dmesg – Unix/Linux command, beginners introduction with examples
https://ift.tt/3Ab6vpR
Submitted August 26, 2021 at 10:06AM by mike_jack
via reddit https://ift.tt/3sOYRhL
https://ift.tt/3Ab6vpR
Submitted August 26, 2021 at 10:06AM by mike_jack
via reddit https://ift.tt/3sOYRhL
yCrash
dmesg – Unix/Linux command, beginners introduction with examples
‘dmesg’ (display message) is not a popular Unix/Linux command. However, it provides vital information that can be used for troubleshooting production performance problems.
Widespread credential phishing campaign abuses open redirector links
https://ift.tt/3zlP7y2
Submitted August 26, 2021 at 11:26PM by SCI_Rusher
via reddit https://ift.tt/2XVd4yh
https://ift.tt/3zlP7y2
Submitted August 26, 2021 at 11:26PM by SCI_Rusher
via reddit https://ift.tt/2XVd4yh
Search - Microsoft Bing
Where cultures converge
The Mosque-Cathedral of Córdoba is a chronicle of
Attack Surface Management. You’re (probably) doing it wrong.
https://ift.tt/2WvAlXl
Submitted August 27, 2021 at 01:32AM by smicallef
via reddit https://ift.tt/2Wu0LbN
https://ift.tt/2WvAlXl
Submitted August 27, 2021 at 01:32AM by smicallef
via reddit https://ift.tt/2Wu0LbN
Medium
Attack Surface Management. You’re (probably) doing it wrong.
In this post I talk about what it means to perform comprehensive Attack Surface Management by leveraging a broad spectrum of OSINT (Open…
ChaosDB - Vulnerability in Azure Cosmos DB affecting thousands of customers - Manual Actions Required
https://chaosdb.wiz.io/
Submitted August 27, 2021 at 05:27AM by sagitz_
via reddit https://ift.tt/3DmkSJK
https://chaosdb.wiz.io/
Submitted August 27, 2021 at 05:27AM by sagitz_
via reddit https://ift.tt/3DmkSJK
Wiz
ChaosDB: Unauthorized Privileged Access to Microsoft Azure Cosmos DB
A critical vulnerability in Azure's flagship Cosmos DB service affecting thousands of customers. Mitigation requires customers' manual actions.
Risky Business: Why CS Risk is Never Worth the Price
https://ift.tt/3ymi3EX
Submitted August 27, 2021 at 07:07AM by SnooSongs2448
via reddit https://ift.tt/3ykNJum
https://ift.tt/3ymi3EX
Submitted August 27, 2021 at 07:07AM by SnooSongs2448
via reddit https://ift.tt/3ykNJum
STACS - YARA based static credential scanner which supports binary file formats, and nested archives.
https://ift.tt/3Bi1ADC
Submitted August 27, 2021 at 02:20PM by Darkarnium
via reddit https://ift.tt/3sRbMQa
https://ift.tt/3Bi1ADC
Submitted August 27, 2021 at 02:20PM by Darkarnium
via reddit https://ift.tt/3sRbMQa
GitHub
GitHub - stacscan/stacs: Static Token And Credential Scanner
Static Token And Credential Scanner. Contribute to stacscan/stacs development by creating an account on GitHub.
Enhancing the security audit logging of Harbor with OpenResty
https://ift.tt/2WykLdi
Submitted August 27, 2021 at 04:58PM by Rewanth_Tammana
via reddit https://ift.tt/3kxlEea
https://ift.tt/2WykLdi
Submitted August 27, 2021 at 04:58PM by Rewanth_Tammana
via reddit https://ift.tt/3kxlEea
Rewanth Tammana's Blog
Enhancing the security audit logging of Harbor with OpenResty
Enhancing the security audit logging of Harbor with OpenResty - Why and how I achieved the audit logging functionality in Harbor Private Container Registry
Fuzzing Windows’ RDP client and server
https://ift.tt/3DmMaQ2
Submitted August 27, 2021 at 06:28PM by jat0369
via reddit https://ift.tt/3kpirxk
https://ift.tt/3DmMaQ2
Submitted August 27, 2021 at 06:28PM by jat0369
via reddit https://ift.tt/3kpirxk
Cyberark
Fuzzing RDP: Holding the Stick at Both Ends
Introduction This post describes the work we’ve done on fuzzing the Windows RDP client and server, the challenges of doing so, and some of the results. The Remote Desktop Protocol (RDP) by...
Crypto miner attack: Sysrv-Hello Botnet targeting WordPress pods for crypto mining
https://ift.tt/2UTwToH
Submitted August 27, 2021 at 08:23PM by capitangolo
via reddit https://ift.tt/3ymjVgW
https://ift.tt/2UTwToH
Submitted August 27, 2021 at 08:23PM by capitangolo
via reddit https://ift.tt/3ymjVgW
AWS ReadOnlyAccess: Not Even Once
https://ift.tt/2WqXGJi
Submitted August 27, 2021 at 08:53PM by hotnops
via reddit https://ift.tt/2XTjZbe
https://ift.tt/2WqXGJi
Submitted August 27, 2021 at 08:53PM by hotnops
via reddit https://ift.tt/2XTjZbe
Medium
AWS ReadOnlyAccess: Not Even Once
A story of too much access and a false sense of security.
