Furry hacking group SiegedSec announces breach of 2 Israeli companies
https://ift.tt/R01dnVl
Submitted July 17, 2024 at 09:11AM by Evropa_TheLastBattle
via reddit https://ift.tt/skuSPJD
https://ift.tt/R01dnVl
Submitted July 17, 2024 at 09:11AM by Evropa_TheLastBattle
via reddit https://ift.tt/skuSPJD
The Daily Dot
‘Tip of the iceberg’: Furry hacking group SiegedSec announces breach of 2 Israeli companies
'This is only the tip of the iceberg of what we're working on.'
Leveraging Automated Firmware Analysis with the Open-Source Firmware Analyzer EMBA
https://ift.tt/mHqvP34
Submitted July 17, 2024 at 06:27PM by _m-1-k-3_
via reddit https://ift.tt/FfhlIN6
https://ift.tt/mHqvP34
Submitted July 17, 2024 at 06:27PM by _m-1-k-3_
via reddit https://ift.tt/FfhlIN6
Medium
Leveraging Automated Firmware Analysis with the Open-Source Firmware Analyzer EMBA
The Internet of Things (IoT) ecosystem as well as critical infrastructure represents a rapidly growing technology field that connects…
Windows Installer Custom Actions Privilege Escalation Vulnerability
https://ift.tt/57znNhc
Submitted July 18, 2024 at 01:20PM by nibblesec
via reddit https://ift.tt/R3Ihqzp
https://ift.tt/57znNhc
Submitted July 18, 2024 at 01:20PM by nibblesec
via reddit https://ift.tt/R3Ihqzp
Attacking Connection Tracking Frameworks as used by VPN
https://ift.tt/3OwJ9WL
Submitted July 18, 2024 at 01:47PM by fo0
via reddit https://ift.tt/BcJux4w
https://ift.tt/3OwJ9WL
Submitted July 18, 2024 at 01:47PM by fo0
via reddit https://ift.tt/BcJux4w
Respotter - a honeypot for Responder
https://ift.tt/qjaYBsy
Submitted July 18, 2024 at 02:37AM by doctormay6
via reddit https://ift.tt/Es3ZpJ9
https://ift.tt/qjaYBsy
Submitted July 18, 2024 at 02:37AM by doctormay6
via reddit https://ift.tt/Es3ZpJ9
GitHub
GitHub - lawndoc/Respotter: Respotter is a Responder honeypot. Detect Responder in your environment as soon as it's spun up.
Respotter is a Responder honeypot. Detect Responder in your environment as soon as it's spun up. - lawndoc/Respotter
/r/netsec's Q3 2024 Information Security Hiring Thread
OverviewIf you have open positions at your company for information security professionals and would like to hire from the /r/netsec user base, please leave a comment detailing any open job listings at your company.We would also like to encourage you to post internship positions as well. Many of our readers are currently in school or are just finishing their education.Please reserve top level comments for those posting open positions.Rules & GuidelinesInclude the company name in the post. If you want to be topsykret, go recruit elsewhere. Include the geographic location of the position along with the availability of relocation assistance or remote work.If you are a third party recruiter, you must disclose this in your posting.Please be thorough and upfront with the position details.Use of non-hr'd (realistic) requirements is encouraged.While it's fine to link to the position on your companies website, provide the important details in the comment.Mention if applicants should apply officially through HR, or directly through you.Please clearly list citizenship, visa, and security clearance requirements.You can see an example of acceptable posts by perusing past hiring threads.FeedbackFeedback and suggestions are welcome, but please don't hijack this thread (use moderator mail instead.)
Submitted July 19, 2024 at 06:57PM by netsec_burn
via reddit https://ift.tt/HKfrbky
OverviewIf you have open positions at your company for information security professionals and would like to hire from the /r/netsec user base, please leave a comment detailing any open job listings at your company.We would also like to encourage you to post internship positions as well. Many of our readers are currently in school or are just finishing their education.Please reserve top level comments for those posting open positions.Rules & GuidelinesInclude the company name in the post. If you want to be topsykret, go recruit elsewhere. Include the geographic location of the position along with the availability of relocation assistance or remote work.If you are a third party recruiter, you must disclose this in your posting.Please be thorough and upfront with the position details.Use of non-hr'd (realistic) requirements is encouraged.While it's fine to link to the position on your companies website, provide the important details in the comment.Mention if applicants should apply officially through HR, or directly through you.Please clearly list citizenship, visa, and security clearance requirements.You can see an example of acceptable posts by perusing past hiring threads.FeedbackFeedback and suggestions are welcome, but please don't hijack this thread (use moderator mail instead.)
