Ever fantasized about playing with docker misconfigurations, privilege escalation, etc. within a container? Download this VM, pull out your pentest hats and get started 🙂 We have 2 Modes: HARD: This would require you to combine your docker skills as well…

Last week I was contacted by someone alerting me to the presence of a spam list. A big one. That's a bit of a relative term though because whilst I've loaded "big" spam lists into Have I been pwned (HIBP) before, the largest to date has been a

tl;dr: this is not an audit nor an endorsement and I take no responsibility, but I had a quick look at the crypto and I think I'm going to use restic for my personal backups. I keep hearing good things about restic. I am redoing my storage solution, and

2 points and 0 comments so far on reddit

2 points and 1 comments so far on reddit

Enjoy the videos and music you love, upload original content, and share it all with friends, family, and the world on YouTube.

Earlier this month (August 2017) Troy Hunt founder of the website Have I been pwned? [0] released over 319 million plaintext passwords [1...

Presentations from BSides Manchester 2017 - 17/08/2017

Malware Analysis - Fsociety crypto miner to mine bitcoins.

Use this Password Security Compliance Checklist as a tool to strengthen your existing password policy and ensure compliance.

Learn ROP

We found a stack buffer overflow vulnerability which can cause crash in the DNS-proxy feature of ConnMan. In some cases, this vulnerability can cause arbitrary code execution as exec user privilege of ConnMan. We have confirmed the reproducibility of this…

Critical pacemaker vulnerability allows hackers to hack into Abbott's pacemakers using RF waves and fully take control over the running device.

Somewhat incredibly I am the first tech writer on the planet to break this story, but even more incredibly the FCC lets you upload any file…

 Introduction When evidence of the problems described in this report were first noticed, it almost seemed hard to believe. However, for those familiar with the technical history of Arris and their careless lingering of hardcoded accounts on their products…

Exploiting CVE-2016-10277 for untethered jailbreak on Moto devices (and more!)

A major threat  on the web, since it would have already hacked nearly 711 million of email addresses and probably infected at least a hund...

Instagram has revealed that it has suffered from serious data breach and the hacker has gained access to the contact information of the verified users