A binary hardening system. Contribute to GJDuck/RedFat development by creating an account on GitHub.

Build secure AWS environments in minutes: automated services for building, assessing, and securing AWS environments.

On 7th March’22, security researcher Max Kellermann published the vulnerability nicknamed ‘Dirty-Pipe’ which was assigned as CVE-2022-0847. This vulnerability affects the Linux kernel.

Looking to break into the field of ethical hacking? Here are the best ethical hacking courses on Udemy based on reviews, price, course syllabus and instructor experience.

Spring Framework RCE (CVE-2022-22965) Nmap (NSE) Checker (Non-Intrusive) - GitHub - alt3kx/CVE-2022-22965: Spring Framework RCE (CVE-2022-22965) Nmap (NSE) Checker (Non-Intrusive)

VMware Workspace ONE Access, Identity Manager and vRealize Automation updates address multiple vulnerabilities.

SpiderFoot automates OSINT for threat intelligence and mapping your attack surface. - spiderfoot/README.md at master · smicallef/spiderfoot

Cado Labs routinely analyses cloud environments to look for the latest threats. As part of ongoing research, we found the first publicly-known case of malware specifically designed to execute in an AWS Lambda environment. We named this malware Denonia, after…

A fully automated, reliable, and accurate scanner for finding Spring4Shell and Spring Cloud RCE vulnerabilities - GitHub - fullhunt/spring4shell-scan: A fully automated, reliable, and accurate scan...

PCI Security Standards Council publishes the PCI Data Security Standard v4.0- view resources for the Standard here.

Posted in r/netsec by u/eg1x • 61 points and 1 comment

Exploiting CVE-2022-0778 in a WebRTC context requires that you get a few things right first. But once that is sorted, DoS (in RTC) is the new RCE!

After Russia’s invasion of Ukraine, it has created a new certificate authority to support sanctioned organizations.

How do you retain those cybersecurity professionals you already have on the team. How do you keep them engaged and challenged?

I decided to post a short write-up on this MSRC case as this case was first one I worked with co-contributor @KimJamia Consent hack timeline Initial submission Q1 2022Microsoft proactively addresse…

crawls the website and finds broken social media links that can be hijacked - GitHub - utkusen/socialhunter: crawls the website and finds broken social media links that can be hijacked

Sometimes you are asked to perform a firewall analysis to determine if the configuration can be improved upon to reduce the ability for an attacker to move laterally through the network or identify…

“Humans are more suited to recognize […]

A deliberately vulnerable CI/CD environment. Learn CI/CD security through multiple challenges. - GitHub - cider-security-research/cicd-goat: A deliberately vulnerable CI/CD environment. Learn CI/CD...