024 15:00
comments (0)

CVE-2024–23897 – Arbitrary file read in Jenkins (blog.securelayer7.net)
in netsec@lemmy.world from repostbot33@lemmy.world on 11 Mar 2024 12:00
comments (0)

New OpenSecurityTraining2 class: "Trusted Computing 1101: Introductory Trusted Platform Module (TPM) usage" by Dimi Tomov of TPM.dev (ost2.fyi)
in netsec@lemmy.world from repostbot33@lemmy.world on 11 Mar 2024 12:00
comments (0)

Analyze installed Android app for security risks in Termux using APKDeepLens (www.mobile-hacker.com)
in netsec@lemmy.world from repostbot33@lemmy.world on 11 Mar 2024 09:00
comments (0)

GitHub - thiagopeixoto/winsos-poc: A PoC demonstrating code execution via DLL Side-Loading in WinSxS binaries. (github.com)
in netsec@lemmy.world from repostbot33@lemmy.world on 11 Mar 2024 00:00
comments (0)

Behind the doors of a Chinese hacking company, a sordid culture fuelled by influence, alcohol and sex (www.ctvnews.ca)
in netsec@lemmy.world from repostbot33@lemmy.world on 09 Mar 2024 00:00
comments (3)

Undisclosed PHP Remote Code Execution / Arbitrary File Read Vulnerabilities in RaspAP (dustri.org)
in netsec@lemmy.world from repostbot33@lemmy.world on 09 Mar 2024 00:00
comments (0)

Docker containers under attack in new malware campaign (www.shadowstackre.com)
in netsec@lemmy.world from repostbot33@lemmy.world on 08 Mar 2024 18:00
comments (0)

pgAdmin (<=8.3) Path Traversal in Session Handling Leads to Unsafe Deserialization and Remote Code Execution (RCE) - Shielder (www.shielder.com)
in netsec@lemmy.world from repostbot33@lemmy.world on 08 Mar 2024 15:00
comments (0)

Git-Rotate: Leveraging GitHub Actions to Bypass Microsoft Entra Smart Lockout (research.aurainfosec.io)
in netsec@lemmy.world from repostbot33@lemmy.world on 07 Mar 2024 21:00
comments (0)

Introducing CloudGrappler: An Open-Source Threat Detection Tool for AWS and Azure (permiso.io)
in netsec@lemmy.world from repostbot33@lemmy.world on 07 Mar 2024 18:00
comments (0)

HappyCamper: Doubling Down On Naming Space Location Randomization (NSLR) (www.karma-x.io)
in netsec@lemmy.world from repostbot33@lemmy.world on 07 Mar 2024 18:00
comments (0)

Source Code Disclosure in ASP.NET via Cookieless Sessions (swarm.ptsecurity.com)
in netsec@lemmy.world from repostbot33@lemmy.world on 07 Mar 2024 15:00
comments (0)

Clickstudios Passwordstate - Potential authentication bypass issue [High Severity] (CVE-Pending) (www.clickstudios.com.au)
in netsec@lemmy.world from repostbot33@lemmy.world on 07 Mar 2024 06:00
comments (0)

Code injection on Android without ptrace (erfur.github.io)
in netsec@lemmy.world from repostbot33@lemmy.world on 06 Mar 2024 21:00
comments (0)

CVE-2024-1403: Progress OpenEdge Authentication Bypass Deep-Dive, IOCs, and Exploit (www.horizon3.ai)
in netsec@lemmy.world from repostbot33@lemmy.world on 06 Mar 2024 18:00
comments (0)

Kali NetHunter now supports Bad Bluetooth HID attacks to inject keystrokes wirelessly (www.mobile-hacker.com)
in netsec@lemmy.world from repostbot33@lemmy.world on 06 Mar 2024 12:00
comments (0)

Bypassing CSP with Form Hijacking (portswigger.net)
in netsec@lemmy.world from repostbot33@lemmy.world on 06 Mar 2024 09:00
comments (1)

