Login
FreshRSS
Login
Secure Planet Training Courses Updated For 2019 - Click Here
Main stream
Favourites (0)
My labels
Security
/r/netsec - Information Security News & Discussion
Dark Reading:
ICS-CERT Alert Feed
InfoSec Resources
Infosec Island Latest Articles
Krebs on Security
McAfee Blogs
Naked Security
News ≈ Packet Storm
Paul's Security Weekly
SANS Internet Storm Center, InfoCON: green
Security – Cisco Blog
SecurityFocus News
The Hacker News
The Register - Security
The first stop for security news | Threatpost
Threatpost | The first stop for security news
Troy Hunt
Verisign Blog
WIRED
WeLiveSecurity
ZDNet | security RSS
http://blog.trendmicro.com/feed
Tools
KitPloit - PenTest Tools!
Security Tool Files ≈ Packet Storm
ToolsWatch.org – The Hackers Arsenal Tools Portal
Vulnerabilities
Advisory Files ≈ Packet Storm
Exploit-DB Updates
Full Disclosure
SecurityFocus Vulnerabilities
There are new available articles, click to refresh the page.
/r/netsec - Information Security News & Discussion
New EMBA firmware analyzer release - EMBA v1.2.3 - R.I.P. Binwalk
By:
/u/_m-1-k-3_
— May 11
th
2023 at 14:03
submitted by
/u/_m-1-k-3_
[link]
[comments]
/r/netsec - Information Security News & Discussion
RET2ASLR - return instructions from other processes can leak pointers through the Branch Target Buffer (BTB) in a reversed spectre-BTI like scenario
By:
/u/Gallus
— May 11
th
2023 at 11:44
submitted by
/u/Gallus
[link]
[comments]
/r/netsec - Information Security News & Discussion
Cracked password analytics with Kraken
By:
/u/0xdea
— May 11
th
2023 at 10:00
submitted by
/u/0xdea
[link]
[comments]
/r/netsec - Information Security News & Discussion
Bypass IIS Authorisation with this One Weird Trick - Three RCEs and Two Auth Bypasses in Sitecore 9.3
By:
/u/Mempodipper
— May 11
th
2023 at 08:56
submitted by
/u/Mempodipper
[link]
[comments]
/r/netsec - Information Security News & Discussion
Open Operational Technology Testing Guide (OOTTG)
By:
/u/pizzahax
— May 11
th
2023 at 08:48
submitted by
/u/pizzahax
[link]
[comments]
/r/netsec - Information Security News & Discussion
Testing a new encrypted messaging app's extraordinary claims
By:
/u/crnkovic_
— May 10
th
2023 at 23:20
submitted by
/u/crnkovic_
[link]
[comments]
/r/netsec - Information Security News & Discussion
Security Audit of BlindAI Core, an open source ML deployment solution with Intel SGX enclave
By:
/u/Wooden_Rip_2341
— May 10
th
2023 at 17:41
submitted by
/u/Wooden_Rip_2341
[link]
[comments]
/r/netsec - Information Security News & Discussion
ChatGPT-Assisted Implant Development, Part 1.
By:
/u/fullspectrumdev
— May 10
th
2023 at 15:39
submitted by
/u/fullspectrumdev
[link]
[comments]
/r/netsec - Information Security News & Discussion
Stockfish, a very popular chess engine, has a buffer overflow vulnerability due to unsanatized input
By:
/u/Diesl
— May 10
th
2023 at 11:54
submitted by
/u/Diesl
[link]
[comments]
/r/netsec - Information Security News & Discussion
Latest Developments in Unblob (Firmware Extraction Tool)
By:
/u/g_e_r_h_a_r_d
— May 10
th
2023 at 06:54
submitted by
/u/g_e_r_h_a_r_d
[link]
[comments]
/r/netsec - Information Security News & Discussion
PwnAssistant - Controlling /home's via a Home Assistant RCE
By:
/u/ffyns
— May 10
th
2023 at 01:24
submitted by
/u/ffyns
[link]
[comments]
/r/netsec - Information Security News & Discussion
Escaping Parallels Desktop with Plist Injection
By:
/u/DOTheLOGA
— May 9
th
2023 at 22:39
submitted by
/u/DOTheLOGA
[link]
[comments]
/r/netsec - Information Security News & Discussion
An analysis of partial/intermittent encryption, along with our newest OSS ransomware recovery tool...WHITE PHOENIX.
