Netsec – Telegram
Netsec
@RNetsec
7.42K subscribers
22.4K links
This channel posts the feed from r/netsec.
For any suggestions dm @streaak
Donate to keep the bot running https://www.paypal.me/akhilgv
Download Telegram
About
Blog
Apps
Platform
Join
Netsec
7.42K subscribers
Netsec
The data of 760,000 Discord.io users was put up for sale on the darknet
https://ift.tt/tkgAMDZ

Submitted August 15, 2023 at 12:31AM by louis11
via reddit https://ift.tt/7ZwsRuf
Stack Diary
The data of 760,000 Discord.io users was put up for sale on the darknet
Note: I've gone ahead and updated the featured image, so it doesn't seem like this has something to do with Discord "directly". It was not my intention to
534 views
Netsec
Veilid is an open source, p2p, mobile first, networked application framework from CDC
https://veilid.com/

Submitted August 15, 2023 at 10:17AM by Mumpsimus
via reddit https://ift.tt/CUp0VFu
Veilid
Veilid is an open-source, distributed application framework.
469 views
Netsec
Knocking on Hell's Gate - Educational Malware Dev
https://ift.tt/T95ZNcL

Submitted August 15, 2023 at 09:36AM by jibblz
via reddit https://ift.tt/zF32tYa
Enigma Labs
Knocking on Hell’s Gate - EDR Evasion Through Direct Syscalls
Introduction - Educational Malware Development I
491 views
Netsec
Breaking The Mutant Language's "Encryption"
https://ift.tt/l2sg0mL

Submitted August 15, 2023 at 05:29PM by 0xcrypto
via reddit https://ift.tt/yKjRdLN
470 views
Netsec
Advisory | NetModule Router Software Race Condition Leads to Remote Code Execution
https://ift.tt/Ct9AGwW

Submitted August 15, 2023 at 07:57PM by wtfse
via reddit https://ift.tt/gesGmvI
467 views
Netsec
Hostile Code: Dealing with stack strings in IDAPython
https://ift.tt/4ouWHYf

Submitted August 15, 2023 at 09:46PM by OwnPreparation3424
via reddit https://ift.tt/16gqBpy
Medium
Hostile Code: Dealing with stack strings in IDAPython
Stack strings — A common obfuscation technique used in malware, and how to deal with them using IDAPython
463 views
Netsec
Creating Fully Undetectable JavaScript Payloads to Evade Next-Generation Firewalls
https://ift.tt/aSng9Ab

Submitted August 15, 2023 at 09:54PM by elliotkillick
via reddit https://ift.tt/KDpt02L
Elliot on Security
Elliot on Security - Creating Fully Undetectable JavaScript Payloads to Evade Next-Generation Firewalls
Generate evasive JavaScript for bypassing next-generation firewalls and antivirus scanners in a few simple clicks...
484 views
Netsec
Breaking Synology NAS Cloud, Impersonation Attacks, RCE
https://ift.tt/bd1j0p8

Submitted August 16, 2023 at 01:15AM by derp6996
via reddit https://ift.tt/gMh9cFS
Claroty
Exploiting Cloud Connectivity to PWN your NAS: Synology DS920
Claroty develops a unique technique that impersonates Synology’s DS920+ network-attached storage device. Learn more.
485 views
Netsec
Istio outboundTrafficPolicy Egress Control Bypass
https://ift.tt/7B4fgOm

Submitted August 16, 2023 at 04:50AM by MysteriousHotel3017
via reddit https://ift.tt/zUsg962
Pulse Security
Istio outboundTrafficPolicy Egress Control Bypass
Istio egress controls can be bypassed, and are not suitable for restricting egress networking for Kubernetes pods. This advisory details an example bypass using setuid() in a compromised pod.
483 views
Netsec
LLM Security Series: Nuts and Bolts
https://ift.tt/JD5tMNh

Submitted August 16, 2023 at 11:36AM by r0075h3ll
via reddit https://ift.tt/6jXHabp
r0075h3ll.github.io
LLM Security Series: Nuts and Bolts | Hardik Nanda
485 views
Netsec
PowerHell: Active Flaws in PowerShell Gallery Expose Users to Attacks
https://ift.tt/176Nu0m

Submitted August 16, 2023 at 05:31PM by ilay789
via reddit https://ift.tt/p2Nsnhi
Aquasec
PowerHell: Active Flaws in PowerShell Gallery Expose Users to Attacks
We expose significant flaws in PowerShell Gallery's policy package names and owners, that open potential supply chain attacks on the registry's user base. 
446 views
Netsec
How Browser Sync Can Unknowingly Risk Your Business
https://ift.tt/AfBIrD7

