Intel Engine Firmware Analysis Tool (Sources + Discussion)
https://ift.tt/2bHr9nD
Submitted May 27, 2018 at 03:40PM by Scene_News
via reddit https://ift.tt/2INahil
https://ift.tt/2bHr9nD
Submitted May 27, 2018 at 03:40PM by Scene_News
via reddit https://ift.tt/2INahil
GitHub
platomav/MEAnalyzer
MEAnalyzer - Intel Engine Firmware Analysis Tool
SEVered: Subverting AMD’s Virtual Machine Encryption
https://ift.tt/2sb4EQG
Submitted May 27, 2018 at 10:34PM by majorllama
via reddit https://ift.tt/2xi9aSo
https://ift.tt/2sb4EQG
Submitted May 27, 2018 at 10:34PM by majorllama
via reddit https://ift.tt/2xi9aSo
A Quick Analysis of Malicious NSIS installers used to Disperse Malware
https://ift.tt/2se93SV
Submitted May 27, 2018 at 10:05PM by TechLord2
via reddit https://ift.tt/2si8GpO
https://ift.tt/2se93SV
Submitted May 27, 2018 at 10:05PM by TechLord2
via reddit https://ift.tt/2si8GpO
SANS Internet Storm Center
InfoSec Handlers Diary Blog - Internet Storm Center Diary 2018-05-27
Internet Storm Center Diary 2018-05-27, Author: Guy Bruneau
Banking malware employs a new technique to bypass dedicated browser protection measures
https://ift.tt/2sdneqq
Submitted May 27, 2018 at 09:43PM by Scene_News
via reddit https://ift.tt/2LA6KBz
https://ift.tt/2sdneqq
Submitted May 27, 2018 at 09:43PM by Scene_News
via reddit https://ift.tt/2LA6KBz
WeLiveSecurity
Banking malware using inventive methods to attack Polish banks
ESET researchers have discovered a piece of banking malware using a new technique to bypass dedicated browser protection measures that was used to empty accounts in Polish banks.
NetBSD network stack audit results
https://ift.tt/2GYa0TM
Submitted May 28, 2018 at 03:30PM by apancetta
via reddit https://ift.tt/2sevw2k
https://ift.tt/2GYa0TM
Submitted May 28, 2018 at 03:30PM by apancetta
via reddit https://ift.tt/2sevw2k
New VPNFilter malware targets at least 500K networking devices worldwide
https://ift.tt/2scqK4H
Submitted May 28, 2018 at 02:07PM by nachoparker
via reddit https://ift.tt/2IORVxf
https://ift.tt/2scqK4H
Submitted May 28, 2018 at 02:07PM by nachoparker
via reddit https://ift.tt/2IORVxf
Talosintelligence
VPNFilter
A blog from the world class Intelligence Group, Talos, Cisco's Intelligence Group
Isolated Networks in the Cloud
https://ift.tt/2GXbrSH
Submitted May 28, 2018 at 06:55PM by Occams_Trimmer
via reddit https://ift.tt/2sdPPNo
https://ift.tt/2GXbrSH
Submitted May 28, 2018 at 06:55PM by Occams_Trimmer
via reddit https://ift.tt/2sdPPNo
Medium
Isolated Networks in the Cloud
After a recent roadmapping session, it seemed like a good idea to research network isolation in cloud environments. We chose to test AWS…
IBM QRadar unauthenticated remote code execution (writeup + exploit)
https://ift.tt/2seGW5g
Submitted May 28, 2018 at 06:53PM by jose_boneh
via reddit https://ift.tt/2ITC3pc
https://ift.tt/2seGW5g
Submitted May 28, 2018 at 06:53PM by jose_boneh
via reddit https://ift.tt/2ITC3pc
Open Source Vulnerability Assessment and Management Tool for Developers and Pentesters [Updated 28 May] (See Comment)
https://ift.tt/2ukKY03
Submitted May 28, 2018 at 10:25PM by TechLord2
via reddit https://ift.tt/2kuvGy4
https://ift.tt/2ukKY03
Submitted May 28, 2018 at 10:25PM by TechLord2
via reddit https://ift.tt/2kuvGy4
GitHub
archerysec/archerysec
Open Source Vulnerability Assessment and Management helps developers and pentesters to perform scans and manage vulnerabilities. - archerysec/archerysec
Archery - Open Source Vulnerability Assessment and Management Tool for Developers and Pentesters [Updated 28 May]
https://ift.tt/2ukKY03
Submitted May 28, 2018 at 11:07PM by PeterG45
via reddit https://ift.tt/2L3J1Zo
https://ift.tt/2ukKY03
Submitted May 28, 2018 at 11:07PM by PeterG45
via reddit https://ift.tt/2L3J1Zo
GitHub
archerysec/archerysec
Open Source Vulnerability Assessment and Management helps developers and pentesters to perform scans and manage vulnerabilities. - archerysec/archerysec
Using the Linux Audit System to detect badness
https://ift.tt/2KQRSh9
Submitted May 29, 2018 at 12:07AM by digicat
via reddit https://ift.tt/2skzNR0
https://ift.tt/2KQRSh9
Submitted May 29, 2018 at 12:07AM by digicat
via reddit https://ift.tt/2skzNR0
Thinkst
Using the Linux Audit System to detect badness
Security vendors have a mediocre track record in keeping their own applications and infrastructure safe. As a security product company, we...
