FickerStealer: A New Rust Player in the Market
https://ift.tt/3kxbT1p
Submitted July 19, 2021 at 10:38PM by jat0369
via reddit https://ift.tt/3xUH7Dp
https://ift.tt/3kxbT1p
Submitted July 19, 2021 at 10:38PM by jat0369
via reddit https://ift.tt/3xUH7Dp
Cyberark
FickerStealer: A New Rust Player in the Market
This blog introduces a new information stealer, written in Rust and interestingly named FickerStealer. In this blog post, we provide an in-depth analysis of this new threat and its obfuscation...
I’m putting a WiFi router into a wall charger (Part 2)
https://ift.tt/3BcSLeS
Submitted July 20, 2021 at 02:10AM by Machinehum
via reddit https://ift.tt/3hQ0qrP
https://ift.tt/3BcSLeS
Submitted July 20, 2021 at 02:10AM by Machinehum
via reddit https://ift.tt/3hQ0qrP
Medium
I’m putting a WiFi router into a wall charger (Part 2)
This is the third part of a blog about putting a WiFi router into a phone charger; (see part zero here, see part one here) and feel free to…
Beaconator: A beacon generator using Cobalt Strike and PEzor.
https://ift.tt/3wQZvvH
Submitted July 20, 2021 at 02:32PM by CaptMeelo
via reddit https://ift.tt/3kHiiat
https://ift.tt/3wQZvvH
Submitted July 20, 2021 at 02:32PM by CaptMeelo
via reddit https://ift.tt/3kHiiat
GitHub
GitHub - capt-meelo/Beaconator: A beacon generator using Cobalt Strike and a variety of tools.
A beacon generator using Cobalt Strike and a variety of tools. - GitHub - capt-meelo/Beaconator: A beacon generator using Cobalt Strike and a variety of tools.
Cyberdefenders.org PacketMaze Challenge: Part 2 Wireshark Pcap analysis
https://ift.tt/3wMmhVq
Submitted July 20, 2021 at 05:37PM by thatmemforensicsguy
via reddit https://ift.tt/3eytfqD
https://ift.tt/3wMmhVq
Submitted July 20, 2021 at 05:37PM by thatmemforensicsguy
via reddit https://ift.tt/3eytfqD
Pegasus: eine Kompromittierung von Android- und iOS-Geräten erkennen
https://ift.tt/3kyF7Nm
Submitted July 20, 2021 at 07:20PM by JSilverhandSamurai
via reddit https://ift.tt/3BjAgFI
https://ift.tt/3kyF7Nm
Submitted July 20, 2021 at 07:20PM by JSilverhandSamurai
via reddit https://ift.tt/3BjAgFI
Tarnkappe.info
Pegasus: eine Kompromittierung von Android- und iOS-Geräten erkennen
Pegasus auf der Spur – mit dem Mobile Verification Toolkit (MVT) von Amnesty International, kann man die Spionage-Software nachweisen.
Sequoia: A Local Privilege Escalation Vulnerability in Linux’s Filesystem Layer (CVE-2021-33909) | Qualys Security Blog
https://ift.tt/3kyfRa1
Submitted July 20, 2021 at 07:14PM by ghost-train
via reddit https://ift.tt/3Bm3rYC
https://ift.tt/3kyfRa1
Submitted July 20, 2021 at 07:14PM by ghost-train
via reddit https://ift.tt/3Bm3rYC
Qualys Security Blog
Sequoia: A Local Privilege Escalation Vulnerability in Linux’s Filesystem Layer (CVE-2021-33909) | Qualys Security Blog
The Qualys Research Team has discovered a size_t-to-int type conversion vulnerability in the Linux Kernel’s filesystem layer affecting most Linux operating systems. Any unprivileged user can gain root…
CVE-2021-3438: 16 Years In Hiding - Millions of Printers Worldwide Vulnerable
https://ift.tt/3wUIGQi
Submitted July 20, 2021 at 09:14PM by Cyberthere
via reddit https://ift.tt/3xXcxcu
https://ift.tt/3wUIGQi
Submitted July 20, 2021 at 09:14PM by Cyberthere
via reddit https://ift.tt/3xXcxcu
SentinelOne
CVE-2021-3438: 16 Years In Hiding - Millions of Printers Worldwide Vulnerable - SentinelLabs
A high severity flaw in HP, Samsung and Xerox printer drivers has existed since 2005 and could lead to an escalation of privilege.
