A crowd sourced compendium of modern Linux malware and offensive techniques
https://ift.tt/2WliOk5
Submitted July 27, 2021 at 04:17PM by timb_machine
via reddit https://ift.tt/3l2z4km
https://ift.tt/2WliOk5
Submitted July 27, 2021 at 04:17PM by timb_machine
via reddit https://ift.tt/3l2z4km
GitHub
GitHub - timb-machine/linux-malware: Tracking interesting Linux (and UNIX) malware. Send PRs
Tracking interesting Linux (and UNIX) malware. Send PRs - GitHub - timb-machine/linux-malware: Tracking interesting Linux (and UNIX) malware. Send PRs
We’re in the Uncanny Valley of Information Security
https://ift.tt/3l0AHit
Submitted July 27, 2021 at 06:14PM by tucows_carl
via reddit https://ift.tt/2UKqOed
https://ift.tt/3l0AHit
Submitted July 27, 2021 at 06:14PM by tucows_carl
via reddit https://ift.tt/2UKqOed
Medium
We’re in the Uncanny Valley of Information Security
As technology evolves, so too must information security.
Pre-Auth RCE in Moodle Part I - PHP Object Injection in Shibboleth
https://ift.tt/3zLliXz
Submitted July 27, 2021 at 07:26PM by haxolotls
via reddit https://ift.tt/3rD5za6
https://ift.tt/3zLliXz
Submitted July 27, 2021 at 07:26PM by haxolotls
via reddit https://ift.tt/3rD5za6
Haxolot
Pre-Auth RCE in Moodle Part I - PHP Object Injection in Shibboleth
It was found that the Shibboleth authentication module of Moodle suffers from a beautiful Remote Code Execution vulnerability from the unauthenticated perspective. This is widely used among universities to allow students from one university to authenticate…
Generating Secure Passwords for Linux Servers
https://ift.tt/3zF2Qj9
Submitted July 27, 2021 at 07:37PM by Unprotectedtxt
via reddit https://ift.tt/2VbCB4Y
https://ift.tt/3zF2Qj9
Submitted July 27, 2021 at 07:37PM by Unprotectedtxt
via reddit https://ift.tt/2VbCB4Y
Linux Systems Analyst | Hayden James
Generating Secure Passwords for your Linux Server
Sysadmins will often have to set up new servers or harden existing server passwords during security audits. As a result, secure passwords have to be
Google launches new vulnerability reward platform
https://ift.tt/3BKkh3G
Submitted July 27, 2021 at 08:17PM by pimterry
via reddit https://ift.tt/3i8NhdS
https://ift.tt/3BKkh3G
Submitted July 27, 2021 at 08:17PM by pimterry
via reddit https://ift.tt/3i8NhdS
Google Online Security Blog
A new chapter for Google’s Vulnerability Reward Program
Posted by Jan Keller, Technical Program Manager, Google VRP A little over 10 years ago , we launched our Vulnerability Rewards Program (VR...
Oscorp evolves into UBEL: an Android malware spreading across the globe | Cleafy Labs
https://ift.tt/2UNZonM
Submitted July 27, 2021 at 08:07PM by f3d_0x0
via reddit https://ift.tt/3l1rDKn
https://ift.tt/2UNZonM
Submitted July 27, 2021 at 08:07PM by f3d_0x0
via reddit https://ift.tt/3l1rDKn
Cleafy
Oscorp evolves into UBEL: an Android malware spreading across the globe | Cleafy Labs
The Android malware Oscorp keeps evolving. UBEL was born, a new advanced threat targeting banks across the globe: here is the full technical report
Tokyo 2020 Olympic Games event volunteers and ticket holders' credentials were allegedly stolen after a data breach❗
https://ift.tt/3yaj3fQ
Submitted July 27, 2021 at 09:18PM by Aggressive_Project
via reddit https://ift.tt/3f053xI
https://ift.tt/3yaj3fQ
Submitted July 27, 2021 at 09:18PM by Aggressive_Project
via reddit https://ift.tt/3f053xI
VPNRanks
Tokyo 2020 Olympics Hit By Data Breach - Information Leaked Online
Tokyo 2020 Olympics Game hit by a massive data breach, where username and passwords of ticketholders and volunteers were reportedly compromised.
