How I hacked modern Vending Machines
https://ift.tt/2Oosfuj
Submitted October 16, 2018 at 02:46AM by westondeboer
via reddit https://ift.tt/2OW56yX
https://ift.tt/2Oosfuj
Submitted October 16, 2018 at 02:46AM by westondeboer
via reddit https://ift.tt/2OW56yX
Hacker Noon
How I hacked modern Vending Machines
“Hitting and kicking” the bundled App of their widest European distribution company.
How I hacked modern Vending Machines
https://ift.tt/2Oosfuj
Submitted October 16, 2018 at 02:46AM by westondeboer
via reddit https://ift.tt/2OW56yX
https://ift.tt/2Oosfuj
Submitted October 16, 2018 at 02:46AM by westondeboer
via reddit https://ift.tt/2OW56yX
Hacker Noon
How I hacked modern Vending Machines
“Hitting and kicking” the bundled App of their widest European distribution company.
How I hacked modern Vending Machines
https://ift.tt/2Oosfuj
Submitted October 16, 2018 at 02:46AM by westondeboer
via reddit https://ift.tt/2OW56yX
https://ift.tt/2Oosfuj
Submitted October 16, 2018 at 02:46AM by westondeboer
via reddit https://ift.tt/2OW56yX
Hacker Noon
How I hacked modern Vending Machines
“Hitting and kicking” the bundled App of their widest European distribution company.
How I hacked modern Vending Machines
https://ift.tt/2Oosfuj
Submitted October 16, 2018 at 02:46AM by westondeboer
via reddit https://ift.tt/2OW56yX
https://ift.tt/2Oosfuj
Submitted October 16, 2018 at 02:46AM by westondeboer
via reddit https://ift.tt/2OW56yX
Hacker Noon
How I hacked modern Vending Machines
“Hitting and kicking” the bundled App of their widest European distribution company.
How I hacked modern Vending Machines
https://ift.tt/2Oosfuj
Submitted October 16, 2018 at 02:46AM by westondeboer
via reddit https://ift.tt/2OW56yX
https://ift.tt/2Oosfuj
Submitted October 16, 2018 at 02:46AM by westondeboer
via reddit https://ift.tt/2OW56yX
Hacker Noon
How I hacked modern Vending Machines
“Hitting and kicking” the bundled App of their widest European distribution company.
buckets.grayhatwarfare.com - open s3 buckets search engine is updated!
Hello,Since you guys loved us so much, we really tried our best to keep up with the expectations.We are happy to announce the launch of the new version of the tool.Whats new:A lot of you asked to be able to ignore buckets on the search results. From today you can do that.You can now sort results and bucket contents by size.Search was limited to filename. Now keywords can be matched in the directory of the file.Sometimes files are listed but are not accessible. Not accessible files are noted as such to save you time clicking.Project is completely rewritten from Slim Framework to Symfony.Try it here: https://buckets.grayhatwarfare.com/If you don't know what grayhatwarfare.com is you can read this: https://medium.com/@grayhatwarfare/how-to-search-for-open-amazon-s3-buckets-and-their-contents-https-buckets-grayhatwarfare-com-577b7b437e01More info on the release and a peek on whats to come: https://blog.grayhatwarfare.com/2018/10/12/buckets-grayhatwarfare-com-open-s3-buckets-search-engine-is-updated/Thanks for the support!
Submitted October 16, 2018 at 12:37AM by grayhatwarfare
via reddit https://ift.tt/2CMc03U
Hello,Since you guys loved us so much, we really tried our best to keep up with the expectations.We are happy to announce the launch of the new version of the tool.Whats new:A lot of you asked to be able to ignore buckets on the search results. From today you can do that.You can now sort results and bucket contents by size.Search was limited to filename. Now keywords can be matched in the directory of the file.Sometimes files are listed but are not accessible. Not accessible files are noted as such to save you time clicking.Project is completely rewritten from Slim Framework to Symfony.Try it here: https://buckets.grayhatwarfare.com/If you don't know what grayhatwarfare.com is you can read this: https://medium.com/@grayhatwarfare/how-to-search-for-open-amazon-s3-buckets-and-their-contents-https-buckets-grayhatwarfare-com-577b7b437e01More info on the release and a peek on whats to come: https://blog.grayhatwarfare.com/2018/10/12/buckets-grayhatwarfare-com-open-s3-buckets-search-engine-is-updated/Thanks for the support!
