Unauthenticated Configuration Export in Multiple WAGO Products
https://ift.tt/g93t0LU
Submitted January 16, 2023 at 04:22PM by g_e_r_h_a_r_d
via reddit https://ift.tt/Nd4y3hr
https://ift.tt/g93t0LU
Submitted January 16, 2023 at 04:22PM by g_e_r_h_a_r_d
via reddit https://ift.tt/Nd4y3hr
ONEKEY
🚨 WAGO Alert: Unauthorized Configuration Exports Discovered 🔒
Learn How to Keep Your Industrial Controllers Safe 👉
rsbkb: a Rust CLI tool to easily chain operations (CyberChef-like) through pipes. Other utils as a bonus.
https://ift.tt/kSqKrsj
Submitted January 17, 2023 at 03:28AM by alain_proviste
via reddit https://ift.tt/8dterzS
https://ift.tt/kSqKrsj
Submitted January 17, 2023 at 03:28AM by alain_proviste
via reddit https://ift.tt/8dterzS
GitHub
GitHub - trou/rsbkb: CLI tools to encode/decode things
CLI tools to encode/decode things. Contribute to trou/rsbkb development by creating an account on GitHub.
Expanding to /r/netsec! Fun 3min newsletter idea
http://icephishing.io
Submitted January 17, 2023 at 07:04AM by frenchfry_wildcat
via reddit https://ift.tt/AESqcNl
http://icephishing.io
Submitted January 17, 2023 at 07:04AM by frenchfry_wildcat
via reddit https://ift.tt/AESqcNl
Ice Phishing Newsletter
Get smarter about cybersecurity
The misadventures of SPF: Delivering SPF authenticated emails on behalf of the Ukrainian MoD, MIT and 1000+ others.
https://ift.tt/XqQG6vV
Submitted January 17, 2023 at 11:40AM by Jumpy_Resolution3089
via reddit https://ift.tt/2UnW1v7
https://ift.tt/XqQG6vV
Submitted January 17, 2023 at 11:40AM by Jumpy_Resolution3089
via reddit https://ift.tt/2UnW1v7
Caniphish
Scanning SPF Records For Severe Misconfigurations | CanIPhish
Understand why anyone can deliver SPF authenticated emails on behalf of these 1000+ organisations.
Introducing RPC Investigator
https://ift.tt/MjWhS0P
Submitted January 17, 2023 at 07:43PM by Gallus
via reddit https://ift.tt/lmbsGqZ
https://ift.tt/MjWhS0P
Submitted January 17, 2023 at 07:43PM by Gallus
via reddit https://ift.tt/lmbsGqZ
Trail of Bits Blog
Introducing RPC Investigator
A new tool for Windows RPC research By Aaron LeMasters Trail of Bits is releasing a new tool for exploring RPC clients and servers on Windows. RPC Investigator is a .NET application that builds on …
Creating a polymorphic malware using ChatGPT
https://ift.tt/AGXfonE
Submitted January 17, 2023 at 08:49PM by ES_CY
via reddit https://ift.tt/c8UIgvF
https://ift.tt/AGXfonE
Submitted January 17, 2023 at 08:49PM by ES_CY
via reddit https://ift.tt/c8UIgvF
Cyberark
Chatting Our Way Into Creating a Polymorphic Malware
Abstract ChatGPT took the world by storm being released less than two months ago, it has become prominent and is used everywhere, for a wide variety of tasks – from automation tasks to the...
Announcing the public beta of Caido, a BurpSuite alternative
https://ift.tt/MPOwTQn
Submitted January 17, 2023 at 09:39PM by TheSytten
via reddit https://ift.tt/Ox6jGJ3
https://ift.tt/MPOwTQn
Submitted January 17, 2023 at 09:39PM by TheSytten
via reddit https://ift.tt/Ox6jGJ3
Medium
Caido is now in public beta
We’re excited to announce the public beta of Caido!