Everything you need to know about Pegasus Spyware
https://ift.tt/3BgxoZd
Submitted August 27, 2021 at 11:15PM by Techflashesinfo
via reddit https://ift.tt/38iUOkl
https://ift.tt/3BgxoZd
Submitted August 27, 2021 at 11:15PM by Techflashesinfo
via reddit https://ift.tt/38iUOkl
techflashes.com
Everything you need to know about Pegasus Spyware techflashes.com
This Pegasus Spyware virus is very dangerous and that spyware multiple ways attacks of that system that saw that article... techflashes.com
Lots of Sec tools unclear about what they mean when they talk about their “masking” & “transformation” features. HashiCorp Vault just made it clear what those terms mean for them.
https://ift.tt/3DklIqs
Submitted August 28, 2021 at 12:22AM by piedpiperpivot
via reddit https://ift.tt/3Ba6D90
https://ift.tt/3DklIqs
Submitted August 28, 2021 at 12:22AM by piedpiperpivot
via reddit https://ift.tt/3Ba6D90
Detecting Potential Bad Actors in OSS Contributions
https://ift.tt/3jkBwBy
Submitted August 28, 2021 at 03:07AM by ambray_
via reddit https://ift.tt/3yrAcRw
https://ift.tt/3jkBwBy
Submitted August 28, 2021 at 03:07AM by ambray_
via reddit https://ift.tt/3yrAcRw
blog.phylum.io
Detecting Potential Bad Actors in GitHub
Phylum is continually working to improve our author risk analysis to allow users to manage the risk presented by using code written by random strangers on the Internet. The work documented here provides valuable evidence as input into Phylum’s author risk…
DNSTake — A fast tool to check missing hosted DNS zones that can lead to subdomain takeover
https://ift.tt/3DtoedO
Submitted August 28, 2021 at 04:20PM by dwisiswant0
via reddit https://ift.tt/38jFCmW
https://ift.tt/3DtoedO
Submitted August 28, 2021 at 04:20PM by dwisiswant0
via reddit https://ift.tt/38jFCmW
GitHub
GitHub - pwnesia/dnstake: DNSTake — A fast tool to check missing hosted DNS zones that can lead to subdomain takeover
DNSTake — A fast tool to check missing hosted DNS zones that can lead to subdomain takeover - GitHub - pwnesia/dnstake: DNSTake — A fast tool to check missing hosted DNS zones that can lead to subd...
US company Zimperium, claims that it can protect you from Pegasus
https://ift.tt/38mnMzW
Submitted August 28, 2021 at 09:46PM by TheLastLived
via reddit https://ift.tt/38jouOr
https://ift.tt/38mnMzW
Submitted August 28, 2021 at 09:46PM by TheLastLived
via reddit https://ift.tt/38jouOr
Technotification
US company Zimperium, claims that it can protect you from Pegasus
A US company, Zimperium, claims that it can protect organisations and individuals from Pegasus although it is not clear if it claims.
[WIP] Web Hacking mindmap
https://ift.tt/3gHtQaD
Submitted August 28, 2021 at 10:25PM by megatr0nz
via reddit https://ift.tt/2WyNJtv
https://ift.tt/3gHtQaD
Submitted August 28, 2021 at 10:25PM by megatr0nz
via reddit https://ift.tt/2WyNJtv
What You Need to Know About PrintNightmare Vulnerability (CVE-2021-34527)
https://ift.tt/3eVWEeA
Submitted August 29, 2021 at 12:36PM by rimdig219
via reddit https://ift.tt/3h0OWRN
https://ift.tt/3eVWEeA
Submitted August 29, 2021 at 12:36PM by rimdig219
via reddit https://ift.tt/3h0OWRN
Cymulate
What You Need to Know About PrintNightmare Vulnerability (CVE-2021-34527)
This tech-blog post demonstrates how PrintNightmare (CVE-2021-34527) attack is implemented in the Cymulate Continuous Security Validation Platform.
A new AppSec newsletter (5 editions old) focusing on timeless AppSec topics
https://ift.tt/3jnJYA0
Submitted August 29, 2021 at 04:57PM by jubbaonjeans
via reddit https://ift.tt/2WyUvQc
https://ift.tt/3jnJYA0
Submitted August 29, 2021 at 04:57PM by jubbaonjeans
via reddit https://ift.tt/2WyUvQc
Substack
Boring AppSec
A (not so) regular newsletter on getting the boring parts of AppSec right
To visualize the Cloud Security work and manage it, I’m working on a Cloud Security Kanban board that is broken down into Work Items that are prioritized into their Workflows
https://ift.tt/3zurxz4
Submitted August 30, 2021 at 12:41AM by blokdijkg
via reddit https://ift.tt/2WElee5
https://ift.tt/3zurxz4
Submitted August 30, 2021 at 12:41AM by blokdijkg
via reddit https://ift.tt/2WElee5
Theartofservice
Cloud Security Kanban- The Art of Service, Standard Requirements Self Assessments
Server Side Request Forgery Ssrf
https://ift.tt/3BljrcG
Submitted August 30, 2021 at 12:27AM by banginpadr
via reddit https://ift.tt/3mJRRSw
https://ift.tt/3BljrcG
Submitted August 30, 2021 at 12:27AM by banginpadr
via reddit https://ift.tt/3mJRRSw
Medium
Server-Side Request Forgery (SSRF)
Broken Access Control (BAC) > Server-Side Request Forgery (SSRF)
Cobalt Strike, a Defender’s Guide
https://ift.tt/3zuNVbA
Submitted August 30, 2021 at 05:47AM by TheDFIRReport
via reddit https://ift.tt/3gJ2kcX
https://ift.tt/3zuNVbA
Submitted August 30, 2021 at 05:47AM by TheDFIRReport
via reddit https://ift.tt/3gJ2kcX
The DFIR Report
Cobalt Strike, a Defender’s Guide
Intro In our research, we expose adversarial Tactics, Techniques and Procedures (TTPs) as well as the tools they use to execute their mission objectives. In most of our cases, we see the threat act…