Breaking LTE on Layer Two
https://ift.tt/2Mvqru9
Submitted June 29, 2018 at 10:03PM by zexterio
via reddit https://ift.tt/2tP4u1h
https://ift.tt/2Mvqru9
Submitted June 29, 2018 at 10:03PM by zexterio
via reddit https://ift.tt/2tP4u1h
reddit
r/netsec - Breaking LTE on Layer Two
4 votes and 0 so far on reddit
Every Android device is susceptible to a hardware vulnerability called RAMpage
https://ift.tt/2yWTuVw
Submitted June 30, 2018 at 02:12AM by Goovscoov
via reddit https://ift.tt/2yXAciO
https://ift.tt/2yWTuVw
Submitted June 30, 2018 at 02:12AM by Goovscoov
via reddit https://ift.tt/2yXAciO
xda-developers
Every Android device is susceptible to a hardware vulnerability called RAMpage
Every Android device is susceptible to a hardware vulnerability called RAMpage. You can read all about it here, and how to test your own Android device.
PSA: Avoid the fake Android App Runtime (ARC Welder) extension (with over 32,000 installs!) on the Chrome Web Store, as it injects ads and trackers into every webpage you visit. It is the only one that shows up in search results and the real one appears to be installable, but delisted/"noindex"-ed
https://ift.tt/2MtHH2I
Submitted June 30, 2018 at 03:45AM by Walter_Bishop_PhD
via reddit https://ift.tt/2yV5LJZ
https://ift.tt/2MtHH2I
Submitted June 30, 2018 at 03:45AM by Walter_Bishop_PhD
via reddit https://ift.tt/2yV5LJZ
reddit
r/Android - PSA: Avoid the fake Android App Runtime (ARC Welder) extension (with over 32,000 installs!) on the Chrome Web Store…
114 votes and 2 so far on reddit
Transparent Proxy with squid and iptables.
https://ift.tt/2KzWvzF
Submitted June 30, 2018 at 01:09PM by Kythx
via reddit https://ift.tt/2tSxvt9
https://ift.tt/2KzWvzF
Submitted June 30, 2018 at 01:09PM by Kythx
via reddit https://ift.tt/2tSxvt9
LinuxConfig.net
[Manual] Creating Transparent Proxy With squid and IPTables
For creating transparent proxy we need edit squid.conf and add iptables rules. Edit /etc/squid.conf file with your favorite editor, example vi vi /etc/squid.conf Add or change this lines. http_port…
Windows Search service vulnerability - Bookworm
https://ift.tt/2tGGgY1
Submitted June 30, 2018 at 11:12PM by realitycorp
via reddit https://ift.tt/2tGiHOY
https://ift.tt/2tGGgY1
Submitted June 30, 2018 at 11:12PM by realitycorp
via reddit https://ift.tt/2tGiHOY
Ostensiblyrandom
Carl's security musings
A blog about cyber security topics.
In Memory Powershell Webdav Server
https://ift.tt/2z1GCNO
Submitted July 01, 2018 at 08:48PM by p3nt4
via reddit https://ift.tt/2KCYBf5
https://ift.tt/2z1GCNO
Submitted July 01, 2018 at 08:48PM by p3nt4
via reddit https://ift.tt/2KCYBf5
GitHub
p3nt4/Invoke-TmpDavFS
Invoke-TmpDavFS - In Memory Powershell WebDav Server
UAC Bypassing Using msdt.exe XML/Execution Via Feature in Msdt - & RawLog
https://ift.tt/2tK5Ds1
Submitted July 02, 2018 at 12:14AM by ericnyamu
via reddit https://ift.tt/2tVxbd0
https://ift.tt/2tK5Ds1
Submitted July 02, 2018 at 12:14AM by ericnyamu
via reddit https://ift.tt/2tVxbd0
reddit
r/netsec - UAC Bypassing Using msdt.exe XML/Execution Via Feature in Msdt - & RawLog
3 votes and 0 so far on reddit
Advice for beginners - feedback and pull requests are appreciated
https://ift.tt/2lKHNYx
Submitted July 02, 2018 at 03:57AM by _Exaybachay_
via reddit https://ift.tt/2lOO3ia
https://ift.tt/2lKHNYx
Submitted July 02, 2018 at 03:57AM by _Exaybachay_
via reddit https://ift.tt/2lOO3ia
GitHub
exaybachay-ak/SecurityAdvice
SecurityAdvice - Collection of advice to new IT security folks
Ticketmaster's UK hack shows consumers are the last to know about data breaches
https://ift.tt/2tY8JHY
Submitted July 02, 2018 at 06:32PM by johnedx
via reddit https://ift.tt/2KCS8DR
https://ift.tt/2tY8JHY
Submitted July 02, 2018 at 06:32PM by johnedx
via reddit https://ift.tt/2KCS8DR
Quartz
When your personal data is stolen, you’re the last to know
It's a process that's become depressingly routine.
