Authentication Encounter: OIDC vs OAuth2
https://ift.tt/2Wz30e0

Submitted October 03, 2021 at 12:56PM by prescojan
via reddit https://ift.tt/3l2Migw

Working with the sales team during my consulting days was eye opening. In this edition, I argue that there are many lessons AppSec teams can learn from how Sales teams operate.
https://ift.tt/3mnNKcM

Submitted October 03, 2021 at 05:05PM by jubbaonjeans
via reddit https://ift.tt/3oySUpj

Conditionally-Perfect Secrecy and a Provably-Secure Randomized Cipher [PDF]
https://ift.tt/3a8qyJL

Submitted October 03, 2021 at 07:34PM by Uberhipster
via reddit https://ift.tt/3mjEOVN

Undectable backdooring of PE file using dual code caves & encoding
https://ift.tt/3a614Nn

Submitted October 04, 2021 at 02:46AM by InformationSecurity
via reddit https://ift.tt/2YeVy8X

/r/netsec's Q4 2021 Information Security Hiring Thread
OverviewIf you have open positions at your company for information security professionals and would like to hire from the /r/netsec user base, please leave a comment detailing any open job listings at your company.We would also like to encourage you to post internship positions as well. Many of our readers are currently in school or are just finishing their education.Please reserve top level comments for those posting open positions.Rules & GuidelinesInclude the company name in the post. If you want to be topsykret, go recruit elsewhere. Include the geographic location of the position along with the availability of relocation assistance or remote work.If you are a third party recruiter, you must disclose this in your posting.Please be thorough and upfront with the position details.Use of non-hr'd (realistic) requirements is encouraged.While it's fine to link to the position on your companies website, provide the important details in the comment.Mention if applicants should apply officially through HR, or directly through you.Please clearly list citizenship, visa, and security clearance requirements.You can see an example of acceptable posts by perusing past hiring threads.FeedbackFeedback and suggestions are welcome, but please don't hijack this thread (use moderator mail instead.)

Submitted October 04, 2021 at 02:39AM by ranok
via reddit https://ift.tt/3FfhFfV

BazarLoader and the Conti Leaks
https://ift.tt/2ZVucVJ

Submitted October 04, 2021 at 07:07AM by TheDFIRReport
via reddit https://ift.tt/3l61eue

OnionShare 2.3 >= 2.3.3 Vulnerabilities (CVE-2021-41868 and CVE-2021-41867)
https://ift.tt/3a1o53N

Submitted October 04, 2021 at 02:29PM by IHTeam
via reddit https://ift.tt/3uKnSf1

Misconfigured Airflows Leak Credentials from Popular Services
https://ift.tt/3uCAwN0

Submitted October 04, 2021 at 08:43PM by Milafasents
via reddit https://ift.tt/3FdScn7

Implicit Overflow Considered Harmful
https://ift.tt/3A7hPCp

Submitted October 04, 2021 at 08:41PM by pimterry
via reddit https://ift.tt/3a45qV0

Welcoming Dragonfly, a modern malware sandbox built on binary emulation tools
https://ift.tt/3a3HbGD

Submitted October 04, 2021 at 09:16PM by samaritan_o
via reddit https://ift.tt/3a20ss9

List of public BGP hijacking incidents
https://ift.tt/3oyTYt8

Submitted October 04, 2021 at 10:16PM by dontbenebby
via reddit https://ift.tt/3AafVRl

Now that whatsapp is down, it is a good time to get people to try signal out :)
https://ift.tt/2z1sLG4

Submitted October 04, 2021 at 11:53PM by abagnalejr
via reddit https://ift.tt/3otSwbu

Atom Silo ransomware actors use Confluence exploit, DLL side-load for stealthy attack
https://ift.tt/3l7MIlI

Submitted October 05, 2021 at 01:49AM by ksr_malware
via reddit https://ift.tt/3DcrGIZ

An Intro to Fuzzing (AKA Fuzz Testing)
https://ift.tt/3FfmWUT

Submitted October 05, 2021 at 01:42AM by breach_house
via reddit https://ift.tt/3l9GVMM

Creating an IoT botnet of IPTVs to rickroll 10,000+ students
https://ift.tt/3l7XjNC

Submitted October 05, 2021 at 02:41AM by WhiteHoodHacker
via reddit https://ift.tt/3l9wn07

Protect Your GitHub Actions with Semgrep
https://ift.tt/2WLEXsA

Submitted October 05, 2021 at 06:26AM by iterablewords
via reddit https://ift.tt/3ivZuc6

Update: Facebook, Instagram And WhatsApp Go Down Hard In Possible Whistleblower DDoS Backlash
https://ift.tt/3acowbz

Submitted October 05, 2021 at 10:20AM by kayeT16
via reddit https://ift.tt/2WFqVbJ

Practical strategies for pentesting and exploiting file read vulnerabilities.
https://ift.tt/3a71Aup

Submitted October 05, 2021 at 12:00PM by portmapper
via reddit https://ift.tt/3abZhWQ

TEQNIX - I made an online platform of pentesting tools and automation. Check it out and let me know
https://teqnix.io

Submitted October 05, 2021 at 12:10PM by maudits
via reddit https://ift.tt/3adRc3X

Swimming Upstream: Uncovering Broadcom SDK Vulnerabilities from Bug Reports.
https://ift.tt/3BbsehO

Submitted October 05, 2021 at 02:08PM by g_e_r_h_a_r_d
via reddit https://ift.tt/3iAT0sv

Abusing vCenter SAML Certificates: Logging in as Admin from Backups
https://ift.tt/3msyr2y

Submitted October 05, 2021 at 04:26PM by scopedsecurity
via reddit https://ift.tt/2ZZuE5m