reCAPTCHA bypass via HTTP Parameter Pollution
https://ift.tt/2sizVjX
Submitted May 29, 2018 at 02:17AM by albinowax
via reddit https://ift.tt/2JfosvZ
https://ift.tt/2sizVjX
Submitted May 29, 2018 at 02:17AM by albinowax
via reddit https://ift.tt/2JfosvZ
reddit
r/netsec - reCAPTCHA bypass via HTTP Parameter Pollution
3 votes and 0 so far on reddit
LevelUp 0x02 - Bug Bounty Hunter conference, full video
On May 26th, Bugcrowd hosted a live conference via Twitch. All of the presentations have been uploaded to YouTube: https://www.youtube.com/playlist?list=PLIK9nm3mu-S6gCKmlC5CDFhWvbEX9fNW6
Submitted May 29, 2018 at 11:36AM by QforQ
via reddit https://ift.tt/2L2R2hh
On May 26th, Bugcrowd hosted a live conference via Twitch. All of the presentations have been uploaded to YouTube: https://www.youtube.com/playlist?list=PLIK9nm3mu-S6gCKmlC5CDFhWvbEX9fNW6
Submitted May 29, 2018 at 11:36AM by QforQ
via reddit https://ift.tt/2L2R2hh
YouTube
LevelUp 0x02 2018
On May 26th 2018, Bugcrowd held the LevelUp 0x02 conference! Watch this playlist for all of the videos from the conference.
Data Exfiltration via Formula Injection #Part1
https://ift.tt/2LExbGt
Submitted May 29, 2018 at 09:08PM by TechLord2
via reddit https://ift.tt/2xnL34T
https://ift.tt/2LExbGt
Submitted May 29, 2018 at 09:08PM by TechLord2
via reddit https://ift.tt/2xnL34T
NotSoSecure
Data Exfiltration via Formula Injection #Part1
We have been investigating methods to find and document ways to extract data from spreadsheets using out of band methods. This blog focuses on Google Sheets & LibreOffice on Linux. Using built-in functions & formula we were able to extract data from within…
ZenMate VPN Browser Extension Deanonymization & Hijacking Vulnerability (3.5 Million Affected Users)
https://ift.tt/2J9xZVx
Submitted May 30, 2018 at 12:50AM by mandatoryprogrammer
via reddit https://ift.tt/2LH2lgd
https://ift.tt/2J9xZVx
Submitted May 30, 2018 at 12:50AM by mandatoryprogrammer
via reddit https://ift.tt/2LH2lgd
Thehackerblog
ZenMate VPN Browser Extension Hijacking Vulnerability for Chrome & Firefox (3.5 Million Affected Users) | The Hacker Blog
ZenMate, a VPN provider with over 43 million users, offers multiple browser extensions to use their VPN with. As of the time of this writing the browser
CVE-2018-4910: Analyzing an RCE in Adobe Acrobat and the patch that almost fixed it.
https://ift.tt/2sreSvM
Submitted May 30, 2018 at 04:00AM by RedmondSecGnome
via reddit https://ift.tt/2GYSdvL
https://ift.tt/2sreSvM
Submitted May 30, 2018 at 04:00AM by RedmondSecGnome
via reddit https://ift.tt/2GYSdvL
Blue Note: How Intentional Acoustic Interference Damages Availability and Integrity in Hard Disk Drives and Operating Systems
https://ift.tt/2IY36zL
Submitted May 30, 2018 at 06:55AM by Syonyk
via reddit https://ift.tt/2IXP8Oo
https://ift.tt/2IY36zL
Submitted May 30, 2018 at 06:55AM by Syonyk
via reddit https://ift.tt/2IXP8Oo
CVE 2018-11235 - Announcing the May 2018 Git security vulnerability
https://ift.tt/2IVzqHw
Submitted May 30, 2018 at 06:24AM by xtreak
via reddit https://ift.tt/2spmv5x
https://ift.tt/2IVzqHw
Submitted May 30, 2018 at 06:24AM by xtreak
via reddit https://ift.tt/2spmv5x
reddit
r/netsec - CVE 2018-11235 - Announcing the May 2018 Git security vulnerability
1 votes and 0 so far on reddit
CVE-2018-11235 : Security vulnerability in Git
https://ift.tt/2H3pKVM
Submitted May 30, 2018 at 02:36PM by xtreak
via reddit https://ift.tt/2kyXrWn
https://ift.tt/2H3pKVM
Submitted May 30, 2018 at 02:36PM by xtreak
via reddit https://ift.tt/2kyXrWn
Post-Spectre Threat Model Re-Think (Chromium)
https://ift.tt/2ky7LxS
Submitted May 30, 2018 at 02:24PM by albinowax
via reddit https://ift.tt/2siVYYH
https://ift.tt/2ky7LxS
Submitted May 30, 2018 at 02:24PM by albinowax
via reddit https://ift.tt/2siVYYH
0patching Foxit Reader Buffer... Oops... Integer Overflow (CVE-2017-17557)
https://ift.tt/2IXl5dV
Submitted May 30, 2018 at 06:02PM by dielel
via reddit https://ift.tt/2H4fTPk
https://ift.tt/2IXl5dV
Submitted May 30, 2018 at 06:02PM by dielel
via reddit https://ift.tt/2H4fTPk
0Patch
0patching Foxit Reader Buffer... Oops... Integer Overflow (CVE-2017-17557)
by Luka Treiber, 0patch Team In April, Steven Seeley of Source Incite published a report of a vulnerability in Foxit Reader and P...