Some not so common information about netcat and some nice uses
https://ift.tt/3iyJ6H9
Submitted July 20, 2021 at 10:30PM by ikuamike
via reddit https://ift.tt/2UsI7A4
https://ift.tt/3iyJ6H9
Submitted July 20, 2021 at 10:30PM by ikuamike
via reddit https://ift.tt/2UsI7A4
blog.ikuamike.io
Netcat - All you need to know
Introduction Netcat is a tool that reads and writes data across network connections, using TCP or UDP protocol. Netcat has been referred to as the TCP/IP / networking swiss army knife. In this article we’ll look at different applications of netcat and how…
A case against security nihilism
https://ift.tt/36MN1dZ
Submitted July 21, 2021 at 12:46AM by feross
via reddit https://ift.tt/36L7H66
https://ift.tt/36MN1dZ
Submitted July 21, 2021 at 12:46AM by feross
via reddit https://ift.tt/36L7H66
A Few Thoughts on Cryptographic Engineering
A case against security nihilism
This week a group of global newspapers is running a series of articles detailing abuses of NSO Group’s Pegasus spyware. If you haven’t seen any of these articles, they’re worth re…
/r/netsec's Q3 2021 Information Security Hiring Thread
OverviewIf you have open positions at your company for information security professionals and would like to hire from the /r/netsec user base, please leave a comment detailing any open job listings at your company.We would also like to encourage you to post internship positions as well. Many of our readers are currently in school or are just finishing their education.Please reserve top level comments for those posting open positions.Rules & GuidelinesInclude the company name in the post. If you want to be topsykret, go recruit elsewhere. Include the geographic location of the position along with the availability of relocation assistance or remote work.If you are a third party recruiter, you must disclose this in your posting.Please be thorough and upfront with the position details.Use of non-hr'd (realistic) requirements is encouraged.While it's fine to link to the position on your companies website, provide the important details in the comment.Mention if applicants should apply officially through HR, or directly through you.Please clearly list citizenship, visa, and security clearance requirements.You can see an example of acceptable posts by perusing past hiring threads.FeedbackFeedback and suggestions are welcome, but please don't hijack this thread (use moderator mail instead.)
Submitted July 21, 2021 at 12:37AM by ranok
via reddit https://ift.tt/2UteUVG
OverviewIf you have open positions at your company for information security professionals and would like to hire from the /r/netsec user base, please leave a comment detailing any open job listings at your company.We would also like to encourage you to post internship positions as well. Many of our readers are currently in school or are just finishing their education.Please reserve top level comments for those posting open positions.Rules & GuidelinesInclude the company name in the post. If you want to be topsykret, go recruit elsewhere. Include the geographic location of the position along with the availability of relocation assistance or remote work.If you are a third party recruiter, you must disclose this in your posting.Please be thorough and upfront with the position details.Use of non-hr'd (realistic) requirements is encouraged.While it's fine to link to the position on your companies website, provide the important details in the comment.Mention if applicants should apply officially through HR, or directly through you.Please clearly list citizenship, visa, and security clearance requirements.You can see an example of acceptable posts by perusing past hiring threads.FeedbackFeedback and suggestions are welcome, but please don't hijack this thread (use moderator mail instead.)
Submitted July 21, 2021 at 12:37AM by ranok
via reddit https://ift.tt/2UteUVG
How to achieve enterprise-grade attack-surface monitoring with open source software
https://ift.tt/3zgq1QL
Submitted July 21, 2021 at 11:19AM by hakluke
via reddit https://ift.tt/3zkQnRK
https://ift.tt/3zgq1QL
Submitted July 21, 2021 at 11:19AM by hakluke
via reddit https://ift.tt/3zkQnRK
HΔKLUKΞ
How to achieve enterprise-grade attack-surface monitoring with open source software
How to achieve enterprise-grade attack-surface monitoring with open source software: SpiderFoot, bash, curl and cronjobs can go a long way.
