NO STARTTLS
https://ift.tt/3lK6CnA
Submitted August 09, 2021 at 08:23PM by moviuro
via reddit https://ift.tt/3jCl9iG
https://ift.tt/3lK6CnA
Submitted August 09, 2021 at 08:23PM by moviuro
via reddit https://ift.tt/3jCl9iG
nostarttls.secvuln.info
NO STARTTLS
We present multiple vulnerabilities related to the use of STARTTLS
Why TLS is better without STARTTLS A Security Analysis of STARTTLS in the Email Context
https://ift.tt/3lK6CnA
Submitted August 09, 2021 at 09:24PM by moviuro
via reddit https://ift.tt/2Vvu4ul
https://ift.tt/3lK6CnA
Submitted August 09, 2021 at 09:24PM by moviuro
via reddit https://ift.tt/2Vvu4ul
nostarttls.secvuln.info
NO STARTTLS
We present multiple vulnerabilities related to the use of STARTTLS
Linux Privilege Escalation via package managers. Different ways you can gain a root shell when you have sudo permissions to run a package manager.
https://ift.tt/3jE9sIf
Submitted August 09, 2021 at 10:09PM by ikuamike
via reddit https://ift.tt/2VAYvii
https://ift.tt/3jE9sIf
Submitted August 09, 2021 at 10:09PM by ikuamike
via reddit https://ift.tt/2VAYvii
ikuamike
Linux Privilege Escalation - Package Managers
Learn to create malicious admission controller
https://ift.tt/3s3HN7c
Submitted August 09, 2021 at 10:25PM by Rewanth_Tammana
via reddit https://ift.tt/3jyx5BY
https://ift.tt/3s3HN7c
Submitted August 09, 2021 at 10:25PM by Rewanth_Tammana
via reddit https://ift.tt/3jyx5BY
Rewanth Tammana's Blog
Creating Malicious Admission Controllers
In this article, we will create a malicious admission controller, understand the technicalities, and analyze its impact.
You're Doing IoT RNG
https://ift.tt/3itEoLT
Submitted August 10, 2021 at 01:05AM by breach_house
via reddit https://ift.tt/3lMJFjD
https://ift.tt/3itEoLT
Submitted August 10, 2021 at 01:05AM by breach_house
via reddit https://ift.tt/3lMJFjD
Bishopfox
You're Doing IoT RNG
Learn why hardware random number generators (RNG) used by billions of IoT devices to create encryption keys don't always generate random numbers.
CVE-2021-31162 In the standard library in Rust before 1.52.0, a double free can occur in the Vec::from_iter function if freeing the element panics.
https://ift.tt/3abJLe9
Submitted August 10, 2021 at 02:16AM by dmyrelot
via reddit https://ift.tt/3jIOt7d
https://ift.tt/3abJLe9
Submitted August 10, 2021 at 02:16AM by dmyrelot
via reddit https://ift.tt/3jIOt7d
Existing WordPress Security Plugins Fail to Provide Non-Bypassble Protection Against Easy to Stop WordPress Plugin Vulnerability
https://ift.tt/2Vzxz2W
Submitted August 10, 2021 at 03:36AM by PluginVulns
via reddit https://ift.tt/2Xhclr7
https://ift.tt/2Vzxz2W
Submitted August 10, 2021 at 03:36AM by PluginVulns
via reddit https://ift.tt/2Xhclr7
Pluginvulnerabilities
Existing WordPress Security Plugins Fail to Provide Non-Bypassble Protection Against Easy to Stop WordPress Plugin Vulnerability
When we did testing several years back to see if WordPress security plugins could prevent the exploitation of vulnerabilities in other WordPress plugins, the results were not good. In one test, we fou
Multiple vulnerabilities found in Cpanel/WHM
https://ift.tt/3s3o1ZN
Submitted August 10, 2021 at 12:55PM by adrian_rt
via reddit https://ift.tt/3AscNRp
https://ift.tt/3s3o1ZN
Submitted August 10, 2021 at 12:55PM by adrian_rt
via reddit https://ift.tt/3AscNRp
Cyber Security Services - London
Multiple vulnerabilities in cPanel/WHM - Cyber Security Services - London
Multiple vulnerabilities in cPanel/WHM. Privilege Escalation via stored XSS. Cross-Site WebSocket Hijacking.CSRF bypass
Permission issue in Facebook for Android allows an intruder to accept friend request from a victim phone without unlocking it [Unpatched]
https://ift.tt/2VHavie
Submitted August 10, 2021 at 12:35PM by staz0t
via reddit https://ift.tt/2VKMFCu
https://ift.tt/2VHavie
Submitted August 10, 2021 at 12:35PM by staz0t
via reddit https://ift.tt/2VKMFCu
reddit
Permission issue in Facebook for Android allows an intruder to...
