Sustaining Digital Certificate Security - Entrust Certificate Distrust
https://ift.tt/8bZSfOc
Submitted June 28, 2024 at 01:12AM by SlyFuu
via reddit https://ift.tt/AeqmF1Y
https://ift.tt/8bZSfOc
Submitted June 28, 2024 at 01:12AM by SlyFuu
via reddit https://ift.tt/AeqmF1Y
Google Online Security Blog
Sustaining Digital Certificate Security - Entrust Certificate Distrust
Posted by Chrome Root Program, Chrome Security Team Update (09/10/2024): In support of more closely aligning Chrome’s planned compliance ...
17 vulnerabilities in Sharp Multi-Function Printers
https://ift.tt/2cyz8AT
Submitted June 28, 2024 at 02:02AM by PierreKimSec
via reddit https://ift.tt/miTYPIo
https://ift.tt/2cyz8AT
Submitted June 28, 2024 at 02:02AM by PierreKimSec
via reddit https://ift.tt/miTYPIo
South Korean telecom company attacks customers with malware — over 600,000 torrent users report missing files, strange folders, and disabled PCs
https://ift.tt/tR0Amfh
Submitted June 28, 2024 at 02:59AM by Jacko10101010101
via reddit https://ift.tt/0nrgde8
https://ift.tt/tR0Amfh
Submitted June 28, 2024 at 02:59AM by Jacko10101010101
via reddit https://ift.tt/0nrgde8
Tom's Hardware
South Korean telecom company attacks customers with malware — over 600,000 torrent users report missing files, strange folders…
ISP sends malware to hundreds of thousands of customers to stop them from using a file-sharing service.
Understanding Protected Management Frames - Part 2
https://ift.tt/Ricg4lk
Submitted June 28, 2024 at 01:27PM by thexerocouk
via reddit https://ift.tt/pFmI0Ry
https://ift.tt/Ricg4lk
Submitted June 28, 2024 at 01:27PM by thexerocouk
via reddit https://ift.tt/pFmI0Ry
Seeking Feedback on a New Security Tool - Secunetcon
https://ift.tt/4BXCSvy
Submitted June 29, 2024 at 07:57PM by juliusthejules
via reddit https://ift.tt/Xdwng6l
https://ift.tt/4BXCSvy
Submitted June 29, 2024 at 07:57PM by juliusthejules
via reddit https://ift.tt/Xdwng6l
Bytecode Breakdown: Unraveling Factorio's Lua Security Flaws
https://ift.tt/8vMmkID
Submitted June 29, 2024 at 09:59PM by Beginning_Ad_1705
via reddit https://ift.tt/0Zgzcjs
https://ift.tt/8vMmkID
Submitted June 29, 2024 at 09:59PM by Beginning_Ad_1705
via reddit https://ift.tt/0Zgzcjs
memorycorruption.net
Bytecode Breakdown: Unraveling Factorio's Lua Security Flaws
Dynamic languages are safe from memory corruptions bugs, right?
Postviewer V3 - Racing All The Way To Glory (Google CTF)
https://ift.tt/Is7dhbM
Submitted July 01, 2024 at 02:22AM by Caustic66
via reddit https://ift.tt/xVCOWzX
https://ift.tt/Is7dhbM
Submitted July 01, 2024 at 02:22AM by Caustic66
via reddit https://ift.tt/xVCOWzX
Eyald
Postviewer V3 - Racing All The Way To Glory - Eyal D.