Our shared common weaknesses - A breakdown of CVEs in 2021 so far
https://ift.tt/3BOXdAM
Submitted July 28, 2021 at 12:30AM by Photogurt
via reddit https://ift.tt/3eZG1is
https://ift.tt/3BOXdAM
Submitted July 28, 2021 at 12:30AM by Photogurt
via reddit https://ift.tt/3eZG1is
GitHub Security Lab
Our shared common weaknesses
An overview of 2021’s vulnerabilities so far.
That is so true!!! Sitting ducks and the people that connect end up becoming backdoors.
https://ift.tt/3f19s3q
Submitted July 28, 2021 at 08:32AM by chumze_simius
via reddit https://ift.tt/2TJQsze
https://ift.tt/3f19s3q
Submitted July 28, 2021 at 08:32AM by chumze_simius
via reddit https://ift.tt/2TJQsze
The Diplomat
Hotels and Free Wi-Fi Are Sitting Ducks for North Korean Cybercriminals
North Korea has a track record of conducting sophisticated cyberattacks from unexpected locations through highly creative means.
Use SQL to query AbuseIPDB deny lists and IP reports (open source)
https://ift.tt/375f6gQ
Submitted July 28, 2021 at 08:42AM by e-gineer
via reddit https://ift.tt/3zH0NuR
https://ift.tt/375f6gQ
Submitted July 28, 2021 at 08:42AM by e-gineer
via reddit https://ift.tt/3zH0NuR
Steampipe Hub
AbuseIPDB Plugin for Steampipe
Query AbuseIPDB with SQL! Open source CLI. No DB required.
California Smart Card Vaccine Data Reader, statically hosted client side
https://ift.tt/375THnu
Submitted July 28, 2021 at 11:51AM by wifihack
via reddit https://ift.tt/3zDvgtK
https://ift.tt/375THnu
Submitted July 28, 2021 at 11:51AM by wifihack
via reddit https://ift.tt/3zDvgtK
GitHub
GitHub - dxa4481/SmartHealthCardViewer: Smart Health Card Viewer, view your California Smart Health Card Vaccination record
Smart Health Card Viewer, view your California Smart Health Card Vaccination record - GitHub - dxa4481/SmartHealthCardViewer: Smart Health Card Viewer, view your California Smart Health Card Vaccin...
BloodHound versus Ransomware: A Defender’s Guide
https://ift.tt/3g2ugZm
Submitted July 28, 2021 at 12:17PM by 0xdea
via reddit https://ift.tt/3l55riw
https://ift.tt/3g2ugZm
Submitted July 28, 2021 at 12:17PM by 0xdea
via reddit https://ift.tt/3l55riw
SpecterOps
Lateral Movement from Azure to On-Prem AD | SpecterOps
Explore lateral movement from Azure AD to on-prem AD using Microsoft Endpoint Manager. Learn how hybrid devices can be exploited for cross-domain attacks.
Tutorial on finding and exploiting race condition bugs, with included 0days
https://ift.tt/3iLrwzI
Submitted July 28, 2021 at 01:40AM by 0daywizard
via reddit https://ift.tt/3zGRSK2
https://ift.tt/3iLrwzI
Submitted July 28, 2021 at 01:40AM by 0daywizard
via reddit https://ift.tt/3zGRSK2
0xFFFF@blog:~$
Winning the race: Signals, symlinks, and TOC/TOU
Introduction: So, before we dive right into things, just a few bits of advice; some programming knowledge, an understanding of what symbolic linking is within *nix and how it works, and also an und…
Revealin - Exploits a design flaw in Linkedin to uncover the fullname of a target when he has his name masked.
https://ift.tt/3x3I0bC
Submitted July 28, 2021 at 02:13PM by mxrchreborn
via reddit https://ift.tt/3BZbX0e
https://ift.tt/3x3I0bC
Submitted July 28, 2021 at 02:13PM by mxrchreborn
via reddit https://ift.tt/3BZbX0e
GitHub
GitHub - mxrch/revealin: Uncover the full name of a target on Linkedin.
Uncover the full name of a target on Linkedin. Contribute to mxrch/revealin development by creating an account on GitHub.
