We’re changing which keys are supported in SSH and removing unencrypted Git protocol. If you’re an SSH user, read on for the details and timeline.

During a recent engagement, we identified a recurring and interesting scenario involving smart router devices. We define smart router devices as devices with functionality that requires them to provide services beyond basic routing to an internal LAN network…

Claroty Team82 discloses details on a vulnerability that can be used to crash a SIP IoT Client with a single malformed header packet.

Posted in r/netsec by u/gquere • 1 point and 0 comments

Posted in r/netsec by u/sanitybit • 3 points and 1 comment

We're sharing technical information about the vulnerability tracked as CVE-2021-35211, which was used to attack the SolarWinds Serv-U FTP software in limited and targeted attacks.

A library for reading PST files (written in Go/Golang). - GitHub - mooijtech/go-pst: A library for reading PST files (written in Go/Golang).

In the previous post we saw how to set up a Windows 10 machine in order to manually analyze Windows RPC with RpcView. In this post, we will see how the infor...

In April 2021 we went through the anatomy of a Cobalt Strike stager and how some of its signature evasion techniques ended up being ineffective against detection technologies. In this blog post we …

Posted in r/netsec by u/ZealousidealYogurt41 • 1 point and 0 comments

Introduction Rudroid - this might arguably be one of the worst Android emulators possible. In this blog, we’ll write an emulator that can run a ‘Hello World’ Android ELF binary. While doing this, we will learn how to go about writing our own emulators.
Writing…

Posted in r/netsec by u/hardenedvault • 2 points and 0 comments

You can't improve what you cannot measure, but measuring incorrectly can drive incentives in the wrong direction. Here's a hypothesis on "good" AppSec metrics and why they are so hard to measure.

RCE 0-day for GhostScript 9.50 - Payload generator - duc-nt/RCE-0-day-for-GhostScript-9.50

This post is about open redirect vulnerabilities; the story of three vulnerable websites, why it’s bad, and how to prevent and detect abuse. First, a primer…

Paving the way for 0days Dedicated to: Zix , who spent precious-time guiding me within the last two-months . Mohammed , Jalil , Zakariae ...

Templates are pre-formatted documents, which already contain certain information. A template engine is a specific kind of template processing module that exhibits all major features of a modern programming language. The developers make use of Template engines…

Free,Open-Source,Cross-platform agent and Post-exploiton tool written in Golang and C++. - GitHub - geemion/Khepri: Free,Open-Source,Cross-platform agent and Post-exploiton tool written in Golang a...

Microsoft has detected multiple zero-day exploits on the on-premises version of the Microsoft Exchange Server (2013,2016, and 2019). Microsoft attributes this campaign with high confidence to HAFNIUM, a group assessed to be state-sponsored and operating out…

JFrog security research team discovers new critical vulnerability (CVE-2021-40346) in HAProxy. The new vulnerability can be exploited for HTTP Request Smuggling attacks.

Picked up one of these a little while back at the behest of a good friend…