nday exploit: libinput format string bug, canary leak exploit (cve-2022-1215)
https://ift.tt/X7f1CS3
Submitted August 06, 2022 at 10:36AM by Gallus
via reddit https://ift.tt/xGEekZ6
https://ift.tt/X7f1CS3
Submitted August 06, 2022 at 10:36AM by Gallus
via reddit https://ift.tt/xGEekZ6
hyprblog
nday exploit: libinput format string bug, canary leak exploit (cve-2022-1215)
a quick post on a format string bug in libinput I found last year but never got around to debugging, plus some exploit code to leak the stack canary on a default Xubuntu 20.04.4 system.
Kanye West's Stem Player - An engineering disaster
https://ift.tt/rx3IXtj
Submitted August 06, 2022 at 09:43PM by krystalgamer
via reddit https://ift.tt/4SYqelw
https://ift.tt/rx3IXtj
Submitted August 06, 2022 at 09:43PM by krystalgamer
via reddit https://ift.tt/4SYqelw
krystalgamer.github.io
Kanye West's Stem Player - An engineering disaster
This post covers the history of the Stem Player, the development of the emulator, how badly the product was handled and some behind-the-scenes interactions with the creators
Weekly quiz covering 10 interesting infosec stories or events from the past week
https://ift.tt/eGO183B
Submitted August 06, 2022 at 11:23PM by jaco_za
via reddit https://ift.tt/ro1J5xU
https://ift.tt/eGO183B
Submitted August 06, 2022 at 11:23PM by jaco_za
via reddit https://ift.tt/ro1J5xU
SocVel.com - Don't Delay, SocVel Today!
Quiz - SocVel.com
The SocVel Cybersecurity Quiz [w26] Play this week's quiz, jam-packed with 10 of the most interesting #infosec stories from the past week. Play now!
Technical analysis of syzkaller based fuzzers: It's not about VaultFuzzer!
https://ift.tt/wfFJjYz
Submitted August 07, 2022 at 04:25PM by hardenedvault
via reddit https://ift.tt/CeqAj9y
https://ift.tt/wfFJjYz
Submitted August 07, 2022 at 04:25PM by hardenedvault
via reddit https://ift.tt/CeqAj9y
hardenedvault.net
Technical analysis of syzkaller based fuzzers: It's not about VaultFuzzer!
0. VaultFuzzer S0rry, VaultFuzzer is not the main player today. We’re going have little ride with Harbian-QA and GREBE today.
Amazon’s One-Stop Shop for Identity Thieves
https://ift.tt/G6A0n2F
Submitted August 07, 2022 at 08:42PM by moxofoxo
via reddit https://ift.tt/drCapm1
https://ift.tt/G6A0n2F
Submitted August 07, 2022 at 08:42PM by moxofoxo
via reddit https://ift.tt/drCapm1
The Intercept
Amazon’s One-Stop Shop for Identity Thieves
Public Amazon registries could reveal enough information to steal the identity of someone who hasn’t been born yet.
Blackbird: An OSINT tool to search for accounts by username
https://ift.tt/ut5a0mK
Submitted August 08, 2022 at 03:38AM by sanitybit
via reddit https://ift.tt/iJ8r2Ve
https://ift.tt/ut5a0mK
Submitted August 08, 2022 at 03:38AM by sanitybit
via reddit https://ift.tt/iJ8r2Ve
GitHub
GitHub - p1ngul1n0/blackbird: An OSINT tool to search for accounts by username in social networks.
An OSINT tool to search for accounts by username in social networks. - GitHub - p1ngul1n0/blackbird: An OSINT tool to search for accounts by username in social networks.
