LTrack: Stealthy Tracking of Mobile Phones in LTE
https://ift.tt/iz5vMPw
Submitted March 23, 2022 at 05:28PM by rbarkley
via reddit https://ift.tt/rl2ieST
https://ift.tt/iz5vMPw
Submitted March 23, 2022 at 05:28PM by rbarkley
via reddit https://ift.tt/rl2ieST
Reddit
From the netsec community on Reddit: LTrack: Stealthy Tracking of Mobile Phones in LTE
Posted by rbarkley - 17 votes and 4 comments
Large-scale npm attack targets Azure developers with malicious packages
https://ift.tt/KCe7JMy
Submitted March 23, 2022 at 11:21PM by SRMish3
via reddit https://ift.tt/XYrlU8C
https://ift.tt/KCe7JMy
Submitted March 23, 2022 at 11:21PM by SRMish3
via reddit https://ift.tt/XYrlU8C
JFrog
Large-scale npm attack targets Azure developers with malicious packages
JFrog discovers hundreds of npm malicious packages in a large-scale typosquatting attack designed to steal PII from Azure developers. Find out more >
GitHub - Developers Support Ukraine
https://ift.tt/xkGS5Dg
Submitted March 23, 2022 at 11:08PM by ssh-mitm
via reddit https://ift.tt/nHNhdbY
https://ift.tt/xkGS5Dg
Submitted March 23, 2022 at 11:08PM by ssh-mitm
via reddit https://ift.tt/nHNhdbY
GitHub
GitHub - support-ukraine/support-ukraine
Contribute to support-ukraine/support-ukraine development by creating an account on GitHub.
I've heard someone here might be interested in virus(ransomware) samples. I'd like to know what this is or what to do about it.
https://ift.tt/KZDBRS3
Submitted March 24, 2022 at 12:21AM by TarnaBar
via reddit https://ift.tt/cy4sm0A
https://ift.tt/KZDBRS3
Submitted March 24, 2022 at 12:21AM by TarnaBar
via reddit https://ift.tt/cy4sm0A
CVE-2022-24415, CVE-2022-24416, CVE-2022-24419, CVE-2022-24420, CVE-2022-24421 : New Dell BIOS Bugs Affect Millions of Inspiron, Vostro, XPS, Alienware Systems
https://ift.tt/829ogO0
Submitted March 24, 2022 at 07:20AM by Late_Ice_9288
via reddit https://ift.tt/m7BcZR8
https://ift.tt/829ogO0
Submitted March 24, 2022 at 07:20AM by Late_Ice_9288
via reddit https://ift.tt/m7BcZR8
reddit
CVE-2022-24415, CVE-2022-24416, CVE-2022-24419, CVE-2022-24420,...
Posted in r/netsec by u/Late_Ice_9288 • 1 point and 0 comments
Remote Code Execution on Western Digital PR4100 NAS (CVE-2022-23121)
https://ift.tt/pMiONcs
Submitted March 24, 2022 at 06:50PM by digicat
via reddit https://ift.tt/mWqaKpX
https://ift.tt/pMiONcs
Submitted March 24, 2022 at 06:50PM by digicat
via reddit https://ift.tt/mWqaKpX
NCC Group Research Blog
Remote Code Execution on Western Digital PR4100 NAS (CVE-2022-23121)
This blog post describes an unchecked return value vulnerability found and exploited in September 2021 by Alex Plaskett, Cedric Halbronn and Aaron Adams working at the Exploit Development Group (ED…
LAPSUS$ ringleader suspected to be 16-year-old British teen
https://ift.tt/BALKoMC
Submitted March 24, 2022 at 06:57PM by PM_ME_YOUR_PC_DEALS
via reddit https://ift.tt/8ewAEin
https://ift.tt/BALKoMC
Submitted March 24, 2022 at 06:57PM by PM_ME_YOUR_PC_DEALS
via reddit https://ift.tt/8ewAEin
WePC
