Posted in r/netsec by u/Jazzlike-Vegetable69 • 5 points and 1 comment

Security breaches have increased in recent years. The world is dangerously ill-equipped to handle the magnitude of these threats.

Denoscription Using firejail --private --private-cwd=. /usr/bin/sh leaks access to the entire filesystem. Steps to Reproduce cd into some subdirectory of $HOME. `firejail --private --private-cwd=. /u...

Home of the Advanced Persistent Tortellini - aka APTortellini, an Italian collective of hackers publishing technical research regarding offensive security.

Claroty Team82 discloses five Moxa MXview network management system vulnerabilities that have been patched by Moxa.

Posted in r/netsec by u/zx2c4 • 121 points and 4 comments

WalkMe enables your business to simplify the online experience and eliminate user confusion.

Hello Web3/blockchain world, great job. You got people to take you seriously, trusting your projects and investing their money. You’ve sold people on your innovations, and people believe in your pr…

At RedHunt Labs, (under Project Resonance), we frequently conduct internet-wide research in different shapes and formats to understand the state of security across the internet. In this iteration, we conducted a study about the current state of DNS configurations…

Disclosure of two novel techniques to attack and compromise a CA server by abusing the ManageCA permissions (AD CS)

A multi-threaded PDF password cracking utility equipped with commonly encountered password format builders and dictionary attacks. - GitHub - mufeedvh/pdfrip: A multi-threaded PDF password cracking...

A vulnerability in the Cisco Adaptive Security Device Manager (ASDM) Launcher could allow an unauthenticated, remote attacker to execute arbitrary code on a us…

We discovered an interesting code vulnerability that could be used to bypass hardening mechanisms in the popular WordPress CMS.

Advisories, proof of concept files and exploits that have been made public by @pedrib. - pedrib/PoC

Let's check if your target is vulnerable for client side prototype pollution. - kosmosec/proto-find

In this episode I talk about the concept of Security Roles and Responsibilities, Control Frameworks, Due care & Due Diligence, Policies, Standards, Procedures, Guidelines & Baseline and Threat Modeling which are essentials from an exam and real life security…

Rapid7’s Managed Threat Complete with unlimited incident response and vulnerability management. Contain costs and eliminate threats. Get Started Now.

multiple vulnerabilities in concrete cms part2. Privilege escalation, SSRF, password reset poisoning. Concrete CMS pentest