Reverse Shell from an OpenVPN Configuration File
https://ift.tt/2tpEEAO
Submitted June 20, 2018 at 10:50PM by chicksdigthelongrun
via reddit https://ift.tt/2MJEXPN
https://ift.tt/2tpEEAO
Submitted June 20, 2018 at 10:50PM by chicksdigthelongrun
via reddit https://ift.tt/2MJEXPN
Medium
Reverse Shell from an OpenVPN Configuration File
While doing background research on OpenVPN I stumbled upon an interesting question on Stack Exchange.
Wavethrough - Bypassing modern browsers security policies with audio files & service workers
https://ift.tt/2yrHLxQ
Submitted June 21, 2018 at 12:17AM by hannibal_f4e
via reddit https://ift.tt/2MGbBC5
https://ift.tt/2yrHLxQ
Submitted June 21, 2018 at 12:17AM by hannibal_f4e
via reddit https://ift.tt/2MGbBC5
Jakearchibald
I discovered a browser bug
I accidentally discovered a huge browser security bug. Here's what it does, and how I discovered it…
Exploring PowerShell AMSI and Logging Evasion
https://ift.tt/2tj7dzM
Submitted June 21, 2018 at 12:32AM by TheUglyStranger
via reddit https://ift.tt/2K3rnoF
https://ift.tt/2tj7dzM
Submitted June 21, 2018 at 12:32AM by TheUglyStranger
via reddit https://ift.tt/2K3rnoF
reddit
r/netsec - Exploring PowerShell AMSI and Logging Evasion
3 votes and 0 so far on reddit
TLbleed: the reason why OpenBSD disabled HyperThreading
https://ift.tt/2lmpnx2
Submitted June 21, 2018 at 02:18AM by stingraycharles
via reddit https://ift.tt/2M4SrEL
https://ift.tt/2lmpnx2
Submitted June 21, 2018 at 02:18AM by stingraycharles
via reddit https://ift.tt/2M4SrEL
Blackhat
Black Hat USA 2018
The A-to-Z of Cloud Exposure DLP & Incident Response
https://ift.tt/2K4DAwE
Submitted June 21, 2018 at 06:18AM by b1t_viper
via reddit https://ift.tt/2tovyEn
https://ift.tt/2K4DAwE
Submitted June 21, 2018 at 06:18AM by b1t_viper
via reddit https://ift.tt/2tovyEn
phpMyAdmin 4.8.x LFI to RCE
https://ift.tt/2todoCN
Submitted June 21, 2018 at 07:10AM by Ambulong
via reddit https://ift.tt/2ln6MkD
https://ift.tt/2todoCN
Submitted June 21, 2018 at 07:10AM by Ambulong
via reddit https://ift.tt/2ln6MkD
Vulnspy Blog
phpMyAdmin 4.8.x LFI to RCE (Authorization Required)
Author: @Ambulong Security Team ChaMd5 disclose a Local File Inclusion vulnerability in phpMyAdmin latest version 4.8.1. And the exploiting of this vulnerability may lead to Remote Code Execution. In
Fake Fortnite for Android links found on YouTube
https://ift.tt/2logAe9
Submitted June 21, 2018 at 08:39PM by EvanConover
via reddit https://ift.tt/2M63mxK
https://ift.tt/2logAe9
Submitted June 21, 2018 at 08:39PM by EvanConover
via reddit https://ift.tt/2M63mxK
Malwarebytes Labs
Fake Fortnite for Android links found on YouTube - Malwarebytes Labs
The extremely popular video game Fortnite is coming to Android sometime this summer, and the fanbase is going wild. Not surprisingly, mobile malware developers are taking advantage. Already, there are several videos on YouTube with links claiming to be versions…
Top 6 Application Security Must Dos with Limited Resources
https://ift.tt/2K9zgZY
Submitted June 22, 2018 at 12:59AM by jrkjared3
via reddit https://ift.tt/2ytf5Vn
https://ift.tt/2K9zgZY
Submitted June 22, 2018 at 12:59AM by jrkjared3
via reddit https://ift.tt/2ytf5Vn
Detecting Kernel Memory Disclosure with x86 Emulation and Taint Tracking by j00ru
https://ift.tt/2ywbIwZ
Submitted June 22, 2018 at 01:35AM by b0920075
via reddit https://ift.tt/2Kg0G3H
https://ift.tt/2ywbIwZ
Submitted June 22, 2018 at 01:35AM by b0920075
via reddit https://ift.tt/2Kg0G3H
True Story: The Case of a Hacked Baby Monitor
https://ift.tt/2MKSwhO
Submitted June 22, 2018 at 02:32AM by dionas
via reddit https://ift.tt/2M8NFpN
https://ift.tt/2MKSwhO
Submitted June 22, 2018 at 02:32AM by dionas
via reddit https://ift.tt/2M8NFpN
Sec-Consult
True Story: The Case of a Hacked Baby Monitor (Gwelltimes P2P Cloud) | SEC Consult
Some time ago, a case about a hacked baby monitor made the news in the US. A mother claimed someone had taken control over the device and surveilled her baby.
