Netsec – Telegram
Netsec
@RNetsec
7.46K subscribers
22.5K links
This channel posts the feed from r/netsec.
For any suggestions dm @streaak
Donate to keep the bot running https://www.paypal.me/akhilgv
Download Telegram
About
Blog
Apps
Platform
Join
Netsec
7.46K subscribers
Netsec
VirtualBox zero day allows code execution on host
https://ift.tt/2F6prh7

Submitted November 07, 2018 at 05:39PM by pimterry
via reddit https://ift.tt/2Owauo2
GitHub
MorteNoir1/virtualbox_e1000_0day
VirtualBox E1000 Guest-to-Host Escape. Contribute to MorteNoir1/virtualbox_e1000_0day development by creating an account on GitHub.
181 views
Netsec
GitHub - MorteNoir1/virtualbox_e1000_0day: VirtualBox E1000 Guest-to-Host Escape
https://ift.tt/2F6prh7

Submitted November 07, 2018 at 08:06PM by usefulnfo
via reddit https://ift.tt/2Ds1M9h
GitHub
MorteNoir1/virtualbox_e1000_0day
VirtualBox E1000 Guest-to-Host Escape. Contribute to MorteNoir1/virtualbox_e1000_0day development by creating an account on GitHub.
190 views
Netsec
VirtualBox Zero-Day Vulnerability Details and Exploit Are Publicly Available
https://ift.tt/2PNEh04

Submitted November 07, 2018 at 08:00PM by bobbypower
via reddit https://ift.tt/2SSVqV1
BleepingComputer
VirtualBox Zero-Day Vulnerability Details and Exploit Are Publicly Available
A Russian vulnerability researcher and exploit developer has published detailed information about a zero-day vulnerability in VirtualBox. His explanations include step-by-step instructions for exploiting the bug.
191 views
Netsec
VirtualBox zero day allows code execution on host
https://ift.tt/2F6prh7

Submitted November 07, 2018 at 09:32PM by 190n
via reddit https://ift.tt/2qA4jG2
GitHub
MorteNoir1/virtualbox_e1000_0day
VirtualBox E1000 Guest-to-Host Escape. Contribute to MorteNoir1/virtualbox_e1000_0day development by creating an account on GitHub.
177 views
Netsec
Fake Banking App Found on Google Play Used in SMiShing Scheme
https://ift.tt/2PITdN1

Submitted November 07, 2018 at 09:26PM by EvanConover
via reddit https://ift.tt/2F86V8b
Trendmicro
Fake Banking App Found on Google Play Used in SMiShing Scheme - TrendLabs Security Intelligence Blog
We found a malicious app on Google Play called Movil Secure on October 22, as part of a SMiShing scheme targeting Spanish-speaking users.
188 views
Netsec
Rewritten for TLS 1.3: The New Illustrated TLS, Every Byte Explained
https://ift.tt/2SUjS8f

Submitted November 07, 2018 at 10:02PM by syncsynchalt
via reddit https://ift.tt/2Pd4dCZ
tls13.ulfheim.net
The Illustrated TLS 1.3 Connection
Every byte of a TLS 1.3 connection explained and reproduced
349 views
Netsec
BYOB (Build Your Own Botnet) v0.4 Released - New Email Spreading Module Added For Worm-like Behavior
https://ift.tt/2o2lJKj

Submitted November 08, 2018 at 02:07AM by PoonSafari
via reddit https://ift.tt/2PJOj2h
GitHub
GitHub - malwaredllc/byob: An open-source post-exploitation framework for students, researchers and developers.
An open-source post-exploitation framework for students, researchers and developers. - GitHub - malwaredllc/byob: An open-source post-exploitation framework for students, researchers and developers.
183 views
Netsec
The Illustrated TLS 1.3 Connection: Every Byte Explained
https://ift.tt/2SUjS8f

Submitted November 08, 2018 at 01:40AM by modelop
via reddit https://ift.tt/2QoVoCw
tls13.ulfheim.net
The Illustrated TLS 1.3 Connection
Every byte of a TLS 1.3 connection explained and reproduced
193 views
Netsec
PacketFence v8.2 is out! Layer-3 clustering support, improved API, tenant-aware for 802.1X and more!
https://ift.tt/2PgzhBN

Submitted November 08, 2018 at 01:33AM by extrafu
via reddit https://ift.tt/2ASucqx
reddit
r/netsec - PacketFence v8.2 is out! Layer-3 clustering support, improved API, tenant-aware for 802.1X and more!
7 votes and 2 comments so far on Reddit
176 views
Netsec
Over 600+ Spaceflight Missions Have No Protection From Unauthorized Telecommands, This Can Allow For Complete Control Of Avionics, Interference Can Be Accomplished With A UHF Antenna.
https://ift.tt/2DuhBMR