Exposing the Secret Office 365 Forensics Tool | LMG Security
https://ift.tt/2tImZo8
Submitted July 02, 2018 at 04:03PM by k3170makan
via reddit https://ift.tt/2KBvZGd
https://ift.tt/2tImZo8
Submitted July 02, 2018 at 04:03PM by k3170makan
via reddit https://ift.tt/2KBvZGd
LMG Security
Exposing the Secret Office 365 Forensics Tool | LMG Security
An ethical crisis in the digital forensics industry came to a head last week with the release of new details on Microsoft’s undocumented “Activities” API. A previously unknown trove of access and activity logs held by Microsoft allows investigators to track…
Hijacking the control flow of a WebAssembly program
https://ift.tt/2KmJtGn
Submitted July 02, 2018 at 06:45PM by HighPrivsDrifter
via reddit https://ift.tt/2KI7rLw
https://ift.tt/2KmJtGn
Submitted July 02, 2018 at 06:45PM by HighPrivsDrifter
via reddit https://ift.tt/2KI7rLw
Abusing the COM Registry Structure: CLSID, LocalServer32, & InprocServer32 [for bypass, evasion, and persistence]
https://ift.tt/2yNPJBx
Submitted July 02, 2018 at 07:05PM by whynotsec
via reddit https://ift.tt/2MHvZ4U
https://ift.tt/2yNPJBx
Submitted July 02, 2018 at 07:05PM by whynotsec
via reddit https://ift.tt/2MHvZ4U
| bohops |
Abusing the COM Registry Structure: CLSID, LocalServer32, & InprocServer32
TL;DR Vendors are notorious for including and/or leaving behind Registry artifacts that could potentially be abused by attackers for lateral movement, evasion, bypass, and persistence. CLSIDs subke…
Tokenvator: A Tool to Elevate Privilege using Windows Tokens
https://ift.tt/2tZWavX
Submitted July 02, 2018 at 10:50PM by ericnyamu
via reddit https://ift.tt/2u58uLx
https://ift.tt/2tZWavX
Submitted July 02, 2018 at 10:50PM by ericnyamu
via reddit https://ift.tt/2u58uLx
NetSPI Blog
Tokenvator: A Tool to Elevate Privilege using Windows Tokens
US Spending Less to Secure World’s Nuclear Bomb Materials
https://ift.tt/2Nm5S4G
Submitted July 03, 2018 at 12:32AM by CQPab
via reddit https://ift.tt/2KJJgcn
https://ift.tt/2Nm5S4G
Submitted July 03, 2018 at 12:32AM by CQPab
via reddit https://ift.tt/2KJJgcn
Roll Call
US Spending Less to Secure World’s Nuclear Bomb Materials
U.S. spending to safeguard the world’s atomic materials has dipped in recent years — and President Donald Trump plans to keep it that way.
Google reportedly allows outside app developers to read people's Gmail
https://ift.tt/2KIXLkg
Submitted July 03, 2018 at 12:25AM by mynameis_neo
via reddit https://ift.tt/2Kr39Jo
https://ift.tt/2KIXLkg
Submitted July 03, 2018 at 12:25AM by mynameis_neo
via reddit https://ift.tt/2Kr39Jo
Business Insider
Google reportedly allows outside app developers to read people's Gmails
The Wall Street Journal reported Monday that hundreds of outside software developers are scanning the inboxes of millions of Gmail users. Google "does little to police those developers," the paper reported.
SaaS Revolution podcast featuring co-founder Bjoern on founding a CyberSec company in Silicon Valley
https://ift.tt/2z4e2vr
Submitted July 03, 2018 at 01:12AM by isityoupaul
via reddit https://ift.tt/2MF9wFG
https://ift.tt/2z4e2vr
Submitted July 03, 2018 at 01:12AM by isityoupaul
via reddit https://ift.tt/2MF9wFG
Templarbit Inc.
The SaaS Revolution Show with Bjoern
Recently, Alex Theuma, from the SaaS Revolution Show, sat...
Dangerous Methods - Burp Suite extension for finding dangerous JS methods
https://ift.tt/2Nj4lMD
Submitted July 03, 2018 at 03:13AM by IamJacksLackOf
via reddit https://ift.tt/2KJy8MZ
https://ift.tt/2Nj4lMD
Submitted July 03, 2018 at 03:13AM by IamJacksLackOf
via reddit https://ift.tt/2KJy8MZ
GitLab
TechnoTame / dangerous-methods
OSX.Dummy - new Mac malware targets the cryptocurrency community
https://ift.tt/2lNE7oX
Submitted July 03, 2018 at 03:01AM by EvanConover
via reddit https://ift.tt/2zaPUYa
https://ift.tt/2lNE7oX
Submitted July 03, 2018 at 03:01AM by EvanConover
via reddit https://ift.tt/2zaPUYa
Objective-See
OSX.Dummy
new mac malware targets the cryptocurrency community
Samsung's texting app is randomly sending messages and photos
https://ift.tt/2lQSvNi
Submitted July 03, 2018 at 04:39AM by k3170makan
via reddit https://ift.tt/2NeyGfn
https://ift.tt/2lQSvNi
Submitted July 03, 2018 at 04:39AM by k3170makan
via reddit https://ift.tt/2NeyGfn
Engadget
Samsung's texting app is randomly sending messages and photos
Samsung phone owners are reporting that the stock Messages app is randomly sending texts and photos to other people.
"Stylish" browser extension steals all your internet history
https://ift.tt/2KDf1Hv
Submitted July 03, 2018 at 10:45AM by highjeep
via reddit https://ift.tt/2IOTLcH
https://ift.tt/2KDf1Hv
Submitted July 03, 2018 at 10:45AM by highjeep
via reddit https://ift.tt/2IOTLcH
Robert Heaton
"Stylish" browser extension steals all your internet history | Robert Heaton
Before it became a covert surveillance tool disguised as an outstanding browser extension, Stylish really was an outstanding browser extension. It bestowed upon its users nothing less than the power to change the appearance of the internet. Its extensive…
Bypassing Web-Application Firewalls by abusing SSL/TLS
https://ift.tt/2KFkP3a
Submitted July 03, 2018 at 12:14PM by Sjoerder
via reddit https://ift.tt/2MHE3T2
https://ift.tt/2KFkP3a
Submitted July 03, 2018 at 12:14PM by Sjoerder
via reddit https://ift.tt/2MHE3T2
0x09AL Security blog
Bypassing Web-Application Firewalls by abusing SSL/TLS
Introduction