Nginx/Apache Path Confusion to Auth Bypass in PAN-OS (CVE-2025-0108)
https://ift.tt/JbAQ2Ns
Submitted February 13, 2025 at 04:15AM by Mempodipper
via reddit https://ift.tt/LaFhmXN
https://ift.tt/JbAQ2Ns
Submitted February 13, 2025 at 04:15AM by Mempodipper
via reddit https://ift.tt/LaFhmXN
Searchlight Cyber
Nginx/Apache Path Confusion to Auth Bypass in PAN-OS (CVE-2025-0108) › Searchlight Cyber
Assetnote, now a searchlight cyber company, has uncovered a zero day auth bypass in the pan-os management interface new palo alto vulnerabilities discovered A few months ago, the news broke that CVE-2024-0012 and CVE-2024-9474 were under active exploitation…
55 Security Flaws Detected by Microsoft: 2 were Exploited by Hackers
https://ift.tt/EfQmjNH
Submitted February 13, 2025 at 10:21AM by Fabulous_Bluebird931
via reddit https://ift.tt/fMtaZTy
https://ift.tt/EfQmjNH
Submitted February 13, 2025 at 10:21AM by Fabulous_Bluebird931
via reddit https://ift.tt/fMtaZTy
Verdaily
55 Security Flaws Detected by Microsoft: 2 were Exploited by Hackers
Microsoft has patched 55 Windows security flaws in its latest security update, including four zero-day vulnerabilities—two of which were actively exploited by hackers in cyberattacks.
Curious case of AD CS ESC15 vulnerable instance and its manual exploitation
https://ift.tt/adFyxDP
Submitted February 13, 2025 at 07:53PM by 1046ica
via reddit https://ift.tt/pyH6O0g
https://ift.tt/adFyxDP
Submitted February 13, 2025 at 07:53PM by 1046ica
via reddit https://ift.tt/pyH6O0g
www.mannulinux.org
Curious case of AD CS ESC15 vulnerable instance and its manual exploitation
Learn Basic Concepts of Linux. Best site to learn Linux from beginner to Advanced.
Consider joining the OSTIF meetup about Nym's recent audit ennoscriptd "Unmasking Cryptographic Risks: A Deep Dive into the Nym Audit” w/ Nadim Kobeissi
https://lu.ma/o2dasp0m
Submitted February 14, 2025 at 04:26PM by carrotcypher
via reddit https://ift.tt/vIZGyDa
https://lu.ma/o2dasp0m
Submitted February 14, 2025 at 04:26PM by carrotcypher
via reddit https://ift.tt/vIZGyDa
lu.ma
Unmasking Cryptographic Risks: A Deep Dive into the Nym Audit w/ Nadim Kobeissi · Zoom · Luma
Join us for a presentation and meetup with Nadim Kobeissi, Senior Applied Cryptography Auditor of Cure53.
Denoscription
Privacy networks and cryptographic…
Denoscription
Privacy networks and cryptographic…
Writing a Ghidra Processor module for iRISC
https://ift.tt/6IptJ1f
Submitted February 14, 2025 at 11:15PM by jonasrudloff
via reddit https://ift.tt/7EmcIFG
https://ift.tt/6IptJ1f
Submitted February 14, 2025 at 11:15PM by jonasrudloff
via reddit https://ift.tt/7EmcIFG
Applied for an OSINT Job—Turns Out It Never Existed
https://ift.tt/rcWEzoR
Submitted February 15, 2025 at 02:12AM by CLKnDGGR
via reddit https://ift.tt/2eFT71O
https://ift.tt/rcWEzoR
Submitted February 15, 2025 at 02:12AM by CLKnDGGR
via reddit https://ift.tt/2eFT71O
Hetheringtongroup
The Hetherington Group - Expert OSINT Investigations
Expert OSINT investigations and training to keep people, businesses, and assets safe from online threats.