Submitted August 16, 2023 at 06:39PM by ziyahanalbeniz
via reddit https://ift.tt/6CPmnQZ
SOCRadar® Cyber Intelligence Inc.
How Browser Sync Can Unknowingly Risk Your Business
Upon initiating browser sync, users trigger a process that shares vital data across devices. By default, this synchronization...
430 views
Netsec
SAP Security: Vulnerabilities Analysis By RedRays
https://ift.tt/Q2oJnHE

Submitted August 16, 2023 at 07:06PM by vah_13
via reddit https://ift.tt/2zLA6Tu
RedRays - Your SAP Security Solution
SAP Security: Vulnerability Analysis By RedRays
RedRays' comprehensive SAP security analysis reveals critical vulnerabilities across 10,000 public IP addresses. Discover the severity distribution, insights into the most pressing vulnerabilities, and RedRays' innovative, accessible solutions for SAP security.
425 views
Netsec
Primer on HTTP Security Headers
https://ift.tt/rA7JlXD

Submitted August 16, 2023 at 08:24PM by adityatelange
via reddit https://ift.tt/yOXiGeV
adityatelange.in
Primer on HTTP Security Headers
Learn about HTTP security headers and how to configure them for securing web applications.
422 views
Netsec
DEFCON Talk: Using ML Models for Red Teaming and Bug Bounty
https://ift.tt/qjNQPwa

Submitted August 16, 2023 at 09:02PM by Natural_Secret_5446
via reddit https://ift.tt/FPWh0IV
Threlfall hax
Model Confusion - Weaponizing ML models for red teams and bounty hunters
How I hacked a bunch of companies via machine learning attacks.
439 views
Netsec
Third-Party GitHub Actions: Effects of an Opt-Out Permission Model
https://ift.tt/6RFXeC1

Submitted August 16, 2023 at 08:57PM by Due_Lengthiness_9329
via reddit https://ift.tt/GvVQKuX
Palo Alto Networks Blog
Third-Party GitHub Actions: Effects of an Opt-Out Permission Model
Secure GitHub Actions with new research showing high-risk practices and get expert tips to prevent overly permissive workflows in your CI/CD pipeline.
473 views
Netsec
Researchers uncover long term Espionage against foreign diplomats in Belarus using DNS race conditions
https://ift.tt/Y8y3n9U

Submitted August 17, 2023 at 03:46PM by thehunter699
via reddit https://ift.tt/veSzLVF
Welivesecurity
MoustachedBouncer: Espionage against foreign diplomats in Belarus
A group noscriptd MoustachedBouncer committing espionage against foreign embassies in Belarus has been identified by ESET Research.
463 views
Netsec
LABRAT: Stealthy Cryptojacking and Proxyjacking Campaign Targeting GitLab
https://ift.tt/0J1cMws

Submitted August 17, 2023 at 06:35PM by MiguelHzBz
via reddit https://ift.tt/kI1ZYg5
Sysdig
LABRAT: Stealthy Cryptojacking and Proxyjacking Campaign Targeting GitLab 
The Sysdig Threat Research Team recently discovered a new operation, dubbed LABRAT, a stealthy cryptojacking and proxyjacking campaign.
486 views
Netsec
Shellcode with GCC and LD (Part 1)
https://ift.tt/gaxFkNy

Submitted August 17, 2023 at 10:22PM by shellspawn
via reddit https://ift.tt/m7a5pY0
Sh3llSp4wn’s Malware Conservatory
Offensive Tool Development - The Shellcode Compiler Was Right There All Along… (Part 1)
TLDR; Linker noscripts can be used to generate shellcode via C in a fairly platform agnostic way. This allows offensive developers to use the full capabilities of the Linux Toolchain, sans library code (until a dynamic loader for library calls can be devised)
498 views
Netsec
AI-Powered Fuzzing: Breaking the Bug Hunting Barrier
https://ift.tt/Ct3IBPH

Submitted August 17, 2023 at 09:58PM by adityatelange
via reddit https://ift.tt/y071scN
Google Online Security Blog
AI-Powered Fuzzing: Breaking the Bug Hunting Barrier
Dongge Liu, Jonathan Metzman, Oliver Chang, Google Open Source Security Team  Since 2016, OSS-Fuzz has been at the forefront of automated v...
511 views
Netsec
Animated Video on Buffer Overflow Attacks and DeGoogled Phones
https://ift.tt/GoNOlSK

Submitted August 17, 2023 at 10:51PM by aka-18
via reddit https://ift.tt/zMZOxvJ
540 views