Private and self-hosted file sharing over the Tor network written in golang - GitHub - R4yGM/garlicshare: Private and self-hosted file sharing over the Tor network written in golang

Critical JNDI-based vulnerability exploiting the same root cause of Log4Shell. Read more from the JFrog Security Research Team describing the attack vector >

Pwn stuff. Contribute to mm0r1/exploits development by creating an account on GitHub.

A critical infrastructure player found a way for traffic to leak out from their isolated network and asked us for help. They had updated…

This page describes the concept of mutual authentication and why it's important.

How to tell if you are using NPM safely within your CI

A repo to automatically generate and keep updated a series of Docker images through GitHub Actions. - GitHub - cybersecsi/RAUDI: A repo to automatically generate and keep updated a series of Docker...

Scanning millions of domains and compromising the email supply chain of Australia's most respected institutions.

I was a Private Internet Access (PIA) customer for many, many years. Some recent changes spurred me to look for a new VPN provider and I ended up landing on ProtonVPN which I’ve been using for a few months now.

Computer accounts have the $ sign appended at the end of their names in contrast with standard user accounts. By default Microsoft operating systems lack of security controls and hardening that wou…

One day, while I was working on OpenShift, a Kubernetes distribution by RedHat focused on developer experience and application security, I noticed that I was able to inject ANSI escape characters...

Coercing the domain controller machine account to authenticate to a host which is under the control of a threat actor could lead to domain compromise. The most notable technique which involves coer…

A Stack-based buffer overflow vulnerability in SMA100 Apache httpd server's mod_cgi module environment variables allows a remote unauthenticated attacker to po…

Ivy is a payload creation framework for the execution of arbitrary VBA (macro) source code directly in memory. Ivy’s loader does this by utilizing programmatical access in the VBA object environmen...

Precision X1 is a software overclocking tool released by EVGA, which has recently received CVE-2021-41577.

Last year ended in a rush to patch the Log4j vulnerability. Most organisations lack controls to prevent or even detect exploitation of log4shell and similar vulnerabilities. That meant overtime, blocking productivity and costly delays. Once the dust settled…

In this blog post we are going to discuss the details of a vulnerability in Windows Remote Desktop Services, which we recently uncovered. We reported the vulnerability to Microsoft in a...

hardwear.io USA 2022 - Hardware Security Conference & Training is seeking innovative research on attacks or mitigation on any hardware. Submit your research paper.

Posted in r/netsec by u/Acrobatic-Pen-9949 • 1 point and 0 comments