Proof of Vaccination - Port Pass Data Breach
https://ift.tt/3ifPmUP
Submitted September 29, 2021 at 03:18AM by 3luSiv3One
via reddit https://ift.tt/3ib7WgT
https://ift.tt/3ifPmUP
Submitted September 29, 2021 at 03:18AM by 3luSiv3One
via reddit https://ift.tt/3ib7WgT
CBC
Private proof-of-vaccination app may have exposed hundreds of thousands of users' personal data | CBC News
Private proof-of-vaccination app Portpass exposed personal information, including the driver's licences, of what might be hundreds of thousands of users by leaving its website unsecured.
Telegram deleted account was still able to receive messages.
https://ift.tt/3kNBti9
Submitted September 29, 2021 at 06:47AM by davtur19
via reddit https://ift.tt/3umXyYf
https://ift.tt/3kNBti9
Submitted September 29, 2021 at 06:47AM by davtur19
via reddit https://ift.tt/3umXyYf
Hackintosh 5
Telegram bug in terminated sessions
Do you think that Telegram servers are coded by monkeys?
Security for Your Business through Offshore Software Developers
https://ift.tt/2WndIUZ
Submitted September 29, 2021 at 03:48PM by Caterpillarfox
via reddit https://ift.tt/3ogHmGU
https://ift.tt/2WndIUZ
Submitted September 29, 2021 at 03:48PM by Caterpillarfox
via reddit https://ift.tt/3ogHmGU
Competenza Innovare
Cybersecurity for Your Business through Offshore Software Developers
Cybersecurity via offshore IT developers can help your business stay safe. Remove vulnerabilities & prevent your app, website, enterprise software from hackers.
Massive Phishing Campaign Impacted 75K Email Inboxes
https://ift.tt/3olHp4f
Submitted September 29, 2021 at 06:31PM by kidhiplot
via reddit https://ift.tt/3CZNTtw
https://ift.tt/3olHp4f
Submitted September 29, 2021 at 06:31PM by kidhiplot
via reddit https://ift.tt/3CZNTtw
Cisco Hyperflex: How We Got Remote Code Execution Through Login Form and Other Findings
https://ift.tt/3uuyEpB
Submitted September 29, 2021 at 07:35PM by yarbabin
via reddit https://ift.tt/39MQfzo
https://ift.tt/3uuyEpB
Submitted September 29, 2021 at 07:35PM by yarbabin
via reddit https://ift.tt/39MQfzo
Directory illegal Entry Magic
https://ift.tt/3F1ZkD1
Submitted September 29, 2021 at 09:05PM by banginpadr
via reddit https://ift.tt/3AUQftl
https://ift.tt/3F1ZkD1
Submitted September 29, 2021 at 09:05PM by banginpadr
via reddit https://ift.tt/3AUQftl
Medium
Directory illegal Entry Magic
A hacker manifest Real-World Scenarios, Labs, and Attacks
GitOops! Lateral movement and privesc in GitHub orgs via CI/CD pipelines
https://ift.tt/2XP1FjY
Submitted September 29, 2021 at 09:26PM by alexksak
via reddit https://ift.tt/3m4e77w
https://ift.tt/2XP1FjY
Submitted September 29, 2021 at 09:26PM by alexksak
via reddit https://ift.tt/3m4e77w
GitHub
GitHub - ovotech/gitoops: all paths lead to clouds
all paths lead to clouds. Contribute to ovotech/gitoops development by creating an account on GitHub.
