Cloud Shadow Admins Revisited in Light of Nobelium
https://ift.tt/3wkm6Ci
Submitted November 04, 2021 at 10:39PM by jat0369
via reddit https://ift.tt/3GOEcRv
https://ift.tt/3wkm6Ci
Submitted November 04, 2021 at 10:39PM by jat0369
via reddit https://ift.tt/3GOEcRv
Cyberark
Cloud Shadow Admins Revisited in Light of Nobelium
A recently detected attack campaign involving threat actor Nobelium has caught our attention due to an attack vector our team has previously researched – Cloud Shadow Admins – that the adversary...
Widespread Security Risk Identified in Phones and Bluetooth Devices
https://ift.tt/3mJagOS
Submitted November 05, 2021 at 01:48PM by bunnyhoperornoter
via reddit https://ift.tt/3k96M6u
https://ift.tt/3mJagOS
Submitted November 05, 2021 at 01:48PM by bunnyhoperornoter
via reddit https://ift.tt/3k96M6u
IEEE Spectrum
Widespread Vulnerability Identified in Phones and Bluetooth Devices
Approximately 40 percent of mobile phones may be uniquely identified via Bluetooth signals
Chishing - An Emerging Threat to Business Chat Applications
https://ift.tt/31ywbQG
Submitted November 05, 2021 at 05:40PM by pizzahax
via reddit https://ift.tt/31yCIe9
https://ift.tt/31ywbQG
Submitted November 05, 2021 at 05:40PM by pizzahax
via reddit https://ift.tt/31yCIe9
Community-Driven Open Database of Vulnerability Exploitation inTheWild
https://inthewild.io/
Submitted November 05, 2021 at 07:41PM by 4lreadytekken
via reddit https://ift.tt/3C01NLH
https://inthewild.io/
Submitted November 05, 2021 at 07:41PM by 4lreadytekken
via reddit https://ift.tt/3C01NLH
reddit
Community-Driven Open Database of Vulnerability Exploitation inTheWild
Posted in r/netsec by u/4lreadytekken • 12 points and 9 comments
"Architecture 4001: x86-64 Intel Firmware Attack & Defense" free multi-day class
https://ift.tt/3q9oJpb
Submitted November 05, 2021 at 07:24PM by OpenSecurityTraining
via reddit https://ift.tt/3nV0use
https://ift.tt/3q9oJpb
Submitted November 05, 2021 at 07:24PM by OpenSecurityTraining
via reddit https://ift.tt/3nV0use
p.ost2.fyi
Architecture 4001: x86-64 Intel Firmware Attack & Defense
This class teaches Intel x86 reset vector firmware (aka BIOS). It requires you to have taken Arch1001, Arch2001, and Dbg1015.
A (free) Kubernetes Canarytoken - Get attackers to reveal themselves with a stray kubeconfig
https://ift.tt/3mK0Wdw
Submitted November 05, 2021 at 08:19PM by thinkst
via reddit https://ift.tt/3GTJxHl
https://ift.tt/3mK0Wdw
Submitted November 05, 2021 at 08:19PM by thinkst
via reddit https://ift.tt/3GTJxHl
Thinkst Thoughts
A Kubeconfig Canarytoken
Introducing the new Kubeconfig Canarytoken A while back we asked: “What will an attacker do if they find an AWS API key on your server?” (We are pretty convinced they will try to use it, and when t…
Threema: Three Strikes, You’re Out
https://ift.tt/3EHwAOM
Submitted November 05, 2021 at 09:35PM by moviuro
via reddit https://ift.tt/3mLbuJs
https://ift.tt/3EHwAOM
Submitted November 05, 2021 at 09:35PM by moviuro
via reddit https://ift.tt/3mLbuJs
Dhole Moments
Threema: Three Strikes, You’re Out - Dhole Moments
Threema boldly claims to be more secure than Signal. Does this hold up to scrutiny?
Why We Need mTLS in Kubernetes Service Meshes
https://ift.tt/3wnfLWz
Submitted November 05, 2021 at 09:30PM by chillysurfer
via reddit https://ift.tt/3EPAiGc
https://ift.tt/3wnfLWz
Submitted November 05, 2021 at 09:30PM by chillysurfer
via reddit https://ift.tt/3EPAiGc
Thomas Stringer
Why We Need mTLS in Kubernetes Service Meshes
One of the great features of service meshes in Kubernetes is the ability to have an out-of-the-box zero-application-changes solution that delivers a powerful security feature: mTLS (mutual Transport Layer Security). But… why do we need mTLS? It’s because…
show netsec: blint, a binary linter powered by lief
https://ift.tt/3CKTd4q
Submitted November 05, 2021 at 09:05PM by prabhus
via reddit https://ift.tt/3o1oXMv
https://ift.tt/3CKTd4q
Submitted November 05, 2021 at 09:05PM by prabhus
via reddit https://ift.tt/3o1oXMv
reddit
show netsec: blint, a binary linter powered by lief
Posted in r/netsec by u/prabhus • 1 point and 0 comments
Evaluating Physical-Layer BLE Location Tracking Attacks on Mobile Devices
https://ift.tt/3ESuvzV
Submitted November 05, 2021 at 10:38PM by dontbenebby
via reddit https://ift.tt/3ka74tR
https://ift.tt/3ESuvzV
Submitted November 05, 2021 at 10:38PM by dontbenebby
via reddit https://ift.tt/3ka74tR
A Konami Code for Vuln Chaining Combos
https://ift.tt/31AjIMl
Submitted November 06, 2021 at 01:58AM by IndySecMan
via reddit https://ift.tt/3qclq0K
https://ift.tt/31AjIMl
Submitted November 06, 2021 at 01:58AM by IndySecMan
via reddit https://ift.tt/3qclq0K
Medium
A Konami Code for Vuln Chaining Combos
Automate finding relational vulnerabilities for a more accurate risk rating
Verizon SIMs open their own TCP/IP sessions. And other stuff.
https://ift.tt/3BQMjtg
Submitted November 06, 2021 at 03:23AM by dburgess000
via reddit https://ift.tt/3wiVmSF
https://ift.tt/3BQMjtg
Submitted November 06, 2021 at 03:23AM by dburgess000
via reddit https://ift.tt/3wiVmSF
Medium
More Proactive SIMs
AT&T inspired me to explore a little more.
