How to Scan Vulnerabilities With Nmap: A Comprehensive Guide
https://ift.tt/r9JtQEP
Submitted March 29, 2023 at 06:29PM by KingSash
via reddit https://ift.tt/D8XEnRe
https://ift.tt/r9JtQEP
Submitted March 29, 2023 at 06:29PM by KingSash
via reddit https://ift.tt/D8XEnRe
StationX
How to Scan Vulnerabilities With Nmap: A Comprehensive Guide
If you want to conduct a vulnerability scan, you can use Nmap, which is a popular tool for the security testing process. Nmap is a powerful and versatile network scanning t...
Spyware vendors use 0-days and n-days against popular platforms
https://ift.tt/q9snRFC
Submitted March 29, 2023 at 07:29PM by YogiBerra88888
via reddit https://ift.tt/MThYKQu
https://ift.tt/q9snRFC
Submitted March 29, 2023 at 07:29PM by YogiBerra88888
via reddit https://ift.tt/MThYKQu
Google
Spyware vendors use 0-days and n-days against popular platforms
Google’s Threat Analysis Group (TAG) tracks actors involved in information operations (IO), government backed attacks and financially motivated abuse. For years, TAG has been tracking the activities of commercial spyware vendors to protect users. Today, we…
Bypassing DEP with gap restrictions
https://ift.tt/V7zZpyi
Submitted March 29, 2023 at 10:34PM by CarelessOne7933
via reddit https://ift.tt/A17Ckzv
https://ift.tt/V7zZpyi
Submitted March 29, 2023 at 10:34PM by CarelessOne7933
via reddit https://ift.tt/A17Ckzv
divyanshu-mehta.gitbook.io
Bypassing DEP - Increasing the Gap
This blog talks about how to use WriteProcessMemory API Call for executing shellcode in a scenario where there is very less gap between shellcode and WriteProcessMemory call skeleton
Microsoft Patched Bing Vulnerability That Allowed Snooping on Email and Other Data
https://ift.tt/YT3zi9H
Submitted March 30, 2023 at 12:09AM by geekydeveloper
via reddit https://ift.tt/XsH12KM
https://ift.tt/YT3zi9H
Submitted March 30, 2023 at 12:09AM by geekydeveloper
via reddit https://ift.tt/XsH12KM
WSJ
WSJ News Exclusive | Microsoft Patched Bing Vulnerability That Allowed Snooping on Email and Other Data
The issue was fixed days before the company launched a new AI-powered version of the search engine.
The Intersection of Apple’s USB Lower Filter and iPhone-WPD Integration
https://ift.tt/YjGvLmP
Submitted March 30, 2023 at 01:50AM by xoxoibo
via reddit https://ift.tt/TOvXKCw
https://ift.tt/YjGvLmP
Submitted March 30, 2023 at 01:50AM by xoxoibo
via reddit https://ift.tt/TOvXKCw
N4R1B
The Intersection of Apple's USB Lower Filter and iPhone-WPD Integration
How Apple's USB lower filter on Windows devices helps control device configurations
Supply chain attack in 3CX Windows Electron DesktopApp
https://ift.tt/ZPbITQE
Submitted March 30, 2023 at 12:41PM by qwerty0x41
via reddit https://ift.tt/Ji9eyfr
https://ift.tt/ZPbITQE
Submitted March 30, 2023 at 12:41PM by qwerty0x41
via reddit https://ift.tt/Ji9eyfr
Talkback - public beta of Talkback, a smart infosec resource aggregator to help you keep up with news and research
https://talkback.sh/
Submitted March 30, 2023 at 12:37PM by Gallus
via reddit https://ift.tt/SJT7s1w
https://talkback.sh/
Submitted March 30, 2023 at 12:37PM by Gallus
via reddit https://ift.tt/SJT7s1w
Talkback
Talkback is a smart infosec resource aggregator, designed to help security enthusiasts, practitioners and researchers be more productive.
With KEYPLUG, China’s RedGolf Spies On, Steals From Wide Field of Targets
https://ift.tt/ZI6b2q8
Submitted March 30, 2023 at 06:01PM by montouesto
via reddit https://ift.tt/KZ1nNgR
https://ift.tt/ZI6b2q8
Submitted March 30, 2023 at 06:01PM by montouesto
via reddit https://ift.tt/KZ1nNgR
It’s a (SNMP) Trap: Gaining Code Execution on LibreNMS
https://ift.tt/LfqMCl7
Submitted March 30, 2023 at 07:50PM by monoimpact
via reddit https://ift.tt/FioRx2p
https://ift.tt/LfqMCl7
Submitted March 30, 2023 at 07:50PM by monoimpact
via reddit https://ift.tt/FioRx2p
CVE-2022-27666: My file your memory
https://ift.tt/N5HdZqV
Submitted March 30, 2023 at 07:38PM by albocoder1
via reddit https://ift.tt/bDyeZrs
https://ift.tt/N5HdZqV
Submitted March 30, 2023 at 07:38PM by albocoder1
via reddit https://ift.tt/bDyeZrs
Revisiting Heaven's Gate with Lumma Stealer
https://ift.tt/wby63az
Submitted March 30, 2023 at 07:29PM by CyberMasterV
via reddit https://ift.tt/8gJFfNS
https://ift.tt/wby63az
Submitted March 30, 2023 at 07:29PM by CyberMasterV
via reddit https://ift.tt/8gJFfNS
Security Scorecard
[Whitepaper] Revisiting Heaven’s Gate With Lumma Stealer
Booby Trapping IBM i
https://ift.tt/12CI7lx
Submitted March 30, 2023 at 08:44PM by buherator
via reddit https://ift.tt/5LzfJV1
https://ift.tt/12CI7lx
Submitted March 30, 2023 at 08:44PM by buherator
via reddit https://ift.tt/5LzfJV1
Silent Signal Techblog
Booby Trapping IBM i
Because we can!
