AI Hacking Games (Jailbreak CTFs)
https://ift.tt/164xkep
Submitted May 15, 2023 at 03:18PM by phoenixzeu
via reddit https://ift.tt/tf8imvM
https://ift.tt/164xkep
Submitted May 15, 2023 at 03:18PM by phoenixzeu
via reddit https://ift.tt/tf8imvM
Security Café
AI Hacking Games (Jailbreak CTFs)
The world of AI is developing pretty fast and new tools and plugins that leverage the power of LLMs (Large Language Models) are being developed almost faster than we can read about them. Personal a…
Testing Zero Touch Production Platforms and Safe Proxies
https://ift.tt/4dZyQ3K
Submitted May 15, 2023 at 03:01PM by lephosphore
via reddit https://ift.tt/51GEZoK
https://ift.tt/4dZyQ3K
Submitted May 15, 2023 at 03:01PM by lephosphore
via reddit https://ift.tt/51GEZoK
Doyensec
Testing Zero Touch Production Platforms and Safe Proxies · Doyensec's Blog
Doyensec's Blog :: Doyensec is an independent security research and development company focused on vulnerability discovery and remediation.
Missing temporal metrics (Exploit Code Maturity and Remediation Level) in certain CVEs using NVD API for CVSS v3 and v3.1
https://ift.tt/2wqkAv7
Submitted May 15, 2023 at 06:11PM by tlopasha
via reddit https://ift.tt/8emX0j6
https://ift.tt/2wqkAv7
Submitted May 15, 2023 at 06:11PM by tlopasha
via reddit https://ift.tt/8emX0j6
Triple Threat: Breaking Teltonika Routers Three Ways
https://ift.tt/1eiWH4M
Submitted May 16, 2023 at 01:03PM by Igz60
via reddit https://ift.tt/ULSZYuN
https://ift.tt/1eiWH4M
Submitted May 16, 2023 at 01:03PM by Igz60
via reddit https://ift.tt/ULSZYuN
Claroty
Triple Threat: Breaking Teltonika Routers Three Ways
‘FriendlyName’ Buffer Overflow Vulnerability in Wemo Mini Smart Plug V2 Devices
https://ift.tt/K0oatWS
Submitted May 16, 2023 at 10:18PM by Ok_Attention6694
via reddit https://ift.tt/QN3YbBS
https://ift.tt/K0oatWS
Submitted May 16, 2023 at 10:18PM by Ok_Attention6694
via reddit https://ift.tt/QN3YbBS
Sternum
‘FriendlyName’ Buffer Overflow Vulnerability in Wemo Smart Plug V2 | Sternum
Part of our work at Sternum includes constant security research of IoT vulnerabilities to better understand IoT security gaps, boost the security capabilities of our platform and help device manufacturers improve their security postures. In this post, we…
Horse Shell: A Deep Dive into a Chinese APT Group's TP-Link Router Implant
https://ift.tt/VE5WQbd
Submitted May 16, 2023 at 04:47PM by Megabeets
via reddit https://ift.tt/xXv2tPi
https://ift.tt/VE5WQbd
Submitted May 16, 2023 at 04:47PM by Megabeets
via reddit https://ift.tt/xXv2tPi
Check Point Research
The Dragon Who Sold His Camaro: Analyzing Custom Router Implant - Check Point Research
Check Point Research (CPR) exposes a malicious firmware implant for TP-Link routers allowed attackers to gain full control of infected devices and access compromised networks while evading detection. CPR attributes the attacks to a Chinese state-sponsored…
Respawning PyPI Malware: Attackers leveraging automation to republish malware packages after takedown
https://ift.tt/eC5V9mH
Submitted May 17, 2023 at 12:12AM by louis11
via reddit https://ift.tt/JaUbI1n
https://ift.tt/eC5V9mH
Submitted May 17, 2023 at 12:12AM by louis11
via reddit https://ift.tt/JaUbI1n
Phylum
Respawning Malware Persists on PyPI
A bad actor on GitHub continually respawns his malware immediately after PyPI takes it down.
web2shell - Automate converting webshells into reverse shells
https://ift.tt/ai26NwR
Submitted May 17, 2023 at 03:39AM by def__init___self
via reddit https://ift.tt/1foq0bZ
https://ift.tt/ai26NwR
Submitted May 17, 2023 at 03:39AM by def__init___self
via reddit https://ift.tt/1foq0bZ
GitHub
GitHub - ejedev/web2shell: Automate converting webshells into reverse shells.
