Multiple 0days used by Magecart
https://ift.tt/2q6EnS5

Submitted October 24, 2018 at 03:01PM by dtdn
via reddit https://ift.tt/2EECzty

Command and Control via DNS over HTTPS (DoH) for Cobalt Strike
https://ift.tt/2EEbIhm

Submitted October 24, 2018 at 06:59PM by ratfmuser
via reddit https://ift.tt/2EF2Urq

HoneyProcs: Going beyond honeyfiles for Deception on Endpoints
Deploying detection solutions on an endpoint host comes with constraints - limited availability of CPU, memory, disk and other resources, stability constraints, policy adherence and restrictions, the need to be non-intrusive to the user, the host OS and other applications on the host.In response to this, we present HoneyProcs, a new deception methodology (patent pending) and an all user space method that extends existing deception honeypot technology on endpoint hosts. HoneyProcs complements existing deception technology by using forged, controlled decoy processes to catch info stealers, Banking Trojans, rootkits and other generic malware, and it does so by exploiting a common trait exhibited by these malwares - code injection.By limiting its inspection footprint to only these decoy processes, HoneyProcs effectively addresses efficacy and performance concerns that otherwise constrain endpoint deployments.  Throughout this article, we further explain how the reduced and targeted inspection footprint can be leveraged to turn HoneyProcs into an intelligence gathering toolkit that can be used to write automated signatures for other antivirus and detection solutions to remediate infections on the system.​https://forums.juniper.net/t5/Threat-Research/HoneyProcs-Going-Beyond-Honeyfiles-for-Deception-on-Endpoints/ba-p/385830

Submitted October 24, 2018 at 03:28PM by anoopsaldanha
via reddit https://ift.tt/2yZ0A8U

PhishAPI Tool - Rapid Deployment of Fake Sites and Maldocs with Notifications!
https://ift.tt/2ECXddE

Submitted October 24, 2018 at 11:49AM by IndySecMan
via reddit https://ift.tt/2ScoyWS

Reverse Engineering ESP8266 Firmware (Part 1)
https://ift.tt/2PgAnNa

Submitted October 24, 2018 at 05:22PM by BoredPentester
via reddit https://ift.tt/2SconLc

HoneyProcs : Going Beyond Honeyfiles for Deception on Endpoints
https://ift.tt/2R7uAGX

Submitted October 24, 2018 at 09:31PM by anoopsaldanha
via reddit https://ift.tt/2OLVw2p

WebExec - an authenticated RCE vulnerability in Cisco WebEx client
Hey all,During a pentest a couple months back, me and my coworker (/u/jeffmcjunkin) stumbled upon an 0-day in Cisco WebEx. It's neat because it's a remote code execution vulnerability in a client-side app due to bad ACLs.We wrote a high level doc about it, and also a deep dive into why it works.You can also find Nmap noscripts to check for it (already pushed to svn) as well as Metasploit modules to exploit it (in a metasploit fork) linked from there.I thought you guys would be interested! Please patch!

Submitted October 24, 2018 at 09:56PM by iagox86
via reddit https://ift.tt/2O2m0HJ

Nessus 8.0 released
https://ift.tt/2yvtgqj

Submitted October 24, 2018 at 11:14PM by Neo-Bubba
via reddit https://ift.tt/2D0gRP6

Mac malware intercepts encrypted web traffic for ad injection
https://ift.tt/2EHmNhz

Submitted October 25, 2018 at 01:43AM by EvanConover
via reddit https://ift.tt/2AqgTgM

Windows 2000 SP servicing history
https://ift.tt/2EKoHye

Submitted October 25, 2018 at 01:22AM by yuhong
via reddit https://ift.tt/2q9WXJi

National Cybersecurity Awareness Month
https://ift.tt/2PTWIgq

Submitted October 25, 2018 at 04:23AM by longevitytech
via reddit https://ift.tt/2PQ2QXe

HSTS Preload
https://ift.tt/2q63zbw

Submitted October 25, 2018 at 06:03AM by darkhorn
via reddit https://ift.tt/2PfyVuz

We took 1000 Financial Times FT US 500 & FT Europe 500 companies and performed a large-scale non-intrusive discovery of their external web and mobile applications, SSL certificates, web software and cloud storage. Watch the results of this exhaustive research.
https://ift.tt/2yYv1vL

Submitted October 25, 2018 at 03:44PM by hightechbridge
via reddit https://ift.tt/2PjCIa5

Playing with the Windows Notification Facility
https://ift.tt/2PTcU1r

Submitted October 25, 2018 at 05:02PM by ranok
via reddit https://ift.tt/2Si9wyM

Weaponizing the Open Graph Protocol for Effective Phishing/Payload delivery
https://ift.tt/2Cycny7

Submitted October 25, 2018 at 08:29PM by dudeimawizard
via reddit https://ift.tt/2D3Q6t8

Abusing Microsoft Office Online Video
https://ift.tt/2q9pkXJ

Submitted October 25, 2018 at 08:25PM by dorsis
via reddit https://ift.tt/2CELMj2

How malicious mobile apps can abuse paired Bluetooth Low Energy peripherals
https://ift.tt/2PZXFUN

Submitted October 26, 2018 at 03:19AM by mmmds
via reddit https://ift.tt/2AsCwgt

libtiff decodes arbitrarily-sized JBIG into a target buffer - project-zero
https://ift.tt/2Pk1kj5

Submitted October 26, 2018 at 04:11PM by ranok
via reddit https://ift.tt/2OO9YXA

The Next Chapter: From the Endpoint to the Cloud - QubesOS
https://ift.tt/2z24PAm

Submitted October 26, 2018 at 06:00PM by up-sky-7
via reddit https://ift.tt/2CEa7Wh

bscan: an extensible service enumeration tool
https://ift.tt/2qd28I9

Submitted October 26, 2018 at 07:26PM by Dr_Rector
via reddit https://ift.tt/2CFBShg

Exploitation Training
https://ift.tt/2z3nH21

Submitted October 26, 2018 at 08:31PM by mstfknn
via reddit https://ift.tt/2OMZBTM