Converting unix timestamps with osquery
https://ift.tt/3uqzV0J
Submitted September 30, 2021 at 02:01AM by Silly-Pop-7437
via reddit https://ift.tt/2YbS6vt
https://ift.tt/3uqzV0J
Submitted September 30, 2021 at 02:01AM by Silly-Pop-7437
via reddit https://ift.tt/2YbS6vt
Medium
Converting unix timestamps with osquery
Human readable timestamps
CC7F Round 1: Cryptocurrency and cryptography hacking CTF (largest competition and prizes so far, registration open)
https://ift.tt/3ifkYtx
Submitted September 30, 2021 at 01:55AM by Alcoholas
via reddit https://ift.tt/2ZMTJR3
https://ift.tt/3ifkYtx
Submitted September 30, 2021 at 01:55AM by Alcoholas
via reddit https://ift.tt/2ZMTJR3
TLS.support - A tool (and REST API) for debugging client TLS version and cipher support issues
https://tls.support/
Submitted September 30, 2021 at 02:27AM by sullivanmatt
via reddit https://ift.tt/3okUBpV
https://tls.support/
Submitted September 30, 2021 at 02:27AM by sullivanmatt
via reddit https://ift.tt/3okUBpV
tls.support
Test your browser's TLS configuration - TLS.support
TLS.support is a free diagnostic tool and REST API for testing browser and client TLS version and cipher support. The service also checks browsers and clients for common TLS-related issues and misconfigurations.
FaPro: A mass network protocol server simulator
https://ift.tt/3hxewOx
Submitted September 30, 2021 at 01:21PM by ntestoc3
via reddit https://ift.tt/2Wqu2nX
https://ift.tt/3hxewOx
Submitted September 30, 2021 at 01:21PM by ntestoc3
via reddit https://ift.tt/2Wqu2nX
GitHub
GitHub - fofapro/fapro: Fake Protocol Server
Fake Protocol Server. Contribute to fofapro/fapro development by creating an account on GitHub.
new NIST SP 800-204C (Draft), DevSecOps for Microservices-based App with Service Mesh | CSRC
https://ift.tt/3ofBdea
Submitted September 30, 2021 at 03:12PM by markcartertm
via reddit https://ift.tt/3mbSVfR
https://ift.tt/3ofBdea
Submitted September 30, 2021 at 03:12PM by markcartertm
via reddit https://ift.tt/3mbSVfR
CSRC | NIST
NIST Special Publication (SP) 800-204C (Withdrawn), Implementation of DevSecOps for a Microservices-based Application with Service…
Cloud-native applications have evolved into a standardized architecture consisting of multiple loosely coupled components called microservices (implemented as containers), supported by code for providing application services called service mesh. Both of these…
FaPro: A mass network protocol server simulator tool
https://ift.tt/3hxewOx
Submitted September 30, 2021 at 03:26PM by ntestoc3
via reddit https://ift.tt/3B2F5CY
https://ift.tt/3hxewOx
Submitted September 30, 2021 at 03:26PM by ntestoc3
via reddit https://ift.tt/3B2F5CY
GitHub
GitHub - fofapro/fapro: Fake Protocol Server
Fake Protocol Server. Contribute to fofapro/fapro development by creating an account on GitHub.
Privilege Escalation in Crucial MODAPI.sys driver
https://ift.tt/2XXMqFd
Submitted September 30, 2021 at 09:02PM by Void_Sec
via reddit https://ift.tt/39Vef3D
https://ift.tt/2XXMqFd
Submitted September 30, 2021 at 09:02PM by Void_Sec
via reddit https://ift.tt/39Vef3D
VoidSec
Crucial’s MOD Utility LPE - CVE-2021-41285 - VoidSec
Crucial's Ballistix MOD Utility v.<= 2.0.2.5 is affected by multiple Privilege Escalation (LPE) vulnerabilities in the MODAPI.sys driver.
