Ports and Protocols: An In-Depth Exploration for Ethical Hacking in Networking
https://ift.tt/zTwNvUC
Submitted August 02, 2023 at 07:17PM by securnerd_02
via reddit https://ift.tt/52eXAL3
https://ift.tt/zTwNvUC
Submitted August 02, 2023 at 07:17PM by securnerd_02
via reddit https://ift.tt/52eXAL3
Codelivly
Ports and Protocols: An In-Depth Exploration for Ethical Hacking in Networking
By the end , you’ll have a solid understanding of what ports and protocols are, how they work, and why they’re so vital in the field hacking.
Vulnerability Uncovered in Salesforce’s Email Services Exploited for Phishing Facebook Accounts In-The-Wil
https://ift.tt/nLMhuJc
Submitted August 02, 2023 at 06:47PM by pinpepnet
via reddit https://ift.tt/Sye7Rqx
https://ift.tt/nLMhuJc
Submitted August 02, 2023 at 06:47PM by pinpepnet
via reddit https://ift.tt/Sye7Rqx
Medium
“PhishForce” — Vulnerability Uncovered in Salesforce’s Email Services Exploited for Phishing Facebook Accounts In-The-Wild
By Oleg Zaytsev, Nati Tal (Guardio Labs)
2023 Global Cloud Threat Report: Cloud Attacks are Lightning Fast – Sysdig
https://ift.tt/iZuSG2t
Submitted August 02, 2023 at 08:32PM by Hallow_Rose
via reddit https://ift.tt/f6kEjdJ
https://ift.tt/iZuSG2t
Submitted August 02, 2023 at 08:32PM by Hallow_Rose
via reddit https://ift.tt/f6kEjdJ
Sysdig
2023 Global Cloud Threat Report: Cloud Attacks are Lightning Fast
The second Sysdig Threat Report is packed with findings and analysis of some of the hottest cybersecurity topics this year.
CVE-2023-28130 - Command Injection in Check Point Gaia Portal
https://ift.tt/x9FVfSQ
Submitted August 03, 2023 at 12:37AM by rikvduijn
via reddit https://ift.tt/tIdX3ZB
https://ift.tt/x9FVfSQ
Submitted August 03, 2023 at 12:37AM by rikvduijn
via reddit https://ift.tt/tIdX3ZB
Pentests
CVE-2023-28130 - Command Injection in Check Point Gaia Portal
Pentests.nl has discovered a vulnerability in Check Point Gaia Portal which could be exploited to execute code on the underlying system.
GitHub - Legit-Labs/legitify: Detect and remediate misconfigurations and security risks across all your GitHub GitLab assets. Version 1.0 is out, check out the new enterprise-level policies.
https://ift.tt/kon8a9D
Submitted August 03, 2023 at 01:19AM by roy_6472
via reddit https://ift.tt/h1Mmf8w
https://ift.tt/kon8a9D
Submitted August 03, 2023 at 01:19AM by roy_6472
via reddit https://ift.tt/h1Mmf8w
GitHub
GitHub - Legit-Labs/legitify: Detect and remediate misconfigurations and security risks across all your GitHub and GitLab assets
Detect and remediate misconfigurations and security risks across all your GitHub and GitLab assets - Legit-Labs/legitify
Hook, Line, and Phishlet: Conquering AD FS with Evilginx
https://ift.tt/dlQgzHV
Submitted August 03, 2023 at 07:47AM by Acceptable-Doubt-878
via reddit https://ift.tt/1Kq7OMQ
https://ift.tt/dlQgzHV
Submitted August 03, 2023 at 07:47AM by Acceptable-Doubt-878
via reddit https://ift.tt/1Kq7OMQ
research.aurainfosec.io
Hook, Line, and Phishlet: Conquering AD FS with Evilginx
A detailed walkthrough of the process and hurdles faced in leveraging Evilginx3 to conduct a successful phishing campaign on a AD FS protected domain.