PyCript WebSocket - Burp Suite extension for bypassing client-side encryption in Web Socket Messages
https://ift.tt/OUJ9n4i
Submitted February 15, 2025 at 03:38AM by Ano_F
via reddit https://ift.tt/uVF9Oxq
https://ift.tt/OUJ9n4i
Submitted February 15, 2025 at 03:38AM by Ano_F
via reddit https://ift.tt/uVF9Oxq
GitHub
GitHub - Anof-cyber/PyCript-WebSocket: Burp Suite extension for bypassing client-side encryption for pentesting and bug bounty…
Burp Suite extension for bypassing client-side encryption for pentesting and bug bounty in WebSocket - Anof-cyber/PyCript-WebSocket
CTF Online on 20th Feb
https://ift.tt/1A9w8CL
Submitted February 16, 2025 at 06:55PM by ProfessorFyodor
via reddit https://ift.tt/q4SYif7
https://ift.tt/1A9w8CL
Submitted February 16, 2025 at 06:55PM by ProfessorFyodor
via reddit https://ift.tt/q4SYif7
How to approach network protocol fuzzing
https://ift.tt/moB6I0E
Submitted February 16, 2025 at 11:38PM by Standard_Ad8210
via reddit https://ift.tt/BHS4o2s
https://ift.tt/moB6I0E
Submitted February 16, 2025 at 11:38PM by Standard_Ad8210
via reddit https://ift.tt/BHS4o2s
Announcing the Incident response program pack 1.5
https://ift.tt/D1rGQnh
Submitted February 17, 2025 at 08:15AM by SecTemplates
via reddit https://ift.tt/du7JCc9
https://ift.tt/D1rGQnh
Submitted February 17, 2025 at 08:15AM by SecTemplates
via reddit https://ift.tt/du7JCc9
SecTemplates.com
Announcing the Incident Response Program Pack v1.5
This release is to provide you with everything you need to establish a functioning security incident response program at your company. In this pack, we cover Definitions: This document introduces sample terminology and roles during an incident, the various…
Interactive demo of an SSH honeypot using AI (open-source)
https://ift.tt/mfw72aL
Submitted February 17, 2025 at 10:02PM by MoCyberB3
via reddit https://ift.tt/BA5enHC
https://ift.tt/mfw72aL
Submitted February 17, 2025 at 10:02PM by MoCyberB3
via reddit https://ift.tt/BA5enHC
Trapster
Démo interactive d'un honeypot utilisant l'IA - Trapster
Découvrez notre démo interactive avec intelligence artificielle appliquée à un honeypot SSH.
Arechclient2 (sectopRAT) Analysis – A Highly Obfuscated .NET RAT with Malicious Chrome Extension
https://ift.tt/5WPcFqg
Submitted February 18, 2025 at 04:42PM by anuraggawande
via reddit https://ift.tt/3zicSoe
https://ift.tt/5WPcFqg
Submitted February 18, 2025 at 04:42PM by anuraggawande
via reddit https://ift.tt/3zicSoe
Malware Analysis, Phishing, and Email Scams
Arechclient2 Malware Analysis (sectopRAT)
Overview Arechclient2, also known as sectopRAT, is a Remote Access Trojan (RAT) written in .NET. This malware is highly obfuscated using the calli obfuscator, making its analysis challenging. Despi…
Passkey Raider: Burp Suite Extension for Pentesting Passkey (Pentest & Bug Bounty)
https://ift.tt/He3LM4U
Submitted February 18, 2025 at 05:44PM by catsec
via reddit https://ift.tt/d20ikug
https://ift.tt/He3LM4U
Submitted February 18, 2025 at 05:44PM by catsec
via reddit https://ift.tt/d20ikug
GitHub
GitHub - siamthanathack/Passkey-Raider: Burp Suite extension for testing Passkey systems.
Burp Suite extension for testing Passkey systems. Contribute to siamthanathack/Passkey-Raider development by creating an account on GitHub.
