New attack on WPA/WPA2 using PMKID
https://ift.tt/2nalmwL
Submitted August 09, 2018 at 10:12AM by Fa1l3r
via reddit https://ift.tt/2AVOn94
https://ift.tt/2nalmwL
Submitted August 09, 2018 at 10:12AM by Fa1l3r
via reddit https://ift.tt/2AVOn94
reddit
r/netsec - New attack on WPA/WPA2 using PMKID
1 vote and 0 comments so far on Reddit
Examining Code Reuse Reveals Undiscovered Links Among North Korea’s Malware Families
https://ift.tt/2AXyMWs
Submitted August 09, 2018 at 07:05PM by 0xbaadf00dsec
via reddit https://ift.tt/2vQ3knn
https://ift.tt/2AXyMWs
Submitted August 09, 2018 at 07:05PM by 0xbaadf00dsec
via reddit https://ift.tt/2vQ3knn
Intezer
Examining Code Reuse Reveals Undiscovered Links Among North Korea’s Malware Families - Intezer
Attacks from the online groups Lazarus, Silent Chollima, Group 123, Hidden Cobra, DarkSeoul, Blockbuster, Operation Troy, and 10 Days of Rain are believed to have come from North Korea. But how can we know with certainty? And what connection does a DDoS and…
Mapping Social Media with Facial Recognition: A New (free!) Tool for Security Professionals
https://ift.tt/2M7G3aL
Submitted August 09, 2018 at 08:50PM by greenwolf247
via reddit https://ift.tt/2vT8wH9
https://ift.tt/2M7G3aL
Submitted August 09, 2018 at 08:50PM by greenwolf247
via reddit https://ift.tt/2vT8wH9
Trustwave
Mapping Social Media with Facial Recognition: A New Tool for Penetration Testers and Red Teamers
Social Mapper is a Social Media Enumeration & Correlation Tool
ELF Binary voodoo workshop, led by the ElfMaster October 27-28 2018
https://ift.tt/2KHuCBA
Submitted August 10, 2018 at 01:01AM by ryan_elfmaster
via reddit https://ift.tt/2vSzXkb
https://ift.tt/2KHuCBA
Submitted August 10, 2018 at 01:01AM by ryan_elfmaster
via reddit https://ift.tt/2vSzXkb
Eventbrite
ELF Voodoo binary analysis workshop, brought to you by the ElfMaster & Leviathan
A 2 day instructor led workshop by the ElfMaster, that navigates the participants through the most fascinating and arcane facets of the ELF binary format. This includes but is not limited to ELF internals, relocations, dynamic linking, virus infection, anti…
Osiris dropper found using process doppelgänging
https://ift.tt/2AZbvUc
Submitted August 10, 2018 at 01:53AM by EvanConover
via reddit https://ift.tt/2vx1Crx
https://ift.tt/2AZbvUc
Submitted August 10, 2018 at 01:53AM by EvanConover
via reddit https://ift.tt/2vx1Crx
A bug that affects million users - Kaspersky VPN
https://ift.tt/2vUjegq
Submitted August 10, 2018 at 04:51AM by jdrch
via reddit https://ift.tt/2MCYcKg
https://ift.tt/2vUjegq
Submitted August 10, 2018 at 04:51AM by jdrch
via reddit https://ift.tt/2MCYcKg
www.inputzero.io
A bug that affects million users - Kaspersky VPN
Kaspersky VPN | DNS Address leak | Privacy
Practical Web Cache Poisoning
https://ift.tt/2AW2Qlg
Submitted August 10, 2018 at 05:20PM by albinowax
via reddit https://ift.tt/2OXuNMA
https://ift.tt/2AW2Qlg
Submitted August 10, 2018 at 05:20PM by albinowax
via reddit https://ift.tt/2OXuNMA
Web Security Blog | PortSwigger
