Fake Banking App Found on Google Play Used in SMiShing Scheme
https://ift.tt/2PITdN1
Submitted November 07, 2018 at 09:26PM by EvanConover
via reddit https://ift.tt/2F86V8b
https://ift.tt/2PITdN1
Submitted November 07, 2018 at 09:26PM by EvanConover
via reddit https://ift.tt/2F86V8b
Trendmicro
Fake Banking App Found on Google Play Used in SMiShing Scheme - TrendLabs Security Intelligence Blog
We found a malicious app on Google Play called Movil Secure on October 22, as part of a SMiShing scheme targeting Spanish-speaking users.
Rewritten for TLS 1.3: The New Illustrated TLS, Every Byte Explained
https://ift.tt/2SUjS8f
Submitted November 07, 2018 at 10:02PM by syncsynchalt
via reddit https://ift.tt/2Pd4dCZ
https://ift.tt/2SUjS8f
Submitted November 07, 2018 at 10:02PM by syncsynchalt
via reddit https://ift.tt/2Pd4dCZ
tls13.ulfheim.net
The Illustrated TLS 1.3 Connection
Every byte of a TLS 1.3 connection explained and reproduced
BYOB (Build Your Own Botnet) v0.4 Released - New Email Spreading Module Added For Worm-like Behavior
https://ift.tt/2o2lJKj
Submitted November 08, 2018 at 02:07AM by PoonSafari
via reddit https://ift.tt/2PJOj2h
https://ift.tt/2o2lJKj
Submitted November 08, 2018 at 02:07AM by PoonSafari
via reddit https://ift.tt/2PJOj2h
GitHub
GitHub - malwaredllc/byob: An open-source post-exploitation framework for students, researchers and developers.
An open-source post-exploitation framework for students, researchers and developers. - GitHub - malwaredllc/byob: An open-source post-exploitation framework for students, researchers and developers.
The Illustrated TLS 1.3 Connection: Every Byte Explained
https://ift.tt/2SUjS8f
Submitted November 08, 2018 at 01:40AM by modelop
via reddit https://ift.tt/2QoVoCw
https://ift.tt/2SUjS8f
Submitted November 08, 2018 at 01:40AM by modelop
via reddit https://ift.tt/2QoVoCw
tls13.ulfheim.net
The Illustrated TLS 1.3 Connection
Every byte of a TLS 1.3 connection explained and reproduced
PacketFence v8.2 is out! Layer-3 clustering support, improved API, tenant-aware for 802.1X and more!
https://ift.tt/2PgzhBN
Submitted November 08, 2018 at 01:33AM by extrafu
via reddit https://ift.tt/2ASucqx
https://ift.tt/2PgzhBN
Submitted November 08, 2018 at 01:33AM by extrafu
via reddit https://ift.tt/2ASucqx
reddit
r/netsec - PacketFence v8.2 is out! Layer-3 clustering support, improved API, tenant-aware for 802.1X and more!
7 votes and 2 comments so far on Reddit
Over 600+ Spaceflight Missions Have No Protection From Unauthorized Telecommands, This Can Allow For Complete Control Of Avionics, Interference Can Be Accomplished With A UHF Antenna.
https://ift.tt/2DuhBMR
Submitted November 08, 2018 at 07:09AM by 129321
via reddit https://ift.tt/2RC9hxw
https://ift.tt/2DuhBMR
Submitted November 08, 2018 at 07:09AM by 129321
via reddit https://ift.tt/2RC9hxw
Posting to NetSec to see if anybody has some good insight into a FreeIPA multi-tenancy setup.
https://ift.tt/2Oxa1Ce
Submitted November 08, 2018 at 09:20AM by rpo5015
via reddit https://ift.tt/2Fcehrg
https://ift.tt/2Oxa1Ce
Submitted November 08, 2018 at 09:20AM by rpo5015
via reddit https://ift.tt/2Fcehrg
reddit
r/linuxadmin - Multi-Tenant FreeIPA
4 votes and 7 comments so far on Reddit
Disclosing a PoC exploit for a vulnerability in openslp-2.0.0 (latest version)
https://ift.tt/2SWFlNT
Submitted November 08, 2018 at 03:01PM by magnusstubman
via reddit https://ift.tt/2zE39NE
https://ift.tt/2SWFlNT
Submitted November 08, 2018 at 03:01PM by magnusstubman
via reddit https://ift.tt/2zE39NE
reddit
r/netsec - Disclosing a PoC exploit for a vulnerability in openslp-2.0.0 (latest version)
1 vote and 0 comments so far on Reddit
Reversing Retefe
https://ift.tt/2OzOyse
Submitted November 08, 2018 at 05:53PM by glumaproasta
via reddit https://ift.tt/2yWjYDZ
https://ift.tt/2OzOyse
Submitted November 08, 2018 at 05:53PM by glumaproasta
via reddit https://ift.tt/2yWjYDZ
Cryptocurrency Mining Malware uses Various Evasion Techniques, Including Windows Installer, as Part of its Routine
https://ift.tt/2yXEHaP
Submitted November 08, 2018 at 09:18PM by EvanConover
via reddit https://ift.tt/2zFE5pC
https://ift.tt/2yXEHaP
Submitted November 08, 2018 at 09:18PM by EvanConover
via reddit https://ift.tt/2zFE5pC
Trendmicro
Cryptocurrency Mining Malware uses Various Evasion Techniques, Including Windows Installer, as Part of its Routine - TrendLabs…
The concept of a stealthy, difficult-to-detect malware operating behind the scenes has proven to be an irresistible proposition for many threat actors, and they're evidently adding even more techniques, as seen in a cryptocurrency miner (detected as Coin…