Phrack #71: Call For Paper (www.phrack.org)
in netsec@lemmy.world from repostbot33@lemmy.world on 06 Mar 2024 06:00
comments (0)
dupe: netsec@lemmy.world (0)
dupe: netsec@lemmy.world (0)
dupe: netsec@lemmy.world (0)
dupe: netsec@lemmy.world (0)
dupe: netsec@lemmy.world (0)

List of 39 Documented Windows Persistence Techniques (pentestlab.blog)
in netsec@lemmy.world from repostbot33@lemmy.world on 05 Mar 2024 18:00
comments (0)

Release alert - EMBA firmware security analyzer v1.4.0 - ICS testing Edt. is out now (github.com)
in netsec@lemmy.world from repostbot33@lemmy.world on 05 Mar 2024 15:00
comments (0)

Persistence – Explorer (pentestlab.blog)
in netsec@lemmy.world from repostbot33@lemmy.world on 05 Mar 2024 15:00
comments (0)

Executed vs Loaded: a new dimension for Application Security with eBPF (www.oligo.security)
in netsec@lemmy.world from repostbot33@lemmy.world on 05 Mar 2024 15:00
comments (0)

Spoofed DNS queries and IP TTL triangulation (open.substack.com)
in netsec@lemmy.world from repostbot33@lemmy.world on 05 Mar 2024 15:00
comments (0)

Multiple vulnerabilities in RT-Thread RTOS (security.humanativaspa.it)
in netsec@lemmy.world from repostbot33@lemmy.world on 05 Mar 2024 12:00
comments (0)

Reverse Engineering Protobuf Definitions From Compiled Binaries (arkadiyt.com)
in netsec@lemmy.world from repostbot33@lemmy.world on 05 Mar 2024 06:00
comments (0)

Relishing new Fickling features for securing ML systems (blog.trailofbits.com)
in netsec@lemmy.world from repostbot33@lemmy.world on 05 Mar 2024 06:00
comments (0)

Getting Bored of Cyberwar: Exploring the Role of Low-level Cybercrime Actors in the Russia-Ukraine Conflict (arxiv.org)
in netsec@lemmy.world from repostbot33@lemmy.world on 05 Mar 2024 00:00
comments (0)

Smishing with EvilGophish (fin3ss3g0d.net)
in netsec@lemmy.world from repostbot33@lemmy.world on 05 Mar 2024 00:00
comments (0)

Planes, Ferries and Automobiles – How I Hacked Free Travel Across Iceland (www.debug.is)
in netsec@lemmy.world from repostbot33@lemmy.world on 04 Mar 2024 18:00
comments (0)

Have a look at the largest vulnerability database ever! Includes English translation of CNVD, CNNVD & BDU. (exploit.observer)
in netsec@lemmy.world from repostbot33@lemmy.world on 04 Mar 2024 18:00
comments (0)

Threat Brief: WordPress Exploit Leads to Godzilla Web Shell, Discovery & New CVE (thedfirreport.com)
in netsec@lemmy.world from repostbot33@lemmy.world on 04 Mar 2024 15:00
comments (0)

Persistence – Visual Studio Code Extensions (pentestlab.blog)
in netsec@lemmy.world from repostbot33@lemmy.world on 04 Mar 2024 15:00
comments (0)

On-Device Fraud on the rise: exposing a recent Copybara fraud campaign | Cleafy Labs (www.cleafy.com)
in netsec@lemmy.world from repostbot33@lemmy.world on 04 Mar 2024 15:00
comments (0)

BSidesSATX CFP is open (www.bsidessatx.com)
in netsec@lemmy.world from repostbot33@lemmy.world on 04 Mar 2024 12:00
comments (0)

HTTP 403 bypass tool (github.com)
in netsec@lemmy.world from repostbot33@lemmy.world on 04 Mar 2024 12:00
comments (0)

Dont Gamble With Risk - Quantitative Risk Modeling of Complex Event Chains (github.com)
in netsec@lemmy.world from repostbot33@lemmy.world on 04 Mar 2024 03:00
comments (0)

How to Make Nmap Recognize New Services (shufflingbytes.com)
in netsec@lemmy.world from repostbot33@lemmy.world on 03 Mar 2024 21:00
comments (0)