Reverse Engineering iOS Apps - iOS 11 Edition (Part 2)
https://ift.tt/2Lt6brW
Submitted August 27, 2018 at 03:17PM by Prav123
via reddit https://ift.tt/2NmVw3Z
https://ift.tt/2Lt6brW
Submitted August 27, 2018 at 03:17PM by Prav123
via reddit https://ift.tt/2NmVw3Z
Ivan R Blog
Reverse Engineering iOS Apps - iOS 11 Edition (Part 2)
This is the second part of the "Reverse Engineering iOS Apps - iOS 11 Edition" series. In the first part of the series we learned how to setup your phone on iOS 11 and how to decrypt an iOS app. In this second and final part we'll learn how to:
Apache Struts2 CVE-2018-11776 POC
https://ift.tt/2BK09DL
Submitted August 27, 2018 at 08:23PM by theMiddleBlue
via reddit https://ift.tt/2BS2Y5O
https://ift.tt/2BK09DL
Submitted August 27, 2018 at 08:23PM by theMiddleBlue
via reddit https://ift.tt/2BS2Y5O
Secjuice.com
Apache Struts2 CVE-2018-11776
Learn about the Struts2 Remote Code Execution vulnerability CVE-2018-11776, how to exploit and how to create a Proof of Concept (POC) with docker.
Helping Nonprofits and Other Growing Businesses Understand Security Risks - Security Exploits & News
https://ift.tt/2LwTn3Q
Submitted August 27, 2018 at 08:36PM by bonniek4t
via reddit https://ift.tt/2PJkMmP
https://ift.tt/2LwTn3Q
Submitted August 27, 2018 at 08:36PM by bonniek4t
via reddit https://ift.tt/2PJkMmP
Security Exploits & News
Helping Nonprofits and Other Growing Businesses Understand Security Risks - Security Exploits & News
Raxis COO, Bonnie Smyre, wrote a guest blog post on "What Nonprofits Need to Know about Assessing Security Risk" for the NTEN Nonprofit Technology Network.
threatfeeds.io - free and open-source threat intelligence feeds and sources
https://threatfeeds.io
Submitted August 27, 2018 at 10:31PM by netbroom
via reddit https://ift.tt/2PaMwj4
https://threatfeeds.io
Submitted August 27, 2018 at 10:31PM by netbroom
via reddit https://ift.tt/2PaMwj4
threatfeeds.io
Free threat intelligence feeds - threatfeeds.io
Search and download free and open-source threat intelligence feeds with threatfeeds.io.
API interface for kali tools
https://ift.tt/2PCka22
Submitted August 28, 2018 at 01:35AM by knsankar
via reddit https://ift.tt/2LATdsA
https://ift.tt/2PCka22
Submitted August 28, 2018 at 01:35AM by knsankar
via reddit https://ift.tt/2LATdsA
reddit
r/Information_Security - API interface for kali tools
0 votes and 0 comments so far on Reddit
Microsoft.Workflow.Compiler.exe, Veil, and Cobalt Strike
https://ift.tt/2wn2s9S
Submitted August 28, 2018 at 01:25AM by SonOfFlynnn
via reddit https://ift.tt/2MZUcaw
https://ift.tt/2wn2s9S
Submitted August 28, 2018 at 01:25AM by SonOfFlynnn
via reddit https://ift.tt/2MZUcaw
FortyNorth Security
Microsoft.Workflow.Compiler.exe, Veil, and Cobalt Strike - FortyNorth Security
This blog post documents how to use Microsoft.Workflow.Compiler.exe and the Veil Framework's output to receive a Cobalt Strike beacon.
I made a push notification feed (desktop/mobile) for posts of r/netsec that have a minimum of 200 Karma.