FACT SHEET: Biden Administration Announces Further Actions to Protect U.S. Critical Infrastructure | The White House
https://ift.tt/3iW7IcZ
Submitted July 28, 2021 at 07:47PM by HumanSuitcase
via reddit https://ift.tt/2UXL7Vt
https://ift.tt/3iW7IcZ
Submitted July 28, 2021 at 07:47PM by HumanSuitcase
via reddit https://ift.tt/2UXL7Vt
The White House
FACT SHEET: Biden Administration Announces Further Actions to Protect U.S. Critical Infrastructure
The Biden Administration continues to take steps to safeguard U.S. critical infrastructure from growing, persistent, and sophisticated cyber threats. Recent high-profile attacks on critical infrastructure around the world, including the ransomware attacks…
From Stolen Laptop to Inside the Company Network
https://ift.tt/3l1Qf5C
Submitted July 28, 2021 at 07:36PM by 312sec
via reddit https://ift.tt/3BPgMsF
https://ift.tt/3l1Qf5C
Submitted July 28, 2021 at 07:36PM by 312sec
via reddit https://ift.tt/3BPgMsF
Devtron - Opensource Kubernetes delivery Workflow for CI/CD with security features like Granular Hierarchical Security policy Management, Automatic Vulnerability management during CI as well as within cluster.
https://ift.tt/3l7jJyP
Submitted July 28, 2021 at 09:03PM by pghildiy
via reddit https://ift.tt/3rMeTIL
https://ift.tt/3l7jJyP
Submitted July 28, 2021 at 09:03PM by pghildiy
via reddit https://ift.tt/3rMeTIL
GitHub
devtron/security-features.md at main · devtron-labs/devtron
Software Delivery Workflow For Kubernetes. Contribute to devtron-labs/devtron development by creating an account on GitHub.
Detecting potential exploits of CVE-2021-33909 "Sequoia" with Falco - Linux FS privilege escalation
https://ift.tt/3l2Gap2
Submitted July 28, 2021 at 11:12PM by capitangolo
via reddit https://ift.tt/2WuUEDY
https://ift.tt/3l2Gap2
Submitted July 28, 2021 at 11:12PM by capitangolo
via reddit https://ift.tt/2WuUEDY
Sysdig
Mitigate CVE-2021-33909 Sequoia - Linux FS privilege escalation
CVE-2021-33909, codenamed Sequoia, affects Linux's file system and enables privilege escalation. Learn how to mitigate and detect it.
GitHub - DigeeX/raider: Web authentication testing framework
https://ift.tt/3rtDdyV
Submitted July 28, 2021 at 11:55PM by dgeex
via reddit https://ift.tt/378Cp9w
https://ift.tt/3rtDdyV
Submitted July 28, 2021 at 11:55PM by dgeex
via reddit https://ift.tt/378Cp9w
GitHub
GitHub - DigeeX/raider: Web authentication testing framework
Web authentication testing framework. Contribute to DigeeX/raider development by creating an account on GitHub.
ligolo-ng: An advanced, yet simple, tunneling tool that uses a TUN interface.
https://ift.tt/2URAnIm
Submitted July 28, 2021 at 07:28PM by TNPitsecurity
via reddit https://ift.tt/3BUlTI7
https://ift.tt/2URAnIm
Submitted July 28, 2021 at 07:28PM by TNPitsecurity
via reddit https://ift.tt/3BUlTI7
GitHub
GitHub - nicocha30/ligolo-ng: An advanced, yet simple, tunneling/pivoting tool that uses a TUN interface.
An advanced, yet simple, tunneling/pivoting tool that uses a TUN interface. - nicocha30/ligolo-ng
Marketo marketplace leak personal data from the Homewood attack
https://ift.tt/3rFTjWw
Submitted July 29, 2021 at 07:18AM by MathematicianFit2805
via reddit https://ift.tt/3zQTalV
https://ift.tt/3rFTjWw
Submitted July 29, 2021 at 07:18AM by MathematicianFit2805
via reddit https://ift.tt/3zQTalV
British Columbia
Unknown number of British Columbians' personal information for sale online after health company extorted
CTV News has learned the personal information of British Columbians has been leaked online, with an unknown number of people and agencies potentially still vulnerable, after a data breach at a mental health services provider.