AWS CloudTrail vulnerability: Undocumented API allows CloudTrail bypass | Datadog Security Labs
https://ift.tt/1iazyZX
Submitted January 17, 2023 at 09:33PM by RedTermSession
via reddit https://ift.tt/d6RvmP8
https://ift.tt/1iazyZX
Submitted January 17, 2023 at 09:33PM by RedTermSession
via reddit https://ift.tt/d6RvmP8
Datadoghq
AWS CloudTrail vulnerability: Undocumented API allows CloudTrail bypass
Public disclosure of a method to bypass CloudTrail for specific IAM actions.
Security audit of Git
https://ift.tt/WkXG2P0
Submitted January 18, 2023 at 01:20AM by joernchen
via reddit https://ift.tt/7okJZMa
https://ift.tt/WkXG2P0
Submitted January 18, 2023 at 01:20AM by joernchen
via reddit https://ift.tt/7okJZMa
X41 D-SEC
X41 Audited Git
X41 releases the audit report of Git
Hacking ICS Historians: The Pivot Point From IT to OT
https://ift.tt/kRobpVO
Submitted January 18, 2023 at 02:10AM by derp6996
via reddit https://ift.tt/CKcVSls
https://ift.tt/kRobpVO
Submitted January 18, 2023 at 02:10AM by derp6996
via reddit https://ift.tt/CKcVSls
Claroty
Hacking ICS Historians: The Pivot Point from IT to OT
Tailscale bug allowed a person to share nodes from other tailnets without auth
https://ift.tt/hzBJwC8
Submitted January 18, 2023 at 07:10AM by Security_Chief_Odo
via reddit https://ift.tt/4rYbU3K
https://ift.tt/hzBJwC8
Submitted January 18, 2023 at 07:10AM by Security_Chief_Odo
via reddit https://ift.tt/4rYbU3K
Tailscale
Security notifications affecting the Tailscale client and service If you’re directly affected by a security issue in Tailscale, and we have your contact information, we will contact you.
Nothing new under the Sun - Discovering and exploiting a CDE bug chain
https://ift.tt/ZmE6agQ
Submitted January 18, 2023 at 02:30PM by 0xdea
via reddit https://ift.tt/dEN4kQM
https://ift.tt/ZmE6agQ
Submitted January 18, 2023 at 02:30PM by 0xdea
via reddit https://ift.tt/dEN4kQM
hn security
Nothing new under the Sun - Discovering and exploiting a CDE bug chain - hn security
“What has been will be again, […]
Top 10 security predictions for 2023
https://ift.tt/QPENDWK
Submitted January 18, 2023 at 07:51PM by KeyDutch
via reddit https://ift.tt/USrDcZx
https://ift.tt/QPENDWK
Submitted January 18, 2023 at 07:51PM by KeyDutch
via reddit https://ift.tt/USrDcZx
Immuniweb
Top 10 Cybersecurity Predictions for 2023
Although 2022 has been a quite tumultuous year for cyber security industry, 2023 is expected to be even more challenging for security teams, experts warn.
Gold Digger: a simple tool to quickly discover credentials/sensitive information in files recursively
https://ift.tt/3akKSEL
Submitted January 18, 2023 at 10:32PM by ustayready
via reddit https://ift.tt/nTHJje1
https://ift.tt/3akKSEL
Submitted January 18, 2023 at 10:32PM by ustayready
via reddit https://ift.tt/nTHJje1
GitHub
GitHub - ustayready/golddigger
Contribute to ustayready/golddigger development by creating an account on GitHub.