https://ift.tt/2ofGv96
Submitted August 28, 2018 at 06:36AM by soeindohuwabohu
via reddit https://ift.tt/2BTzEvU
https://ift.tt/2ofGv96
Submitted August 28, 2018 at 06:36AM by soeindohuwabohu
via reddit https://ift.tt/2BTzEvU
Traversing the Path to RCE (Bug Bounty)
https://ift.tt/2wnfzYE
Submitted August 28, 2018 at 04:38AM by chocoluvin
via reddit https://ift.tt/2MAbU4P
https://ift.tt/2wnfzYE
Submitted August 28, 2018 at 04:38AM by chocoluvin
via reddit https://ift.tt/2MAbU4P
∞ Growing Web Security Blog
Traversing the Path to RCE
This post will detail the steps I took to find a path traversal vulnerability, and how I paired the vulnerability with the logic of the application to achieve Remote Code Execution through a shell …
Microsoft Windows task scheduler contains a local privilege escalation vulnerability in the ALPC interface
https://ift.tt/2PJxVvN
Submitted August 28, 2018 at 11:38AM by 0xdea
via reddit https://ift.tt/2BOFqil
https://ift.tt/2PJxVvN
Submitted August 28, 2018 at 11:38AM by 0xdea
via reddit https://ift.tt/2BOFqil
www.kb.cert.org
Vulnerability Note VU#906424 - Microsoft Windows task scheduler contains a local privilege escalation vulnerability in the ALPC…
Microsoft Windows task scheduler contains a local privilege escalation vulnerability in the Advanced Local Procedure Call (ALPC) interface, which can allow a local user to obtain SYSTEM privileges.
Tracking Down Malware by Analyzing Beacon Traffic
https://ift.tt/2w7PxcU
Submitted August 28, 2018 at 02:15PM by CyberBullets
via reddit https://ift.tt/2oe4Fkq
https://ift.tt/2w7PxcU
Submitted August 28, 2018 at 02:15PM by CyberBullets
via reddit https://ift.tt/2oe4Fkq
Active Countermeasures
Beacon Analysis - The Key to Cyber Threat Hunting - Active Countermeasures
Beacon analysis is by far the most effective method of threat hunting your network. In fact, I would argue that if you are not checking your network for beacon activity, you have a huge gap in your defenses that attackers will happily leverage. In this two…
Gmail Android app insecure Network Security Configuration
https://ift.tt/2NqjhIw
Submitted August 28, 2018 at 03:50PM by clviper
via reddit https://ift.tt/2PIgMmh
https://ift.tt/2NqjhIw
Submitted August 28, 2018 at 03:50PM by clviper
via reddit https://ift.tt/2PIgMmh
From Compiler Optimization to Code Execution - VirtualBox VM Escape - CVE-2018-2844
https://ift.tt/2NnD6jr
Submitted August 28, 2018 at 03:45PM by tunnelshade
via reddit https://ift.tt/2LyZHb6
https://ift.tt/2NnD6jr
Submitted August 28, 2018 at 03:45PM by tunnelshade
via reddit https://ift.tt/2LyZHb6
www.voidsecurity.in
From Compiler Optimization to Code Execution - VirtualBox VM Escape - CVE-2018-2844
Oracle fixed some of the issues I reported in VirtualBox during the Oracle Critical Patch Update - April 2018. CVE-2018-2844 was an inter...
A walkthrough the AcridRain Stealer
https://ift.tt/2Nrb86s
Submitted August 28, 2018 at 05:06PM by _cacao
via reddit https://ift.tt/2ohRrmR
https://ift.tt/2Nrb86s
Submitted August 28, 2018 at 05:06PM by _cacao
via reddit https://ift.tt/2ohRrmR
This is Security :: by Stormshield
A walk through the AcridRain Stealer - This is Security :: by Stormshield
This blogpost will talk about the analysis of a new password stealer named AcridRain and its different updates during the last 2 months. Introduction AcridRain is a new password stealer written in C/C++ that showed up on forums around the 11th of July 2018.…
Uber Bug Bounty: 1000$ for two “high severity” issue
https://ift.tt/2NqXjVR
Submitted August 28, 2018 at 05:49PM by mrpeuch
via reddit https://ift.tt/2BWjYIg
https://ift.tt/2NqXjVR
Submitted August 28, 2018 at 05:49PM by mrpeuch
via reddit https://ift.tt/2BWjYIg
Medium
Uber Bug Bounty: 1000$ for two “high severity” issue
Despite the fact I am fairly active on the various bug bounty platforms, I usually don’t blog around my activities or promote myself for…
Unpatched ALPC Priv Esc Bug in Windows 10 x64 PoC
https://ift.tt/2BWEFUw
Submitted August 28, 2018 at 07:44PM by at_physicaltherapy
via reddit https://ift.tt/2Ly8Cti
https://ift.tt/2BWEFUw
Submitted August 28, 2018 at 07:44PM by at_physicaltherapy
via reddit https://ift.tt/2Ly8Cti
GitHub
SandboxEscaper/randomrepo
Repo for random stuff. Contribute to SandboxEscaper/randomrepo development by creating an account on GitHub.