CVE-2024-27292: docAssembling exploits for RCE
https://ift.tt/Xp2Qkgz
Submitted July 01, 2024 at 12:50PM by _pimps
via reddit https://ift.tt/MXrhvOW
https://ift.tt/Xp2Qkgz
Submitted July 01, 2024 at 12:50PM by _pimps
via reddit https://ift.tt/MXrhvOW
Tanto Security
CVE-2024-27292: docAssembling exploits for RCE
Chaining vulnerabilities to execute code in Docassemble
regreSSHion: RCE in OpenSSH's server, on glibc-based Linux systems(CVE-2024-6387)
https://ift.tt/CvFV02o
Submitted July 01, 2024 at 02:33PM by poltess0
via reddit https://ift.tt/8mkENQZ
https://ift.tt/CvFV02o
Submitted July 01, 2024 at 02:33PM by poltess0
via reddit https://ift.tt/8mkENQZ
LaZagne: Open-source password recovery tool
https://ift.tt/pyIGSXf
Submitted July 01, 2024 at 05:33PM by Justin_coco
via reddit https://ift.tt/g9Q4oi1
https://ift.tt/pyIGSXf
Submitted July 01, 2024 at 05:33PM by Justin_coco
via reddit https://ift.tt/g9Q4oi1
Medium
LaZagne: Uncovering Passwords Like a Pro
In the realm of cybersecurity, the ability to recover passwords can be both a powerful tool and a significant threat. LaZagne, an…
regreSSHion: RCE Vulnerability in OpenSSH (CVE-2024-6387)
https://ift.tt/zvZ7ODI
Submitted July 02, 2024 at 10:14AM by oshratn
via reddit https://ift.tt/q9rOy4V
https://ift.tt/zvZ7ODI
Submitted July 02, 2024 at 10:14AM by oshratn
via reddit https://ift.tt/q9rOy4V
ARMO
regreSSHion: RCE Vulnerability in OpenSSH (CVE-2024-6387)
Learn about regreSSHion, the high severity RCE vulnerability (CVE-2024-6387) in OpenSSH, its impact, and protection measures
Evolution of Wi-Fi Security - From WEP to WPA3
https://ift.tt/N2iJR7g
Submitted July 02, 2024 at 12:58PM by thexerocouk
via reddit https://ift.tt/QdmKkgw
https://ift.tt/N2iJR7g
Submitted July 02, 2024 at 12:58PM by thexerocouk
via reddit https://ift.tt/QdmKkgw
BlueToolkit - automated and portable Bluetooth vulnerability testing framework against 43 exploits
https://ift.tt/IvnSNiC
Submitted July 02, 2024 at 02:30PM by barakadua131
via reddit https://ift.tt/1FoQpw3
https://ift.tt/IvnSNiC
Submitted July 02, 2024 at 02:30PM by barakadua131
via reddit https://ift.tt/1FoQpw3
Mobile Hacker
Uncover Bluetooth Vulnerabilities with BlueToolkit
BlueToolkit is designed to uncover both new and old vulnerabilities in Bluetooth-enabled devices. This makes it a capable tool for vulnerability research, penetration testing, and Bluetooth hacking
Race Conditions Found in Open-source IAM Solution Keycloak
https://ift.tt/4IZvtYj
Submitted July 02, 2024 at 06:44PM by jat0369
via reddit https://ift.tt/FZn6HMD
https://ift.tt/4IZvtYj
Submitted July 02, 2024 at 06:44PM by jat0369
via reddit https://ift.tt/FZn6HMD
Cyberark
You Can’t Always Win Racing the (Key)cloak
Web Race Conditions – Success and Failure – a Keycloak Case Study In today’s connected world, many organizations’ “keys to the kingdom” are held in identity and access management (IAM) solutions;...
Kirin: Hitting the Internet with Distributed BGP Announcements
https://ift.tt/FEIDX8n
Submitted July 02, 2024 at 11:05PM by 0x414141
via reddit https://ift.tt/3cpPWSg
https://ift.tt/FEIDX8n
Submitted July 02, 2024 at 11:05PM by 0x414141
via reddit https://ift.tt/3cpPWSg
Unpatched RCE Vulnerabilities in Gogs: Argument Injection in the Built-In SSH Server
https://ift.tt/xjyePDd
Submitted July 03, 2024 at 01:38AM by SonarPaul
via reddit https://ift.tt/ZQKRGSc
https://ift.tt/xjyePDd
Submitted July 03, 2024 at 01:38AM by SonarPaul
via reddit https://ift.tt/ZQKRGSc
Sonarsource
Unpatched Gogs Vulnerabilities: SSH Argument Injection (1/2)
We discovered 4 critical code vulnerabilities in Gogs, a source code hosting solution, which are still unpatched. Read about the details and how to protect yourself.