Basic Red Team Certification Pathway
https://ift.tt/hsykTJS
Submitted February 18, 2025 at 07:13PM by Lumpzor
via reddit https://ift.tt/tAml9Xu
https://ift.tt/hsykTJS
Submitted February 18, 2025 at 07:13PM by Lumpzor
via reddit https://ift.tt/tAml9Xu
Microsoft Edge Developer VM Remote Code Execution
https://ift.tt/jh10FGT
Submitted February 18, 2025 at 07:58PM by fqm
via reddit https://ift.tt/sNdtAXl
https://ift.tt/jh10FGT
Submitted February 18, 2025 at 07:58PM by fqm
via reddit https://ift.tt/sNdtAXl
Everyday Ghidra: How Platform Choice Influences Ghidra’s Binary Analysis
https://ift.tt/0qHQYFL
Submitted February 18, 2025 at 09:28PM by onlinereadme
via reddit https://ift.tt/09pGVHa
https://ift.tt/0qHQYFL
Submitted February 18, 2025 at 09:28PM by onlinereadme
via reddit https://ift.tt/09pGVHa
Medium
Everyday Ghidra: How Platform Choice Influences Ghidra’s Binary Analysis
Where you choose to “fly your dragon” truly matters. Learn the RE impacts of your runtime platform.
Reinventing PowerShell in C/C++
https://ift.tt/4JynPgY
Submitted February 19, 2025 at 03:00PM by AlmondOffSec
via reddit https://ift.tt/6mjFMyv
https://ift.tt/4JynPgY
Submitted February 19, 2025 at 03:00PM by AlmondOffSec
via reddit https://ift.tt/6mjFMyv
Ivanti Endpoint Manager Credential Coercion Vulnerabilities Deep-Dive
https://ift.tt/y6KW45Y
Submitted February 19, 2025 at 06:13PM by scopedsecurity
via reddit https://ift.tt/O8q2ItP
https://ift.tt/y6KW45Y
Submitted February 19, 2025 at 06:13PM by scopedsecurity
via reddit https://ift.tt/O8q2ItP
Horizon3.ai
Ivanti Endpoint Manager Vulnerabilities: Critical CVEs & Exploit Details
Critical Ivanti Endpoint Manager vulnerabilities revealed—learn about CVE exploits and mitigation.
Achieving RCE in famous Japanese chat tool with an obsolete Electron feature
https://ift.tt/JZucUap
Submitted February 19, 2025 at 08:40PM by toyojuni
via reddit https://ift.tt/kaQdhul
https://ift.tt/JZucUap
Submitted February 19, 2025 at 08:40PM by toyojuni
via reddit https://ift.tt/kaQdhul
GMO Flatt Security Research
Achieving RCE in famous Japanese chat tool with an obsolete Electron feature
Introduction
Hello, I’m RyotaK (@ryotkak
), a security engineer at GMO Flatt Security Inc.
A while ago, I reported a remote code execution vulnerability
that chains multiple problems in Chatwork, a popular communication tool in Japan.
In the report that…
Hello, I’m RyotaK (@ryotkak
), a security engineer at GMO Flatt Security Inc.
A while ago, I reported a remote code execution vulnerability
that chains multiple problems in Chatwork, a popular communication tool in Japan.
In the report that…
How to prove false statements? (Part 3)
https://ift.tt/LAonDWQ
Submitted February 20, 2025 at 05:01AM by feross
via reddit https://ift.tt/reJnGgi
https://ift.tt/LAonDWQ
Submitted February 20, 2025 at 05:01AM by feross
via reddit https://ift.tt/reJnGgi
A Few Thoughts on Cryptographic Engineering
How to prove false statements? (Part 3)
This is the third and penultimate post in a series about theoretical weaknesses in Fiat-Shamir as applied to proof systems. The first post is here, the second post is here, and you should probably …
How vulnerable are company leaders to phishing attacks ? Results of our study
https://ift.tt/3CZR1rs
Submitted February 20, 2025 at 08:21AM by Hackmosphere
via reddit https://ift.tt/FvBjM5E
https://ift.tt/3CZR1rs
Submitted February 20, 2025 at 08:21AM by Hackmosphere
via reddit https://ift.tt/FvBjM5E
Hackmosphere
Campagne de phishing : Les décideurs sont-ils vulnérables ? - Hackmosphere
Les décideurs d’entreprise sont-ils vraiment prêts à contrer les cyberattaques ? Découvrez les résultats surprenants d’une campagne de phishing ciblant CEOs et CTOs, et apprenez comment renforcer votre défense contre ces menaces invisibles.