Mobile banking fraud: BRATA strikes again | Cleafy Labs
https://ift.tt/3Di4bxF
Submitted December 03, 2021 at 04:04PM by f3d_0x0
via reddit https://ift.tt/3GaEGQV
https://ift.tt/3Di4bxF
Submitted December 03, 2021 at 04:04PM by f3d_0x0
via reddit https://ift.tt/3GaEGQV
Cleafy
Mobile banking fraud: BRATA strikes again | Cleafy Labs
The mobile banking malware BRATA strikes again, and it is slowly spreading all over Europe. Read here the new Technical Report, which explains in detail how it works and how to prevent it.
Just another analysis of the njRAT malware – A step-by-step approach
https://ift.tt/3rmKi6p
Submitted December 04, 2021 at 03:56PM by CyberMasterV
via reddit https://ift.tt/3EqksC6
https://ift.tt/3rmKi6p
Submitted December 04, 2021 at 03:56PM by CyberMasterV
via reddit https://ift.tt/3EqksC6
reddit
Just another analysis of the njRAT malware – A step-by-step approach
Posted in r/netsec by u/CyberMasterV • 1 point and 0 comments
[CVE-2021-40859] Auerswald COMpact 5500R Multiple Backdoors
https://ift.tt/3Il8ZpT
Submitted December 06, 2021 at 02:43PM by RedTeamPentesting
via reddit https://ift.tt/3dlHLBe
https://ift.tt/3Il8ZpT
Submitted December 06, 2021 at 02:43PM by RedTeamPentesting
via reddit https://ift.tt/3dlHLBe
www.redteam-pentesting.de
Auerswald COMpact Multiple Backdoors
RedTeam Pentesting discovered several backdoors in the firmware for the Auerswald COMpact 5500R PBX. These backdoors allow attackers who are able to access the web-based management application full administrative access to the device.
[CVE-2021-40858] Auerswald COMpact 5500R Arbitrary File Disclosure
https://ift.tt/3dlWUTh
Submitted December 06, 2021 at 02:43PM by RedTeamPentesting
via reddit https://ift.tt/3dqhYYx
https://ift.tt/3dlWUTh
Submitted December 06, 2021 at 02:43PM by RedTeamPentesting
via reddit https://ift.tt/3dqhYYx
www.redteam-pentesting.de
Auerswald COMpact Arbitrary File Disclosure
RedTeam Pentesting discovered a vulnerability in the web-based management interface of the Auerswald COMpact 5500R PBX which allows users with the "sub-admin" privilege to access any files on the PBX's file system.
[CVE-2021-40857] Auerswald COMpact 5500R Privilege Escalation
https://ift.tt/3DtaT3W
Submitted December 06, 2021 at 02:43PM by RedTeamPentesting
via reddit https://ift.tt/3pvLHVJ
https://ift.tt/3DtaT3W
Submitted December 06, 2021 at 02:43PM by RedTeamPentesting
via reddit https://ift.tt/3pvLHVJ
www.redteam-pentesting.de
Auerswald COMpact Privilege Escalation
RedTeam Pentesting discovered a vulnerability in the web-based management interface of the Auerswald COMpact 5500R PBX which allows low-privileged users to access passwords of administrative user accounts.
[CVE-2021-40856] Auerswald COMfortel 1400/2600 IP Authentication Bypass
https://ift.tt/3DtaTAY
Submitted December 06, 2021 at 02:42PM by RedTeamPentesting
via reddit https://ift.tt/3rFc8eq
https://ift.tt/3DtaTAY
Submitted December 06, 2021 at 02:42PM by RedTeamPentesting
via reddit https://ift.tt/3rFc8eq
www.redteam-pentesting.de
Auerswald COMfortel 1400/2600/3600 IP Authentication Bypass
RedTeam Pentesting discovered a vulnerability in the web-based configuration management interface of the Auerswald COMfortel 1400 and 2600 IP desktop phones. The vulnerability allows accessing configuration data and settings in the web-based management interface…
Hakluke: Creating the Perfect Bug Bounty Automation - Detectify Labs
https://ift.tt/32MSoLp
Submitted December 06, 2021 at 03:55PM by intheclairdelune
via reddit https://ift.tt/3IqxemL
https://ift.tt/32MSoLp
Submitted December 06, 2021 at 03:55PM by intheclairdelune
via reddit https://ift.tt/3IqxemL
Nzyme v1.2.0 has been released (Open WiFi Defense System)
https://ift.tt/2ZZ66cW
Submitted December 07, 2021 at 07:05AM by lennartkoopmann
via reddit https://ift.tt/31FmdNa
https://ift.tt/2ZZ66cW
Submitted December 07, 2021 at 07:05AM by lennartkoopmann
via reddit https://ift.tt/31FmdNa
www.nzyme.org
Nzyme v1.2.0 "Peck Slip" has been released | nzyme
I am excited to announce that nzyme v1.2.0 (Code name “Peck Slip”) has been released.
