Netsec – Telegram
Netsec
@RNetsec
7.44K subscribers
22.4K links
This channel posts the feed from r/netsec.
For any suggestions dm @streaak
Donate to keep the bot running https://www.paypal.me/akhilgv
Download Telegram
About
Blog
Apps
Platform
Join
Netsec
7.44K subscribers
Netsec
semgrep rule pack by elttam - Java entry-points and security issues in Jackson, Spring Remoting, and Struts DMI
https://ift.tt/NinkHm8

Submitted June 20, 2022 at 11:51AM by Gallus
via reddit https://ift.tt/pZCWncd
GitHub
GitHub - elttam/semgrep-rules
Contribute to elttam/semgrep-rules development by creating an account on GitHub.
396 views
Netsec
Zero Trust - A Layered Approach against threats
https://ift.tt/PyhBrbi

Submitted June 20, 2022 at 03:36PM by J_0_5
via reddit https://ift.tt/EpJnqiP
Medium
Zero Trust — A Layered Approach against cyber threats — Part II
This article will serve as a follow up to the Zero Trust primer ‘Zero Trust — An Introduction’. In this second part of the series, we’ll…
485 views
Netsec
Hacking into the worldwide Jacuzzi SmartTub network
https://ift.tt/c5CX2da

Submitted June 21, 2022 at 12:20AM by EatonZ
via reddit https://ift.tt/QhXRcN8
Eaton-Works
Hacking into the worldwide Jacuzzi SmartTub network
Two vulnerable Jacuzzi SmartTub administration panels exposed worldwide customer data for multiple brands.
401 views
Netsec
When the CAS let you in - abusing misconfigured Actuator in Apereo CAS
https://ift.tt/x4cGfI0

Submitted June 21, 2022 at 03:15PM by qwerty0x41
via reddit https://ift.tt/PWteCQ8
Reddit
r/netsec on Reddit: When the CAS let you in - abusing misconfigured Actuator in Apereo CAS
Posted by u/qwerty0x41 - 3 votes and 1 comment
374 views
Netsec
Intercepting MS Teams Communication
https://ift.tt/vczynXM

Submitted June 21, 2022 at 04:32PM by OwnPreparation3424
via reddit https://ift.tt/OXZhjkq
Medium
Intercepting MS Teams Communication
Just For Fun And Out Of Curiosity
382 views
Netsec
Reverse Engineering an old Mario & Luigi game for fun
https://ift.tt/t94OCIv

Submitted June 21, 2022 at 07:42PM by CyberMasterV
via reddit https://ift.tt/2QI8mci
Reddit
r/netsec on Reddit: Reverse Engineering an old Mario & Luigi game for fun
Posted by u/CyberMasterV - 21 votes and 2 comments
347 views
Netsec
Does Acrobat Reader Unload Injection of Security Products?
https://ift.tt/lBtapEM

Submitted June 21, 2022 at 02:11PM by woja111
via reddit https://ift.tt/qrKs41T
363 views
Netsec
A deep dive into Sigma rules and how to write your own threat detection rules
https://ift.tt/cLEwP8s

Submitted June 21, 2022 at 08:22PM by sciencestudent99
via reddit https://ift.tt/dNxH719
FourCore
A deep dive into Sigma rules and how to write your own threat detection rules
Sigma Rules - a generic open-source signature format for SIEM Systems. What Snort is to network traffic, and YARA to files, Sigma is to logs. Released in 2017, Sigma rules are used as a common language to build detection rules for different SIEM systems.
421 views
Netsec
Improving AI-based defenses to disrupt human-operated ransomware
https://ift.tt/pP8AQw0

Submitted June 21, 2022 at 09:35PM by SCI_Rusher
via reddit https://ift.tt/DAnxsdN
Microsoft News
Improving AI-based defenses to disrupt human-operated ransomware
To disrupt human-operated ransomware attacks as early as possible, we enhanced the AI-based protections in Microsoft Defender for Endpoint with a range of specialized machine learning techniques that swiftly identify and block malicious files, processes,…
370 views
Netsec
Container escapes: Detecting abuses of Linux capabilities with Falco + Intro to CAP_SYS_ADMIN
https://ift.tt/SEKFx3q

Submitted June 21, 2022 at 09:23PM by capitangolo
via reddit https://ift.tt/maVFWPK
Sysdig
How to detect the containers’ escape capabilities with Falco – Sysdig
With a tool like Falco, it’s possible to detect when specific container capabilities like CAP_SYS_ADMIN are misused.
437 views
Netsec
ShoMon V2: Shodan Monitoring Integration for TheHive written in Golang
https://ift.tt/jJ1HDpG

