RCE over the FAX protocol - DEFCON 26
https://ift.tt/2nv0pwB
Submitted August 13, 2018 at 04:54AM by eyalitki
via reddit https://ift.tt/2w5DImq
https://ift.tt/2nv0pwB
Submitted August 13, 2018 at 04:54AM by eyalitki
via reddit https://ift.tt/2w5DImq
Check Point Research
Sending Fax Back to the Dark Ages - Check Point Research
Research By: Eyal Itkin and Yaniv Balmas Fax, the brilliant technology that lifted mankind out the dark ages of mail delivery when only the postal service and carrier pigeons were used to deliver a physical message from a sender to a receiver. Technology…
DEF CON 26 Media Server (Presentations and other Media Files)
https://ift.tt/2vEipsV
Submitted August 13, 2018 at 12:19PM by TechLord2
via reddit https://ift.tt/2OzBEuP
https://ift.tt/2vEipsV
Submitted August 13, 2018 at 12:19PM by TechLord2
via reddit https://ift.tt/2OzBEuP
media.defcon.org
DEF CON Media Server
Started in 1992 by the Dark Tangent, DEF CON is the world's longest running and largest underground hacking conference. Hackers, corporate IT professionals, and three letter government agencies all converge on Las Vegas every summer to absorb cutting edge…
I thought I found a browser security bug
https://ift.tt/2w5gehd
Submitted August 13, 2018 at 01:02PM by djhworld
via reddit https://ift.tt/2M9YzA1
https://ift.tt/2w5gehd
Submitted August 13, 2018 at 01:02PM by djhworld
via reddit https://ift.tt/2M9YzA1
djhworld.github.io
I thought I found a browser security bug - djhworld
thoughts
androidDump: A tool pulls loaded binaries ordered by memory regions
https://ift.tt/2MkX5lF
Submitted August 13, 2018 at 05:56PM by tiger6700
via reddit https://ift.tt/2B67Nbh
https://ift.tt/2MkX5lF
Submitted August 13, 2018 at 05:56PM by tiger6700
via reddit https://ift.tt/2B67Nbh
GitHub
CyberSaxosTiGER/androidDump
androidDump - A tool pulls loaded binaries ordered by memory regions
Evading Anomaly-Based NIDS with Empire
https://ift.tt/2KOVEXL
Submitted August 13, 2018 at 08:09PM by utku1337
via reddit https://ift.tt/2OApIcd
https://ift.tt/2KOVEXL
Submitted August 13, 2018 at 08:09PM by utku1337
via reddit https://ift.tt/2OApIcd
Utkusen
Evading Anomaly-Based NIDS with Empire
In DEF CON 26, I gave a speech about this topic on Packet Hacking Village, and demonstrated my tool (firstorder) in Demo Labs. I got very good feedbacks for my idea, however some people seem to be confused about all these. So I want to explain everything…
Disabling OkHttp’s SSL Pinning on Android Apps
https://ift.tt/2nyOVrN
Submitted August 13, 2018 at 08:42PM by jamaican420guy
via reddit https://ift.tt/2w4GmJk
https://ift.tt/2nyOVrN
Submitted August 13, 2018 at 08:42PM by jamaican420guy
via reddit https://ift.tt/2w4GmJk
Medium
Disabling OkHttp’s SSL Pinning on Android Apps
Your target has an Android application and you want to walk through their API to check for server-side vulnerabilities. You configure the…
A guide to Machine Learning for NetSec (Application Security)
https://ift.tt/2MdVDlW
Submitted August 13, 2018 at 10:42PM by isityoupaul
via reddit https://ift.tt/2OAMJM9
https://ift.tt/2MdVDlW
Submitted August 13, 2018 at 10:42PM by isityoupaul
via reddit https://ift.tt/2OAMJM9
Templarbit Inc.
A guide to Machine Learning for Application Security
Machine Learning is definitely not the magic bullet it is...
Endpoint Security Self-Protection on MacOS
https://ift.tt/2MidBmF
Submitted August 13, 2018 at 10:29PM by dmchell
via reddit https://ift.tt/2nDbonz
https://ift.tt/2MidBmF
Submitted August 13, 2018 at 10:29PM by dmchell
via reddit https://ift.tt/2nDbonz
reddit
r/netsec - Endpoint Security Self-Protection on MacOS
1 vote and 0 comments so far on Reddit
A guide to Machine Learning for Application Security
https://ift.tt/2MpHGk2
Submitted August 14, 2018 at 12:56AM by iamcoolc
via reddit https://ift.tt/2nDBaYR
https://ift.tt/2MpHGk2
Submitted August 14, 2018 at 12:56AM by iamcoolc
via reddit https://ift.tt/2nDBaYR
Templarbit Inc.
A guide to Machine Learning for Application Security
Machine Learning is definitely not the magic bullet it is...
The Dangers of Key Reuse: Practical Attacks on IPsec IKE
https://ift.tt/2MhjGjS
Submitted August 14, 2018 at 03:18AM by campuscodi
via reddit https://ift.tt/2BaEe8E
https://ift.tt/2MhjGjS
Submitted August 14, 2018 at 03:18AM by campuscodi
via reddit https://ift.tt/2BaEe8E
This new attack is described is a recently published research paper ennoscriptd "The Dangers of Key Reuse: Practical Attacks on IPsec IKE," set to be presented at the 27th Usenix Security Symposium later this week in Baltimore, USA. From the paper's abstract:
https://ift.tt/2MFWEiY
Submitted August 14, 2018 at 03:52AM by longevitytech
via reddit https://ift.tt/2OzrRET
https://ift.tt/2MFWEiY
Submitted August 14, 2018 at 03:52AM by longevitytech
via reddit https://ift.tt/2OzrRET
Longevity Technology
Cisco Patches Its Operating Systems Against New IKE Crypto Attack
Cisco, one of the world's largest vendor of networking equipment, released security updates today to patch a vulnerability in the IOS and IOS XE operating syste
Free Stock Photos for your Projects
https://ift.tt/2vGCONN
Submitted August 14, 2018 at 06:54AM by professorhase
via reddit https://ift.tt/2P5u2Ry
https://ift.tt/2vGCONN
Submitted August 14, 2018 at 06:54AM by professorhase
via reddit https://ift.tt/2P5u2Ry
Motosha
food Archives - Motosha
Real free high quality stock photos for commercial and private use! From selected professional photographers. Simple download without registration, without obligations. Best quality and 100% Free.
