Playing in the Remote Sandbox: Adobe Flash Windows User Credentials Disclosure Vulnerability (CVE-2017-3085)
http://ift.tt/2vT244A
Submitted August 11, 2017 at 12:45AM by campuscodi
via reddit http://ift.tt/2utTHZA
http://ift.tt/2vT244A
Submitted August 11, 2017 at 12:45AM by campuscodi
via reddit http://ift.tt/2utTHZA
reddit
Playing in the Remote Sandbox: Adobe Flash Windows User... • r/netsec
12 points and 0 comments so far on reddit
[TUTORIAL] How to make USB Rubber Ducky using USB drive
http://ift.tt/1WCkdei
Submitted August 11, 2017 at 03:41AM by _____WINTERMUTE_____
via reddit http://ift.tt/2hORmq9
http://ift.tt/1WCkdei
Submitted August 11, 2017 at 03:41AM by _____WINTERMUTE_____
via reddit http://ift.tt/2hORmq9
reddit
[TUTORIAL] How to make USB Rubber Ducky using USB drive • r/netsec
1 points and 0 comments so far on reddit
Introducing (n+1)sec – a protocol for distributed multiparty chat encryption
http://ift.tt/2vU48ck
Submitted August 11, 2017 at 04:00AM by thewonderment
via reddit http://ift.tt/2wMT9Pm
http://ift.tt/2vU48ck
Submitted August 11, 2017 at 04:00AM by thewonderment
via reddit http://ift.tt/2wMT9Pm
reddit
Introducing (n+1)sec – a protocol for distributed... • r/netsec
1 points and 1 comments so far on reddit
Arbitrary code execution via crafted ssh:// in Git (CVE-2017-1000117)
http://ift.tt/2vrnGTq
Submitted August 11, 2017 at 04:36AM by nebs0n
via reddit http://ift.tt/2uuFaNg
http://ift.tt/2vrnGTq
Submitted August 11, 2017 at 04:36AM by nebs0n
via reddit http://ift.tt/2uuFaNg
reddit
Arbitrary code execution via crafted ssh:// in Git... • r/netsec
4 points and 0 comments so far on reddit
7 Short Links on Operational Security Machine Learning
http://ift.tt/2vsCWzo
Submitted August 11, 2017 at 03:25PM by jt6211
via reddit http://ift.tt/2vV3Djk
http://ift.tt/2vsCWzo
Submitted August 11, 2017 at 03:25PM by jt6211
via reddit http://ift.tt/2vV3Djk
covert.io
7 Short Links on Operational Security Machine Learning
A short listing of recent paper's I've read or plan to read on operational security machine learning
The end of the billion-user Password:Impossible (on the cost of misguided password policies)
http://ift.tt/2wOsq4T
Submitted August 11, 2017 at 05:11PM by sjmurdoch
via reddit http://ift.tt/2vWn8Ho
http://ift.tt/2wOsq4T
Submitted August 11, 2017 at 05:11PM by sjmurdoch
via reddit http://ift.tt/2vWn8Ho
Malware Analysis - ElmersGlue ransomware can be unlocked without paying
http://ift.tt/2tUF8lF
Submitted August 11, 2017 at 06:30PM by majorllama
via reddit http://ift.tt/2uMOxHA
http://ift.tt/2tUF8lF
Submitted August 11, 2017 at 06:30PM by majorllama
via reddit http://ift.tt/2uMOxHA
Ringzerolabs
ElmersGlue_3.exe
Malware Analysis - ElmersGlue ransomware
When a web application SSRF causes the cloud to rain credentials & more
http://ift.tt/2hJQDXB
Submitted August 11, 2017 at 06:28PM by digicat
via reddit http://ift.tt/2uv7B1D
http://ift.tt/2hJQDXB
Submitted August 11, 2017 at 06:28PM by digicat
via reddit http://ift.tt/2uv7B1D
Negative Result: Reading Kernel Memory From User Mode
http://ift.tt/2w8jx5W
Submitted August 11, 2017 at 07:49PM by This_Is_The_End
via reddit http://ift.tt/2vWJQ2a
http://ift.tt/2w8jx5W
Submitted August 11, 2017 at 07:49PM by This_Is_The_End
via reddit http://ift.tt/2vWJQ2a
cyber.wtf
Negative Result: Reading Kernel Memory From User Mode
I were going to write an introduction about how important negative results can be. I didn’t. I assume you can figure out for yourself why that is and if not you got all the more reason to read this…
Week of Evading Microsoft ATA - Day 5 - Attacking ATA, Closing thoughts and Microsoft's response
http://ift.tt/2uNFiqw
Submitted August 11, 2017 at 09:33PM by SamratAsh0k
via reddit http://ift.tt/2vM0IZv
http://ift.tt/2uNFiqw
Submitted August 11, 2017 at 09:33PM by SamratAsh0k
via reddit http://ift.tt/2vM0IZv
Labofapenetrationtester
Week of Evading Microsoft ATA - Day 5 - Attacking ATA, Closing thoughts and Microsoft's response
Home of Nikhil SamratAshok Mittal. Posts about Pen Testing.