Spam-tastic! npm Registry Swamped by Bizarre John Wick Frenzy
https://ift.tt/pleVGZi
Submitted March 30, 2023 at 09:05PM by feross
via reddit https://ift.tt/1Tn849p
https://ift.tt/pleVGZi
Submitted March 30, 2023 at 09:05PM by feross
via reddit https://ift.tt/1Tn849p
Socket
Spam-tastic! npm Registry Swamped by Bizarre John Wick Frenzy - Socket
The npm public registry is drowning in a tsunami of spam and phishing, and it's all thanks to everyone's favorite gun-toting antihero, John Wick.
Protection against enumeration and timing attacks with opaque IDs
https://ift.tt/egr7xTw
Submitted March 31, 2023 at 02:13AM by DeliveryTypical
via reddit https://ift.tt/uBwkfvg
https://ift.tt/egr7xTw
Submitted March 31, 2023 at 02:13AM by DeliveryTypical
via reddit https://ift.tt/uBwkfvg
Exact Realty Blog
Opaque IDs: the ultimate protection against enumeration attacks
IDs in APIs can be exploited to gain unauthorized access to data, for example though enumeration and timing attacks. These can be mitigated using authenticated encryption and opaque IDs.
We scanned every NPM and PyPI package for malware with ChatGPT
https://ift.tt/lUQbvjP
Submitted March 31, 2023 at 05:48AM by feross
via reddit https://ift.tt/NTAyJ63
https://ift.tt/lUQbvjP
Submitted March 31, 2023 at 05:48AM by feross
via reddit https://ift.tt/NTAyJ63
Socket
Introducing Socket AI – ChatGPT-Powered Threat Analysis - Socket
Socket is using ChatGPT to examine every npm and PyPI package for security issues.
Dissecting AlienFox | The Cloud Spammer’s Swiss Army Knife
https://ift.tt/BHhQp9A
Submitted March 30, 2023 at 07:43PM by EspoJ
via reddit https://ift.tt/JrWbM8j
https://ift.tt/BHhQp9A
Submitted March 30, 2023 at 07:43PM by EspoJ
via reddit https://ift.tt/JrWbM8j
SentinelOne
Dissecting AlienFox | The Cloud Spammer’s Swiss Army Knife
A sophisticated new toolset is being used to harvest credentials from multiple cloud service providers, including AWS SES and Microsoft Office 365.
A Comparison of Exploit-DB and 0day.today
https://ift.tt/ar2IE3F
Submitted March 31, 2023 at 09:11PM by chicksdigthelongrun
via reddit https://ift.tt/doa3clt
https://ift.tt/ar2IE3F
Submitted March 31, 2023 at 09:11PM by chicksdigthelongrun
via reddit https://ift.tt/doa3clt
A Comparison of Exploit-DB and 0day.today - Blog - VulnCheck
Exploit-DB and 0day.today are two of the largest public exploit databases. In this blog, we compare the databases to determine which one is the most relevant today.
SafeDep Vet - Open Source Software Supply Chain Dependency Risks 🚀
https://ift.tt/NsBXrw2
Submitted March 31, 2023 at 11:42PM by madhuakula
via reddit https://ift.tt/NsqaJQr
https://ift.tt/NsBXrw2
Submitted March 31, 2023 at 11:42PM by madhuakula
via reddit https://ift.tt/NsqaJQr
safedep.io
Introducing SafeDep vet 🚀 | SafeDep
Today we are super excited to release the SafeDep vet 🚀 to identify risks in Open Source dependencies and establish trust in open source software supply chain security.
Understand your open source software supply chain dependency risks
https://ift.tt/ndtxRlp
Submitted April 01, 2023 at 12:31AM by nicksthehacker_
via reddit https://ift.tt/ZRV0oP8
https://ift.tt/ndtxRlp
Submitted April 01, 2023 at 12:31AM by nicksthehacker_
via reddit https://ift.tt/ZRV0oP8
boringtools/git-alerts: A Public Git repository & misconfiguration detection tool
https://ift.tt/CVvOLhg
Submitted April 01, 2023 at 02:36AM by nicksthehacker_
via reddit https://ift.tt/p2Ehm0z
https://ift.tt/CVvOLhg
Submitted April 01, 2023 at 02:36AM by nicksthehacker_
via reddit https://ift.tt/p2Ehm0z
GitHub
GitHub - boringtools/git-alerts: A Public Git repository & misconfiguration detection tool
A Public Git repository & misconfiguration detection tool - GitHub - boringtools/git-alerts: A Public Git repository & misconfiguration detection tool
How to avoid the aCropalypse
https://ift.tt/mLH71Dl
Submitted April 01, 2023 at 10:19AM by Gallus
via reddit https://ift.tt/SljWyXK
https://ift.tt/mLH71Dl
Submitted April 01, 2023 at 10:19AM by Gallus
via reddit https://ift.tt/SljWyXK
Trail of Bits Blog
How to avoid the aCropalypse
By Henrik Brodin, Lead Security Engineer, Research The aCropalypse is upon us! Last week, news about CVE-2023-21036, nicknamed the “aCropalypse,” spread across Twitter and other media, and I quickl…