JSON endpoints without tokens don’t leak; they whisper
https://ift.tt/2B9Mnu3
Submitted August 14, 2018 at 06:46PM by albinowax
via reddit https://ift.tt/2P72FXq
https://ift.tt/2B9Mnu3
Submitted August 14, 2018 at 06:46PM by albinowax
via reddit https://ift.tt/2P72FXq
Medium
JSON endpoints without tokens doesn’t leak they whisper
Exploiting interesting feature in HTML5 https://developer.mozilla.org/en-US/docs/Web/API/Resource_Timing_API/Using_the_Resource_Timing_API…
Foreshadow: Extracting the Keys to the Intel SGX Kingdom with Transient Out-of-Order Execution
https://ift.tt/2MJ36Wl
Submitted August 14, 2018 at 10:41PM by u0000
via reddit https://ift.tt/2Mn4XmQ
https://ift.tt/2MJ36Wl
Submitted August 14, 2018 at 10:41PM by u0000
via reddit https://ift.tt/2Mn4XmQ
reddit
r/netsec - Foreshadow: Extracting the Keys to the Intel SGX Kingdom with Transient Out-of-Order Execution
7 votes and 1 comment so far on Reddit
Multi-Factor Mixup: Who Were You Again? Exploiting Microsoft ADFS MFA integration
https://ift.tt/2MmRZFv
Submitted August 14, 2018 at 10:56PM by overflowingInt
via reddit https://ift.tt/2OyvRpa
https://ift.tt/2MmRZFv
Submitted August 14, 2018 at 10:56PM by overflowingInt
via reddit https://ift.tt/2OyvRpa
Okta
Multi-Factor Mixup: Who Were You Again?
Summary:
hideNsneak - enabling obfuscation of attack infrastructure through DevOps
https://ift.tt/2Jkz2xH
Submitted August 15, 2018 at 12:33AM by karmicSec
via reddit https://ift.tt/2BcPG3L
https://ift.tt/2Jkz2xH
Submitted August 15, 2018 at 12:33AM by karmicSec
via reddit https://ift.tt/2BcPG3L
GitHub
rmikehodges/hideNsneak
hideNsneak - a CLI for ephemeral penetration testing
Playback - a TLS 1.3 story
https://ift.tt/2OBJNih
Submitted August 15, 2018 at 04:54AM by vamediah
via reddit https://ift.tt/2KRVhfk
https://ift.tt/2OBJNih
Submitted August 15, 2018 at 04:54AM by vamediah
via reddit https://ift.tt/2KRVhfk
Linux kernel: CVE-2017-18344: arbitrary-read vulnerability in the timer subsystem
https://ift.tt/2LKMf98
Submitted August 15, 2018 at 04:41AM by thebrachy
via reddit https://ift.tt/2P8wQgM
https://ift.tt/2LKMf98
Submitted August 15, 2018 at 04:41AM by thebrachy
via reddit https://ift.tt/2P8wQgM
seclists.org
oss-sec: Linux kernel: CVE-2017-18344: arbitrary-read vulnerability in the timer subsystem
August 2018 .NET Framework Security and Quality Rollup
https://ift.tt/2MJi5PT
Submitted August 15, 2018 at 04:33AM by jdrch
via reddit https://ift.tt/2BbsmDj
https://ift.tt/2MJi5PT
Submitted August 15, 2018 at 04:33AM by jdrch
via reddit https://ift.tt/2BbsmDj
Microsoft
August 2018 .NET Framework Security and Quality Rollup
A first-hand look from the .NET engineering teams
L1 Terminal Fault / CVE-2018-3615 , CVE-2018-3620,CVE-2018-3646 / INTEL-SA-00161
https://ift.tt/2MqlgPB
Submitted August 15, 2018 at 05:26AM by jdrch
via reddit https://ift.tt/2MplMNW
https://ift.tt/2MqlgPB
Submitted August 15, 2018 at 05:26AM by jdrch
via reddit https://ift.tt/2MplMNW
reddit
r/netsec - L1 Terminal Fault / CVE-2018-3615 , CVE-2018-3620,CVE-2018-3646 / INTEL-SA-00161
1 vote and 0 comments so far on Reddit
CVE-2018-8302: Getting code execution on Microsoft Exchange through a .NET BinaryFormatter Deserialization vulnerability.
https://ift.tt/2KSIvNI
Submitted August 15, 2018 at 07:12AM by RedmondSecGnome
via reddit https://ift.tt/2nFNs2U
https://ift.tt/2KSIvNI
Submitted August 15, 2018 at 07:12AM by RedmondSecGnome
via reddit https://ift.tt/2nFNs2U
Zero Day Initiative
Voicemail Vandalism: Getting Remote Code Execution on Microsoft Exchange Server
We recently received a bug report with an intriguing denoscription: “A non-privileged Exchange user can run arbitrary code as "NT AUTHORITY\SYSTEM" in the Exchange Server through a .NET BinaryFormatter Deserialization vulnerability.” It definitely caught…