/r/netsec's Q2 2022 Information Security Hiring Thread
OverviewIf you have open positions at your company for information security professionals and would like to hire from the /r/netsec user base, please leave a comment detailing any open job listings at your company.We would also like to encourage you to post internship positions as well. Many of our readers are currently in school or are just finishing their education.Please reserve top level comments for those posting open positions.Rules & GuidelinesInclude the company name in the post. If you want to be topsykret, go recruit elsewhere. Include the geographic location of the position along with the availability of relocation assistance or remote work.If you are a third party recruiter, you must disclose this in your posting.Please be thorough and upfront with the position details.Use of non-hr'd (realistic) requirements is encouraged.While it's fine to link to the position on your companies website, provide the important details in the comment.Mention if applicants should apply officially through HR, or directly through you.Please clearly list citizenship, visa, and security clearance requirements.You can see an example of acceptable posts by perusing past hiring threads.FeedbackFeedback and suggestions are welcome, but please don't hijack this thread (use moderator mail instead.)

Submitted April 06, 2022 at 02:28AM by ranok
via reddit https://ift.tt/5OywJaZ

RedFat: A Binary Hardening System for Linux/ELF/x64
https://ift.tt/8aFXg2J

Submitted April 06, 2022 at 07:07PM by zoomT
via reddit https://ift.tt/zjW7PGq

Validate AWS CloudFormation templates for security misconfigurations and vulnerabilities (online tool)
https://ift.tt/DI9vu56

Submitted April 06, 2022 at 08:51PM by elitistAlmond
via reddit https://ift.tt/DXcFu0B

Dirty Pipe Explained - CVE-2022-0847
https://ift.tt/H047mGJ

Submitted April 06, 2022 at 08:01PM by freakwin
via reddit https://ift.tt/OevzrbV

The Top 13 Ethical Hacking Courses on Udemy (2022)
https://ift.tt/dztVnqk

Submitted April 07, 2022 at 12:19AM by No_Sun697
via reddit https://ift.tt/xcZpeir

Spring Framework RCE (CVE-2022-22965) Nmap (NSE) Checker (Non-Intrusive)
https://ift.tt/UMhFKRm

Submitted April 07, 2022 at 07:11AM by alt3kx
via reddit https://ift.tt/Aj2IryZ

Newly updated VMware patches for critical vulnerabilities. CVE-2022-22954 ~ CVE-2022-22961
https://ift.tt/MduQiqx

Submitted April 07, 2022 at 12:26PM by Late_Ice_9288
via reddit https://ift.tt/fsvOzR5

SpiderFoot 4.0 release - introducing YAML correlation rules
https://ift.tt/T5aO7RQ

Submitted April 07, 2022 at 10:08PM by smicallef
via reddit https://ift.tt/xvJn4e8

Denonia: The First Malware Specifically Targeting Lambda
https://ift.tt/bGIfEHc

Submitted April 08, 2022 at 12:11AM by lormayna
via reddit https://ift.tt/zLgCKc5

fullhunt/spring4shell-scan: A fully automated, reliable, and accurate scanner for finding Spring4Shell and Spring Cloud RCE vulnerabilities
https://ift.tt/wEXJDx0

Submitted April 08, 2022 at 03:33AM by mazen160
via reddit https://ift.tt/NbfPvQ7

PCI DSS v4.0 Resource Hub
https://ift.tt/luDidIL

Submitted April 08, 2022 at 04:27AM by Pomerium_CMo
via reddit https://ift.tt/NQpu90v

ImpressCMS: from unauthenticated SQL injection to RCE
https://ift.tt/dNBszE6

Submitted April 08, 2022 at 04:31PM by eg1x
via reddit https://ift.tt/ISVuAr0

Exploiting CVE-2022-0778, a bug in OpenSSL vis-à-vis WebRTC platforms
https://ift.tt/xc6v7rM

Submitted April 08, 2022 at 04:24PM by EnableSecurity
via reddit https://ift.tt/wkMdDZ0

Russia’s certificate authority for sanctioned organizations
https://ift.tt/nMcEGOB

Submitted April 08, 2022 at 08:03PM by koenrh
via reddit https://ift.tt/8wNL1bm

Exploiting a User-After-Free on PHP to bypass disable_functions
https://ift.tt/EWbK85Q

Submitted April 09, 2022 at 02:50AM by gid0rah
via reddit https://ift.tt/Px0oLKf

Retain Top Talent with Better Pentest Reporting
https://ift.tt/0lP4b3e

Submitted April 09, 2022 at 04:19AM by jpierini
via reddit https://ift.tt/zFE1CbH

Wrote about Azure AD Consent bypass - disclosure
https://ift.tt/9zd8Ima

Submitted April 09, 2022 at 12:20PM by jsantasalo
via reddit https://ift.tt/oZr2VG0

socialhunter: crawls the website and finds broken social media links that can be hijacked
https://ift.tt/r5MSQ64

Submitted April 09, 2022 at 08:50PM by utku1337
via reddit https://ift.tt/NlEuk7P

Firewall analysis: A portable graph based approach
https://ift.tt/i86XDYj

Submitted April 10, 2022 at 01:32AM by DiabloHorn
via reddit https://ift.tt/VwWLBao

Hackers Exploiting Spring4Shell Vulnerability to Deploy Mirai Botnet Malware. This is far from the first time the botnet operators have quickly added newly publicized flaws to their exploit toolset. last year, multiple botnets were uncovered leveraging the Log4Shell to breach susceptible servers.
https://ift.tt/jbtpe6T

Submitted April 11, 2022 at 10:47AM by Late_Ice_9288
via reddit https://ift.tt/JMKFsau

Semgrep ruleset for C/C++ vulnerability research
https://ift.tt/q2cMztC

Submitted April 11, 2022 at 02:21PM by 0xdea
via reddit https://ift.tt/Dro7vbt