CVE-2023-33383
https://ift.tt/pm48ZoP
Submitted August 03, 2023 at 02:23PM by 9lyph
via reddit https://ift.tt/8CWHMde
https://ift.tt/pm48ZoP
Submitted August 03, 2023 at 02:23PM by 9lyph
via reddit https://ift.tt/8CWHMde
Exploit Security
CVE-2023-33383
Summary: MTE As Implemented - Google Project Zero
https://ift.tt/FrdIKZi
Submitted August 03, 2023 at 01:55PM by poltess0
via reddit https://ift.tt/TzSfNtv
https://ift.tt/FrdIKZi
Submitted August 03, 2023 at 01:55PM by poltess0
via reddit https://ift.tt/TzSfNtv
Blogspot
Summary: MTE As Implemented
By Mark Brand, Project Zero In mid-2022, Project Zero was provided with access to pre-production hardware implementing the ARM MTE specifi...
MSMQ QueueJumper (RCE Vulnerability): An In-Depth Technical Analysis
https://ift.tt/ijfZMpG
Submitted August 03, 2023 at 12:39PM by buherator
via reddit https://ift.tt/jOFPbsC
https://ift.tt/ijfZMpG
Submitted August 03, 2023 at 12:39PM by buherator
via reddit https://ift.tt/jOFPbsC
Security Intelligence
MSMQ QueueJumper (RCE Vulnerability): An In-Depth Technical Analysis
Unpack the remote code execution vulnerability impacting the Microsoft Message Queueing service — CVE-2023-21554, a.k.a. QueueJumper.
CVE-2023-33383
https://ift.tt/pm48ZoP
Submitted August 03, 2023 at 05:15PM by 9lyph
via reddit https://ift.tt/nyskVmB
https://ift.tt/pm48ZoP
Submitted August 03, 2023 at 05:15PM by 9lyph
via reddit https://ift.tt/nyskVmB
Exploit Security
CVE-2023-33383
CVE-2023-33383 - Authentication Bypass via out-of-bounds read condition in Shelly 4PM Pro relay switch
https://ift.tt/pm48ZoP
Submitted August 03, 2023 at 05:51PM by 9lyph
via reddit https://ift.tt/KQJqWmj
https://ift.tt/pm48ZoP
Submitted August 03, 2023 at 05:51PM by 9lyph
via reddit https://ift.tt/KQJqWmj
Exploit Security
CVE-2023-33383
Targeted npm Malware Attempts to Steal Company Source Code
https://ift.tt/qP5Q9Nb
Submitted August 04, 2023 at 12:44AM by louis11
via reddit https://ift.tt/k134APB
https://ift.tt/qP5Q9Nb
Submitted August 04, 2023 at 12:44AM by louis11
via reddit https://ift.tt/k134APB
Phylum
Targeted npm Malware Attempts to Steal Company Source Code and Secrets
🚨August 9, 2023 Update: This appears to be a slow, on-going attack. Since our initial report, two more packages have been identified as part of this campaign: ng-zulutrade-ssr and binarium-crm. We will provide periodic updates as we identify further publications…
Fast security review of a smart contract stablecoin
https://ift.tt/bChxlOr
Submitted August 04, 2023 at 01:28AM by kruksym
via reddit https://ift.tt/pNvdXfA
https://ift.tt/bChxlOr
Submitted August 04, 2023 at 01:28AM by kruksym
via reddit https://ift.tt/pNvdXfA
CoinFabrik
Ripio (UXD) Stablecoin Token Fast Security Review
Ripio unveils UXD on LaChain for Latin America. With LaCoin (LAC) as native, we're diving deep into security audits of the stable coin!
Xbox One Directory Traversal (2019)
https://ift.tt/PZcAWUd
Submitted August 04, 2023 at 01:54AM by ynscdrc
via reddit https://ift.tt/rlZi1qL
https://ift.tt/PZcAWUd
Submitted August 04, 2023 at 01:54AM by ynscdrc
via reddit https://ift.tt/rlZi1qL
GitHub
GitHub - yunuscadirci/XboxOneDirectoryTraversal: details about directory traversal on Xbox One
details about directory traversal on Xbox One. Contribute to yunuscadirci/XboxOneDirectoryTraversal development by creating an account on GitHub.
