Posted in r/netsec by u/hermajordoctor • 1 point and 1 comment

Posted in r/netsec by u/thatmemforensicsguy • 7 points and 0 comments

Preface (日本語版も公開されています。) While PyPI has a security page, they don’t have a clear policy for vulnerability assessments.1 This article describes the vulnerabilities that were reported as potential vulnerabilities, using publicly available information. This…

The Print Spooler is responsible to manage and process printer jobs. It runs as a service with SYSTEM level privileges on windows environments. Abuse of the Print Spooler service is not new and suc…

The second quarter of 2021 was expected to be much quieter than the Q1 in DDoS attacks; hence we're looking at the late spring and early summer months of April, May and June, with somewhat cooled business buzz globally. Although, some attacking activity was…

Our Director of Cyber Threat Research, Kev Breen, recently discovered a vulnerability in a piece of stalkerware. What followed was a dilemma that has lasted months. Together, the Immersive Labs team has decided to help educate people on the dangers of stalkerware…

Learn how to Phish using EvilGinx2 and GoPhish

A while back, SecurityTrails announced that they would be running a contest dubbed

Posted in r/netsec by u/pimterry • 303 points and 30 comments

In the following post I go through how to escape from a truly air gapped network using Apple Wireless Direct Link -network and leveraging…

Find and fix security issues in your Android app’s code with AppSweep: a mobile application security testing solution, based on ProGuard technology.

A checklist of practices for organizations dealing with account takeover (ATO) - ato-checklist/README.md at master · magoo/ato-checklist

A walkthrough of my first experience in router hacking

I imagine we've all heard about the recent 'Sequoia' bug discovered by the Qualys Research team. It's a fascinating bug so I decided to do variant analysis using CodeQL!

Overview

Cookie and credential stealing malware-as-a-service delivered by dropper-as-a-service now packs a “clipper” to steal crypto-transactions, and can drop other malware.

Posted in r/netsec by u/Floni • 4 points and 0 comments

What is SAML? Security Assertion Markup Language (SAML) is an open standard for exchanging authentication and authorization data between parties.
Source: Wikipedia
SAML is often used for single-sign on (“Sign in with Google”, “Sign in with Twitter” etc.).…

If you walk down the streets of Serbia's capital, Belgrade, your face will almost certainly be recorded by one of the city's 1,000 Huawei security

Intro This report will go through an intrusion that went from an Excel file to domain wide ransomware. The threat actors used BazarCall to install Trickbot in the environment which downloaded and e…