Practical Web Cache Poisoning
Abstract Web cache poisoning has long been an elusive vulnerability, a 'theoretical' threat used mostly to scare developers into obediently patching issues that nobody could actually exploit. In this
How to DoH-only with Firefox
https://ift.tt/2MxgpJn
Submitted August 10, 2018 at 04:34PM by pgl
via reddit https://ift.tt/2M4t62d
https://ift.tt/2MxgpJn
Submitted August 10, 2018 at 04:34PM by pgl
via reddit https://ift.tt/2M4t62d
reddit
r/netsec - How to DoH-only with Firefox
14 votes and 6 comments so far on Reddit
Hardware backdoors in x86 CPUs - Allows ring 3 code to read and write ring 0 data
https://ift.tt/2OqE5zQ
Submitted August 10, 2018 at 07:00PM by PeterG45
via reddit https://ift.tt/2AZmpJy
https://ift.tt/2OqE5zQ
Submitted August 10, 2018 at 07:00PM by PeterG45
via reddit https://ift.tt/2AZmpJy
GitHub
xoreaxeaxeax/rosenbridge
rosenbridge - Hardware backdoors in x86 CPUs
Nominees for the 2018 Pwnie Awards
https://ift.tt/2uyiC0I
Submitted August 11, 2018 at 01:23AM by pgl
via reddit https://ift.tt/2KHSGof
https://ift.tt/2uyiC0I
Submitted August 11, 2018 at 01:23AM by pgl
via reddit https://ift.tt/2KHSGof
How I Chained 4 Bugs(Features?) into RCE on Amazon Collaboration System
https://ift.tt/2MgJtYQ
Submitted August 11, 2018 at 06:35AM by 1lastBr3ath
via reddit https://ift.tt/2vxLrKS
https://ift.tt/2MgJtYQ
Submitted August 11, 2018 at 06:35AM by 1lastBr3ath
via reddit https://ift.tt/2vxLrKS
Orange
How I Chained 4 Bugs(Features?) into RCE on Amazon Collaboration System
This is 🍊 speaking
Genesis Scripting Engine (DC26)
https://ift.tt/2vyR8b4
Submitted August 11, 2018 at 11:14PM by gen0cide_
via reddit https://ift.tt/2MdN5e7
https://ift.tt/2vyR8b4
Submitted August 11, 2018 at 11:14PM by gen0cide_
via reddit https://ift.tt/2MdN5e7
Google Docs
DEFCON26 - Genesis Scripting Engine
1 I'LL SEE YOUR MISSLE AND RAISE YOU A MIRV: AN OVERVIEW OF THE GENESIS SCRIPTING ENGINE DEFCON 26 Alex Levinson (gen0cide) Dan Borges (ahhh)
New security flaw has been detected in Intel processors - passwords can potentially be stolen
https://ift.tt/2M9ebTw
Submitted August 12, 2018 at 01:04PM by suf0x
via reddit https://ift.tt/2KKXKbp
https://ift.tt/2M9ebTw
Submitted August 12, 2018 at 01:04PM by suf0x
via reddit https://ift.tt/2KKXKbp
Digitaljournal
New security flaw with Intel processors
A new security flaw has been detected by German researchers in relation to intel. This comes on the back of earlier concerns from January and March 2018. The flaw means that passwords can potentially be stolen.
Security Researcher Finds Hidden 'God Mode' on Old x86 CPUs
https://ift.tt/2vTx2rr
Submitted August 12, 2018 at 12:54PM by suf0x
via reddit https://ift.tt/2OZza9Y
https://ift.tt/2vTx2rr
Submitted August 12, 2018 at 12:54PM by suf0x
via reddit https://ift.tt/2OZza9Y
Tom's Hardware
Hacker Finds Hidden 'God Mode' on Old x86 CPUs
Old VIA C3 chipsets have an undocumented RISC coprocessor that gives you root access from userland if you simply type in four bytes.
