Hack Dojo - search 3000+ awesome security conference videos + AI summary
https://hackdojo.io
Submitted June 07, 2023 at 02:33AM by hack__dojo
via reddit https://ift.tt/RaxTPiI
https://hackdojo.io
Submitted June 07, 2023 at 02:33AM by hack__dojo
via reddit https://ift.tt/RaxTPiI
Reddit
From the netsec community on Reddit: Hack Dojo - search 3000+ awesome security conference videos + AI summary
Posted by hack__dojo - 46 votes and 5 comments
IRCP: A robust information gathering tool for large scale reconnaissance on Internet Relay Chat servers
https://ift.tt/7vcOVyb
Submitted June 07, 2023 at 01:45PM by acidvegas
via reddit https://ift.tt/I9ynFVv
https://ift.tt/7vcOVyb
Submitted June 07, 2023 at 01:45PM by acidvegas
via reddit https://ift.tt/I9ynFVv
GitHub
GitHub - internet-relay-chat/IRCP: A robust information gathering tool for large scale reconnaissance on Internet Relay Chat servers…
A robust information gathering tool for large scale reconnaissance on Internet Relay Chat servers 🛰️ - internet-relay-chat/IRCP
2023 Vulnerabilities and Threat Trends
https://ift.tt/M4Sq0eg
Submitted June 07, 2023 at 02:54PM by gfekkas
via reddit https://ift.tt/BURWHgS
https://ift.tt/M4Sq0eg
Submitted June 07, 2023 at 02:54PM by gfekkas
via reddit https://ift.tt/BURWHgS
PRIOn - AI Driven Vulnerablity Analysis & Prioritization
Blog - 2023 Vulnerabilities and Threat Trends - PRIOn
In this detailed blog post, explore our in-depth analysis of H1 2023 vulnerabilities from various vendors, their impact, and the threat actors exploiting them.
Popular AI tool MLflow hit with more LFIs, exploit tool updated
https://ift.tt/sSmtTH6
Submitted June 07, 2023 at 06:48PM by FlyingTriangle
via reddit https://ift.tt/CpmlnPj
https://ift.tt/sSmtTH6
Submitted June 07, 2023 at 06:48PM by FlyingTriangle
via reddit https://ift.tt/CpmlnPj
Protectai
Hacking AI: System Takeover in MLflow Strikes Again (And Again)
2 patch bypasses found for severe MLflow LFI/RFI vulnerability
All patched in MLflow version 2.2.3
Protect AI’s vulnerability scanning and exploit tools updated with bypasses
All patched in MLflow version 2.2.3
Protect AI’s vulnerability scanning and exploit tools updated with bypasses
OPC UA Structure, Messaging, Security Features
https://ift.tt/jyL5IE2
Submitted June 07, 2023 at 06:46PM by derp6996
via reddit https://ift.tt/BrQSWyA
https://ift.tt/jyL5IE2
Submitted June 07, 2023 at 06:46PM by derp6996
via reddit https://ift.tt/BrQSWyA
Claroty
OPC UA Deep Dive (Part 3): Exploring the OPC UA Protocol
Explore the intricacies of the OPC UA protocol in Part 3 of Team82's Deep Dive series. Understand the protocol's layers, messaging types, security features, and more in this comprehensive guide to OPC UA for unified OT communication.
Modded Minecraft Malware "fractureiser" - What We Know
https://ift.tt/bIRSy9k
Submitted June 07, 2023 at 08:18PM by hyperflare
via reddit https://ift.tt/ONsBZVC
https://ift.tt/bIRSy9k
Submitted June 07, 2023 at 08:18PM by hyperflare
via reddit https://ift.tt/ONsBZVC
HackMD
THIS DOC IS OLD, WE HAVE MOVED AGAIN - HackMD
# THIS DOC IS OLD, WE HAVE MOVED AGAIN Old doc, further conversation is happening at github due to l
When hackers hack the hackers
https://ift.tt/b0mKj4p
Submitted June 07, 2023 at 10:15PM by S3cur3Th1sSh1t
via reddit https://ift.tt/JTacMWQ
https://ift.tt/b0mKj4p
Submitted June 07, 2023 at 10:15PM by S3cur3Th1sSh1t
via reddit https://ift.tt/JTacMWQ
www.r-tec.net
When Hackers hack the Hackers
In this post, the malware analysis process, as well as attacker activities and Indicators of Compromise (IoCs) are presented.
Pending motion for investigation in federal case over prosecutors planting trojan malware in emailed discovery documents!
https://ift.tt/mxGWbkN
Submitted June 08, 2023 at 12:38AM by dmg15
via reddit https://ift.tt/IMOWeUg
https://ift.tt/mxGWbkN
Submitted June 08, 2023 at 12:38AM by dmg15
via reddit https://ift.tt/IMOWeUg
SignatureGate - Bypassing AV/EDRs by exploiting 10 years old CVE
https://ift.tt/3sVMvp0
Submitted June 07, 2023 at 11:59PM by florilsk
via reddit https://ift.tt/j38CxEH
https://ift.tt/3sVMvp0
Submitted June 07, 2023 at 11:59PM by florilsk
via reddit https://ift.tt/j38CxEH
GitHub
GitHub - florylsk/SignatureGate: Weaponized HellsGate/SigFlip
Weaponized HellsGate/SigFlip. Contribute to florylsk/SignatureGate development by creating an account on GitHub.
Patching Windows Event Tracing in memory to be stealthier (POC)
https://ift.tt/V2sdYwI
Submitted June 08, 2023 at 06:49PM by thehunter699
via reddit https://ift.tt/uOXnTdR
https://ift.tt/V2sdYwI
Submitted June 08, 2023 at 06:49PM by thehunter699
via reddit https://ift.tt/uOXnTdR
GitHub
GitHub - nullsection/SharpETW-Patch
Contribute to nullsection/SharpETW-Patch development by creating an account on GitHub.
