Netsec – Telegram
Netsec
@RNetsec
7.41K subscribers
22.4K links
This channel posts the feed from r/netsec.
For any suggestions dm @streaak
Donate to keep the bot running https://www.paypal.me/akhilgv
Download Telegram
About
Blog
Apps
Platform
Join
Netsec
7.41K subscribers
Netsec
Bypassing CloudFlare using Internet-wide scan data
http://ift.tt/2DrZB5a

Submitted January 18, 2018 at 09:18PM by thorn42
via reddit http://ift.tt/2Bd5sWM
Christophe Tafani-Dereeper
CloudFlair: Bypassing CloudFlare using Internet-wide scan data - Christophe Tafani-Dereeper
CloudFlare is a service that acts as a middleman between a website and its end users, protecting it from various attacks. Unfortunately, those websites are often poorly configured, allowing an attacker to entirely bypass Cloudflare and run DDoS attacks or…
113 views
Netsec
CubeCart Admin Authentication Bypass
http://ift.tt/2FKWX95

Submitted January 18, 2018 at 11:41PM by zit-hb
via reddit http://ift.tt/2mLAe3U
reddit
CubeCart Admin Authentication Bypass • r/netsec
4 points and 0 comments so far on reddit
102 views
Netsec
US ‘hacking back’ law could create a cyber wild west of vigilantism
http://ift.tt/2DNru5i

Submitted January 19, 2018 at 12:14AM by DEAF-LAMONT
via reddit http://ift.tt/2mT1A93
Idgconnect
US ‘hacking back’ law could create a cyber wild west of vigilantism | IDG Connect
Security experts give their views on the Active Cyber Defense Certainty Act.
105 views
Netsec
Windows 10's "Controlled Folder Access" Anti-Ransomware Feature Is Now Live
http://ift.tt/2xZDDQt

Submitted January 19, 2018 at 01:56AM by speckz
via reddit http://ift.tt/2mUvE4t
BleepingComputer
Windows 10's "Controlled Folder Access" Anti-Ransomware Feature Is Now Live
With the release of Windows 10 Fall Creators Update last week, the "Controlled Folder Access" that Microsoft touted in June is now live for millions of users.
101 views
Netsec
Is it possible to hack NFL headset comms?
With the super bowl coming up I wonder how difficult it would be for one team to listen in on the communication on the other team’s wireless headsets.They always cover their mouth now to protect against lip readers. So perhaps teams are trying other methods.

Submitted January 19, 2018 at 02:35AM by laserpistols
via reddit http://ift.tt/2mOhRLH
reddit
Is it possible to hack NFL headset comms? • r/security
With the super bowl coming up I wonder how difficult it would be for one team to listen in on the communication on the other team’s wireless...
107 views
Netsec
Linux heap exploitation intro series - (bonus) printf might be leaking!
http://ift.tt/2mT7uqZ

Submitted January 19, 2018 at 02:23AM by symeon
via reddit http://ift.tt/2DjPs7d
Sensepost
SensePost | Linux heap exploitation intro series – (bonus) printf might be leaking!
Leaders in Information Security
131 views
Netsec
A Review of the 'Hands on Hacking' workshop by Hacker House
http://ift.tt/2EV4jW5

Submitted January 19, 2018 at 02:07AM by mathmare
via reddit http://ift.tt/2FS1uXj
gaussian.horse
Alexander Ahmann::Hacker House: A Very Short Introduction to Hacking*
On the 12th of December, I attended a four day workshop called Hands on Hacking that was being offered by one of Britain’s top information security companies...
134 views
Netsec
Are Skyfall and Solace vulnerabilities a hoax?
http://ift.tt/2mOnUQw

Submitted January 19, 2018 at 04:06PM by jormaggio
via reddit http://ift.tt/2Ds7oAL
reddit
Are Skyfall and Solace vulnerabilities a hoax? • r/security
1 points and 1 comments so far on reddit
120 views
Netsec
Practical advice to minimise risk after Meltdown/Spectre
http://ift.tt/2FURDAb

Submitted January 19, 2018 at 07:02PM by LiamBigDataDonoghue
via reddit http://ift.tt/2BeGE0w
IT Recruitment Agency
Practical advice to minimise risk after Meltdown/Spectre - IT Recruitment Agency
Meltdown and Spectre are hardware bugs that allow malicious programs to steal data from the memory of other programs, putting a wide variety of sensitive information at risk.
125 views
Netsec
Nessus Scan Data Visualization in Maltego
http://ift.tt/2rneZLm

Submitted January 19, 2018 at 06:54PM by securifera
via reddit http://ift.tt/2mV8qek
Securifera
Nessus => Maltego – Securifera
Overview
Visualizing, organizing, and processing information on large networks can be a difficult task. Often I find myself being given incomplete data or large amounts of scan results that can take forever to analyze. Recently I was handed a large collection…
115 views
Netsec
Research on Misconfigured Jenkins Servers - emtunc's Blog
http://ift.tt/2EXA5BM

Submitted January 19, 2018 at 07:41PM by emtunc
via reddit http://ift.tt/2DwWdWE
emtunc's Blog
My Research on Misconfigured Jenkins Servers - emtunc's Blog
Late last year I decided to see how many misconfigured CI/CD (continuous integration and deployment) installations I could find on the internet. I decided to focus my research on one of the most popular CI/CD applications – Jenkins. This article isn’t an…
122 views
Netsec
Automating VMware RPC Request Sniffing: ZDI researcher details how he wrote a noscript to sniff RPC requests from VMware guest-to-host communications – a capability beneficial in writing VMware RPC exploits.
http://ift.tt/2rp5mfc

