Defending new vectors: Threat actors attempt SQL Server to cloud lateral movement
https://ift.tt/RlQMsvr

Submitted October 03, 2023 at 10:35PM by SCI_Rusher
via reddit https://ift.tt/H4aFPKU

[QubesOS] Disarm BusKill Dead Man Switch with Keyboard Shortcut (Guide)
https://ift.tt/7BrenmR

Submitted October 03, 2023 at 09:51PM by maltfield
via reddit https://ift.tt/EImobu9

PETEP: Open source tool for Penetration Testing of non-HTTP protocols (TCP, UDP) through graphical UI or code, also supports using Burp/Zaproxy by wrapping the binary traffic into HTTP.
https://ift.tt/1a0jg95

Submitted October 03, 2023 at 11:40PM by vutmajk
via reddit https://ift.tt/gXHqSOt

Remote Code Execution In PyTorch Model Server TorchServe
https://ift.tt/vsFRSd8

Submitted October 04, 2023 at 12:42AM by BigBother59
via reddit https://ift.tt/peXQ0oq

Exploring the STSAFE-A110
https://ift.tt/Mcpu5oJ

Submitted October 04, 2023 at 11:28AM by thinkV
via reddit https://ift.tt/EIrk6aS

Exim ZDI 0days -90s Vulns In 90s Software, Is the Sky Falling?
https://ift.tt/UymSuJa

Submitted October 02, 2023 at 05:42PM by dx7r__
via reddit https://ift.tt/OdURpKH

cURL maintainers are cutting the release cycle short and will release curl 8.4.0 on October 11, including a fix for a severity HIGH CVE. Buckle up.
https://daniel.haxx.se/

Submitted October 04, 2023 at 03:19PM by Pineapple_Expressed
via reddit https://ift.tt/qOZpUg4

A Practical Approach to SBOM in CI/CD Part III — Tracking SBOMs with Dependency-Track
https://ift.tt/vXmkh4q

Submitted October 04, 2023 at 10:06PM by theowni
via reddit https://ift.tt/Zt0xP8f

PoC exploit for CVE-2023-4911 "Looney Tunables"
https://ift.tt/jmhbYUA

Submitted October 05, 2023 at 12:18AM by netsec_burn
via reddit https://ift.tt/4cUyVEG

/r/netsec's Q4 2023 Information Security Hiring Thread
OverviewIf you have open positions at your company for information security professionals and would like to hire from the /r/netsec user base, please leave a comment detailing any open job listings at your company.We would also like to encourage you to post internship positions as well. Many of our readers are currently in school or are just finishing their education.Please reserve top level comments for those posting open positions.Rules & GuidelinesInclude the company name in the post. If you want to be topsykret, go recruit elsewhere. Include the geographic location of the position along with the availability of relocation assistance or remote work.If you are a third party recruiter, you must disclose this in your posting.Please be thorough and upfront with the position details.Use of non-hr'd (realistic) requirements is encouraged.While it's fine to link to the position on your companies website, provide the important details in the comment.Mention if applicants should apply officially through HR, or directly through you.Please clearly list citizenship, visa, and security clearance requirements.You can see an example of acceptable posts by perusing past hiring threads.FeedbackFeedback and suggestions are welcome, but please don't hijack this thread (use moderator mail instead.)

Submitted October 05, 2023 at 12:11AM by netsec_burn
via reddit https://ift.tt/qVAoDt6

Binarly REsearch - Multiple Critical Vulnerabilities in Supermicro BMCs
https://ift.tt/tYpduzv

Submitted October 05, 2023 at 01:49AM by netsec_burn
via reddit https://ift.tt/itdZDYw

Critical Provesc Zero Day in Confluence
https://ift.tt/Wq2blu4

Submitted October 05, 2023 at 02:48AM by Cubensis-n-sanpedro
via reddit https://ift.tt/kYrVjCf

X.Org Hit By New Security Vulnerabilities - Two Date Back To 1988 With X11R2 - Hack Liberty
https://ift.tt/bjxYZ3I

Submitted October 05, 2023 at 05:40AM by DR_Kek-on-twitter
via reddit https://ift.tt/wUytB6r

Pitfalls of relying on eBPF for security monitoring (and some solutions)
https://ift.tt/42Qlfng

Submitted October 05, 2023 at 12:23PM by sanitybit
via reddit https://ift.tt/t9aLo06

Introducing cmloot.py - New tooling for attacking Configuration Manager
https://ift.tt/jHtKn9y

Submitted October 05, 2023 at 03:11PM by ivxrehc
via reddit https://ift.tt/dt0M7G1

Yet More Unauth Remote Command Execution Vulns in Firewalls - Sangfor Edition
https://ift.tt/DsYUGfa

Submitted October 05, 2023 at 02:58PM by dx7r__
via reddit https://ift.tt/FCvgYie

NetHunter Hacker IX: How to use MANA Toolkit to create Wi-Fi rogue access point and intercept traffic
https://ift.tt/zQujfs3

Submitted October 05, 2023 at 04:40PM by barakadua131
via reddit https://ift.tt/ajpEXns

Curl: Severity HIGH security problem to be announced with curl 8.4.0
https://ift.tt/QBSz2sW

Submitted October 05, 2023 at 04:24PM by Wiremask
via reddit https://ift.tt/wBxYgy3

Beyond XSS: Explore the Web Front-end Security Universe
https://ift.tt/1yIZq6g

Submitted October 05, 2023 at 02:26PM by Available-Egg-7367
via reddit https://ift.tt/aE27cSb

GitHub - kitabisa/teler-proxy: 🔐 teler Proxy enabling seamless integration with teler WAF 🛡️ to protect locally running web service against a web-based attacks. 🥷
https://ift.tt/M9PEh8R

Submitted October 06, 2023 at 02:49PM by dwisiswant0
via reddit https://ift.tt/gM5VlXP

8 Commandments of Red Cross (ICRC) to Hacker Groups: Do Not Harm Civilians
https://ift.tt/0EtVT4H

Submitted October 06, 2023 at 04:16PM by ziyahanalbeniz
via reddit https://ift.tt/fPLzNgv