firstorder: A traffic analyzer to evade Empire's communication from Anomaly-Based IDS
https://ift.tt/2MeSemQ
Submitted August 12, 2018 at 08:50PM by utku1337
via reddit https://ift.tt/2w3uAP9
https://ift.tt/2MeSemQ
Submitted August 12, 2018 at 08:50PM by utku1337
via reddit https://ift.tt/2w3uAP9
GitHub
tearsecurity/firstorder
firstorder - A traffic analyzer to evade Empire's communication from Anomaly-Based IDS
DNSBL: Not just for spam
https://ift.tt/2P45SH9
Submitted August 12, 2018 at 09:43PM by theMiddleBlue
via reddit https://ift.tt/2vKhyaj
https://ift.tt/2P45SH9
Submitted August 12, 2018 at 09:43PM by theMiddleBlue
via reddit https://ift.tt/2vKhyaj
NTLM relay tool to the EWS endpoint for on-premise exchange servers
https://ift.tt/2KMRkIH
Submitted August 12, 2018 at 10:04PM by digicat
via reddit https://ift.tt/2B4AJk0
https://ift.tt/2KMRkIH
Submitted August 12, 2018 at 10:04PM by digicat
via reddit https://ift.tt/2B4AJk0
GitHub
quickbreach/ExchangeRelayX
ExchangeRelayX - An NTLM relay tool to the EWS endpoint for on-premise exchange servers. Provides an OWA for hackers.
HTTP Security Considerations - An Introduction To HTTP Basics
https://ift.tt/2vWJdny
Submitted August 12, 2018 at 09:52PM by PRIVACYx05i4shUl
via reddit https://ift.tt/2KMaONy
https://ift.tt/2vWJdny
Submitted August 12, 2018 at 09:52PM by PRIVACYx05i4shUl
via reddit https://ift.tt/2KMaONy
Darknet
HTTP Security Considerations – An Introduction To HTTP Basics
HTTP is ubiquitous now with pretty much everything being powered by an API, a web application or some kind of cloud-based HTTP driven infrastructure. With that HTTP Security becomes paramount and to secure HTTP you have to understand it. HTTP is the protocol…
HTTP Security: A Security-focused Introduction to HTTP, Part 1
https://ift.tt/2OwBW5E
Submitted August 12, 2018 at 11:20PM by PRIVACYx05i4shUl
via reddit https://ift.tt/2B5WaRG
https://ift.tt/2OwBW5E
Submitted August 12, 2018 at 11:20PM by PRIVACYx05i4shUl
via reddit https://ift.tt/2B5WaRG
Acunetix
HTTP Security: A Security-focused Introduction to HTTP, Part 1 | Acunetix
This is the first part in a two part series on HTTP security and HTTP basics. In this first part we bring you overview of the HTTP protocol. HTTP is a ubiquitous protocol and is one of the cornerstones of the web. If you are a newcomer to web application…
DEF CON® 26 Hacking Conference Demo Labs (Temporary Index)
https://ift.tt/2N5rrFE
Submitted August 13, 2018 at 01:07AM by TechLord2
via reddit https://ift.tt/2ntntf8
https://ift.tt/2N5rrFE
Submitted August 13, 2018 at 01:07AM by TechLord2
via reddit https://ift.tt/2ntntf8
www.defcon.org
DEF CON® 26 Hacking Conference Demo Labs
Demo Labs of Hacking Tools at DEF CON 26
RFC 8446 - TLS version 1.3 published
https://ift.tt/2nsepqU
Submitted August 13, 2018 at 02:38AM by Natanael_L
via reddit https://ift.tt/2nvZITB
https://ift.tt/2nsepqU
Submitted August 13, 2018 at 02:38AM by Natanael_L
via reddit https://ift.tt/2nvZITB
reddit
r/netsec - RFC 8446 - TLS version 1.3 published
5 votes and 1 comment so far on Reddit