Posted in r/netsec by u/MysteriousHotel3017 • 1 point and 0 comments

Posted in r/netsec by u/VVX7 • 1 point and 0 comments

pfSense <= 2.5.2 allows authenticated users to inject arbitrary sed-specific code, which leads to an Arbitrary File Write, resulting in a Remote Code Execution. The vulnerability is also exploitable through a Cross-Site Request Forgery.

The advisory data can be readily adopted, adapted, and exchanged. Learn more here.

I have bad news. I first noticed this one day like any other, and once I noticed it, I couldn’t escape the reality. Hacking is boring. This may seem counter-intuitive at first. If you looked at your average hacker, they wouldn’t look bored. More like a mixture…

Application security issues found by Assetnote

Hello everyone. I am so excited to publish my second article in 2022 which is ‘Understanding Threat Actors’.

As geopolitical tensions continue to mount, reports are emerging of a new wiper malware targeting Ukrainian infrastructure, such as government departments. Symantec and ESET research first tweeted...

Posted in r/netsec by u/danyork • 10 points and 0 comments

Last year we found a lot of exciting vulnerabilities in VMware products. The vendor was notified and they have since been patched. This is the second part of our research. This article covers an Authentication Bypass in VMware Carbon Black Cloud Workload…

Simwigo is a cross-platform tool, written in Go, to simplify the deployment of a web service. - GitHub - 8iche/simwigo: Simwigo is a cross-platform tool, written in Go, to simplify the deployment o...

South Korean researchers published an academic paper that presents a method to decrypt the files encrypted by the Hive Ransomware . This article How to Decrypt the Files Encrypted by the Hive Ransomware

The Ransomware Files podcast tells the harrowing stories of technology experts who have fought back against ransomware, which is one of the greatest crime waves the internet has ever seen. It features in-the-trenches stories about how organisations recovered…

A de-socketing library for fuzzing. Contribute to fkie-cad/libdesock development by creating an account on GitHub.

You can find me on Twitter at @HexKitchen , and follow the team for the latest in exploit techniques and security patches.

Circumventing Deep Packet Inspection with Socat and rot13 - socat_caesar_dpi.md

A Ukrainian cybersecurity researcher has released a huge batch of data that came from the internal systems of the Conti ransomware gang. The researcher released the

Are you looking for a career in application security in 2022? Here's what you need to know to land a job in a competitive tech landscape.

Twitter: @s4tan Download: https://github.com/enkomio/AlanFramework/releases/latest Documentation: https://github.com/enkomio/AlanFr...