ARPPD - Script to block malicious ARP Packets in MITM Attack
https://ift.tt/2ttVuhY
Submitted June 22, 2018 at 05:17AM by Tudor_Gheorghiu
via reddit https://ift.tt/2lscstG
https://ift.tt/2ttVuhY
Submitted June 22, 2018 at 05:17AM by Tudor_Gheorghiu
via reddit https://ift.tt/2lscstG
GitHub
Prodicode/ARPPD
ARPPD - An ARP Poisoning Defender noscript
ARPPD - Script to block malicious ARP Packets in MITM Attack
https://ift.tt/2ttVuhY
Submitted June 22, 2018 at 05:17AM by Tudor_Gheorghiu
via reddit https://ift.tt/2lscstG
https://ift.tt/2ttVuhY
Submitted June 22, 2018 at 05:17AM by Tudor_Gheorghiu
via reddit https://ift.tt/2lscstG
GitHub
Prodicode/ARPPD
ARPPD - An ARP Poisoning Defender noscript
DanderSpritz lab: build a lab to test and research the Equation Groups post exploit tools
https://ift.tt/2lrFOIF
Submitted June 22, 2018 at 10:16AM by franimals
via reddit https://ift.tt/2ttFVaa
https://ift.tt/2lrFOIF
Submitted June 22, 2018 at 10:16AM by franimals
via reddit https://ift.tt/2ttFVaa
GitHub
francisck/DanderSpritz_lab
DanderSpritz_lab - A fully functional DanderSpritz lab in 2 commands
Using a GitHub app to escalate to an organization owner for a $10,000 bounty
https://ift.tt/2tfS17D
Submitted June 22, 2018 at 01:46PM by albinowax
via reddit https://ift.tt/2tumi1F
https://ift.tt/2tfS17D
Submitted June 22, 2018 at 01:46PM by albinowax
via reddit https://ift.tt/2tumi1F
Medium
Using a GitHub app to escalate to an organization owner for a $10,000 bounty
I’m going to walk through a simple yet high-impact privilege escalation I landed on while poking around…
Containers and cloud security
https://ift.tt/2toSHXn
Submitted June 22, 2018 at 01:55PM by nachoparker
via reddit https://ift.tt/2KawaYO
https://ift.tt/2toSHXn
Submitted June 22, 2018 at 01:55PM by nachoparker
via reddit https://ift.tt/2KawaYO
reddit
r/netsec - Containers and cloud security
2 votes and 0 so far on reddit
10 Experts Weigh in: What Skills Do Cybersec Experts Need Now
https://ift.tt/2tiL4lV
Submitted June 22, 2018 at 02:48PM by KeyDutch
via reddit https://ift.tt/2MeEZOF
https://ift.tt/2tiL4lV
Submitted June 22, 2018 at 02:48PM by KeyDutch
via reddit https://ift.tt/2MeEZOF
Medium
10 Experts Weigh in: What Skills Do Cybersec Experts Need Now
Do you have what it takes to be a cybersecurity expert in our world right now? (Hint: It’s not being a gamer.)
Reverse engineering AWS Lambda
https://ift.tt/2kyHM9t
Submitted June 22, 2018 at 07:23PM by sprkyco
via reddit https://ift.tt/2IgYALT
https://ift.tt/2kyHM9t
Submitted June 22, 2018 at 07:23PM by sprkyco
via reddit https://ift.tt/2IgYALT
www.denialof.services
Reverse engineering AWS Lambda
What happens if we crack open AWS Lambda and dig in the gooey internals?
Frida Engage | Part One | Building an ELF Parser with Frida
https://ift.tt/2KfvIsm
Submitted June 22, 2018 at 08:53PM by marketingversprite
via reddit https://ift.tt/2ttIDws
https://ift.tt/2KfvIsm
Submitted June 22, 2018 at 08:53PM by marketingversprite
via reddit https://ift.tt/2ttIDws
VerSprite | Integrated Security Services and Consulting
Frida Engage Part One: Building an ELF Parser with Frida | VerSprite
In this blog series we will be covering the endless possibilities and power of Frida. For those of you who have never heard of Frida...
BSides London 2018 Talks Now Online
https://www.youtube.com/playlist?list=PLcrUMxzVpi6zlT5Eecqpf7iabwYhu0Ve2
Submitted June 22, 2018 at 06:57PM by stealthy_cat_advisor
via reddit https://ift.tt/2K7tIyW
https://www.youtube.com/playlist?list=PLcrUMxzVpi6zlT5Eecqpf7iabwYhu0Ve2
Submitted June 22, 2018 at 06:57PM by stealthy_cat_advisor
via reddit https://ift.tt/2K7tIyW
YouTube
BSides London 2018 - YouTube
XSS in Google Colaboratory + CSP bypass
https://ift.tt/2I9Usgx
Submitted June 22, 2018 at 01:14PM by campuscodi
via reddit https://ift.tt/2ltVoDo
https://ift.tt/2I9Usgx
Submitted June 22, 2018 at 01:14PM by campuscodi
via reddit https://ift.tt/2ltVoDo
blog.bentkowski.info
XSS in Google Colaboratory + CSP bypass
In this note, I describe an interesting XSS that I found in February 2018 in one of the Google applications. I won't only show directly wher...
How I hacked Apple.com
https://ift.tt/2tugplf
Submitted June 22, 2018 at 05:17PM by MeProtozoan
via reddit https://ift.tt/2yzouLf
https://ift.tt/2tugplf
Submitted June 22, 2018 at 05:17PM by MeProtozoan
via reddit https://ift.tt/2yzouLf
Medium
How I hacked Apple.com (Unrestricted File Upload)
Are you aware of any (private) bug bounty programs or platforms? I would love to get an invite. Please get in touch with me…