Quest DR Series Disk Backup Multiple Vulnerabilities (including unauthenticated RCE)
https://ift.tt/2H8rm0w
Submitted June 01, 2018 at 05:58PM by maximilianov
via reddit https://ift.tt/2sjXbPp
https://ift.tt/2H8rm0w
Submitted June 01, 2018 at 05:58PM by maximilianov
via reddit https://ift.tt/2sjXbPp
Core Security
Quest DR Series Disk Backup Multiple Vulnerabilities
1. Advisory InformationTitle: Quest DR Series Disk Backup Multiple VulnerabilitiesAdvisory ID: CORE-2018-0002Advisory URL: http://www.coresecurity.com/advisories/quest-dr-series-disk-backup-multiple-vulnerabilitiesDate published: 2018-05-31Date of last update:…
Quest KACE System Management Appliance Multiple Vulnerabilities (including unauthenticated RCE)
https://ift.tt/2Jk2GaC
Submitted June 01, 2018 at 05:57PM by maximilianov
via reddit https://ift.tt/2sxi2y5
https://ift.tt/2Jk2GaC
Submitted June 01, 2018 at 05:57PM by maximilianov
via reddit https://ift.tt/2sxi2y5
Core Security
Quest KACE System Management Appliance Multiple Vulnerabilities
1. Advisory InformationTitle: Quest KACE System Management Appliance Multiple VulnerabilitiesAdvisory ID: CORE-2018-0004Advisory URL: http://www.coresecurity.com/advisories/quest-kace-system-management-appliance-multiple-vulnerabilitiesDate published: 2018…
Quest DR Series Disk Backup Multiple Vulnerabilities
https://ift.tt/2H8rm0w
Submitted June 01, 2018 at 08:51PM by maximilianov
via reddit https://ift.tt/2HbXhx1
https://ift.tt/2H8rm0w
Submitted June 01, 2018 at 08:51PM by maximilianov
via reddit https://ift.tt/2HbXhx1
Core Security
Quest DR Series Disk Backup Multiple Vulnerabilities
1. Advisory InformationTitle: Quest DR Series Disk Backup Multiple VulnerabilitiesAdvisory ID: CORE-2018-0002Advisory URL: http://www.coresecurity.com/advisories/quest-dr-series-disk-backup-multiple-vulnerabilitiesDate published: 2018-05-31Date of last update:…
PowerShell: In-Memory Injection Using CertUtil.exe
https://ift.tt/2Ha7EBF
Submitted June 01, 2018 at 09:42PM by coalfirelabs
via reddit https://ift.tt/2JbPVv6
https://ift.tt/2Ha7EBF
Submitted June 01, 2018 at 09:42PM by coalfirelabs
via reddit https://ift.tt/2JbPVv6
Coalfire.com
Post
Coalfire Labs blog posts with opinions, findings and research from the technical testing of IT perspective.
Find Web Directories Using Websploit
https://ift.tt/2J7a0mu
Submitted June 01, 2018 at 10:50PM by vortex1000
via reddit https://ift.tt/2LfStcp
https://ift.tt/2J7a0mu
Submitted June 01, 2018 at 10:50PM by vortex1000
via reddit https://ift.tt/2LfStcp
Hack My Device
How To Scan Web Directories Using Websploit Directory Scanner
A “Remote” Vulnerability
https://ift.tt/2LcZyug
Submitted June 02, 2018 at 02:35AM by Kefused
via reddit https://ift.tt/2JmITHh
https://ift.tt/2LcZyug
Submitted June 02, 2018 at 02:35AM by Kefused
via reddit https://ift.tt/2JmITHh
Otseca - Security Auditing Tool to Search and Dump System Configuration and Generate Reports (Sources and Wiki)
https://ift.tt/2LQS2X9
Submitted June 02, 2018 at 03:45PM by RookieJoey
via reddit https://ift.tt/2Lf1H8F
https://ift.tt/2LQS2X9
Submitted June 02, 2018 at 03:45PM by RookieJoey
via reddit https://ift.tt/2Lf1H8F
GitHub
trimstray/otseca
Open source security auditing tool to search and dump system configuration. It allows you to generate reports in HTML or RAW-HTML formats. - trimstray/otseca
Top 10 Wireless Hacking Tools
https://ift.tt/2xB5jA7
Submitted June 02, 2018 at 04:53PM by vortex1000
via reddit https://ift.tt/2J5aA8v
https://ift.tt/2xB5jA7
Submitted June 02, 2018 at 04:53PM by vortex1000
via reddit https://ift.tt/2J5aA8v
Hack My Device
Top 10 Wireless Hacking Tools
Misusing debugfs for In-Memory RCE
https://ift.tt/2LPG4gi
Submitted June 02, 2018 at 09:09PM by ImZugzwang
via reddit https://ift.tt/2Hg3Xdt
https://ift.tt/2LPG4gi
Submitted June 02, 2018 at 09:09PM by ImZugzwang
via reddit https://ift.tt/2Hg3Xdt
Nick Bulischeck
Misusing debugfs for In-Memory RCE
An explanation of how debugfs and nf hooks can be used to remotely execute code.