WinAPi Search - Recursively Search PE Binaries by Win32 Function Name
https://ift.tt/qL6vPNK
Submitted August 08, 2022 at 02:54AM by sanitybit
via reddit https://ift.tt/VQmOcdg
https://ift.tt/qL6vPNK
Submitted August 08, 2022 at 02:54AM by sanitybit
via reddit https://ift.tt/VQmOcdg
www.dennisbabkin.com
WinAPI Search - www.dennisbabkin.com
Download WinAPI Search - Search Utility For Win32 Functions & Error Codes
Codewarrior - open source SAST
https://ift.tt/Jqm5Hdz
Submitted August 08, 2022 at 10:01AM by CoolerVoid
via reddit https://ift.tt/JHosBUj
https://ift.tt/Jqm5Hdz
Submitted August 08, 2022 at 10:01AM by CoolerVoid
via reddit https://ift.tt/JHosBUj
GitHub
GitHub - CoolerVoid/codewarrior: code-searching tool and static code analysis - Beta
code-searching tool and static code analysis - Beta - GitHub - CoolerVoid/codewarrior: code-searching tool and static code analysis - Beta
Analysis of Dark Web service offerings, lnk delivery patterns & detection opportunities, and more
https://ift.tt/OfoFYp8
Submitted August 08, 2022 at 02:06PM by SuaveHobo
via reddit https://ift.tt/qPcWwhv
https://ift.tt/OfoFYp8
Submitted August 08, 2022 at 02:06PM by SuaveHobo
via reddit https://ift.tt/qPcWwhv
Substack
SOC Goulash: Weekend Wrap-Up
07/08/2022
How do you secure your DNS in the cloud? - DNS in the Cloud Capabilities
https://ift.tt/b3HXO6I
Submitted August 08, 2022 at 08:46PM by MiguelHzBz
via reddit https://ift.tt/wpnDybQ
https://ift.tt/b3HXO6I
Submitted August 08, 2022 at 08:46PM by MiguelHzBz
via reddit https://ift.tt/wpnDybQ
Sysdig
Cloud DNS Security - How to protect DNS in the Cloud – Sysdig
When using DNS in the Cloud, security cannot be forgotten. Learn more about security best practices for DNS in the Cloud
Targeted attack on industrial enterprises and public institutions [Kaspersky]
https://ift.tt/Yog0OBN
Submitted August 08, 2022 at 08:38PM by EspoJ
via reddit https://ift.tt/U7m8QYR
https://ift.tt/Yog0OBN
Submitted August 08, 2022 at 08:38PM by EspoJ
via reddit https://ift.tt/U7m8QYR
Kaspersky ICS CERT | Kaspersky Industrial Control Systems Cyber Emergency Response Team
Targeted attack on industrial enterprises and public institutions | Kaspersky ICS CERT
The attackers were able to penetrate dozens of enterprises and even hijack the IT infrastructure of some, taking control of systems used to manage security solutions. The goal of this series of attacks was cyberespionage.
SimpleX Chat - the first messaging platform that has no user identifiers (not even random numbers) - v3.1 of iOS and Android apps released - with secret chat groups and server access via Tor.
https://ift.tt/AjXoKpg
Submitted August 08, 2022 at 09:49PM by epoberezkin
via reddit https://ift.tt/gu6n1Sl
https://ift.tt/AjXoKpg
Submitted August 08, 2022 at 09:49PM by epoberezkin
via reddit https://ift.tt/gu6n1Sl
GitHub
simplex-chat/20220808-simplex-chat-v3.1-chat-groups.md at stable · simplex-chat/simplex-chat
SimpleX - the first messaging platform operating without user identifiers of any kind - 100% private by design! iOS and Android apps are released 📱! - simplex-chat/20220808-simplex-chat-v3.1-chat-g...