Submitted October 16, 2018 at 12:37AM by grayhatwarfare
via reddit https://ift.tt/2CMc03U
Medium
How to search for Open Amazon s3 Buckets and their contents — https://buckets.grayhatwarfare.com
Intro
Hacking Connected Home Alarm Systems – The Cheap [Part 1]
https://ift.tt/2Cj2nc1
Submitted October 16, 2018 at 12:16PM by daanraman
via reddit https://ift.tt/2AcqtDM
https://ift.tt/2Cj2nc1
Submitted October 16, 2018 at 12:16PM by daanraman
via reddit https://ift.tt/2AcqtDM
NVISO Labs
Hacking Connected Home Alarm Systems – The Cheap [Part 1]
TL;DR: We were wondering whether price affects the security of IoT appliances. So we verified the security of two differently priced connected home alarm systems. Both IoT alarms are marketed as an…
Adversarial Reprogramming of Neural Networks
https://ift.tt/2yZ3FJl
Submitted October 16, 2018 at 06:49PM by ranok
via reddit https://ift.tt/2pT1JKV
https://ift.tt/2yZ3FJl
Submitted October 16, 2018 at 06:49PM by ranok
via reddit https://ift.tt/2pT1JKV
reddit
r/netsec - Adversarial Reprogramming of Neural Networks
1 vote and 0 comments so far on Reddit
Curious how Facebook got hacked? Try it out for yourself!
https://ift.tt/2yln1W5
Submitted October 16, 2018 at 08:23PM by Glitch-is
via reddit https://ift.tt/2EonfRL
https://ift.tt/2yln1W5
Submitted October 16, 2018 at 08:23PM by Glitch-is
via reddit https://ift.tt/2EonfRL
blog.adversary.io
Curious how Facebook got hacked? Try it for yourself!
Finding XXE in IBM's MaaS360 Platform
https://ift.tt/2QUg31k
Submitted October 16, 2018 at 07:43PM by FlavSec
via reddit https://ift.tt/2QOjx5o
https://ift.tt/2QUg31k
Submitted October 16, 2018 at 07:43PM by FlavSec
via reddit https://ift.tt/2QOjx5o
NetSPI Blog
XXE in IBM's MaaS360 Platform
I stumbled upon an XXE vulnerability in one of the services used to deliver MaaS360 functionality to IBM clients. Details of the issue and its discovery are the focus of this blog.
Forging Trusts for Deception in Active Directory
https://ift.tt/2yHnBge
Submitted October 16, 2018 at 11:19PM by SamratAsh0k
via reddit https://ift.tt/2CoJ158
https://ift.tt/2yHnBge
Submitted October 16, 2018 at 11:19PM by SamratAsh0k
via reddit https://ift.tt/2CoJ158
Labofapenetrationtester
Forging Trusts for Deception in Active Directory
Home of Nikhil SamratAshok Mittal. Posts about Red Teaming, Offensive PowerShell, Active Directory and Pen Testing.