How to exploit CVE-2021-40539 on ManageEngine ADSelfService Plus
https://ift.tt/3CVumek
Submitted November 06, 2021 at 06:56AM by scopedsecurity
via reddit https://ift.tt/31v34O1
https://ift.tt/3CVumek
Submitted November 06, 2021 at 06:56AM by scopedsecurity
via reddit https://ift.tt/31v34O1
Synacktiv
How to exploit CVE-2021-40539 on ManageEngine ADSelfService Plus
A detailed analysis of the STOP/Djvu Ransomware
https://ift.tt/3BRtENO
Submitted November 07, 2021 at 02:06AM by CyberMasterV
via reddit https://ift.tt/3bOiNtw
https://ift.tt/3BRtENO
Submitted November 07, 2021 at 02:06AM by CyberMasterV
via reddit https://ift.tt/3bOiNtw
reddit
A detailed analysis of the STOP/Djvu Ransomware
Posted in r/netsec by u/CyberMasterV • 107 points and 3 comments
crashmon - a CrashWrangler replacement based on LLDB. Supports Apple Silicon - @ant4g0nist
https://ift.tt/3bMcRBe
Submitted November 07, 2021 at 10:40PM by ant4g0nist
via reddit https://ift.tt/302sdiw
https://ift.tt/3bMcRBe
Submitted November 07, 2021 at 10:40PM by ant4g0nist
via reddit https://ift.tt/302sdiw
GitHub
GitHub - ant4g0nist/crashmon: crashmon - A LLDB Based replacement for CrashWrangler
crashmon - A LLDB Based replacement for CrashWrangler - GitHub - ant4g0nist/crashmon: crashmon - A LLDB Based replacement for CrashWrangler
Homebrew Package Manager Harden Script
https://ift.tt/3kho7ua
Submitted November 08, 2021 at 04:11AM by AtropineTearz
via reddit https://ift.tt/3EOaLgw
https://ift.tt/3kho7ua
Submitted November 08, 2021 at 04:11AM by AtropineTearz
via reddit https://ift.tt/3EOaLgw
GitHub
TheMacHardeningScripts/brew-harden.sh at main · AtropineTears/TheMacHardeningScripts
Scripts to secure and harden Mac OS X. Contribute to AtropineTears/TheMacHardeningScripts development by creating an account on GitHub.
Trawling Weird Google Autocompletes
https://ift.tt/3bO6kGb
Submitted November 08, 2021 at 11:10AM by Vimda
via reddit https://ift.tt/301GH1Q
https://ift.tt/3bO6kGb
Submitted November 08, 2021 at 11:10AM by Vimda
via reddit https://ift.tt/301GH1Q
Sinkingpoint
Trawling Weird Google Autocompletes
A while back, I noticed that whenever I typed https:// into the search bar in Firefox on my phone, Google would helpfully try and autocomplete my search with a number of random domains. This immediatly nerd sniped me, so I thought it might be interesting…
How SSL certificates are leaking sensitive information - Detectify Labs
https://ift.tt/3BMjwpB
Submitted November 08, 2021 at 01:28PM by intheclairdelune
via reddit https://ift.tt/3kcDvaT
https://ift.tt/3BMjwpB
Submitted November 08, 2021 at 01:28PM by intheclairdelune
via reddit https://ift.tt/3kcDvaT
Beg Bounties
https://ift.tt/3CVU56q
Submitted November 08, 2021 at 05:23PM by RustEvangelist10xer
via reddit https://ift.tt/3CVrSNb
https://ift.tt/3CVU56q
Submitted November 08, 2021 at 05:23PM by RustEvangelist10xer
via reddit https://ift.tt/3CVrSNb
Troy Hunt
Beg Bounties
When someone passed me hundreds of thousands of records on kids taken from CloudPets a few years ago, I had a nightmare of a time getting in touch with the company. They'd left a MongoDB instance exposed to the public without a password and someone had snagged…
Driftwood: Immediately Know Which Private Keys are Sensitive
https://ift.tt/3khMnMq
Submitted November 08, 2021 at 09:49PM by wifihack
via reddit https://ift.tt/3EV4Kif
https://ift.tt/3khMnMq
Submitted November 08, 2021 at 09:49PM by wifihack
via reddit https://ift.tt/3EV4Kif
Truffle Security
Driftwood: Know if Private Keys are Sensitive — Truffle Security
Asymmetric private keys are among the most often leaked out. We’re open sourcing a tool that immediately tells you if one is sensitive https://github.com/trufflesecurity/driftwood With this tool we found the private keys for hundreds of TLS certificates…
Threat Hunting Certificate Account Persistence
https://ift.tt/3mVVww5
Submitted November 09, 2021 at 12:25AM by netbiosX
via reddit https://ift.tt/3ERb7mA
https://ift.tt/3mVVww5
Submitted November 09, 2021 at 12:25AM by netbiosX
via reddit https://ift.tt/3ERb7mA
Pentest Laboratories
Threat Hunting Certificate Account Persistence
The role of Certification Authority is to provide trust between different active directory entities or as an authentication mechanism in order to access specific resources such as web applications …