Introduction 2 Factor Authentication is a subset of the multi factor authentication service that we see mainly in FinTech Apps. Some financial technology apps ask the user to enter a password, and MPIN, a TPIN, and finally another OTP based authentication…

Avanan researchers have uncovered an attack that takes advantage of an exploit in Google Docs

© Pirate Bay In a report, SophosLab said it learned of the existence of malware intended to prevent its victims from downloading illegally. Active between October 2020 and January 2021, this malwar…

red team, blue team, penetration testing, red teaming, threat hunting, digital forensics, incident response, cyber security, IT security

Technical analysis of an Antivirus killer RAT containing several methods of persistence and privilege escalation.

This article is about how I found a vulnerability on Apple forgot password endpoint that allowed me to takeover an iCloud account. The vulnerability is completely patched by Apple security team and it no longer works. Apple Security Team rewarded me $18,000…

Used Vehicles for sale in Rawalpindi 2021. Search good condition, cheap, discounted, well maintained, second hand vehicles for sale in Rawalpindi. Largest stock of genuine used vehicles trucks, buses, tractors, vans, riksha in Pakistan 2021 at Gari.pk.

Days ago a twitter post revealed a bug in iOS Wi-Fi service:

Hidden parameters discovery suite. Contribute to Sh1Yo/x8 development by creating an account on GitHub.

The Economist, Traitor, and Serenity

What Is OSINT? Open Source Intelligence (OSINT) is a methodology for collecting, analyzing, and decision-making using publicly available sources of data. According the Wikipedia, OSINT sources can …

Firewalla is an all-in-one intelligent Firewall that connects to your router and secures all of your digital things. It can protect your family and business from cyber threats, block ads, control kids' internet usage, and even protects you when you are out…

Pentester Academy’s Beginner AD Bootcamp and CRTP examination experience

Fuzzing Android Native libraries with libFuzzer + QEMU 🦥 TL;DR In this blog post, I will go through the process of why and how I built a new framework called Sloth 🦥, using which, I was able to fuzz …

Posted in r/netsec by u/gid0rah • 21 points and 0 comments

Windows Event Log Killer. Contribute to hlldz/Phant0m development by creating an account on GitHub.

Hello, I’m Shiga( @Ga_ryo_ ), a security engineer at Flatt Security Inc.

We're disclosing patched vulnerabilities in KDE Discover and the Gnome Shell Extensions website, as well as unpatched vulnerabilities in the PlingStore app and Pling-based Linux marketplace websites (e.g. appimagehub.com, store.kde.org, gnome-look.org).

Technical details of achieving cross-site noscripting (XSS) attacks by using HTML parsing logic where lexical parsers are used to nullify dangerous content.