Submitted July 19, 2024 at 06:57PM by netsec_burn
via reddit https://ift.tt/HKfrbky
Reddit
From the netsec community on Reddit
Explore this post and more from the netsec community
PARODY: I survived CrowdStrike Gate - 20240719 | Swag Apparel
https://ift.tt/jDuFkA6
Submitted July 19, 2024 at 09:16PM by ShotokanZH
via reddit https://ift.tt/Gtr8K26
https://ift.tt/jDuFkA6
Submitted July 19, 2024 at 09:16PM by ShotokanZH
via reddit https://ift.tt/Gtr8K26
Crowdstrike Outage brings down the Internet
https://ift.tt/BOiycsI
Submitted July 19, 2024 at 10:25PM by Altrntiv-to-security
via reddit https://ift.tt/yA7DiE4
https://ift.tt/BOiycsI
Submitted July 19, 2024 at 10:25PM by Altrntiv-to-security
via reddit https://ift.tt/yA7DiE4
DarkRelay
Crowdstrike Outage: Critical Services Impacted
Windows users have encountered a significant outage, part of a global outage. On July 19, 2024, Crowdstrike users experienced outage
Electron JS ASAR Integrity Bypass
https://ift.tt/litjFBf
Submitted July 20, 2024 at 12:42AM by Ano_F
via reddit https://ift.tt/aTXUPrl
https://ift.tt/litjFBf
Submitted July 20, 2024 at 12:42AM by Ano_F
via reddit https://ift.tt/aTXUPrl
Medium
Electron JS ASAR Integrity Bypass
I recently created an Electron JS-based Windows and MacOS application. The newer version of Electron has Integrity detection which…
RDP security consequences of TLS vs. NLA from a threat exposure perspective - GoSecure
https://ift.tt/ot9WiCE
Submitted July 20, 2024 at 04:24AM by Willsec
via reddit https://ift.tt/MxLsfgS
https://ift.tt/ot9WiCE
Submitted July 20, 2024 at 04:24AM by Willsec
via reddit https://ift.tt/MxLsfgS
GoSecure
Navigating the RDP security consequences of TLS vs. NLA from a threat exposure perspective
This blogpost explores the choice of security protocols and their consequences RDP Security by navigating Transport Layer Security (TLS) and Network Level Authentication (NLA) of Remote Desktop Protocol (RDP). Attack Trends and Geographic Dynamics are explored…
🚀 Excited to share my blog on Trusted Platform Computing!This blog aims to explain the complexities of #TPM, making them accessible and relevant to our daily tech interactions and possibly creating solutions around it.
https://ift.tt/qLAXaW7
Submitted July 21, 2024 at 07:17PM by L0u51f3r007
via reddit https://ift.tt/OlVstLh
https://ift.tt/qLAXaW7
Submitted July 21, 2024 at 07:17PM by L0u51f3r007
via reddit https://ift.tt/OlVstLh
S3curity Ninja
Trusted Platform Module (TPM)
Discover Trusted Platform Modules (TPMs) for boosted security in computing. Understand their history, functions, architecture and use-cases.
Comprehensive Guide to Purchasing the Best NetFlow Analyzer 2024
https://ift.tt/UR2B9qd
Submitted July 22, 2024 at 12:03PM by Suitable_Grab8859
via reddit https://ift.tt/0PrGHQC
https://ift.tt/UR2B9qd
Submitted July 22, 2024 at 12:03PM by Suitable_Grab8859
via reddit https://ift.tt/0PrGHQC
Trisul Network Analytics
Purchasing NetFlow Analyzer In 2024: A Comprehensive Guide - Trisul
Investing in a NetFlow Analyzer boosts operational excellence and ROI. This guide will help you find the right fit.