Automate converting webshells into reverse shells. - GitHub - ejedev/web2shell: Automate converting webshells into reverse shells.
“Malverposting” — With Over 500K Estimated Infections, Facebook Ads Fuel This Evolving Stealer Campaign
https://ift.tt/RLzJvfy
Submitted May 17, 2023 at 04:41PM by lowlet3443
via reddit https://ift.tt/jABvCkD
https://ift.tt/RLzJvfy
Submitted May 17, 2023 at 04:41PM by lowlet3443
via reddit https://ift.tt/jABvCkD
Medium
“Malverposting” — With Over 500K Estimated Infections, Facebook Ads Fuel This Evolving Stealer Campaign
By Nati Tal (Guardio Labs)
(Duplicate from /r/redteamsec) Active Directory Spotlight: Attacking The Microsoft Configuration Manager (SCCM/MECM)
https://ift.tt/vzf6Oyd
Submitted May 17, 2023 at 06:19PM by 0xcsandker
via reddit https://ift.tt/7r69bmH
https://ift.tt/vzf6Oyd
Submitted May 17, 2023 at 06:19PM by 0xcsandker
via reddit https://ift.tt/7r69bmH
www.securesystems.de
Active Directory Spotlight: Attacking The Microsoft Configuration Manager (SCCM/MECM)
This spotlight covers the Microsoft Configuration Manager (ConfigMgr), also known as SCCM or MECM.
Get an intro into the Configuration Manger, an overview and demonstration of known attacks against it, practical tool box knowledge and best practice defensive…
Get an intro into the Configuration Manger, an overview and demonstration of known attacks against it, practical tool box knowledge and best practice defensive…
After 8 years of consulting, I'm leaving. Because it doesn't align the Hacker spirit.
https://ift.tt/Q9fau3o
Submitted May 17, 2023 at 07:00PM by chaign_c
via reddit https://ift.tt/mSuNojf
https://ift.tt/Q9fau3o
Submitted May 17, 2023 at 07:00PM by chaign_c
via reddit https://ift.tt/mSuNojf
Bug bounties are broken - the story of "i915" bug, ChromeOS + Intel bounty programs, and beyond
https://ift.tt/pJDEYtX
Submitted May 17, 2023 at 08:48PM by Adam_pi3
via reddit https://ift.tt/g4l2OMH
https://ift.tt/pJDEYtX
Submitted May 17, 2023 at 08:48PM by Adam_pi3
via reddit https://ift.tt/g4l2OMH
Arbitrary email forgery in Webflow [PDF]
https://ift.tt/sOn6FNI
Submitted May 17, 2023 at 08:30PM by Gallus
via reddit https://ift.tt/rZ0QzeK
https://ift.tt/sOn6FNI
Submitted May 17, 2023 at 08:30PM by Gallus
via reddit https://ift.tt/rZ0QzeK
PASTIS - a Python framework for ensemble fuzzing
https://ift.tt/QX8BZ24
Submitted May 17, 2023 at 11:25PM by Gallus
via reddit https://ift.tt/BefTWcE
https://ift.tt/QX8BZ24
Submitted May 17, 2023 at 11:25PM by Gallus
via reddit https://ift.tt/BefTWcE
Quarkslab
PASTIS For The Win!
Security Advisory: Unauthenticated Remote Command Execution in Multiple WAGO Products
https://ift.tt/XYNrG93
Submitted May 17, 2023 at 11:02PM by g_e_r_h_a_r_d
via reddit https://ift.tt/Jy3sODC
https://ift.tt/XYNrG93
Submitted May 17, 2023 at 11:02PM by g_e_r_h_a_r_d
via reddit https://ift.tt/Jy3sODC
ONEKEY
Security Advisory: Unauthenticated Remote Command Execution in Multiple WAGO Products
Security Advisory: Critical unauthenticated command injection vulnerability in the "Legal Information" plugin of the WAGO Series PFC100 web interface.