Legacy authentication: The curious case of BAV2ROPC
https://ift.tt/oGYUH5N
Submitted June 08, 2023 at 08:26PM by tvjust
via reddit https://ift.tt/F7XJ9xG
https://ift.tt/oGYUH5N
Submitted June 08, 2023 at 08:26PM by tvjust
via reddit https://ift.tt/F7XJ9xG
Red Canary
Legacy authentication: The curious case of BAV2ROPC
A mysterious user agent string in some Microsoft 365 audit logs offers clues for how to detect logins from legacy authentication protocols.
MSSQL linked servers: abusing ADSI for password retrieval - BlackArrow
https://ift.tt/mZJNSK9
Submitted June 08, 2023 at 10:17PM by apanonimo
via reddit https://ift.tt/qKvuGPm
https://ift.tt/mZJNSK9
Submitted June 08, 2023 at 10:17PM by apanonimo
via reddit https://ift.tt/qKvuGPm
Tarlogic Security
MSSQL linked servers: abusing ADSI for password retrieval
New technique to gather passwords from MSSQL by abusing linked servers through the ADSI provider
Detecting and mitigating a multi-stage AiTM phishing and BEC campaign
https://ift.tt/SuvZeb7
Submitted June 08, 2023 at 10:03PM by SCI_Rusher
via reddit https://ift.tt/ya29Qkz
https://ift.tt/SuvZeb7
Submitted June 08, 2023 at 10:03PM by SCI_Rusher
via reddit https://ift.tt/ya29Qkz
Microsoft Security Blog
Detecting and mitigating a multi-stage AiTM phishing and BEC campaign | Microsoft Security Blog
A multi-stage adversary-in-the-middle (AiTM) and business email compromise (BEC) attack targets banking and financial services organizations.
The new version 4.0 of the Common Vulnerability Scoring System (CVSS) has just entered public preview phase. Please have a look and send us your comments by July 31st, see the presentation for details about how to provide feedback.
https://ift.tt/jzi9fkA
Submitted June 09, 2023 at 01:07AM by forgetful_12345
via reddit https://ift.tt/3Em5huY
https://ift.tt/jzi9fkA
Submitted June 09, 2023 at 01:07AM by forgetful_12345
via reddit https://ift.tt/3Em5huY
FIRST — Forum of Incident Response and Security Teams
Common Vulnerability Scoring System
acme.sh runs arbitrary commands from a remote server
https://ift.tt/DuYmOvf
Submitted June 09, 2023 at 12:59PM by tubularobot
via reddit https://ift.tt/QUGVAte
https://ift.tt/DuYmOvf
Submitted June 09, 2023 at 12:59PM by tubularobot
via reddit https://ift.tt/QUGVAte
GitHub
acme.sh runs arbitrary commands from a remote server · Issue #4659 · acmesh-official/acme.sh
Hello, You may already be aware of this, but HiCA is injecting arbitrary code/commands into the certificate obtaining process and acme.sh is running them on the client machine. I am not sure if thi...
BusKill Warrant Canary for 2023 H2 🕵️
https://ift.tt/07weKId
Submitted June 09, 2023 at 09:25PM by maltfield
via reddit https://ift.tt/2ZnKs6T
https://ift.tt/07weKId
Submitted June 09, 2023 at 09:25PM by maltfield
via reddit https://ift.tt/2ZnKs6T
BusKill
BusKill Canary #6 - BusKill
This post contains the cryptographically-signed BusKill warrant canary #006 for June 2023 to January 2024.
Crest CPSA
https://ift.tt/vDnwVYF
Submitted June 09, 2023 at 10:44PM by DogTime3470
via reddit https://ift.tt/zjmTKph
https://ift.tt/vDnwVYF
Submitted June 09, 2023 at 10:44PM by DogTime3470
via reddit https://ift.tt/zjmTKph
CREST
CREST Practitioner Security Analyst (CPSA)
Barracuda Email Security Gateway Appliance (ESG) Vulnerability [CVE-2023-2868]
https://ift.tt/rq1pJk5
Submitted June 10, 2023 at 02:18AM by RamblinWreckGT
via reddit https://ift.tt/cjgNAwH
https://ift.tt/rq1pJk5
Submitted June 10, 2023 at 02:18AM by RamblinWreckGT
via reddit https://ift.tt/cjgNAwH
How to Find AWS IAM Access Keys Not Rotated Within 90 Days
https://ift.tt/IjrepfH
Submitted June 10, 2023 at 01:06PM by Current_Doubt_8584
via reddit https://ift.tt/LJj3rWS
https://ift.tt/IjrepfH
Submitted June 10, 2023 at 01:06PM by Current_Doubt_8584
via reddit https://ift.tt/LJj3rWS
Against HSTS preload
https://ift.tt/TOB3QCb?
Submitted June 10, 2023 at 08:00PM by Hopeful-Total
via reddit https://ift.tt/6u27VgP
https://ift.tt/TOB3QCb?
Submitted June 10, 2023 at 08:00PM by Hopeful-Total
via reddit https://ift.tt/6u27VgP
Web3 Security Distilled - An Article
https://ift.tt/7CAKh2Q
Submitted June 12, 2023 at 12:13AM by Silent-Homework7613
via reddit https://ift.tt/CEt0wr4
https://ift.tt/7CAKh2Q
Submitted June 12, 2023 at 12:13AM by Silent-Homework7613
via reddit https://ift.tt/CEt0wr4
Medium
Web3 Security Distilled
We will try to understand what a bug bounty is, why it’s important, and why it can complement auditing rather than replace it in order to…