By:
/u/jat0369
— May 9
th
2023 at 21:48
submitted by
/u/jat0369
[link]
[comments]
/r/netsec - Information Security News & Discussion
An AWS IAM Wishlist
By:
/u/VariousAd5147
— May 9
th
2023 at 21:38
submitted by
/u/VariousAd5147
[link]
[comments]
/r/netsec - Information Security News & Discussion
Using AI to find software vulnerabilities in XNU
By:
/u/TimGMichaud
— May 9
th
2023 at 17:47
submitted by
/u/TimGMichaud
[link]
[comments]
/r/netsec - Information Security News & Discussion
Introducing resocks - An Encrypted Back-Connect SOCKS Proxy for Network Pivoting
By:
/u/RedTeamPentesting
— May 9
th
2023 at 15:43
submitted by
/u/RedTeamPentesting
[link]
[comments]
/r/netsec - Information Security News & Discussion
A smorgasbord of a bug chain: postMessage, JSONP, WAF bypass, DOM-based XSS, CORS, CSRF...
By:
/u/poltess0
— May 9
th
2023 at 09:22
submitted by
/u/poltess0
[link]
[comments]
/r/netsec - Information Security News & Discussion
Backdooring Electron Apps
By:
/u/nv1t
— May 9
th
2023 at 07:24
submitted by
/u/nv1t
[link]
[comments]
/r/netsec - Information Security News & Discussion
Guardians of the Network: Exploring the World of Intrusion Detection and Prevention Systems
By:
/u/Smooth-Obligation181
— May 9
th
2023 at 05:26
submitted by
/u/Smooth-Obligation181
[link]
[comments]
/r/netsec - Information Security News & Discussion
Vulnerability Analysis with Ghidra Scripting
By:
/u/cy1337
— May 8
th
2023 at 22:20
submitted by
/u/cy1337
[link]
[comments]
/r/netsec - Information Security News & Discussion
GitHub - almandin/ntdsdotsqlite: A small utility to translate NTDS.dit files to SQLite format.
By:
/u/almandin_jv
— May 8
th
2023 at 17:47
submitted by
/u/almandin_jv
[link]
[comments]
/r/netsec - Information Security News & Discussion
PRFs, PRPs and other fantastic things
By:
/u/feross
— May 8
th
2023 at 15:02
submitted by
/u/feross
[link]
[comments]
/r/netsec - Information Security News & Discussion
Backhand v0.12.0: Now supporting custom Squashfs images
By:
/u/arch_rust
— May 8
th
2023 at 11:29
submitted by
/u/arch_rust
[link]
[comments]
/r/netsec - Information Security News & Discussion
Building a Red Team Infrastructure in 2023
By:
/u/co1nc1dence
— May 8
th
2023 at 09:18
submitted by
/u/co1nc1dence
[link]
[comments]
/r/netsec - Information Security News & Discussion
ETWHash - "He who listens, shall receive" - Nettitude Labs
By:
/u/lefterispanos
— May 8
th
2023 at 07:10
submitted by
/u/lefterispanos
[link]
[comments]
/r/netsec - Information Security News & Discussion
Evading MDATP for Full Endpoint Compromising
By:
/u/florilsk
— May 7
th
2023 at 20:27
submitted by
/u/florilsk
[link]
[comments]
/r/netsec - Information Security News & Discussion
Breaking down Reverse shell commands
By:
/u/adityatelange
— May 7
th
2023 at 16:34
submitted by
/u/adityatelange
[link]
[comments]
/r/netsec - Information Security News & Discussion
Dependabot Confusion: Gaining Access to Private GitHub Repositories using Dependabot
By:
/u/giraffesecurity
— May 6
th
2023 at 19:38
submitted by
/u/giraffesecurity
[link]
[comments]
/r/netsec - Information Security News & Discussion
I created a GitHub repo for learning application security from scratch. It's perfect for beginners and includes a comprehensive list of reference links. But it's not complete yet! Contributors are welcome to add more details.