From GitHub to Account Takeover: Misconfigured Actions Place GCP & AWS Accounts at Risk - Rezonate
https://ift.tt/T58Nhq6
Submitted May 18, 2023 at 05:32PM by Or1rez
via reddit https://ift.tt/os3t4am
https://ift.tt/T58Nhq6
Submitted May 18, 2023 at 05:32PM by Or1rez
via reddit https://ift.tt/os3t4am
Rezonate
From GitHub to Account Takeover: Misconfigured Actions Place GCP & AWS Accounts at Risk - Rezonate
Contents Key Points Background GitHub OpenID Provider Integration GitHub OIDC Integration with GCP & AWS Potential Misconfiguration Identifying Vulnerable Organizations Remediation Guidelines In April 2023, Rezonate research team explored prevalent misconfigurations…
Walking the Tightrope: Maximizing Information Gathering while Avoiding Detection for Red Teams
https://ift.tt/bAMswPr
Submitted May 18, 2023 at 10:06PM by HackingLZ
via reddit https://ift.tt/YA5O4e6
https://ift.tt/bAMswPr
Submitted May 18, 2023 at 10:06PM by HackingLZ
via reddit https://ift.tt/YA5O4e6
TrustedSec
Walking the Tightrope: Maximizing Information Gathering while Avoiding Detection for Red Teams - TrustedSec
TrustedSec's blog is an expert source of information on information security trends and best practices for strategic risk management.
Off-Boarding Cloud Builders and Security Practioners Poses Challenges for Companies With Cloud Environments
https://ift.tt/gwXMZLt
Submitted May 18, 2023 at 11:15PM by randallvancity
via reddit https://ift.tt/kaMzTq0
https://ift.tt/gwXMZLt
Submitted May 18, 2023 at 11:15PM by randallvancity
via reddit https://ift.tt/kaMzTq0
SC Media
In the wake of layoffs, how to solve the security issues off-boarding creates
Here’s some insight into the security challenges security teams face as companies lay off workers by the hundreds and thousands.
OSINT Industries - 180+ modules to do OSINT from an email address, free beta
https://ift.tt/Hs50zZC
Submitted May 19, 2023 at 03:18AM by mxrchreborn
via reddit https://ift.tt/DZpFcOj
https://ift.tt/Hs50zZC
Submitted May 19, 2023 at 03:18AM by mxrchreborn
via reddit https://ift.tt/DZpFcOj
osint.industries
OSINT Industries
Discover how OSINT Industries specializes in leveraging OSINT to investigate emails and phone numbers. Unlock valuable insights and conduct comprehensive investigations using our advanced tools and resources.
15 Most Loved ASP .Net Development Tools
https://ift.tt/8L3E6Rd
Submitted May 19, 2023 at 12:49PM by CaptainonHoliday
via reddit https://ift.tt/dSDoQHm
https://ift.tt/8L3E6Rd
Submitted May 19, 2023 at 12:49PM by CaptainonHoliday
via reddit https://ift.tt/dSDoQHm
Competenza Innovare
15 Most Loved ASP .Net Development Tools
ASP.Net - A rich web & mobile app development suite. Use different tools & enhance your development performance drastically. Get the most out of these tools.
Automate the process of discovering and exploiting ESC1 & ESC8 ADCS vulnerabilities 🔥
https://ift.tt/xYcWXeM
Submitted May 19, 2023 at 02:51PM by S3cur3Th1sSh1t
via reddit https://ift.tt/FWoxi3r
https://ift.tt/xYcWXeM
Submitted May 19, 2023 at 02:51PM by S3cur3Th1sSh1t
via reddit https://ift.tt/FWoxi3r
GitHub
GitHub - grimlockx/ADCSKiller: An ADCS Exploitation Automation Tool Weaponizing Certipy and Coercer
An ADCS Exploitation Automation Tool Weaponizing Certipy and Coercer - GitHub - grimlockx/ADCSKiller: An ADCS Exploitation Automation Tool Weaponizing Certipy and Coercer