Submitted January 19, 2018 at 08:41PM by RedmondSecGnome
via reddit http://ift.tt/2FRKq3z
Zero Day Initiative
Automating VMware RPC Request Sniffing
Last year, my colleagues and I spoke about different VMware topics at various conferences. One of the topics we covered was RPC tooling, as we detailed writing tools to interact with the RPC interface. We also briefly discussed how to sniff the RPC requests…
118 views
Netsec
Secure Contexts Everywhere
http://ift.tt/2FDrGVr

Submitted January 19, 2018 at 08:28PM by speckz
via reddit http://ift.tt/2mPWGco
Mozilla Security Blog
Secure Contexts Everywhere
Since Let’s Encrypt launched, the Secure Contexts specification has become much more mature. We have witnessed the successful restriction of existing, as well as new ...
108 views
Netsec
On the physical security side, do real security cameras ever have blinking lights?
I've noticed a fair number of fake security cameras and they seem like they could be somewhat effective (better than nothing anyway), but the blinking lights bother me. Isn't that a dead giveaway that they're fake?

Submitted January 19, 2018 at 07:54PM by suddenly_ponies
via reddit http://ift.tt/2Ds12Sd
reddit
On the physical security side, do real security... • r/security
I've noticed a fair number of fake security cameras and they seem like they could be somewhat effective (better than nothing anyway), but the...
112 views
Netsec
Security In 5: Episode 156 - Tools, Tips and Tricks - Exploit Database
http://ift.tt/2DoNV3P

Submitted January 19, 2018 at 07:31PM by BinaryBlog
via reddit http://ift.tt/2mQjHfg
Libsyn
Security In Five Podcast: Episode 156 - Tools, Tips and Tricks - Exploit Database
Everyday we hear about a new vulnerability, a new flaw, a series of critical patches we need to apply. How do we keep it all straight? The Exploit Database is how. This episode goes into what the Exploit Database is and why you should have it in your bookmarks…
128 views
Netsec
How Slack Stays Secure During Hyper Growth
http://ift.tt/2EWjONK

Submitted January 20, 2018 at 12:11AM by MaliaPowers
via reddit http://ift.tt/2DQCtLy
Heavybit
The Secure Developer %%sep%% %%noscript%% %%sep%% %%sitename%%
In the latest episode of The Secure Developer, Guy is joined by Geoff Belknap, Chief Security Officer at Slack. Geoff discusses what drew him into security and reveals why it's critical for security teams to be recognized as a full-fledged member of engineering.…
138 views
Netsec
DarkComet upload vulnerability
http://ift.tt/2DxNl3n

Submitted January 20, 2018 at 01:44AM by JustThisNietzscheGuy
via reddit http://ift.tt/2EVwjcd
pseudolaboratories.github.io
DarkComet upload vulnerability
This post will introduce a file upload vulnerability in DarkComet’s C&C server. While a flaw that allows an attacker to download files has already been known for many years there is no mention of this very similar vulnerability.
A quick disclaimer before…
171 views
Netsec
Security Orchestration for Endpoint Security: Use Cases
http://ift.tt/2DmxkcT

Submitted January 20, 2018 at 04:15AM by abhishekiyer
via reddit http://ift.tt/2DS6U3Y
Demisto
Security Orchestration for Endpoint Security: Carbon Black and Demisto
Learn how to leverage Demisto’s security orchestration with Carbon Black products to coordinate endpoint security, control, and response from one console.
146 views
Netsec
OnePlus got pwned, exposed up to 40,000 users to credit card fraud | A malicious noscript injected into OnePlus' payment page went undiscovered for two months.
http://ift.tt/2mTdFeI

Submitted January 20, 2018 at 11:56AM by RandomCollection
via reddit http://ift.tt/2mROqIG
Ars Technica
OnePlus got pwned, exposed up to 40,000 users to credit card fraud
A malicious noscript injected into OnePlus' payment page went undiscovered for two months.
250 views
Netsec
British teen gained access to US intelligence operations by pretending to be CIA head
http://ift.tt/2EZyNXf

Submitted January 20, 2018 at 03:54PM by Bastet1
via reddit http://ift.tt/2Bg0RTW
Express.co.uk
British teen gained access to US intelligence operations by pretending to be CIA head
A BRITISH teenager is to be sentenced at the Old Bailey after he gained access to plans for intelligence operations in Afghanistan and Iran by pretending to be the head of the CIA, it has been reported.
149 views
Netsec
OnePlus website hacked - Credit Card Information of 40000 customers leaked
http://ift.tt/2G0kAKP

Submitted January 20, 2018 at 05:29PM by chieffrank
via reddit http://ift.tt/2DtQnq9
IB Computing
OnePlus website hacked - Credit Card Information of 40000 customers leaked - IB Computing
OnePlus website hacked! Mobile manufacturer company OnePlus has confirmed in a forum post that it's been a prey to a Credit Card Hack. The hackers were able to inject some malicious JavaScript code into the website's payment page to extract the credit card…
147 views