Submitted June 22, 2022 at 12:35PM by KaanSK
via reddit https://ift.tt/Lv6IMcJ
GitHub
GitHub - KaanSK/shomon: Shodan Monitoring integration for TheHive.
Shodan Monitoring integration for TheHive. Contribute to KaanSK/shomon development by creating an account on GitHub.
558 views
Netsec
Semgrep rules for PHP security assessment
https://ift.tt/q6YZKLM

Submitted June 22, 2022 at 02:28PM by 0xdea
via reddit https://ift.tt/tfovmJC
hn security
Semgrep rules for PHP security assessment - hn security
Hi! According to the official documentation, Semgrep […]
536 views
Netsec
Understanding the Compound File Binary Format and OLE Structures to Mess with CVE-2022-30190
https://ift.tt/1soTcXN

Submitted June 23, 2022 at 02:46PM by canmaplap
via reddit https://ift.tt/C5IGtnm
Cymulate
Messing with CVE-2022-30190 by Understanding Compound File Binary Format and OLE Structures
Gain an understanding of the Compound File Binary Format and OLE Structures to Mess with CVE-2022-30190 in this blog post by Cymulate.
393 views
Netsec
fuzzuli is a fuzzing tool that aims to find critical backup files by creating a dynamic wordlist based on the domain.
https://ift.tt/IG3vZcV

Submitted June 23, 2022 at 03:34PM by 0xmusana
via reddit https://ift.tt/WlRSwPG
GitHub
GitHub - musana/fuzzuli: fuzzuli is a url fuzzing tool that aims to find critical backup files by creating a dynamic wordlist based…
fuzzuli is a url fuzzing tool that aims to find critical backup files by creating a dynamic wordlist based on the domain. - GitHub - musana/fuzzuli: fuzzuli is a url fuzzing tool that aims to find ...
413 views
Netsec
Miracle - One Vulnerability To Rule Them All
https://ift.tt/eqcEtfu

Submitted June 23, 2022 at 04:44PM by scopedsecurity
via reddit https://ift.tt/eXSndL7
Medium
Miracle - One Vulnerability To Rule Them All
# Introduction
415 views
Netsec
This repo contains information about EDRs that can be useful during red team exercise.
https://ift.tt/roX3Qsf

Submitted June 23, 2022 at 09:39PM by M_Reza_Bakhtiyari
via reddit https://ift.tt/yhdswJO
GitHub
GitHub - Mr-Un1k0d3r/EDRs
Contribute to Mr-Un1k0d3r/EDRs development by creating an account on GitHub.
417 views
Netsec
The Far Point of a Static Encounter
https://ift.tt/tr1Yxei

Submitted June 24, 2022 at 09:44AM by amirshk
via reddit https://ift.tt/Zd0SWlD
Medium
The Far Point of a Static Encounter
A breakdown of the Anti-VM skimmer and its variants from the earliest incarnation to the latest iteration served from staticounter.]net.
414 views
Netsec
CookieMonsteRCE: Stored XSS to RCE in Zena
https://ift.tt/uoWMpdV

Submitted June 24, 2022 at 09:47AM by jibblz
via reddit https://ift.tt/8bKNPce
418 views
Netsec
Playing Docker? Bad Containers and What They Teach Us
https://ift.tt/4e2Toxt

Submitted June 24, 2022 at 04:38PM by Illustrious_Yard_576
via reddit https://ift.tt/n9hoKwB
Medium
Playing Docker? Bad Containers and What They Teach Us
Ci/CD gets better, faster, and stronger with containers, but the security dilemma is still on the table. See what breaches can teach us.
420 views
Netsec
Use SQL to query Have I Been Pwned breaches, pastes & passwords (new open source tool!)
https://ift.tt/cBHKPVe

Submitted June 24, 2022 at 06:28PM by bobtbot
via reddit https://ift.tt/wZmjr7F
Steampipe Hub
Have I Been Pwned Plugin for Steampipe
Query HIBP data with SQL! Open source CLI. No DB required.
409 views
Netsec
The curious tale of a fake Carrier.app
https://ift.tt/AghiRGl

Submitted June 24, 2022 at 03:04PM by lormayna
via reddit https://ift.tt/hE2kGWj
Blogspot
The curious tale of a fake Carrier.app
Posted by Ian Beer, Google Project Zero NOTE: This issue was CVE-2021-30983 was fixed in iOS 15.2 in December 2021.   Towards the ...
391 views