Authentication bypass in libssh
https://ift.tt/2CkTzCl
Submitted October 17, 2018 at 12:03AM by root_trainingwheels
via reddit https://ift.tt/2RVif9T
https://ift.tt/2CkTzCl
Submitted October 17, 2018 at 12:03AM by root_trainingwheels
via reddit https://ift.tt/2RVif9T
reddit
r/netsec - Authentication bypass in libssh
14 votes and 2 comments so far on Reddit
How I “found” the database of the Donald Daters App
https://ift.tt/2Ae7p8o
Submitted October 17, 2018 at 03:57AM by 0v3rl04d
via reddit https://ift.tt/2PxuoAd
https://ift.tt/2Ae7p8o
Submitted October 17, 2018 at 03:57AM by 0v3rl04d
via reddit https://ift.tt/2PxuoAd
Medium
How I “found” the database of the Donald Daters App
It’s Monday night, there is nothing interesting on TV. I’m on my couch scrolling my Twitter feed when I saw this Fox News’ tweet…
TLS 1.3 (with AEAD) and TLS 1.2 cipher suites demystified: how to pick your ciphers wisely
https://ift.tt/2PynYku
Submitted October 17, 2018 at 09:35AM by unquietwiki
via reddit https://ift.tt/2P2oQ3H
https://ift.tt/2PynYku
Submitted October 17, 2018 at 09:35AM by unquietwiki
via reddit https://ift.tt/2P2oQ3H
Cloud Insidr
TLS 1.3 (with AEAD) and TLS 1.2 cipher suites demystified: how to pick your ciphers wisely - Cloud Insidr
Until the day TLS 1.3 becomes widely supported, web servers must rely on a fallback to TLS 1.2 with correctly configured server directives and strong cipher suites. Pick the wrong settings and you declare an open season on your server. The basics of TLS The…
HPE Intelligent Management Center: a case study on the reliability of security fixes
https://ift.tt/2PCwBut
Submitted October 17, 2018 at 09:29AM by jdrch
via reddit https://ift.tt/2RVT8UH
https://ift.tt/2PCwBut
Submitted October 17, 2018 at 09:29AM by jdrch
via reddit https://ift.tt/2RVT8UH
Exodus Intelligence
HPE IMC: A Case Study On The Reliability of Security Fixes
This post highlights several mistakes in the patches released for vulnerabilities affecting various services of HPE Intelligent Management Center, with a focus on its native binaries.
Git RCE - Exploitation details and PoC (CVE-2018-17456)
https://ift.tt/2Este8g
Submitted October 17, 2018 at 03:06PM by 0v3rl04d
via reddit https://ift.tt/2NKX4nC
https://ift.tt/2Este8g
Submitted October 17, 2018 at 03:06PM by 0v3rl04d
via reddit https://ift.tt/2NKX4nC
Gist
CVE-2018-17456
CVE-2018-17456. GitHub Gist: instantly share code, notes, and snippets.
Interactive example of how Facebook leaked 50M access tokens
https://ift.tt/2OsoSTc
Submitted October 17, 2018 at 06:01PM by Glitch-is
via reddit https://ift.tt/2pZcNpW
https://ift.tt/2OsoSTc
Submitted October 17, 2018 at 06:01PM by Glitch-is
via reddit https://ift.tt/2pZcNpW
Using Route 53 as Pentest Infrastructure
https://ift.tt/2ClZUxr
Submitted October 17, 2018 at 06:38PM by jaredperry
via reddit https://ift.tt/2COxqgY
https://ift.tt/2ClZUxr
Submitted October 17, 2018 at 06:38PM by jaredperry
via reddit https://ift.tt/2COxqgY
Stratum Security Blog
Route 53 as Pentest Infrastructure
Use of DNS infrastructure is a staple of blind application testing and data exfiltration. Both of these scenarios are applicable in most pentest engagements but building engagement specific DNS infrastructure can be a pain. Now with so many cloud providers…
Four Ways to Bypass iOS SSL Verification and Certificate Pinning
https://ift.tt/2D6k803
Submitted October 17, 2018 at 07:36PM by toothless2324
via reddit https://ift.tt/2QUZP84
https://ift.tt/2D6k803
Submitted October 17, 2018 at 07:36PM by toothless2324
via reddit https://ift.tt/2QUZP84
NetSPI Blog
Four Ways to Bypass iOS SSL Verification and Certificate Pinning
A couple months ago, Cody Wass released a blog on how to bypass SSL verification and certificate pinning for Android. I thought it would be a great idea to write up some techniques that I’ve found to work well for iOS. To reiterate from Cody’s blog, being…
New OSINT Search Portal
https://ift.tt/2a0f9wP
Submitted October 17, 2018 at 09:05PM by IntelTechniques
via reddit https://ift.tt/2PAvo6Y
https://ift.tt/2a0f9wP
Submitted October 17, 2018 at 09:05PM by IntelTechniques
via reddit https://ift.tt/2PAvo6Y
CVE-2018-18284: Ghostnoscript sandbox escape (also Tavis Ormandy is officially done with Ghostnoscript)
https://ift.tt/2AeIYaE
Submitted October 17, 2018 at 09:37PM by the_gnarts
via reddit https://ift.tt/2QZ6sGB
https://ift.tt/2AeIYaE
Submitted October 17, 2018 at 09:37PM by the_gnarts
via reddit https://ift.tt/2QZ6sGB