Java XML security issues and how to address them
https://ift.tt/LmlgAVB
Submitted January 18, 2023 at 10:02PM by got_nations
via reddit https://ift.tt/p8xg7DF
https://ift.tt/LmlgAVB
Submitted January 18, 2023 at 10:02PM by got_nations
via reddit https://ift.tt/p8xg7DF
XML Security in Java
In this blog post, you can read just how much of a mess Java XML security is
Sudoedit can edit arbitrary files (CVE-2023-22809)
https://ift.tt/I4U8OtJ
Submitted January 19, 2023 at 01:59AM by 0xdea
via reddit https://ift.tt/TIP3QJX
https://ift.tt/I4U8OtJ
Submitted January 19, 2023 at 01:59AM by 0xdea
via reddit https://ift.tt/TIP3QJX
Sudo
Sudoedit can edit arbitrary files
A flaw in exists in sudo’s -e option (aka sudoedit) that allows a malicious user with sudoedit privileges to edit arbitrary files.
Sudo versions affected: Sudo versions 1.8.0 through 1.9.12p1 inclusive are affected. Versions of sudo prior to 1.8.0 construct…
Sudo versions affected: Sudo versions 1.8.0 through 1.9.12p1 inclusive are affected. Versions of sudo prior to 1.8.0 construct…
Centreon Map plugin allows pre-auth remote process memory dump (CVSS 8.3) - PoC
https://ift.tt/3U9xKJI
Submitted January 19, 2023 at 12:33PM by qwerty0x41
via reddit https://ift.tt/xvS2PIr
https://ift.tt/3U9xKJI
Submitted January 19, 2023 at 12:33PM by qwerty0x41
via reddit https://ift.tt/xvS2PIr
SeeProxy: Golang reverse proxy with CobaltStrike malleable profile validation.
https://ift.tt/Uw6bV5g
Submitted January 19, 2023 at 05:42PM by bambo_gambo
via reddit https://ift.tt/e6cbHoK
https://ift.tt/Uw6bV5g
Submitted January 19, 2023 at 05:42PM by bambo_gambo
via reddit https://ift.tt/e6cbHoK
GitHub
GitHub - nopbrick/SeeProxy: Golang reverse proxy with CobaltStrike malleable profile validation.
Golang reverse proxy with CobaltStrike malleable profile validation. - GitHub - nopbrick/SeeProxy: Golang reverse proxy with CobaltStrike malleable profile validation.
Exploiting CVE-2021-3490 for Container Escapes
https://ift.tt/r2cXUpe
Submitted January 19, 2023 at 05:01PM by Gallus
via reddit https://ift.tt/v3dSMqc
https://ift.tt/r2cXUpe
Submitted January 19, 2023 at 05:01PM by Gallus
via reddit https://ift.tt/v3dSMqc
CrowdStrike.com
Exploiting CVE-2021-3490 for Container Escapes | CrowdStrike
Learn how to modify and exploit a Linux Kernel vulnerability to escape container environments, and how CrowdStrike can help to prevent and hunt for similar threats.
POC Exploit for CVE-2022-47966 affecting multiple ManageEngine products
https://ift.tt/4cZl7zt
Submitted January 19, 2023 at 06:52PM by scopedsecurity
via reddit https://ift.tt/we3bRx4
https://ift.tt/4cZl7zt
Submitted January 19, 2023 at 06:52PM by scopedsecurity
via reddit https://ift.tt/we3bRx4
GitHub
GitHub - horizon3ai/CVE-2022-47966: POC for CVE-2022-47966 affecting multiple ManageEngine products
POC for CVE-2022-47966 affecting multiple ManageEngine products - horizon3ai/CVE-2022-47966
Simple, open-source, lightweight stress testing tool
https://ift.tt/CJDx5pf
Submitted January 19, 2023 at 09:38PM by chrisy_e
via reddit https://ift.tt/NblMW8E
https://ift.tt/CJDx5pf
Submitted January 19, 2023 at 09:38PM by chrisy_e
via reddit https://ift.tt/NblMW8E
GitHub
GitHub - getanteon/anteon: Anteon (formerly Ddosify) - Effortless Kubernetes Monitoring and Performance Testing. Available on CLI…
Anteon (formerly Ddosify) - Effortless Kubernetes Monitoring and Performance Testing. Available on CLI, Self-Hosted, and Cloud - getanteon/anteon