Featured in ThreatPost: VerSprite's Research Team Discovers Airmail 3 Exploit
https://ift.tt/2BAplN3
Submitted August 28, 2018 at 08:28PM by marketingversprite
via reddit https://ift.tt/2LAdFJU
https://ift.tt/2BAplN3
Submitted August 28, 2018 at 08:28PM by marketingversprite
via reddit https://ift.tt/2LAdFJU
VerSprite | Integrated Security Services and Consulting
Phishing for Files with Airmail 3 for Mac | VerSprite
We chose Airmail 3 as a target for reverse engineering to gain a better understanding of how MacOS applications work on a low-level.
Remote Code Execution on packagist.org
https://ift.tt/2LBF26B
Submitted August 28, 2018 at 11:25PM by justicz
via reddit https://ift.tt/2LtuupX
https://ift.tt/2LBF26B
Submitted August 28, 2018 at 11:25PM by justicz
via reddit https://ift.tt/2LtuupX
justi.cz
Remote Code Execution on packagist.org
tl;dr There was a remote code execution vulnerability on packagist.org, the default package server behind Composer, a PHP package manager. Packagist currentl...
Good Introduction to CORS (Cross-Origin Resource Sharing)
https://ift.tt/2Mp3PM3
Submitted August 29, 2018 at 12:42PM by CyberBullets
via reddit https://ift.tt/2BXV4Ie
https://ift.tt/2Mp3PM3
Submitted August 29, 2018 at 12:42PM by CyberBullets
via reddit https://ift.tt/2BXV4Ie
Fuzzing the .NET JIT Compiler
https://ift.tt/2NvyHeG
Submitted August 29, 2018 at 12:34PM by 0xad
via reddit https://ift.tt/2N61XM9
https://ift.tt/2NvyHeG
Submitted August 29, 2018 at 12:34PM by 0xad
via reddit https://ift.tt/2N61XM9
reddit
r/netsec - Fuzzing the .NET JIT Compiler
1 vote and 0 comments so far on Reddit
Native Android Proxmark3 client (rootless)
https://ift.tt/2wqroyi
Submitted August 29, 2018 at 07:17PM by doylersec
via reddit https://ift.tt/2PeFxpa
https://ift.tt/2wqroyi
Submitted August 29, 2018 at 07:17PM by doylersec
via reddit https://ift.tt/2PeFxpa
GitHub
AndProx/AndProx
Native Android Proxmark3 client (no root required) - AndProx/AndProx
WebAuthn Cryptography Flaws Round 2: IBM's ECDAA implementation
Hi /r/netsec!This is a follow-up to my previous submission about Security Concerns Surrounding WebAuthn, which dove into the cryptography protocol design of ECDAA (a FIDO Alliance design which WebAuthn explicitly adds as a reserved COSE algorithm).I looked at the ECDAA implementation published on Github under the IBM-Research organization and discovered that they're just using BigInteger.mod(), which will produced biased output (unless you're using a curve whose order is a Mersenne prime). Given that IBM employees were the co-authors of the ECDAA specification, I'm led to believe that the IBM-Research repository is somewhat official.I reported this on Github, of course: https://github.com/ibm-research/ecdaa/issues/5While I'm excited about the prospect of hardware-based 2FA (or even WebAuthn-powered single factor to eliminate passwords in corporate settings), the cryptography they're trying to standardize is too error-prone. We shouldn't trust it until these flaws are remedied.
Submitted August 29, 2018 at 08:48PM by sarciszewski
via reddit https://ift.tt/2BUGr8o
Hi /r/netsec!This is a follow-up to my previous submission about Security Concerns Surrounding WebAuthn, which dove into the cryptography protocol design of ECDAA (a FIDO Alliance design which WebAuthn explicitly adds as a reserved COSE algorithm).I looked at the ECDAA implementation published on Github under the IBM-Research organization and discovered that they're just using BigInteger.mod(), which will produced biased output (unless you're using a curve whose order is a Mersenne prime). Given that IBM employees were the co-authors of the ECDAA specification, I'm led to believe that the IBM-Research repository is somewhat official.I reported this on Github, of course: https://github.com/ibm-research/ecdaa/issues/5While I'm excited about the prospect of hardware-based 2FA (or even WebAuthn-powered single factor to eliminate passwords in corporate settings), the cryptography they're trying to standardize is too error-prone. We shouldn't trust it until these flaws are remedied.
Submitted August 29, 2018 at 08:48PM by sarciszewski
via reddit https://ift.tt/2BUGr8o
reddit
Security Concerns Surrounding WebAuthn: Don't Implement ECDAA (Yet)
Posted in r/netsec by u/sarciszewski • 83 points and 0 comments