Fast, Furious and Insecure: Passive Keyless Entry and Start in Modern Supercars
https://ift.tt/2CH2LD7
Submitted September 13, 2018 at 06:10PM by redbit2020
via reddit https://ift.tt/2MufOHL
https://ift.tt/2CH2LD7
Submitted September 13, 2018 at 06:10PM by redbit2020
via reddit https://ift.tt/2MufOHL
www.esat.kuleuven.be
Fast, Furious and Insecure: Passive Keyless Entry and Start in Modern Supercars
High-end vehicles are often equipped with a Passive Keyless Entry and Start (PKES) system. These PKES systems allow to unlock and start the vehicle based on the physical proximity of a paired key
twa: A tiny web auditor with strong opinions
https://ift.tt/2Nd1IQb
Submitted September 13, 2018 at 05:41PM by yossarian_flew_away
via reddit https://ift.tt/2Oes0hd
https://ift.tt/2Nd1IQb
Submitted September 13, 2018 at 05:41PM by yossarian_flew_away
via reddit https://ift.tt/2Oes0hd
GitHub
woodruffw/twa
A tiny web auditor with strong opinions. Contribute to woodruffw/twa development by creating an account on GitHub.
New cold boot attack affects almost all modern computers.
https://ift.tt/2MqBfJJ
Submitted September 13, 2018 at 10:28PM by le-quack
via reddit https://ift.tt/2CQAWbi
https://ift.tt/2MqBfJJ
Submitted September 13, 2018 at 10:28PM by le-quack
via reddit https://ift.tt/2CQAWbi
F-Secure Blog
The Chilling Reality of Cold Boot Attacks - F-Secure Blog
What do you do when you finish working with your laptop? Do you turn it off? Put it to sleep? Just close the lid and walk away? Many people might not realize that what they do when leaving their laptop unattended, even a laptop with full disk encryption,…
Remote Code Execution in Alpine Linux
https://ift.tt/2x8YK4e
Submitted September 14, 2018 at 12:39AM by justicz
via reddit https://ift.tt/2MuiDZ0
https://ift.tt/2x8YK4e
Submitted September 14, 2018 at 12:39AM by justicz
via reddit https://ift.tt/2MuiDZ0
justi.cz
Remote Code Execution in Alpine Linux
tl;dr I found several bugs in apk, the default package manager for Alpine Linux. Alpine is a really lightweight distro that is very commonly used with Docker...
How to Make a Malicious USB and How to trick the victim to use it.
https://ift.tt/2QnDccS
Submitted September 14, 2018 at 02:46AM by ATTACKERSA
via reddit https://ift.tt/2p4QkHt
https://ift.tt/2QnDccS
Submitted September 14, 2018 at 02:46AM by ATTACKERSA
via reddit https://ift.tt/2p4QkHt
Cyber Wizard
How to Make a Malicious USB and How to trick the victim to use it.
THIS VIDEO IS FOR EDUCATIONAL PURPOSES ONLY. IF ORDINARY CITIZENS UNDERSTAND HOW ONE MAY CIRCUMVENT THEIR SECURITY THEN THEY HAVE THE CHANCE TO PROTECT AGAINST SUCH SECURITY BREACHES. I TAKE NO RES…
FOX News Live streams YouTube Live stream of hurricane. Person using computer switches to email app, exposing a username and password in plain text to nation! Wonder if anyone else noticed.
