DerbyCon 2018 CTF Write Up
https://ift.tt/2pPmIOK
Submitted October 12, 2018 at 12:49AM by eth_
via reddit https://ift.tt/2IPjSC6
https://ift.tt/2pPmIOK
Submitted October 12, 2018 at 12:49AM by eth_
via reddit https://ift.tt/2IPjSC6
Nettitude Labs
DerbyCon 2018 CTF Write Up
We have just returned from the always amazing DerbyCon 2018 conference. We competed in the 48 hour Capture the Flag competition under our usual team name of “Spicy Weasel” and are pleased to announ…
NCSAM/Hacktober Capture the Flag Competition
https://hostile.site
Submitted October 12, 2018 at 05:11AM by OverAllComa
via reddit https://ift.tt/2NDlW0z
https://hostile.site
Submitted October 12, 2018 at 05:11AM by OverAllComa
via reddit https://ift.tt/2NDlW0z
reddit
r/netsec - NCSAM/Hacktober Capture the Flag Competition
1 vote and 1 comment so far on Reddit
Fake Flash Updaters Push Cryptocurrency Miners
https://ift.tt/2QITjkz
Submitted October 12, 2018 at 02:41AM by EvanConover
via reddit https://ift.tt/2QM81Yh
https://ift.tt/2QITjkz
Submitted October 12, 2018 at 02:41AM by EvanConover
via reddit https://ift.tt/2QM81Yh
Palo Alto Networks Blog
Fake Flash Updaters Push Cryptocurrency Miners - Palo Alto Networks Blog
Unit 42 investigates a recent Fake Flash update pushing cryptocurrency mining software. Get the full report.
Chaining exploits for RCE on Microsoft Edge (CVE-2018-8495)
https://ift.tt/2ymxuAT
Submitted October 12, 2018 at 01:55PM by albinowax
via reddit https://ift.tt/2IPDqpJ
https://ift.tt/2ymxuAT
Submitted October 12, 2018 at 01:55PM by albinowax
via reddit https://ift.tt/2IPDqpJ
Leucosite
Edge RCE
(CVE-2018-8495) Chaining small bugs together to achieve RCE
unauth root RCE in Cisco Prime Infrastructure: how to root a data center with two lame vulns
https://ift.tt/2C9fJaN
Submitted October 12, 2018 at 04:54PM by jose_boneh
via reddit https://ift.tt/2CG28sI
https://ift.tt/2C9fJaN
Submitted October 12, 2018 at 04:54PM by jose_boneh
via reddit https://ift.tt/2CG28sI
seclists.org
Full Disclosure: [CVE-2018-15379] Unauth RCE as root in Cisco Prime
Infrastructure
Infrastructure
The Illustrated TLS Connection: Every Byte Explained
https://tls.ulfheim.net
Submitted October 12, 2018 at 06:47PM by syncsynchalt
via reddit https://ift.tt/2CF2qQp
https://tls.ulfheim.net
Submitted October 12, 2018 at 06:47PM by syncsynchalt
via reddit https://ift.tt/2CF2qQp
reddit
r/netsec - The Illustrated TLS Connection: Every Byte Explained
3 votes and 0 comments so far on Reddit
iOS 12 Safari Bug: Returned Array References Can Link To The Same Memory Address
https://ift.tt/2NUCbuG
Submitted October 13, 2018 at 12:00PM by fagnerbrack
via reddit https://ift.tt/2pSS3jD
https://ift.tt/2NUCbuG
Submitted October 13, 2018 at 12:00PM by fagnerbrack
via reddit https://ift.tt/2pSS3jD
Stack Overflow
Array state will be cached in iOS 12 Safari. Is it a bug or feature?
I found a problem with Array's value state in the newly released iOS 12 Safari, for example, code like this:
...
...
tcpbin: a simple tcp dumping server for pentesting
https://ift.tt/2NGmaUS
Submitted October 13, 2018 at 11:53AM by ret2got
via reddit https://ift.tt/2pQZg3L
https://ift.tt/2NGmaUS
Submitted October 13, 2018 at 11:53AM by ret2got
via reddit https://ift.tt/2pQZg3L
GitHub
ecx86/tcpbin
Very crude and poorly written HTTP(s) and SMTP bin - ecx86/tcpbin
Using Excel for Information Security
https://ift.tt/2ElCkUb
Submitted October 13, 2018 at 05:52PM by m_rothe
via reddit https://ift.tt/2yA7AZG
https://ift.tt/2ElCkUb
Submitted October 13, 2018 at 05:52PM by m_rothe
via reddit https://ift.tt/2yA7AZG
Martin's Blog
Excel for Infosec
Using Excel to manipulate and analyze security data and logs
How syncing your phone to vehicles could put your data at risk
https://ift.tt/2EjeGI4
Submitted October 13, 2018 at 08:40PM by mycall
via reddit https://ift.tt/2NFAcpF
https://ift.tt/2EjeGI4
Submitted October 13, 2018 at 08:40PM by mycall
via reddit https://ift.tt/2NFAcpF
Whio
Connected cars: How syncing your phone to vehicles could put your data at risk
— Syncing your phone to your vehicle is a convenient feature for music and phone calls, but it is also putting your personal information at risk.