By:
/u/Ano_F
— May 6
th
2023 at 18:26
submitted by
/u/Ano_F
[link]
[comments]
/r/netsec - Information Security News & Discussion
Cookie Bugs - Smuggling & Injection
By:
/u/albinowax
— May 6
th
2023 at 08:42
submitted by
/u/albinowax
[link]
[comments]
/r/netsec - Information Security News & Discussion
gowhois - Support for various whois servers
By:
/u/oil_sardine
— May 6
th
2023 at 03:46
submitted by
/u/oil_sardine
[link]
[comments]
/r/netsec - Information Security News & Discussion
Google Chrome WebRTC RTCStatsCollector out of bounds memory access vulnerability
By:
/u/Gallus
— May 5
th
2023 at 11:23
submitted by
/u/Gallus
[link]
[comments]
/r/netsec - Information Security News & Discussion
Redash SAML Authentication Bypass
By:
/u/albinowax
— May 5
th
2023 at 09:33
submitted by
/u/albinowax
[link]
[comments]
/r/netsec - Information Security News & Discussion
Remote Bitcoin Upstream Drain / Financial Attack
By:
/u/SharpAd1823
— May 5
th
2023 at 07:51
submitted by
/u/SharpAd1823
[link]
[comments]
/r/netsec - Information Security News & Discussion
PaperCut Exploitation: A Different Path to Code Execution
By:
/u/chicksdigthelongrun
— May 4
th
2023 at 14:31
submitted by
/u/chicksdigthelongrun
[link]
[comments]
/r/netsec - Information Security News & Discussion
Introducing SpiderSuite: Advance web security crawler
By:
/u/3nock_N
— May 4
th
2023 at 13:14
submitted by
/u/3nock_N
[link]
[comments]
/r/netsec - Information Security News & Discussion
I had a machine running for two weeks on the public cloud. Every few seconds there was an automated SSH login attempt. Here is the full list of usernames - some of which are quite curious.
By:
/u/scared_codeless
— May 4
th
2023 at 11:09
submitted by
/u/scared_codeless
[link]
[comments]
/r/netsec - Information Security News & Discussion
Uncovering drIBAN fraud operations - Chapter 1 | Cleafy Labs
By:
/u/f3d_0x0
— May 4
th
2023 at 10:13
submitted by
/u/f3d_0x0
[link]
[comments]
/r/netsec - Information Security News & Discussion
From Chaos to Clarity: How to Secure Your Supply Chain with Attestations
By:
/u/BarakScribe
— May 4
th
2023 at 09:13
submitted by
/u/BarakScribe
[link]
[comments]
/r/netsec - Information Security News & Discussion
Apache Solr 8.3.1 RCE from exposed administration interface
By:
/u/IIIWeedWizard420III
— May 4
th
2023 at 07:04
submitted by
/u/IIIWeedWizard420III
[link]
[comments]
/r/netsec - Information Security News & Discussion
How to Analyze Java Malware – A Case Study of STRRAT
By:
/u/CyberMasterV
— May 4
th
2023 at 06:16
submitted by
/u/CyberMasterV
[link]
[comments]
/r/netsec - Information Security News & Discussion
So long passwords, thanks for all the phish
By:
/u/ScottContini
— May 3
rd
2023 at 23:08
submitted by
/u/ScottContini
[link]
[comments]
/r/netsec - Information Security News & Discussion
Java Exploitation Restrictions in Modern JDK Times
By:
/u/Tough_Indication_710
— April 30
th
2023 at 15:40
submitted by
/u/Tough_Indication_710
[link]
[comments]
/r/netsec - Information Security News & Discussion
Evasive Panda APT group delivers malware via updates for popular Chinese software
By:
/u/montouesto
— April 30
th
2023 at 12:11
submitted by
/u/montouesto
[link]
[comments]
/r/netsec - Information Security News & Discussion
OpenPubkey adds public keys to OpenID (OIDC) without breaking compatibility with IDPs