LAPSUS$ ringleader suspected to be 16-year-old British teen
The hacking group LAPSUS$ has been making waves across the technology industry over the past few months, the new group, thought to be a collective of
Another vulnerability in the LPC55S69 ROM
https://ift.tt/zeaNdo3
Submitted March 25, 2022 at 12:31AM by mckirk_
via reddit https://ift.tt/GZjUDg9
https://ift.tt/zeaNdo3
Submitted March 25, 2022 at 12:31AM by mckirk_
via reddit https://ift.tt/GZjUDg9
Oxide
Oxide / Another vulnerability in the LPC55S69 ROM
The discovery of an undocumented hardware block in the LPC55S69
Heap Overflow in OpenBSD's slaacd via Router Advertisement
https://ift.tt/aODymTj
Submitted March 25, 2022 at 07:18AM by Gallus
via reddit https://ift.tt/fkH5deX
https://ift.tt/aODymTj
Submitted March 25, 2022 at 07:18AM by Gallus
via reddit https://ift.tt/fkH5deX
Quarkslab
Heap Overflow in OpenBSD's slaacd via Router Advertisement
Video - SSH Phishing attack on FIDO protected ssh keys
https://ift.tt/ejtEYNx
Submitted March 25, 2022 at 04:58PM by ssh-mitm
via reddit https://ift.tt/KGbX67n
https://ift.tt/ejtEYNx
Submitted March 25, 2022 at 04:58PM by ssh-mitm
via reddit https://ift.tt/KGbX67n
Vimeo
DS21 - 217 - Manfred Kaiser - SSH spoofing attack on FIDO2 Devices in Combination with Agent Forwarding
With OpenSSH 8.5 agent forwarding was implemented for SFTP and SCP to allow remote copy operations. Agent forwarding has already been considered a security risk…
What to look for when reviewing a company's infrastructure
https://ift.tt/cIQmnjK
Submitted March 25, 2022 at 07:22PM by okram87
via reddit https://ift.tt/TZqIMzt
https://ift.tt/cIQmnjK
Submitted March 25, 2022 at 07:22PM by okram87
via reddit https://ift.tt/TZqIMzt
Marco Lancini's Blog
What to look for when reviewing a company's infrastructure | Marco Lancini's Blog
A comprehensive guide that provides a structured approach to reviewing the security architecture of a multi-cloud SaaS company and finding its most critical components.
Red Canary's 2022 Threat Detection Report
https://ift.tt/4rdX6PT
Submitted March 25, 2022 at 08:19PM by tvjust
via reddit https://ift.tt/swmxfN6
https://ift.tt/4rdX6PT
Submitted March 25, 2022 at 08:19PM by tvjust
via reddit https://ift.tt/swmxfN6
reddit
Red Canary's 2022 Threat Detection Report
Posted in r/netsec by u/tvjust • 2 points and 0 comments
Splunk Patches Indexer Vulnerability Discovered By Team82
https://ift.tt/ME1SumB
Submitted March 25, 2022 at 08:17PM by n0llbyte
via reddit https://ift.tt/E371UxV
https://ift.tt/ME1SumB
Submitted March 25, 2022 at 08:17PM by n0llbyte
via reddit https://ift.tt/E371UxV
Claroty
Splunk Patches Indexer Vulnerability Discovered by Team82
A main component of Splunk Enterprise is Splunk patch indexer, which handles parsing and indexing of data. Discover more with Claroty.
RTLO Injection URI Spoofing CVE-2020-20093; 20094; 20095; 20096... chilling in plain sight for 3 years 👀 — iMessage, WhatsApp, Instagram, and Facebook Messenger. Telegram patched earlier & Signal fixing today!