Windows 10 RCE: The exploit is in the link
https://ift.tt/3EyA8U4
Submitted December 07, 2021 at 05:34PM by breakingsystems
via reddit https://ift.tt/3ovdLJx
https://ift.tt/3EyA8U4
Submitted December 07, 2021 at 05:34PM by breakingsystems
via reddit https://ift.tt/3ovdLJx
positive.security
Windows 10 RCE: The exploit is in the link | Positive Security
Chaining a misconfiguration in IE11/Edge Legacy with an argument injection in a Windows 10/11 default URI handler and a bypass for a previous Electron patch, we developed a drive-by RCE exploit for Windows 10. The main vulnerability in the ms-officecmd URI…
Misconfigured Kafdrop Puts Companies’ Apache Kafka Completely Exposed
https://ift.tt/3DwnvaE
Submitted December 07, 2021 at 07:42PM by SpectralOps
via reddit https://ift.tt/3EBb8M2
https://ift.tt/3DwnvaE
Submitted December 07, 2021 at 07:42PM by SpectralOps
via reddit https://ift.tt/3EBb8M2
Threat news: TeamTNT stealing credentials using EC2 Instance Metadata
https://ift.tt/3rFSE9q
Submitted December 07, 2021 at 09:32PM by MiguelHzBz
via reddit https://ift.tt/3Iv1OM0
https://ift.tt/3rFSE9q
Submitted December 07, 2021 at 09:32PM by MiguelHzBz
via reddit https://ift.tt/3Iv1OM0
PoC & Guide: Windows EDR bypass through Kernel callbacks removal
https://ift.tt/31yNwJb
Submitted December 08, 2021 at 05:48AM by sanitybit
via reddit https://ift.tt/3DCkTbg
https://ift.tt/31yNwJb
Submitted December 08, 2021 at 05:48AM by sanitybit
via reddit https://ift.tt/3DCkTbg
GitHub
GitHub - wavestone-cdt/EDRSandblast
Contribute to wavestone-cdt/EDRSandblast development by creating an account on GitHub.
The hidden side of Seclogon part 2: Abusing leaked handles to dump LSASS memory
https://ift.tt/3rZi4PF
Submitted December 07, 2021 at 08:09PM by splinter_code
via reddit https://ift.tt/3ItYWik
https://ift.tt/3rZi4PF
Submitted December 07, 2021 at 08:09PM by splinter_code
via reddit https://ift.tt/3ItYWik
Detailed Report on Local Privilege Escalation Vulnerability in Ubuntu Desktop (Pwn2Own 2021)
https://ift.tt/31HD1nb
Submitted December 08, 2021 at 08:33PM by toyojuni
via reddit https://ift.tt/3IwHMAv
https://ift.tt/31HD1nb
Submitted December 08, 2021 at 08:33PM by toyojuni
via reddit https://ift.tt/3IwHMAv
flatt.tech
Ubuntu Desktop Exploit | Pwn2Own Local Escalation of Privilege Category | GMO Flatt Security
This whitepaper describes the vulnerability used for PWN2OWN 2021 of Local Escalation of Privilege Category. This exploit and vulnerability were tested against the latest release of Ubuntu Desktop 20.10 at the time of writing.
Process Ghosting - EDR Evasion
https://ift.tt/3DBe9dR
Submitted December 09, 2021 at 12:36AM by netbiosX
via reddit https://ift.tt/305Il2Y
https://ift.tt/3DBe9dR
Submitted December 09, 2021 at 12:36AM by netbiosX
via reddit https://ift.tt/305Il2Y
Pentest Laboratories
Process Ghosting
Understanding how endpoint products work to identify malicious actions can lead to the discovery of security gaps which can be used for evasion during red team operations. The technique Process Her…
PhD thesis on satellite security incl prev incidents and finding a lot sent clear text
https://ift.tt/3Giplhg
Submitted December 09, 2021 at 01:31AM by pangolinportent
via reddit https://ift.tt/3rTDCNz
https://ift.tt/3Giplhg
Submitted December 09, 2021 at 01:31AM by pangolinportent
via reddit https://ift.tt/3rTDCNz
tool that monitors/alerts if a vulnerability is found in any 3rd party library/code/tool/etc we use in our system... I can not find any...
https://ift.tt/3DBsI0U
Submitted December 09, 2021 at 01:29AM by Ques-tion-Everything
via reddit https://ift.tt/3dEbbul
https://ift.tt/3DBsI0U
Submitted December 09, 2021 at 01:29AM by Ques-tion-Everything
via reddit https://ift.tt/3dEbbul
Malicious npm Packages Are After Your Discord Tokens
https://ift.tt/3m8zDJl
Submitted December 09, 2021 at 03:16AM by SRMish3
via reddit https://ift.tt/3IA89FI
https://ift.tt/3m8zDJl
Submitted December 09, 2021 at 03:16AM by SRMish3
via reddit https://ift.tt/3IA89FI
Microsoft and GitHub OAuth Implementation Vulnerabilities Lead to Redirection Attacks | Proofpoint US
https://ift.tt/31AoolQ
Submitted December 09, 2021 at 03:58AM by Environmental-Art446
via reddit https://ift.tt/3pCgQqB
https://ift.tt/31AoolQ
Submitted December 09, 2021 at 03:58AM by Environmental-Art446
via reddit https://ift.tt/3pCgQqB
Lição 1
https://ift.tt/3DEusGX
Submitted December 09, 2021 at 09:54AM by Forward-Guest4804
via reddit https://ift.tt/3EGnnqr
https://ift.tt/3DEusGX
Submitted December 09, 2021 at 09:54AM by Forward-Guest4804
via reddit https://ift.tt/3EGnnqr
Facebook
Log in or sign up to view
See posts, photos and more on Facebook.
CSPM, CIEM, CWPP, and CNAPP: Guess who in the cloud security landscape
https://ift.tt/3Iwmkf7
Submitted December 09, 2021 at 02:06PM by MiguelHzBz
via reddit https://ift.tt/3rPXtNt
https://ift.tt/3Iwmkf7
Submitted December 09, 2021 at 02:06PM by MiguelHzBz
via reddit https://ift.tt/3rPXtNt