A public database "The API Threat Landscape", summarizing information about publicly disclosed API security data breaches from 2022
https://ift.tt/IGANSyK
Submitted July 22, 2024 at 01:55PM by AlarmingApartment236
via reddit https://ift.tt/JwpWrRU
https://ift.tt/IGANSyK
Submitted July 22, 2024 at 01:55PM by AlarmingApartment236
via reddit https://ift.tt/JwpWrRU
Hacking a High End Fan Away From Its Cloud Overlords
https://ift.tt/UBD8JqN
Submitted July 22, 2024 at 03:39PM by ouaibe
via reddit https://ift.tt/LdcKwBH
https://ift.tt/UBD8JqN
Submitted July 22, 2024 at 03:39PM by ouaibe
via reddit https://ift.tt/LdcKwBH
GitHub
GitHub - ouaibe/dreo-cloudcutter: A repository describing how we can cut some Dreo fans from the cloud, allowing them to run completely…
A repository describing how we can cut some Dreo fans from the cloud, allowing them to run completely locally via HA. - ouaibe/dreo-cloudcutter
WebAssembly and Security: a review
https://ift.tt/o7xmqEV
Submitted July 22, 2024 at 07:30PM by daindragon2
via reddit https://ift.tt/ktfhC72
https://ift.tt/o7xmqEV
Submitted July 22, 2024 at 07:30PM by daindragon2
via reddit https://ift.tt/ktfhC72
arXiv.org
WebAssembly and Security: a review
WebAssembly is revolutionizing the approach to developing modern applications. Although this technology was born to create portable and performant modules in web browsers, currently, its...
3 ways to get Remote Code Execution in Kafka UI
https://ift.tt/GeymU6O
Submitted July 22, 2024 at 08:54PM by artsploit
via reddit https://ift.tt/oaEjX1I
https://ift.tt/GeymU6O
Submitted July 22, 2024 at 08:54PM by artsploit
via reddit https://ift.tt/oaEjX1I
The GitHub Blog
3 ways to get Remote Code Execution in Kafka UI
In this blog post, we'll explain how we discovered three critical vulnerabilities in Kafka UI and how they can be exploited.
Inside Doppelganger – How Russia uses EU companies for its propaganda
https://ift.tt/nvt9yj8
Submitted July 22, 2024 at 10:37PM by Substantial-Bag202
via reddit https://ift.tt/jcG0syW
https://ift.tt/nvt9yj8
Submitted July 22, 2024 at 10:37PM by Substantial-Bag202
via reddit https://ift.tt/jcG0syW
CORRECTIV
Inside Doppelganger – How Russia uses EU companies for its propaganda
How Doppelganger, one of the biggest Russian disinformation campaigns, is using EU companies to keep spreading its propaganda – despite sanctions.
Web Browser Notification Threat More Alarming than Expected - GoSecure
https://ift.tt/oGjmTPZ
Submitted July 23, 2024 at 12:00AM by Willsec
via reddit https://ift.tt/2LeaSdB
https://ift.tt/oGjmTPZ
Submitted July 23, 2024 at 12:00AM by Willsec
via reddit https://ift.tt/2LeaSdB
GoSecure
Web Browser Notification Threat More Alarming than Expected
Explore our recent investigation that reveals how web browser notification service workers are being exploited by malicious actors to deliver ads and harmful code without detection. This blog discusses the techniques used, including undetectable user interaction…
Ronin 2.1.0 has finally been released! This release includes new database tables, new payloads, a new recon engine, a local Web UI, and more. Ronin is a Ruby toolkit for security research and development.
https://ift.tt/ENKo7pi
Submitted July 23, 2024 at 05:07AM by postmodern
via reddit https://ift.tt/ATHJPVu
https://ift.tt/ENKo7pi
Submitted July 23, 2024 at 05:07AM by postmodern
via reddit https://ift.tt/ATHJPVu
Announcing the incident response program pack 1.0
https://ift.tt/4YlUKyC
Submitted July 23, 2024 at 06:42AM by SecTemplates
via reddit https://ift.tt/2Li4hmC
https://ift.tt/4YlUKyC
Submitted July 23, 2024 at 06:42AM by SecTemplates
via reddit https://ift.tt/2Li4hmC
SecTemplates.com
Announcing the incident response program pack 1.0
I'm pleased to announce our first release, the Incident Response Program Pack. The goal of this release is to provide you with everything you need to establish a functioning security incident response program at your company. In this pack, we cover Definitions:…
Cursed tapes: Exploiting the EvilVideo vulnerability on Telegram for Android
https://ift.tt/0BD8jCR
Submitted July 23, 2024 at 03:26PM by _vavkamil_
via reddit https://ift.tt/xAif71S
https://ift.tt/0BD8jCR
Submitted July 23, 2024 at 03:26PM by _vavkamil_
via reddit https://ift.tt/xAif71S
Welivesecurity
Cursed tapes: Exploiting the EvilVideo vulnerability on Telegram for Android
ESET researchers discovered a zero-day Telegram for Android exploit that allows sending malicious files disguised as videos.