Iron Group's Malware using HackingTeam’s Leaked RCS source code with VMProtected Installer - Technical Analysis
https://ift.tt/2sw7U8A
Submitted June 02, 2018 at 10:22PM by RookieJoey
via reddit https://ift.tt/2xCiYGX
https://ift.tt/2sw7U8A
Submitted June 02, 2018 at 10:22PM by RookieJoey
via reddit https://ift.tt/2xCiYGX
Intezer
Iron Cybercrime Group Under The Scope - Intezer
In April 2018, while monitoring public data feeds, we noticed an interesting and previously unknown backdoor using HackingTeam’s leaked RCS source code. We discovered that this backdoor was developed by the Iron cybercrime group, the same group behind the…
Unimania: I need your Facebook data, location, and your browsing history
https://ift.tt/2J45F7A
Submitted June 02, 2018 at 10:54PM by sacrednumber_108
via reddit https://ift.tt/2sqaePe
https://ift.tt/2J45F7A
Submitted June 02, 2018 at 10:54PM by sacrednumber_108
via reddit https://ift.tt/2sqaePe
AdGuard Blog
Unimania: I Need Your Facebook Data, Location, And Your Browsing History
Privacy protection is basically what we do, so I never get tired of stories about how unpredictable the ways of getting Facebook user data are. Cambridge Analytica might be dead, but the business of stealing users’ data lives on, and this article demonstrates…
Microsoft has an open-source OpenVPN fork which combines post-quantum cryptography
https://ift.tt/2xADdF8
Submitted June 02, 2018 at 11:42PM by jews4beer
via reddit https://ift.tt/2sEPYsG
https://ift.tt/2xADdF8
Submitted June 02, 2018 at 11:42PM by jews4beer
via reddit https://ift.tt/2sEPYsG
GitHub
Microsoft/PQCrypto-VPN
PQCrypto-VPN - Post-quantum Cryptography VPN
A quick look at Windows API obfuscation via hashing
https://ift.tt/2ss4Efd
Submitted June 03, 2018 at 01:49AM by LloydLabs
via reddit https://ift.tt/2HdHAW8
https://ift.tt/2ss4Efd
Submitted June 03, 2018 at 01:49AM by LloydLabs
via reddit https://ift.tt/2HdHAW8
GitHub
LloydLabs/Windows-API-Hashing
Windows-API-Hashing - This is a simple example and explanation of obfuscating API resolution via hashing
CHIPSEC: Platform Security Assessment Framework [Updated May 2018] - for Analyzing PC Platforms including Hardware, System Firmware (BIOS/UEFI), and Platform Components (Full Sources, Manual and Write-Up)
https://ift.tt/1ebqWER
Submitted June 03, 2018 at 03:51PM by Scene_News
via reddit https://ift.tt/2J5aeOU
https://ift.tt/1ebqWER
Submitted June 03, 2018 at 03:51PM by Scene_News
via reddit https://ift.tt/2J5aeOU
GitHub
chipsec/chipsec
chipsec - Platform Security Assessment Framework
git RCE - CVE-2018-11235 write-up. Discovery, stumbling, exploitation and disclosure
https://ift.tt/2srzDIf
Submitted June 04, 2018 at 12:30AM by bluedoehunter
via reddit https://ift.tt/2JmhDZA
https://ift.tt/2srzDIf
Submitted June 04, 2018 at 12:30AM by bluedoehunter
via reddit https://ift.tt/2JmhDZA
Windows reuse shellcode based on socket's lifetime
https://ift.tt/2kLRZzJ
Submitted June 04, 2018 at 04:00AM by bmerino
via reddit https://ift.tt/2xKUWdc
https://ift.tt/2kLRZzJ
Submitted June 04, 2018 at 04:00AM by bmerino
via reddit https://ift.tt/2xKUWdc
Shelliscoming
Windows reuse shellcode based on socket's lifetime
I've always been a big fan of the old sockets reuse techniques : findtag , findport , etc.; each with its advantages and disadvantages. Thi...