Security Guide for Startups: How to think about security while moving quickly | LunaSec
https://ift.tt/aRNuB02
Submitted August 08, 2022 at 10:12PM by breadchris
via reddit https://ift.tt/OG37UJx
https://ift.tt/aRNuB02
Submitted August 08, 2022 at 10:12PM by breadchris
via reddit https://ift.tt/OG37UJx
www.lunasec.io
Security Guide for Startups: How to think about security while moving quickly | LunaSec
A set of security action items, built around OWASP SAMM, that you and your company can work to complete while balancing your company's ability to quickly execute and grow.
zathura - SELinux confined
https://ift.tt/5FpanLH
Submitted August 09, 2022 at 12:09AM by esp0x31
via reddit https://ift.tt/gA7FWhP
https://ift.tt/5FpanLH
Submitted August 09, 2022 at 12:09AM by esp0x31
via reddit https://ift.tt/gA7FWhP
blog.esp0x31.io
zathura - SELinux confined
How to securely confine the zathura application to a SELinux domain.
Auditing Crypto Wallets
https://ift.tt/Rn3opm9
Submitted August 09, 2022 at 07:13AM by catlasshrugged
via reddit https://ift.tt/OCVmyWh
https://ift.tt/Rn3opm9
Submitted August 09, 2022 at 07:13AM by catlasshrugged
via reddit https://ift.tt/OCVmyWh
Advisory: Cisco Small Business RV Series Routers Web Filter Database Update Command Injection Vulnerability
https://ift.tt/aHOWCZV
Submitted August 09, 2022 at 01:04PM by g_e_r_h_a_r_d
via reddit https://ift.tt/ejRK6xO
https://ift.tt/aHOWCZV
Submitted August 09, 2022 at 01:04PM by g_e_r_h_a_r_d
via reddit https://ift.tt/ejRK6xO
ONEKEY
Advisory: Cisco Small Business RV Series Routers Web Filter Database Update Command Injection Vulnerability
The advisory describes a vulnerability ONEKEY identified when hunting for bugs to craft exploit chains for PWN2OWN 2021. Read advisory!
LibAFL: A Framework to Build Modular and Reusable Fuzzers
https://ift.tt/RQtXcpE
Submitted August 09, 2022 at 02:01PM by domenukk
via reddit https://ift.tt/nDfkEVM
https://ift.tt/RQtXcpE
Submitted August 09, 2022 at 02:01PM by domenukk
via reddit https://ift.tt/nDfkEVM
Security Best Practices in PHP
https://ift.tt/N0DrC7J
Submitted August 09, 2022 at 03:39PM by pigoretee
via reddit https://ift.tt/xLvk6mM
https://ift.tt/N0DrC7J
Submitted August 09, 2022 at 03:39PM by pigoretee
via reddit https://ift.tt/xLvk6mM
Sweetcode.io
Security Best Practices in PHP
Learn how to increase the security of PHP applications, with code examples, to make them more robust and less prone to cyber-attacks.
Microsoft Office to publish symbols starting August 2022
https://ift.tt/28aRvLN
Submitted August 09, 2022 at 07:38PM by TheDarthSnarf
via reddit https://ift.tt/rELBS3w
https://ift.tt/28aRvLN
Submitted August 09, 2022 at 07:38PM by TheDarthSnarf
via reddit https://ift.tt/rELBS3w
Discovering Domains via a Timing Attack on Certificate Transparency
https://ift.tt/gzb8OCy
Submitted August 10, 2022 at 01:24AM by 0xdea
via reddit https://ift.tt/kWZ5TNj
https://ift.tt/gzb8OCy
Submitted August 10, 2022 at 01:24AM by 0xdea
via reddit https://ift.tt/kWZ5TNj
PT SWARM
Discovering Domains via a Time-Correlation Attack on Certificate Transparency
New attack on certificate transparency reveals previously unknown domains!
A Novel SIP Based Distributed Reflection Denial-of-Service Attack and an Effective Defense Mechanism
https://ift.tt/4mdzFoB
Submitted August 10, 2022 at 08:09AM by sanitybit
via reddit https://ift.tt/hDYfUn0
https://ift.tt/4mdzFoB
Submitted August 10, 2022 at 08:09AM by sanitybit
via reddit https://ift.tt/hDYfUn0