The fugitive in Java: Escaping to Java to escape the Chrome sandbox
https://ift.tt/39RVJZP
Submitted September 30, 2021 at 09:38PM by 0xdea
via reddit https://ift.tt/3kVqNy7
https://ift.tt/39RVJZP
Submitted September 30, 2021 at 09:38PM by 0xdea
via reddit https://ift.tt/3kVqNy7
GitHub Security Lab
The fugitive in Java: Escaping to Java to escape the Chrome sandbox
In this post, I’ll exploit a use-after-free (CVE-2021-30528) in the Chrome browser process that I reported to escape the Chrome sandbox. This is a fairly interesting bug that shows some of the subtleties involved in the interactions between C++ and Java in…
Pre-loading HSTS for sibling domains through this one weird trick
https://ift.tt/3D3dbqH
Submitted September 30, 2021 at 09:31PM by sjmurdoch
via reddit https://ift.tt/3zRyTvT
https://ift.tt/3D3dbqH
Submitted September 30, 2021 at 09:31PM by sjmurdoch
via reddit https://ift.tt/3zRyTvT
Bentham’s Gaze
Pre-loading HSTS for sibling domains through this one weird trick
The vast majority of websites now support encrypted connections over HTTPS. This prevents eavesdroppers from monitoring or tampering with people’s web activity and is great for privacy. However, HTTPS is optional, and all browsers still support plain unsecured…
Penetration Testing Tool Project
https://ift.tt/3uuECqI
Submitted October 01, 2021 at 04:43AM by Ok_Demand_682
via reddit https://ift.tt/3kUPwm5
https://ift.tt/3uuECqI
Submitted October 01, 2021 at 04:43AM by Ok_Demand_682
via reddit https://ift.tt/3kUPwm5
GitHub
GitHub - medpaf/hawk: Network, recon and offensive-security tool for Linux systems.
Network, recon and offensive-security tool for Linux systems. - GitHub - medpaf/hawk: Network, recon and offensive-security tool for Linux systems.
BruteShark Version V1.2.5 Released: Identify open ports, domains and users simply by entering PCAP files. Export it to JSON with few clicks :-)
https://ift.tt/2WwZ39Q
Submitted October 01, 2021 at 05:10AM by BruteShark
via reddit https://ift.tt/3kVzfxi
https://ift.tt/2WwZ39Q
Submitted October 01, 2021 at 05:10AM by BruteShark
via reddit https://ift.tt/3kVzfxi
GitHub
Release Network Map Supports Domain Users And Data Transferred Amounts · odedshimon/BruteShark
This version contains few improvements and features:
First, the network map had upgraded by adding additional fields that enables to get insights about domain users and the amount of data transferr...
First, the network map had upgraded by adding additional fields that enables to get insights about domain users and the amount of data transferr...
SNIF ~ e2e TLS trust for IoT
https://snif.host
Submitted October 01, 2021 at 08:31AM by vesvault
via reddit https://ift.tt/2ZCFXjC
https://snif.host
Submitted October 01, 2021 at 08:31AM by vesvault
via reddit https://ift.tt/2ZCFXjC
reddit
SNIF ~ e2e TLS trust for IoT
Posted in r/netsec by u/vesvault • 1 point and 0 comments
DigitalOcean Hacktoberfest 2021
https://ift.tt/372IQee
Submitted October 01, 2021 at 12:26PM by keybeebig
via reddit https://ift.tt/3mbZ3VC
https://ift.tt/372IQee
Submitted October 01, 2021 at 12:26PM by keybeebig
via reddit https://ift.tt/3mbZ3VC
Hacktoberfest presented by DigitalOcean
Hacktoberfest '21
Drive-By Compromise: A Tale Of Four WiFi Routers
https://ift.tt/3B3O5Yc
Submitted October 01, 2021 at 05:48PM by IncludeSec
via reddit https://ift.tt/3AZNeYN
https://ift.tt/3B3O5Yc
Submitted October 01, 2021 at 05:48PM by IncludeSec
via reddit https://ift.tt/3AZNeYN
Include Security Research Blog
Drive-By Compromise: A Tale Of Four WiFi Routers - Include Security Research Blog
Determining the overall security posture of consumer electronics is an exceedingly hard task. In this post, we analyze four 'budget' devices.