Don’t you (forget NLP): Prompt injection with control characters in ChatGPT
https://ift.tt/xQ93YPj
Submitted August 04, 2023 at 11:17AM by Mempodipper
via reddit https://ift.tt/u97ophq
https://ift.tt/xQ93YPj
Submitted August 04, 2023 at 11:17AM by Mempodipper
via reddit https://ift.tt/u97ophq
dropbox.tech
Dont you (forget NLP): Prompt injection with control characters in ChatGPT
Password Managers as Ethical Hacking Tools
https://ift.tt/DqthUGM
Submitted August 04, 2023 at 05:29PM by arrowflakes
via reddit https://ift.tt/M4LDvcJ
https://ift.tt/DqthUGM
Submitted August 04, 2023 at 05:29PM by arrowflakes
via reddit https://ift.tt/M4LDvcJ
Magnet’s Substack
Uncovering security bugs by chance with password generators
Password Managers as Ethical Hacking Tools
Leaked Secrets and Unlimited Miles: Hacking the Largest Airline and Hotel Rewards Platform
https://ift.tt/WCVO6HR
Submitted August 04, 2023 at 05:53PM by qwerty0x41
via reddit https://ift.tt/ikXQvO8
https://ift.tt/WCVO6HR
Submitted August 04, 2023 at 05:53PM by qwerty0x41
via reddit https://ift.tt/ikXQvO8
Sam Curry | Web Application Security Researcher
Leaked Secrets and Unlimited Miles: Hacking the Largest Airline and Hotel Rewards Platform
Between March, 2023 and May, 2023 we reported multiple security vulnerabilities to points.com, the backend provider for a large portion of airline and hotel rewards programs...
Technology Security Career Advice
http://uwu.com
Submitted August 05, 2023 at 12:48AM by emizzle6250
via reddit https://ift.tt/5BkRajv
http://uwu.com
Submitted August 05, 2023 at 12:48AM by emizzle6250
via reddit https://ift.tt/5BkRajv
Reddit
From the netsec community on Reddit: Technology Security Career Advice
Posted by emizzle6250 - 1 vote and 2 comments
GitHub - kryptokrona/kryptokrona-kotlin-sdk: Kryptokrona SDK in Kotlin for building decentralized private communication and payment systems.
https://ift.tt/wnszYZR
Submitted August 05, 2023 at 03:18PM by xzzzv
via reddit https://ift.tt/EOyiQ0D
https://ift.tt/wnszYZR
Submitted August 05, 2023 at 03:18PM by xzzzv
via reddit https://ift.tt/EOyiQ0D
GitHub
GitHub - kryptokrona/kryptokrona-kotlin-sdk: Build decentralized private communication/payment systems in Kotlin.
Build decentralized private communication/payment systems in Kotlin. - kryptokrona/kryptokrona-kotlin-sdk
Attacking JS engines: Fundamentals for understanding memory corruption crashes
https://ift.tt/v2xhNUq
Submitted August 05, 2023 at 08:54PM by adityatelange
via reddit https://ift.tt/SNnzGIx
https://ift.tt/v2xhNUq
Submitted August 05, 2023 at 08:54PM by adityatelange
via reddit https://ift.tt/SNnzGIx
www.sidechannel.blog
Attacking JS engines: Fundamentals for understanding memory corruption crashes | SideChannel – Tempest
It will be possible to better understand the Javanoscript structures in memory while executing code in browsers or in any other program that makes use of the most famous JS interpreters, such as Firefox, Google Chrome, Internet Explorer and Safari
Burp HTTP history browser (BHHB)
https://ift.tt/nKfd2SJ
Submitted August 05, 2023 at 08:52PM by adityatelange
via reddit https://ift.tt/4mrn7JP
https://ift.tt/nKfd2SJ
Submitted August 05, 2023 at 08:52PM by adityatelange
via reddit https://ift.tt/4mrn7JP
GitHub
GitHub - adityatelange/bhhb: Burp HTTP history browser (BHHB) - A tool to view HTTP history exported from Burp Suite Community…
Burp HTTP history browser (BHHB) - A tool to view HTTP history exported from Burp Suite Community Edition - adityatelange/bhhb