Exim ZDI 0days -90s Vulns In 90s Software, Is the Sky Falling?
https://ift.tt/UymSuJa

Submitted October 02, 2023 at 05:42PM by dx7r__
via reddit https://ift.tt/OdURpKH

cURL maintainers are cutting the release cycle short and will release curl 8.4.0 on October 11, including a fix for a severity HIGH CVE. Buckle up.
https://daniel.haxx.se/

Submitted October 04, 2023 at 03:19PM by Pineapple_Expressed
via reddit https://ift.tt/qOZpUg4

A Practical Approach to SBOM in CI/CD Part III — Tracking SBOMs with Dependency-Track
https://ift.tt/vXmkh4q

Submitted October 04, 2023 at 10:06PM by theowni
via reddit https://ift.tt/Zt0xP8f

PoC exploit for CVE-2023-4911 "Looney Tunables"
https://ift.tt/jmhbYUA

Submitted October 05, 2023 at 12:18AM by netsec_burn
via reddit https://ift.tt/4cUyVEG

/r/netsec's Q4 2023 Information Security Hiring Thread
OverviewIf you have open positions at your company for information security professionals and would like to hire from the /r/netsec user base, please leave a comment detailing any open job listings at your company.We would also like to encourage you to post internship positions as well. Many of our readers are currently in school or are just finishing their education.Please reserve top level comments for those posting open positions.Rules & GuidelinesInclude the company name in the post. If you want to be topsykret, go recruit elsewhere. Include the geographic location of the position along with the availability of relocation assistance or remote work.If you are a third party recruiter, you must disclose this in your posting.Please be thorough and upfront with the position details.Use of non-hr'd (realistic) requirements is encouraged.While it's fine to link to the position on your companies website, provide the important details in the comment.Mention if applicants should apply officially through HR, or directly through you.Please clearly list citizenship, visa, and security clearance requirements.You can see an example of acceptable posts by perusing past hiring threads.FeedbackFeedback and suggestions are welcome, but please don't hijack this thread (use moderator mail instead.)

Submitted October 05, 2023 at 12:11AM by netsec_burn
via reddit https://ift.tt/qVAoDt6

Binarly REsearch - Multiple Critical Vulnerabilities in Supermicro BMCs
https://ift.tt/tYpduzv

Submitted October 05, 2023 at 01:49AM by netsec_burn
via reddit https://ift.tt/itdZDYw

Critical Provesc Zero Day in Confluence
https://ift.tt/Wq2blu4

Submitted October 05, 2023 at 02:48AM by Cubensis-n-sanpedro
via reddit https://ift.tt/kYrVjCf

X.Org Hit By New Security Vulnerabilities - Two Date Back To 1988 With X11R2 - Hack Liberty
https://ift.tt/bjxYZ3I

Submitted October 05, 2023 at 05:40AM by DR_Kek-on-twitter
via reddit https://ift.tt/wUytB6r

Pitfalls of relying on eBPF for security monitoring (and some solutions)
https://ift.tt/42Qlfng

Submitted October 05, 2023 at 12:23PM by sanitybit
via reddit https://ift.tt/t9aLo06

Introducing cmloot.py - New tooling for attacking Configuration Manager
https://ift.tt/jHtKn9y

Submitted October 05, 2023 at 03:11PM by ivxrehc
via reddit https://ift.tt/dt0M7G1

Yet More Unauth Remote Command Execution Vulns in Firewalls - Sangfor Edition
https://ift.tt/DsYUGfa

Submitted October 05, 2023 at 02:58PM by dx7r__
via reddit https://ift.tt/FCvgYie

NetHunter Hacker IX: How to use MANA Toolkit to create Wi-Fi rogue access point and intercept traffic
https://ift.tt/zQujfs3

Submitted October 05, 2023 at 04:40PM by barakadua131
via reddit https://ift.tt/ajpEXns

Curl: Severity HIGH security problem to be announced with curl 8.4.0
https://ift.tt/QBSz2sW

Submitted October 05, 2023 at 04:24PM by Wiremask
via reddit https://ift.tt/wBxYgy3

Beyond XSS: Explore the Web Front-end Security Universe
https://ift.tt/1yIZq6g

Submitted October 05, 2023 at 02:26PM by Available-Egg-7367
via reddit https://ift.tt/aE27cSb

GitHub - kitabisa/teler-proxy: 🔐 teler Proxy enabling seamless integration with teler WAF 🛡️ to protect locally running web service against a web-based attacks. 🥷
https://ift.tt/M9PEh8R

Submitted October 06, 2023 at 02:49PM by dwisiswant0
via reddit https://ift.tt/gM5VlXP

8 Commandments of Red Cross (ICRC) to Hacker Groups: Do Not Harm Civilians
https://ift.tt/0EtVT4H

Submitted October 06, 2023 at 04:16PM by ziyahanalbeniz
via reddit https://ift.tt/fPLzNgv

Predator Files: Technical deep-dive into Intellexa Alliance's surveillance products
https://ift.tt/Jfukc9E

Submitted October 06, 2023 at 06:13PM by DonnchaOC
via reddit https://ift.tt/pMbK94O

To Schnorr and beyond (Part 1)
https://ift.tt/8BT5sIV

Submitted October 06, 2023 at 07:31PM by feross
via reddit https://ift.tt/RWYDHsf

Vulnerabilities.io - A single pane of glass for your software and software supply chain risks. We're a new platform and looking for user trials and feedback. Identify secrets in code, generate real-time software bill of materials and discover vulnerable third party dependencies. Sign up for free!
https://ift.tt/GEUmP5K

Submitted October 07, 2023 at 02:14AM by VulnerabilitiesIo
via reddit https://ift.tt/z7BsV6S

Python scanner for critical Atlassian Confluence vulnerability (CVE-2023-22515)
https://ift.tt/f35Q1r6

Submitted October 07, 2023 at 03:20AM by kalibabka
via reddit https://ift.tt/gGJm3ZS

Phishing 2FA 25 years ago
https://ift.tt/Khlpeqj

Submitted October 07, 2023 at 03:14AM by nantucket
via reddit https://ift.tt/YOABG6E