Submitted November 08, 2018 at 07:09AM by 129321
via reddit https://ift.tt/2RC9hxw
216 views
Netsec
Posting to NetSec to see if anybody has some good insight into a FreeIPA multi-tenancy setup.
https://ift.tt/2Oxa1Ce

Submitted November 08, 2018 at 09:20AM by rpo5015
via reddit https://ift.tt/2Fcehrg
reddit
r/linuxadmin - Multi-Tenant FreeIPA
4 votes and 7 comments so far on Reddit
201 views
Netsec
Disclosing a PoC exploit for a vulnerability in openslp-2.0.0 (latest version)
https://ift.tt/2SWFlNT

Submitted November 08, 2018 at 03:01PM by magnusstubman
via reddit https://ift.tt/2zE39NE
reddit
r/netsec - Disclosing a PoC exploit for a vulnerability in openslp-2.0.0 (latest version)
1 vote and 0 comments so far on Reddit
200 views
Netsec
Reversing Retefe
https://ift.tt/2OzOyse

Submitted November 08, 2018 at 05:53PM by glumaproasta
via reddit https://ift.tt/2yWjYDZ
209 views
Netsec
Cryptocurrency Mining Malware uses Various Evasion Techniques, Including Windows Installer, as Part of its Routine
https://ift.tt/2yXEHaP

Submitted November 08, 2018 at 09:18PM by EvanConover
via reddit https://ift.tt/2zFE5pC
Trendmicro
Cryptocurrency Mining Malware uses Various Evasion Techniques, Including Windows Installer, as Part of its Routine - TrendLabs…
The concept of a stealthy, difficult-to-detect malware operating behind the scenes has proven to be an irresistible proposition for many threat actors, and they're evidently adding even more techniques, as seen in a cryptocurrency miner (detected as Coin…
206 views
Netsec
Another XOML Workflows Protection Mechanisms Bypass using Deserialisation of Untrusted Data - Potential Code Execution on SharePoint
https://ift.tt/2FbKRcU

Submitted November 08, 2018 at 10:34PM by albinowax
via reddit https://ift.tt/2RHgn3W
203 views
Netsec
Side-Channel Attacks in a Non-Inclusive World [pdf]
https://ift.tt/2PMUliR

Submitted November 08, 2018 at 10:51PM by QuirkySpiceBush
via reddit https://ift.tt/2PL2t3q
194 views
Netsec
Guarding Against Backdoors and Malicious Hardware in a Post-Supermicro-Scoop World
https://ift.tt/2Dn88qA

Submitted November 09, 2018 at 12:06AM by ilamont
via reddit https://ift.tt/2PPEfoG
Security Boulevard
Guarding Against Backdoors and Malicious Hardware - Security Boulevard
In a post-Supermicro-scoop world, it's important for security teams to review the basics on detecting and guarding against hardware backdoors. Malicious IT security departments must step up their game in detecting backdoors and other malware that compromises…
197 views
Netsec
Weekly newsletter on API Security
https://apisecurity.io/

Submitted November 09, 2018 at 05:36AM by DSotnikov
via reddit https://ift.tt/2z0Aymd
API Security News
API Security Articles, News, Vulnerabilities & Best Practices
API Security is a community website with API security articles and news of API security breaches, vulnerabilities, regulations, technology and best practices
203 views
Netsec
Abusing WSL for Evasion
https://ift.tt/2Oyqkys

Submitted November 09, 2018 at 05:11AM by khasaia
via reddit https://ift.tt/2zDFqgL
secrary[dot]com
Abusing WSL for Evasion
This blog is about malware analysis and reverse engineering. I’m Lasha Khasaia
199 views
Netsec
Ruby 2.x Universal RCE Deserialization Gadget Chain
https://ift.tt/2QpjxsG

Submitted November 09, 2018 at 06:27AM by Gallus
via reddit https://ift.tt/2z2SigO
reddit
r/netsec - Ruby 2.x Universal RCE Deserialization Gadget Chain
2 votes and 0 comments so far on Reddit
223 views
Netsec
Arecibo: endpoint for DNS & HTTP exfiltration
https://ift.tt/2OBBzGu

Submitted November 09, 2018 at 02:19PM by gid0rah
via reddit https://ift.tt/2PipETk
Tarlogic Security
Arecibo: an OOB exfiltration tool (DNS & HTTP)
Arecibo is an Out of Band (OOB) tool for data exfiltration via DNS resolutions and HTTP requests through a simple API
197 views