Another XOML Workflows Protection Mechanisms Bypass using Deserialisation of Untrusted Data - Potential Code Execution on SharePoint
https://ift.tt/2FbKRcU
Submitted November 08, 2018 at 10:34PM by albinowax
via reddit https://ift.tt/2RHgn3W
https://ift.tt/2FbKRcU
Submitted November 08, 2018 at 10:34PM by albinowax
via reddit https://ift.tt/2RHgn3W
Side-Channel Attacks in a Non-Inclusive World [pdf]
https://ift.tt/2PMUliR
Submitted November 08, 2018 at 10:51PM by QuirkySpiceBush
via reddit https://ift.tt/2PL2t3q
https://ift.tt/2PMUliR
Submitted November 08, 2018 at 10:51PM by QuirkySpiceBush
via reddit https://ift.tt/2PL2t3q
Guarding Against Backdoors and Malicious Hardware in a Post-Supermicro-Scoop World
https://ift.tt/2Dn88qA
Submitted November 09, 2018 at 12:06AM by ilamont
via reddit https://ift.tt/2PPEfoG
https://ift.tt/2Dn88qA
Submitted November 09, 2018 at 12:06AM by ilamont
via reddit https://ift.tt/2PPEfoG
Security Boulevard
Guarding Against Backdoors and Malicious Hardware - Security Boulevard
In a post-Supermicro-scoop world, it's important for security teams to review the basics on detecting and guarding against hardware backdoors. Malicious IT security departments must step up their game in detecting backdoors and other malware that compromises…
Weekly newsletter on API Security
https://apisecurity.io/
Submitted November 09, 2018 at 05:36AM by DSotnikov
via reddit https://ift.tt/2z0Aymd
https://apisecurity.io/
Submitted November 09, 2018 at 05:36AM by DSotnikov
via reddit https://ift.tt/2z0Aymd
API Security News
API Security Articles, News, Vulnerabilities & Best Practices
API Security is a community website with API security articles and news of API security breaches, vulnerabilities, regulations, technology and best practices
Abusing WSL for Evasion
https://ift.tt/2Oyqkys
Submitted November 09, 2018 at 05:11AM by khasaia
via reddit https://ift.tt/2zDFqgL
https://ift.tt/2Oyqkys
Submitted November 09, 2018 at 05:11AM by khasaia
via reddit https://ift.tt/2zDFqgL
secrary[dot]com
Abusing WSL for Evasion
This blog is about malware analysis and reverse engineering. I’m Lasha Khasaia
Ruby 2.x Universal RCE Deserialization Gadget Chain
https://ift.tt/2QpjxsG
Submitted November 09, 2018 at 06:27AM by Gallus
via reddit https://ift.tt/2z2SigO
https://ift.tt/2QpjxsG
Submitted November 09, 2018 at 06:27AM by Gallus
via reddit https://ift.tt/2z2SigO
reddit
r/netsec - Ruby 2.x Universal RCE Deserialization Gadget Chain
2 votes and 0 comments so far on Reddit
Arecibo: endpoint for DNS & HTTP exfiltration
https://ift.tt/2OBBzGu
Submitted November 09, 2018 at 02:19PM by gid0rah
via reddit https://ift.tt/2PipETk
https://ift.tt/2OBBzGu
Submitted November 09, 2018 at 02:19PM by gid0rah
via reddit https://ift.tt/2PipETk
Tarlogic Security
Arecibo: an OOB exfiltration tool (DNS & HTTP)
Arecibo is an Out of Band (OOB) tool for data exfiltration via DNS resolutions and HTTP requests through a simple API
Binary Analysis Course update: malware analysis of a RAT in Dot Net
https://ift.tt/2Df95Av
Submitted November 09, 2018 at 03:14PM by ThisIsLibra
via reddit https://ift.tt/2SYtAXy
https://ift.tt/2Df95Av
Submitted November 09, 2018 at 03:14PM by ThisIsLibra
via reddit https://ift.tt/2SYtAXy
reddit
r/netsec - Binary Analysis Course update: malware analysis of a RAT in Dot Net
4 votes and 0 comments so far on Reddit
Intel Microcode Boot Loader Released
https://ift.tt/2JND9UL
Submitted November 09, 2018 at 02:46PM by Regenerati0n
via reddit https://ift.tt/2DtIrEN
https://ift.tt/2JND9UL
Submitted November 09, 2018 at 02:46PM by Regenerati0n
via reddit https://ift.tt/2DtIrEN
Ngohq
Intel Microcode Boot Loader
Intel Microcode Boot Loader automatically updates the CPU microcode every time the system is booted.
UAC Bypass by Mocking Trusted Directories
https://ift.tt/2Faqzk4
Submitted November 09, 2018 at 05:53PM by chicksdigthelongrun
via reddit https://ift.tt/2qEeSIg
https://ift.tt/2Faqzk4
Submitted November 09, 2018 at 05:53PM by chicksdigthelongrun
via reddit https://ift.tt/2qEeSIg
Medium
UAC Bypass by Mocking Trusted Directories
Hello Everyone,
PHP Malware examination
https://ift.tt/2RO32a1
Submitted November 09, 2018 at 08:59PM by phpsystems
via reddit https://ift.tt/2DvSwRM
https://ift.tt/2RO32a1
Submitted November 09, 2018 at 08:59PM by phpsystems
via reddit https://ift.tt/2DvSwRM
blog.manchestergreyhats.co.uk
PHP Malware Examination