https://ift.tt/2x8ADmT
Submitted September 14, 2018 at 03:29AM by balroneon
via reddit https://ift.tt/2NEWewV
https://ift.tt/2x8ADmT
Submitted September 14, 2018 at 03:29AM by balroneon
via reddit https://ift.tt/2NEWewV
reddit
r/netsec - FOX News Live streams YouTube Live stream of hurricane. Person using computer switches to email app, exposing a username…
40 votes and 4 comments so far on Reddit
XSS and LFI in Facebook for Android
https://ift.tt/2x2Ldfk
Submitted September 14, 2018 at 06:28PM by albinowax
via reddit https://ift.tt/2N96Gxf
https://ift.tt/2x2Ldfk
Submitted September 14, 2018 at 06:28PM by albinowax
via reddit https://ift.tt/2N96Gxf
ash-king.co.uk
Ashley King - Making the Facebook app more secure - $8500 bounty
Ash King - Hacking for fun and profit
Introducing Security Check: Instantly assess the security posture of your websites and web applications
https://ift.tt/2p7gnO9
Submitted September 14, 2018 at 08:31PM by iamcoolc
via reddit https://ift.tt/2xhFvWk
https://ift.tt/2p7gnO9
Submitted September 14, 2018 at 08:31PM by iamcoolc
via reddit https://ift.tt/2xhFvWk
Templarbit Inc.
Introducing Security Check: Instantly assess the security posture of your websites and web applications
As companies continuously spin up more internet-facing software...
Malicious Command Execution via bash-completion (CVE-2018-7738)
https://ift.tt/2p9f4OS
Submitted September 14, 2018 at 08:29PM by pocorgtfoftw
via reddit https://ift.tt/2pe8erz
https://ift.tt/2p9f4OS
Submitted September 14, 2018 at 08:29PM by pocorgtfoftw
via reddit https://ift.tt/2pe8erz
reddit
r/netsec - Malicious Command Execution via bash-completion (CVE-2018-7738)
1 vote and 0 comments so far on Reddit
Introducing AuthHeaderUpdater - a Burp extension to update authorization headers
https://ift.tt/2N9XUyW
Submitted September 14, 2018 at 10:15PM by bitscraper
via reddit https://ift.tt/2Or7cDy
https://ift.tt/2N9XUyW
Submitted September 14, 2018 at 10:15PM by bitscraper
via reddit https://ift.tt/2Or7cDy
I hack things.
Update JWT Authorization Headers in Burp Suite using AuthHeaderUpdater
We have released a new Burp extension to better handle JWT Authorization tokens during scans.
Protecting Mozilla’s GitHub Repositories from Malicious Modification
https://ift.tt/2NBXvor
Submitted September 14, 2018 at 09:42PM by jvehent
via reddit https://ift.tt/2NLZnen
https://ift.tt/2NBXvor
Submitted September 14, 2018 at 09:42PM by jvehent
via reddit https://ift.tt/2NLZnen
Mozilla Security Blog
Protecting Mozilla’s GitHub Repositories from Malicious Modification
At Mozilla, we’ve been working to ensure our repositories hosted on GitHub are protected from malicious modification. As the recent Gentoo incident demonstrated, such attacks ...
Wannamine cryptominer that uses EternalBlue still active
https://ift.tt/2p7w9bT
Submitted September 15, 2018 at 02:19AM by EvanConover
via reddit https://ift.tt/2xfmvHX
https://ift.tt/2p7w9bT
Submitted September 15, 2018 at 02:19AM by EvanConover
via reddit https://ift.tt/2xfmvHX
Cybereason
Wannamine cryptominer that uses EternalBlue still active
The Wannamine cryptominer, which uses the EternalBlue exploits, is still active although a patch that fixes these well-known vulnerabilities was released last March.
IOT Security by Sawan Bhan | Sawan Bhan | LinkedIn
https://ift.tt/2xeMa4a
Submitted September 15, 2018 at 01:27PM by DefensiveSec
via reddit https://ift.tt/2MwRiFT
https://ift.tt/2xeMa4a
Submitted September 15, 2018 at 01:27PM by DefensiveSec
via reddit https://ift.tt/2MwRiFT
Linkedin
IOT Security by Sawan Bhan
"IoT devices could be referred to objects which can be connected and which can communicate via a platform called Internet. These things are found
How to force restart any iOS device with just CSS? 💣
https://ift.tt/2p9oD08
Submitted September 15, 2018 at 08:24PM by pwnsdxpw
via reddit https://ift.tt/2NOlMrm
https://ift.tt/2p9oD08
Submitted September 15, 2018 at 08:24PM by pwnsdxpw
via reddit https://ift.tt/2NOlMrm
Gist
Safari Ripper ☠️ (Original tweet: https://twitter.com/pwnsdx/status/1040944750973595649, try it: https://cdn.rawgit.com/pwnsdx…
Safari Ripper ☠️ (Original tweet: https://twitter.com/pwnsdx/status/1040944750973595649, try it: https://cdn.rawgit.com/pwnsdx/ce64de2760996a6c432f06d612e33aea/raw/23f2faa0aadb4babbfd228c8bb32a26a8...