How to backdoor Atom with malicious plugins
http://ift.tt/2vt4B39
Submitted August 11, 2017 at 07:28PM by marcoslaviero
via reddit http://ift.tt/2vqg5WM
http://ift.tt/2vt4B39
Submitted August 11, 2017 at 07:28PM by marcoslaviero
via reddit http://ift.tt/2vqg5WM
Thinkst
All your devs are belong to us: how to backdoor the Atom editor
This is the first post in a series highlighting bits from our recent BlackHat USA 2017 talk. An index of all the posts in the series is h...
Getting updates when CVE's are added or removed from Docker images
http://ift.tt/2wQbhrG
Submitted August 12, 2017 at 12:40AM by Kailuaboys
via reddit http://ift.tt/2wQms3u
http://ift.tt/2wQbhrG
Submitted August 12, 2017 at 12:40AM by Kailuaboys
via reddit http://ift.tt/2wQms3u
Anchore
The Case of the Missing Vulnerability
SQL Injection CTF with a difference
http://ift.tt/2fAHP5G
Submitted August 12, 2017 at 05:47PM by netsecwarrior
via reddit http://ift.tt/2wRStYZ
http://ift.tt/2fAHP5G
Submitted August 12, 2017 at 05:47PM by netsecwarrior
via reddit http://ift.tt/2wRStYZ
Reverse Engineering Malware - Edition 2
http://ift.tt/2uPIAcO
Submitted August 13, 2017 at 04:42AM by huntoperator
via reddit http://ift.tt/2fBshOU
http://ift.tt/2uPIAcO
Submitted August 13, 2017 at 04:42AM by huntoperator
via reddit http://ift.tt/2fBshOU
reddit
Reverse Engineering Malware - Edition 2 • r/netsec
2 points and 0 comments so far on reddit
Malware Analysis - Phishing Site Leads To Unusual AES Encrypted Design
http://ift.tt/2vRRJWX
Submitted August 13, 2017 at 08:13PM by majorllama
via reddit http://ift.tt/2wUMLFH
http://ift.tt/2vRRJWX
Submitted August 13, 2017 at 08:13PM by majorllama
via reddit http://ift.tt/2wUMLFH
Ringzerolabs
AES Encrypted Phishing Site
Malware Analysis - AES Encrypted Phishing Site
Reverse Engineering Malware 101
http://ift.tt/2npzRvO
Submitted August 13, 2017 at 09:53PM by huntoperator
via reddit http://ift.tt/2w12aYC
http://ift.tt/2npzRvO
Submitted August 13, 2017 at 09:53PM by huntoperator
via reddit http://ift.tt/2w12aYC
Interesting article on the dnc "hack"
http://ift.tt/2hIWSdY
Submitted August 14, 2017 at 01:08AM by pokesomi
via reddit http://ift.tt/2w3Sdsz
http://ift.tt/2hIWSdY
Submitted August 14, 2017 at 01:08AM by pokesomi
via reddit http://ift.tt/2w3Sdsz
The Nation
A New Report Raises Big Questions About Last Year’s DNC Hack
Former NSA experts say it wasn’t a hack at all, but a leak—an inside job by someone with access to the DNC’s system.
Bypassing Device guard UMCI in Windows 10 using CHM - CVE-2017-8625
http://ift.tt/2hXjKqs
Submitted August 14, 2017 at 03:12AM by oddvarmoe
via reddit http://ift.tt/2wVa2Yd
http://ift.tt/2hXjKqs
Submitted August 14, 2017 at 03:12AM by oddvarmoe
via reddit http://ift.tt/2wVa2Yd
MSitPros Blog
Bypassing Device guard UMCI using CHM – CVE-2017-8625
TL;DR You could/can bypass Device Guard user mode code integrity with a custom CHM and execute code. The last 6 months I have done some security research on my (little) spare time, because I…
Powershell noscript to forward local or remote tcp ports through smb pipes
http://ift.tt/2v4BXFh
Submitted August 14, 2017 at 08:39AM by p3nt4
via reddit http://ift.tt/2uF8Xmy
http://ift.tt/2v4BXFh
Submitted August 14, 2017 at 08:39AM by p3nt4
via reddit http://ift.tt/2uF8Xmy
GitHub
p3nt4/Piper
Piper - Creates a local or remote port forwarding through named pipes.
Breaking Instacart
http://ift.tt/2wWtDXT
Submitted August 14, 2017 at 12:32PM by lazykid07
via reddit http://ift.tt/2uB6nC2
http://ift.tt/2wWtDXT
Submitted August 14, 2017 at 12:32PM by lazykid07
via reddit http://ift.tt/2uB6nC2
what I'm breaking...
Breaking Instacart
Instacart is an American company that operates as a same-day grocery delivery service. Customers select groceries through a web application from various retailers and delivered by a personal shoppe…
The plugin dumps the array of functions pointers SrvTransaction2DispatchTable from the srv.sys driver and checks that all of them points to the binary address space.
http://ift.tt/2vBb3oN
Submitted August 14, 2017 at 06:17PM by bmerino
via reddit http://ift.tt/2wJkdj5
http://ift.tt/2vBb3oN
Submitted August 14, 2017 at 06:17PM by bmerino
via reddit http://ift.tt/2wJkdj5
Shelliscoming
DoublePulsar SMB implant detection from Volatility
In the last months there have been various groups of attackers as well as noscript kiddies that have been using the FuzzBunch Framework to co...