REvil Ransomware Gang Mysteriously Disappears After High-Profile Attacks
https://ift.tt/36PaNWH
Submitted July 21, 2021 at 11:18AM by broken__beast0195
via reddit https://ift.tt/3xWwtfh
https://ift.tt/36PaNWH
Submitted July 21, 2021 at 11:18AM by broken__beast0195
via reddit https://ift.tt/3xWwtfh
TensorBugs
REvil Ransomware Gang Mysteriously Disappears After High-Profile Attacks
REvil, the infamous ransomware cartel behind some of the biggest cyberattacks targeting JBS and Kaseya, has mysteriously disappeared from the dark web
A hackers perspective on bug bounty triage
https://ift.tt/2UvRzmp
Submitted July 21, 2021 at 12:15PM by Mempodipper
via reddit https://ift.tt/36NmsVN
https://ift.tt/2UvRzmp
Submitted July 21, 2021 at 12:15PM by Mempodipper
via reddit https://ift.tt/36NmsVN
Shubham Shah
A hackers perspective on bug bounty triage
In the last few days, I have been able to have productive conversations with my peers in the bug bounty community including Patrik who works on the triage team and Luke who leads community efforts from HackerOne. Patrik has helped clear up misconceptions…
Summer of SAM - incorrect permissions on Windows 10/11 hives
https://ift.tt/2UBi6yy
Submitted July 21, 2021 at 11:55AM by 0xdea
via reddit https://ift.tt/3rnHlk1
https://ift.tt/2UBi6yy
Submitted July 21, 2021 at 11:55AM by 0xdea
via reddit https://ift.tt/3rnHlk1
SANS Internet Storm Center
InfoSec Handlers Diary Blog
Summer of SAM - incorrect permissions on Windows 10/11 hives, Author: Bojan Zdrnja
Ransomware Virtual Summit - July 29 - 30
https://ransomware.live
Submitted July 21, 2021 at 05:20PM by cyberxsec
via reddit https://ift.tt/3zkR6lU
https://ransomware.live
Submitted July 21, 2021 at 05:20PM by cyberxsec
via reddit https://ift.tt/3zkR6lU
www.ransomware.live
Ransomware.live 👀
Ransomware.live tracks & monitors ransomware groups' victims and their activity. It was created by Julien Mousqueton, a security researcher. The website provides information on Ransomware groups, victims, negotiations, and payment demands. It also includes…
Mindmap - Oracle Database Pentests with ODAT (Oracle Database Attacking Tool). Based on new ODAT version (v5.1)
https://ift.tt/1lI22w2
Submitted July 21, 2021 at 06:13PM by HeadProfessional
via reddit https://ift.tt/3wZrFV7
https://ift.tt/1lI22w2
Submitted July 21, 2021 at 06:13PM by HeadProfessional
via reddit https://ift.tt/3wZrFV7
GitHub
GitHub - quentinhardy/odat: ODAT: Oracle Database Attacking Tool
ODAT: Oracle Database Attacking Tool. Contribute to quentinhardy/odat development by creating an account on GitHub.
New Attacks on Kubernetes via Misconfigured Argo Workflows
https://ift.tt/2VWRc4y
Submitted July 21, 2021 at 08:19PM by Milafasents
via reddit https://ift.tt/3rpAuGM
https://ift.tt/2VWRc4y
Submitted July 21, 2021 at 08:19PM by Milafasents
via reddit https://ift.tt/3rpAuGM
Intezer
New Attacks on Kubernetes via Misconfigured Argo Workflows
Argo Workflows is an open-source, container-native workflow engine designed to run on K8s clusters.
Statically-linked ssh server with reverse shell functionality for CTFs
https://ift.tt/3xPnjBq
Submitted July 21, 2021 at 08:45PM by beleeee_dat
via reddit https://ift.tt/3eJ9RaO
https://ift.tt/3xPnjBq
Submitted July 21, 2021 at 08:45PM by beleeee_dat
via reddit https://ift.tt/3eJ9RaO
GitHub
GitHub - Fahrj/reverse-ssh: Statically-linked ssh server with reverse shell functionality for CTFs and such
Statically-linked ssh server with reverse shell functionality for CTFs and such - GitHub - Fahrj/reverse-ssh: Statically-linked ssh server with reverse shell functionality for CTFs and such
How is this domain redirecting to another website? If I manually go to the first link it shows as a wrong site, but if I click the link it goes to another website.
https://ift.tt/3eG8bid
Submitted July 21, 2021 at 09:43PM by tbilisi
via reddit https://ift.tt/2UrI5c0
https://ift.tt/3eG8bid
Submitted July 21, 2021 at 09:43PM by tbilisi
via reddit https://ift.tt/2UrI5c0
QilingLab: a series of challenges by Th3Zer0 to train your Qiling skills 💪🏾 -- solve 'em all and share your writeup!
https://ift.tt/3hTlEoI
Submitted July 21, 2021 at 10:10PM by smaury
via reddit https://ift.tt/3eGZ40I
https://ift.tt/3hTlEoI
Submitted July 21, 2021 at 10:10PM by smaury
via reddit https://ift.tt/3eGZ40I
Shielder
Shielder - QilingLab – Release
Release of the QilingLab challenge.
NPM Package "nodejs_net_server" caught Stealing user data from browser!
https://ift.tt/3BrxGh6
Submitted July 21, 2021 at 10:52PM by broken__beast0195
via reddit https://ift.tt/3iCEEHp
https://ift.tt/3BrxGh6
Submitted July 21, 2021 at 10:52PM by broken__beast0195
via reddit https://ift.tt/3iCEEHp
TensorBugs
NPM Package 'nodejs_net_server' caught Stealing user data from browser!
infoomagazines, news, latest, business