https://ift.tt/buKfdvg
Submitted March 25, 2022 at 09:43PM by docker-osx
via reddit https://ift.tt/OVafDx0
https://ift.tt/buKfdvg
Submitted March 25, 2022 at 09:43PM by docker-osx
via reddit https://ift.tt/OVafDx0
GitHub
GitHub - zadewg/RIUS: CVE-2020-20093; 20094; 20095; 20096, 2022-28345 RTLO Injection URI Spoofing
CVE-2020-20093; 20094; 20095; 20096, 2022-28345 RTLO Injection URI Spoofing - GitHub - zadewg/RIUS: CVE-2020-20093; 20094; 20095; 20096, 2022-28345 RTLO Injection URI Spoofing
Finding bugs to trigger Unauthenticated Command Injection in a NETGEAR router (PSV-2022–0044)
https://ift.tt/ZOikMuI
Submitted March 25, 2022 at 09:35PM by stypr
via reddit https://ift.tt/157cakN
https://ift.tt/ZOikMuI
Submitted March 25, 2022 at 09:35PM by stypr
via reddit https://ift.tt/157cakN
Medium
Finding bugs to trigger Unauthenticated Command Injection in a NETGEAR router (PSV-2022–0044)
How I found various vulnerabilities and chained some of the vulnerabilities into an unauthenticated command execution in NETGEAR WAC124.
Detect malicious activity in Okta logs with Falco and Sysdig okta-analyzer
https://ift.tt/h7KtT3g
Submitted March 25, 2022 at 11:47PM by MiguelHzBz
via reddit https://ift.tt/xr6NyEJ
https://ift.tt/h7KtT3g
Submitted March 25, 2022 at 11:47PM by MiguelHzBz
via reddit https://ift.tt/xr6NyEJ
Sysdig
Detect malicious activity in Okta logs with Falco and Sysdig okta-analyzer
Sysdig has released the following binaries that will allow us to collect Okta events and using Falco OOTB rules to detect suspicious activity
Using the Dirty Pipe Vulnerability to Break Out from Containers
https://ift.tt/QK6G2Ie
Submitted March 26, 2022 at 05:44AM by freakwin
via reddit https://ift.tt/ho1pEJM
https://ift.tt/QK6G2Ie
Submitted March 26, 2022 at 05:44AM by freakwin
via reddit https://ift.tt/ho1pEJM
Using the Dirty Pipe Vulnerability to Break Out from Containers
Using the Dirty Pipe Vulnerability to Break Out from Containers | Datadog
See Datadog's proof of concept exploit for breaking out from unprivileged containers using the Dirty Pipe vulnerability.
How to detect IMSI catchers
https://ift.tt/uvY9QIX
Submitted March 26, 2022 at 05:19AM by knoy
via reddit https://ift.tt/sW8M7mi
https://ift.tt/uvY9QIX
Submitted March 26, 2022 at 05:19AM by knoy
via reddit https://ift.tt/sW8M7mi
Armadillophone
How to detect IMSI catchers
Your phone is under constant attack from criminals, corporations and foreign governments.
Mining data from Cobalt Strike beacons
https://ift.tt/6zP354g
Submitted March 26, 2022 at 12:03PM by digicat
via reddit https://ift.tt/AbPdU1i
https://ift.tt/6zP354g
Submitted March 26, 2022 at 12:03PM by digicat
via reddit https://ift.tt/AbPdU1i
Nccgroup
Cyber Security Research
Cutting-edge cyber security research from NCC Group. Find public reports, technical advisories, analyses, & other novel insights from our global experts.
PHP filter_var shenanigans
https://ift.tt/FBsZOJj
Submitted March 26, 2022 at 05:19PM by Gallus
via reddit https://ift.tt/CZy4noh
https://ift.tt/FBsZOJj
Submitted March 26, 2022 at 05:19PM by Gallus
via reddit https://ift.tt/CZy4noh
pwning.systems
PHP filter_var shenanigans
It is likely that we have all seen PHP filters that prevent us from encountering vulnerabilities. Here in this blog post, I'll walk you through my thought process for bypassing a filter by looking for a bug in the filter itself in order to reach a bug!
oss-security - Re: zlib memory corruption on deflate (i.e. compress)
https://ift.tt/3hB7L4n
Submitted March 27, 2022 at 04:36AM by Gallus
via reddit https://ift.tt/Nt6S8Pq
https://ift.tt/3hB7L4n
Submitted March 27, 2022 at 04:36AM by Gallus
via reddit https://ift.tt/Nt6S8Pq
reddit
oss-security - Re: zlib memory corruption on deflate (i.e. compress)
Posted in r/netsec by u/Gallus • 72 points and 9 comments