Securing the Spectrum: An Intensive Wireless Security Video Course
https://ift.tt/2Jb2aYX
Submitted June 04, 2018 at 03:17AM by i_rsX
via reddit https://ift.tt/2LSmgca
https://ift.tt/2Jb2aYX
Submitted June 04, 2018 at 03:17AM by i_rsX
via reddit https://ift.tt/2LSmgca
rootsh3ll
Securing the Spectrum: An Intensive Wireless Security Course for Red and Blue Teams - rootsh3ll
Introduction Today I’m proud to announce a first-of-its-kind Wi-Fi security course – beta. Spanning 12 intensive weeks, this course goes well beyond what’s possible in traditional trainings and will transform you into a wireless security professional. Goal…
Watchdog - A Comprehensive Security Scanning and a Vulnerability Management Tool.
https://ift.tt/2w97ie3
Submitted June 04, 2018 at 12:19PM by prajalkulkarni
via reddit https://ift.tt/2syDl26
https://ift.tt/2w97ie3
Submitted June 04, 2018 at 12:19PM by prajalkulkarni
via reddit https://ift.tt/2syDl26
GitHub
flipkart-incubator/watchdog
Watchdog - A Comprehensive Security Scanning and a Vulnerability Management Tool. - flipkart-incubator/watchdog
Are Your Cookies Telling Your Fortune? - An analysis of weak cookie secrets and OSINT
https://ift.tt/2sIpiHw
Submitted June 04, 2018 at 03:41PM by Scene_News
via reddit https://ift.tt/2JaS9iw
https://ift.tt/2sIpiHw
Submitted June 04, 2018 at 03:41PM by Scene_News
via reddit https://ift.tt/2JaS9iw
Collection of IoT security resources
https://ift.tt/2slpcoM
Submitted June 04, 2018 at 08:26PM by v33ru
via reddit https://ift.tt/2LlMfrw
https://ift.tt/2slpcoM
Submitted June 04, 2018 at 08:26PM by v33ru
via reddit https://ift.tt/2LlMfrw
GitHub
V33RU/IoTSecurity101
IoTSecurity101 - From IoT Pentesting to IoT Security
Java: Exploiting your "unreachable" JRMP/RMI/JMX endpoints [CVE-2018-2800]
https://ift.tt/2s0Fnb6
Submitted June 04, 2018 at 08:23PM by albinowax
via reddit https://ift.tt/2sAJo68
https://ift.tt/2s0Fnb6
Submitted June 04, 2018 at 08:23PM by albinowax
via reddit https://ift.tt/2sAJo68
mbechler.github.io
Java: Exploiting your
Up to the April 2018 CPU (6u191, 7u181, 8u171) Java’s RMI endpoints allowed HTTP tunneling of requests.
Failing to implement further restrictions on these requests it was possible to perform them as
cross-origin requests from third-party websites. This…
Failing to implement further restrictions on these requests it was possible to perform them as
cross-origin requests from third-party websites. This…