Hack The Box – DevOops Walkthrough
https://ift.tt/2OkFMTE
Submitted October 13, 2018 at 08:27PM by m4v3r1ck-
via reddit https://ift.tt/2OYi6UK
https://ift.tt/2OkFMTE
Submitted October 13, 2018 at 08:27PM by m4v3r1ck-
via reddit https://ift.tt/2OYi6UK
VeteranSec
Hack The Box – DevOops Walkthrough
Video Walkthrough: Introduction: This week’s retiring box is DevOops. Coming in at a difficulty rating of 4.3/10, it’s not an incredibly hard machine to root, but it does teach some va…
Detecting Visited Links via Redraw Timing (2013)
https://ift.tt/2PxxAfs
Submitted October 14, 2018 at 01:13AM by gridderer
via reddit https://ift.tt/2RMmd4L
https://ift.tt/2PxxAfs
Submitted October 14, 2018 at 01:13AM by gridderer
via reddit https://ift.tt/2RMmd4L
reddit
r/netsec - Detecting Visited Links via Redraw Timing (2013)
4 votes and 1 comment so far on Reddit
joincap: Merge multiple pcap files together, gracefully.
https://ift.tt/2HkyB5u
Submitted October 14, 2018 at 12:04AM by assafmo
via reddit https://ift.tt/2yhbCqh
https://ift.tt/2HkyB5u
Submitted October 14, 2018 at 12:04AM by assafmo
via reddit https://ift.tt/2yhbCqh
GitHub
assafmo/joincap
Merge multiple pcap files together, gracefully. Contribute to assafmo/joincap development by creating an account on GitHub.
Small Docker images to use instead of Alpine
https://ift.tt/2yoqG5N
Submitted October 13, 2018 at 11:36PM by stevenacreman
via reddit https://ift.tt/2RN27aC
https://ift.tt/2yoqG5N
Submitted October 13, 2018 at 11:36PM by stevenacreman
via reddit https://ift.tt/2RN27aC
kubedex.com
Base Images - kubedex.com
Come and read Base Images on Kubedex.com. The number one site to Discover, Compare and Share Kubernetes Applications.
"Big Star Labs" spyware campaign affects over 11,000,000 people
https://ift.tt/2NGdKxi
Submitted October 14, 2018 at 03:44PM by sacrednumber_108
via reddit https://ift.tt/2PySLxw
https://ift.tt/2NGdKxi
Submitted October 14, 2018 at 03:44PM by sacrednumber_108
via reddit https://ift.tt/2PySLxw
AdGuard Blog
"Big Star Labs" spyware campaign affects over 11,000,000 people
In the previous article about the Unimania spyware campaign I promised to tell you more about the privacy issues discovered during our automated scan of many Google Chrome extensions. This took me a while, and I apologize for the delay. The reason for the…
Analysis of BetterHelp tracking events
https://ift.tt/2OZUVJI
Submitted October 14, 2018 at 09:29PM by kahunalu
via reddit https://ift.tt/2QPkzhk
https://ift.tt/2OZUVJI
Submitted October 14, 2018 at 09:29PM by kahunalu
via reddit https://ift.tt/2QPkzhk
Medium
Under the hood: BetterHelp
This blog series focuses on examining the collection of device data by various popular mobile applications. This data is often collected…
picoCTF'18 writeups
https://ift.tt/2PzEPUe
Submitted October 14, 2018 at 09:50PM by mzfr98
via reddit https://ift.tt/2NGgtq7
https://ift.tt/2PzEPUe
Submitted October 14, 2018 at 09:50PM by mzfr98
via reddit https://ift.tt/2NGgtq7
GitHub
mzfr/picoCTF-2018-Writeups
Writeups for picoCTF 2018. Contribute to mzfr/picoCTF-2018-Writeups development by creating an account on GitHub.
7 clever ways hackers are stealing keyless cars
https://ift.tt/2QPYM9v
Submitted October 14, 2018 at 11:29PM by mycall
via reddit https://ift.tt/2yBod7h
https://ift.tt/2QPYM9v
Submitted October 14, 2018 at 11:29PM by mycall
via reddit https://ift.tt/2yBod7h
reddit
r/netsec - 7 clever ways hackers are stealing keyless cars
1 vote and 0 comments so far on Reddit
WEAPON SYSTEMS CYBERSECURITY DOD Just Beginning to Grapple with Scale of Vulnerabilities
https://ift.tt/2y5GSZp
Submitted October 15, 2018 at 05:44AM by singaporeslin9
via reddit https://ift.tt/2PEk1uQ
https://ift.tt/2y5GSZp
Submitted October 15, 2018 at 05:44AM by singaporeslin9
via reddit https://ift.tt/2PEk1uQ
Deobfuscating PowerShell: Putting the Toothpaste Back in the Tube
https://ift.tt/2Eg6Xu7
Submitted October 15, 2018 at 10:30AM by CyberBullets
via reddit https://ift.tt/2yN4hyr
https://ift.tt/2Eg6Xu7
Submitted October 15, 2018 at 10:30AM by CyberBullets
via reddit https://ift.tt/2yN4hyr
Endgame
Deobfuscating PowerShell: Putting the Toothpaste Back in the Tube
One lesson that security professionals learn early on is that attackers don’t like to make your job easy. They have a range of techniques to obfuscate location, network traffic, or raw code. This in turn makes it harder to for defenders to detect and block…
The Pentagon's Weapons Are 'Easily Hacked' With 'Basic Tools'
https://ift.tt/2Nzp1yE
Submitted October 15, 2018 at 04:42PM by ccurzio
via reddit https://ift.tt/2P6f54V
https://ift.tt/2Nzp1yE
Submitted October 15, 2018 at 04:42PM by ccurzio
via reddit https://ift.tt/2P6f54V
Motherboard
The Pentagon's Weapons Are 'Easily Hacked' With 'Basic Tools'
A new government report reveals that it took hackers just one hour to gain access to a weapon system, and the Pentagon didn't change the default password on "multiple" systems.