Exploiting Client-Side Path Traversal to Perform Cross-Site Request Forgery (CSPT2CSRF)
https://ift.tt/SwDY4kX
Submitted July 03, 2024 at 02:15AM by nibblesec
via reddit https://ift.tt/q9j8A7a
https://ift.tt/SwDY4kX
Submitted July 03, 2024 at 02:15AM by nibblesec
via reddit https://ift.tt/q9j8A7a
Doyensec
Exploiting Client-Side Path Traversal to Perform Cross-Site Request Forgery - Introducing CSPT2CSRF
To provide users with a safer browsing experience, the IETF proposal named “Incrementally Better Cookies” set in motion a few important changes to address Cross-Site Request Forgery (CSRF) and other client-side issues. Soon after, Chrome and other major browsers…
Vulnerabilities in CocoaPods Open the Door to Supply Chain Attacks Against Thousands of iOS and MacOS Applications
https://ift.tt/78dkGcv
Submitted July 03, 2024 at 05:46PM by eranvak
via reddit https://ift.tt/2SVZ68f
https://ift.tt/78dkGcv
Submitted July 03, 2024 at 05:46PM by eranvak
via reddit https://ift.tt/2SVZ68f
www.evasec.io
Vulnerabilities in CocoaPods Open the Door to Supply Chain Attacks Against Thousands of iOS and MacOS Applications | E.V.A
Multiple vulnerabilities affecting the CocoaPods ecosystem, have been discovered, posing a major risk of supply chain attacks.
Execute ELF binaries without ever dropping them on disk
https://ift.tt/ZWJEBLX
Submitted July 03, 2024 at 08:50PM by crower
via reddit https://ift.tt/rxqHuvd
https://ift.tt/ZWJEBLX
Submitted July 03, 2024 at 08:50PM by crower
via reddit https://ift.tt/rxqHuvd
GitHub
GitHub - nnsee/fileless-elf-exec: Execute ELF files without dropping them on disk
Execute ELF files without dropping them on disk. Contribute to nnsee/fileless-elf-exec development by creating an account on GitHub.
Kali NetHunter 101: List of 16 blogs as a guide to mobile pentesting
https://ift.tt/wC6SJ4r
Submitted July 04, 2024 at 01:44PM by barakadua131
via reddit https://ift.tt/incFvsM
https://ift.tt/wC6SJ4r
Submitted July 04, 2024 at 01:44PM by barakadua131
via reddit https://ift.tt/incFvsM
Mobile Hacker
Kali NetHunter 101: Your Path to Mobile Ethical Hacking
This is a recap of a complete NetHunter Hacker series where I covered various aspects of Kali NetHunter providing detailed insights, tutorials, and practical examples to help you harness its capabilities to its fullest potential. Quick video introduction…
Raising Beacons without UDRL and teaching them how to sleep
https://ift.tt/vHluVUC
Submitted July 04, 2024 at 06:52PM by naksyn_
via reddit https://ift.tt/jUZWlOk
https://ift.tt/vHluVUC
Submitted July 04, 2024 at 06:52PM by naksyn_
via reddit https://ift.tt/jUZWlOk
Naksyn’s blog
Raising Beacons without UDRLs and Teaching them How to Sleep
UDRLs and prepended loaders aren’t the only way to execute a raw payload and get a direct hooking in place. In the case of Cobalt Strike, a generic PE loader can be tweaked to execute an UDRL-less Beacon and get direct hooking for an easier prototyping of…