By:
/u/xor_rotate
— May 3
rd
2023 at 18:05
submitted by
/u/xor_rotate
[link]
[comments]
/r/netsec - Information Security News & Discussion
Vulnerability Spotlight: Vulnerabilities in IBM AIX could lead to command injection with elevated privileges
By:
/u/timb_machine
— May 3
rd
2023 at 15:41
submitted by
/u/timb_machine
[link]
[comments]
/r/netsec - Information Security News & Discussion
Dracon – Open Source ASOC got major upgrades
By:
/u/___foo_bar___
— May 3
rd
2023 at 15:26
submitted by
/u/___foo_bar___
[link]
[comments]
/r/netsec - Information Security News & Discussion
RecordBreaker Stealer Distributed via Hacked YouTube Accounts
By:
/u/montouesto
— May 3
rd
2023 at 15:10
submitted by
/u/montouesto
[link]
[comments]
/r/netsec - Information Security News & Discussion
Reverse engineering tricks: identifying opaque network protocols
By:
/u/iagox86
— May 3
rd
2023 at 14:32
submitted by
/u/iagox86
[link]
[comments]
/r/netsec - Information Security News & Discussion
Rapture, a Ransomware Family With Similarities to Paradise
By:
/u/montouesto
— May 3
rd
2023 at 05:41
submitted by
/u/montouesto
[link]
[comments]
/r/netsec - Information Security News & Discussion
Exploring Algorithm Confusion Attacks on JWT: Exploiting ECDSA
By:
/u/Gallus
— May 2
nd
2023 at 22:51
submitted by
/u/Gallus
[link]
[comments]
/r/netsec - Information Security News & Discussion
A Guide to Privilege Escalation with AWS Identity Center (formerly known as AWS SSO)
By:
/u/jsonpile
— May 2
nd
2023 at 17:08
submitted by
/u/jsonpile
[link]
[comments]
/r/netsec - Information Security News & Discussion
Easy Pentest Reporting Tool SysReptor released (Community Edition)
By:
/u/Pleasant-Drawer729
— May 2
nd
2023 at 13:52
submitted by
/u/Pleasant-Drawer729
[link]
[comments]
/r/netsec - Information Security News & Discussion
Databricks platform root privilege escalation and bypassing cluster isolation
By:
/u/0x9000
— May 2
nd
2023 at 13:12
submitted by
/u/0x9000
[link]
[comments]
/r/netsec - Information Security News & Discussion
Exploiting an Order of Operations Bug to Achieve RCE in Oracle Opera
By:
/u/Mempodipper
— May 2
nd
2023 at 04:19
submitted by
/u/Mempodipper
[link]
[comments]
/r/netsec - Information Security News & Discussion
CoinMiner (KONO DIO DA) Distributed to Linux SSH Servers
By:
/u/montouesto
— May 2
nd
2023 at 03:23
submitted by
/u/montouesto
[link]
[comments]
/r/netsec - Information Security News & Discussion
[PAPERBUG] Nomadic Octopus’ Paperbug Campaign
By:
/u/wtfse
— May 1
st
2023 at 16:36
submitted by
/u/wtfse
[link]
[comments]
/r/netsec - Information Security News & Discussion
Practical Risks to Machine Learning Systems -- Pickle Serialization of Shared Models
By:
/u/SUPACOMPUTA
— May 1
st
2023 at 15:41
submitted by
/u/SUPACOMPUTA
[link]
[comments]
/r/netsec - Information Security News & Discussion
Finding XSS in a million websites (cPanel CVE-2023-29489)
By:
/u/Mempodipper
— April 27
th
2023 at 01:12
submitted by
/u/Mempodipper
[link]
[comments]
/r/netsec - Information Security News & Discussion
Azure DevOps CICD Pipelines - Command Injection with Parameters, Variables and a discussion on Runner hijacking
By:
/u/MysteriousHotel3017
— May 1
st
2023 at 08:42
submitted by
/u/MysteriousHotel3017
[link]
[comments]
Load more articles