Posted in r/netsec by u/staz0t • 9 points and 3 comments
Christmas tree packet
https://ift.tt/37xA2xa
Submitted August 10, 2021 at 03:51PM by dontbenebby
via reddit https://ift.tt/2VJs5SU
https://ift.tt/37xA2xa
Submitted August 10, 2021 at 03:51PM by dontbenebby
via reddit https://ift.tt/2VJs5SU
Wikipedia
Christmas tree packet
unit of data used in information technology
How to Hack APIs in 2021
https://ift.tt/3g887bV
Submitted August 10, 2021 at 06:00PM by intheclairdelune
via reddit https://ift.tt/2VCWodQ
https://ift.tt/3g887bV
Submitted August 10, 2021 at 06:00PM by intheclairdelune
via reddit https://ift.tt/2VCWodQ
Detectify Labs
How to Hack APIs in 2021
APIs are essential for modern web app development. Learning how to hack APIs can help with security testing them.
CompTIA Network+ (N10-007) Free Resources
https://ift.tt/3iy4w8w
Submitted August 10, 2021 at 09:41PM by Mike_KnowDirect-123
via reddit https://ift.tt/3fPtqyO
https://ift.tt/3iy4w8w
Submitted August 10, 2021 at 09:41PM by Mike_KnowDirect-123
via reddit https://ift.tt/3fPtqyO
Building an exploit for a Use-After-Free in ProFTPd (CVE-2020-9273)
https://ift.tt/3lQ4ef7
Submitted August 10, 2021 at 10:24PM by gid0rah
via reddit https://ift.tt/3CDVui4
https://ift.tt/3lQ4ef7
Submitted August 10, 2021 at 10:24PM by gid0rah
via reddit https://ift.tt/3CDVui4
[FREE] 25 Hour Practical Ethical Hacking - The Complete Course - Use code FREEFORMEPLEASE - Ends Tomorrow
https://ift.tt/2F6PGVt
Submitted August 11, 2021 at 12:11AM by TrMark
via reddit https://ift.tt/3lRm2qo
https://ift.tt/2F6PGVt
Submitted August 11, 2021 at 12:11AM by TrMark
via reddit https://ift.tt/3lRm2qo
Common GraphQL Misconceptions: The post to clear all your confusions!
https://ift.tt/3AxUj1R
Submitted August 11, 2021 at 08:33PM by _SecurityGOAT
via reddit https://ift.tt/3yI6SqX
https://ift.tt/3AxUj1R
Submitted August 11, 2021 at 08:33PM by _SecurityGOAT
via reddit https://ift.tt/3yI6SqX
A podcast about security architecture. kick-off Episode of Season 03
https://ift.tt/3s7lVbf
Submitted August 11, 2021 at 09:35PM by Evgeniy_Kharam
via reddit https://ift.tt/3AMJ99V
https://ift.tt/3s7lVbf
Submitted August 11, 2021 at 09:35PM by Evgeniy_Kharam
via reddit https://ift.tt/3AMJ99V
Jigsaw/Google Free Phishing Quiz
https://ift.tt/3fUVdhb
Submitted August 12, 2021 at 06:08AM by tony-caffe
via reddit https://ift.tt/3fXwsRz
https://ift.tt/3fUVdhb
Submitted August 12, 2021 at 06:08AM by tony-caffe
via reddit https://ift.tt/3fXwsRz
Fingerprinting Windows versions, AV, wireless cards over the network—all without authentication
https://ift.tt/2VMakCi
Submitted August 12, 2021 at 12:04PM by 0xdea
via reddit https://ift.tt/3AzgBjV
https://ift.tt/2VMakCi
Submitted August 12, 2021 at 12:04PM by 0xdea
via reddit https://ift.tt/3AzgBjV
runZero
Fingerprinting Windows versions, AV, wireless cards over the…
Correctly identifying and categorizing network-connected systems without credentials is a tricky challenge and one of the fun parts of working at Rumble.…
DLL hijacking vulnerabilities in Nirsoft tools
https://ift.tt/3cpqmVY
Submitted August 12, 2021 at 12:47PM by fsau
via reddit https://ift.tt/3si2ixm
https://ift.tt/3cpqmVY
Submitted August 12, 2021 at 12:47PM by fsau
via reddit https://ift.tt/3si2ixm
Born's Tech and Windows World
DLL hijacking vulnerabilities in Nirsoft tools
[German]The Nirsoft tools are probably known to many Windows users. What is less known: The tools come along with nasty DLL hijacking vulnerabilities and should rather be avoided. The topic has been bogged down here for quite some time and I have put it off…
Custom implementation of DbgHelp's MiniDumpWriteDump function. Uses static syscalls to replace low-level functions like NtReadVirtualMemory.
https://ift.tt/3lZxh02
Submitted August 12, 2021 at 10:10PM by w1n11
via reddit https://ift.tt/3AQzT4D
https://ift.tt/3lZxh02
Submitted August 12, 2021 at 10:10PM by w1n11
via reddit https://ift.tt/3AQzT4D
GitHub
GitHub - w1u0u1/minidump: Custom implementation of DbgHelp's MiniDumpWriteDump function. Uses static syscalls to replace low-level…
Custom implementation of DbgHelp's MiniDumpWriteDump function. Uses static syscalls to replace low-level functions like NtReadVirtualMemory. - GitHub - w1u0u1/minidump: Custom implementatio...
Kernel shellcode injector
https://ift.tt/3ADvUs0
Submitted August 12, 2021 at 10:08PM by w1n11
via reddit https://ift.tt/3lWBwJw
https://ift.tt/3ADvUs0
Submitted August 12, 2021 at 10:08PM by w1n11
via reddit https://ift.tt/3lWBwJw