Global scan of websites for open .git folders
https://ift.tt/2NuIH7G
Submitted September 15, 2018 at 10:10PM by xtreak
via reddit https://ift.tt/2xic9qN
https://ift.tt/2NuIH7G
Submitted September 15, 2018 at 10:10PM by xtreak
via reddit https://ift.tt/2xic9qN
lynt.cz
Global scan: exposed .git
I made a huge scan for the unintentionally exposed .git repositories - found hundreds of thousands sites.
Three C-Words of Web App Security: Part 1 – CORS
https://ift.tt/2Mp3PM3
Submitted September 16, 2018 at 12:51AM by bitscraper
via reddit https://ift.tt/2MzMLSN
https://ift.tt/2Mp3PM3
Submitted September 16, 2018 at 12:51AM by bitscraper
via reddit https://ift.tt/2MzMLSN
Remote Mac Exploitation Via Custom URL Schemes
https://ift.tt/2wvNyPw
Submitted September 16, 2018 at 12:50AM by bitscraper
via reddit https://ift.tt/2Mzzfij
https://ift.tt/2wvNyPw
Submitted September 16, 2018 at 12:50AM by bitscraper
via reddit https://ift.tt/2Mzzfij
Wasabi: a dynamic analysis framework for WebAssembly
https://ift.tt/2PXpXzo
Submitted September 16, 2018 at 12:49AM by bitscraper
via reddit https://ift.tt/2MxHTOc
https://ift.tt/2PXpXzo
Submitted September 16, 2018 at 12:49AM by bitscraper
via reddit https://ift.tt/2MxHTOc
Scaling AFL to a 256 thread machine
https://ift.tt/2xjyzbS
Submitted September 17, 2018 at 08:29AM by dwndwn
via reddit https://ift.tt/2NiDT9G
https://ift.tt/2xjyzbS
Submitted September 17, 2018 at 08:29AM by dwndwn
via reddit https://ift.tt/2NiDT9G
Gamozo Labs Blog
Scaling AFL to a 256 thread machine
I blog about random things security, everything is broken, nothing scales, shared memory models are flawed.
Global scan: exposed .git
https://ift.tt/2NuIH7G
Submitted September 17, 2018 at 05:34PM by thms0
via reddit https://ift.tt/2NIae9l
https://ift.tt/2NuIH7G
Submitted September 17, 2018 at 05:34PM by thms0
via reddit https://ift.tt/2NIae9l
lynt.cz
Global scan: exposed .git
I made a huge scan for the unintentionally exposed .git repositories - found hundreds of thousands sites.
XSS Vulnerabilities in Multiple iFrame Busters Affecting Top Tier Sites
https://ift.tt/2NNM2Cu
Submitted September 18, 2018 at 04:29AM by rwestergren
via reddit https://ift.tt/2QAVh7s
https://ift.tt/2NNM2Cu
Submitted September 18, 2018 at 04:29AM by rwestergren
via reddit https://ift.tt/2QAVh7s
Randy Westergren
XSS Vulnerabilities in Multiple iFrame Busters Affecting Top Tier Sites - Randy Westergren
For those unfamiliar with modern advertising tech, iFrame Busters are HTML files hosted on publisher sites which allow ad creatives to extend outside of their standard boundaries. These expandable creatives are typically easy to identify on a site — usually…