HP iLO: Turning your BMC into a revolving door
https://ift.tt/2QgC0L8
Submitted November 26, 2018 at 07:36PM by mabote
via reddit https://ift.tt/2AmOKWz
https://ift.tt/2QgC0L8
Submitted November 26, 2018 at 07:36PM by mabote
via reddit https://ift.tt/2AmOKWz
reddit
r/netsec - HP iLO: Turning your BMC into a revolving door
4 votes and 0 comments so far on Reddit
Possible UEFI hijack found in the wild on Asus hardware - cross posted from techsupport thread
https://ift.tt/2PZ5LAP
Submitted November 26, 2018 at 09:19PM by ESCAPE_PLANET_X
via reddit https://ift.tt/2BxY244
https://ift.tt/2PZ5LAP
Submitted November 26, 2018 at 09:19PM by ESCAPE_PLANET_X
via reddit https://ift.tt/2BxY244
reddit
r/techsupport - Tecj nightmare
17 votes and 14 comments so far on Reddit
Orchestrator: A lightweight security incident ticketing + automation + collaboration tool (now in private beta)
https://ift.tt/2pHdiVK
Submitted November 26, 2018 at 10:40PM by yaraz
via reddit https://ift.tt/2RfEwi6
https://ift.tt/2pHdiVK
Submitted November 26, 2018 at 10:40PM by yaraz
via reddit https://ift.tt/2RfEwi6
reddit
r/netsec - Orchestrator: A lightweight security incident ticketing + automation + collaboration tool (now in private beta)
0 votes and 1 comment so far on Reddit
Orchestrator: A lightweight security incident ticketing + automation + collaboration tool (now in private beta)
https://ift.tt/2pHdiVK
Submitted November 26, 2018 at 10:40PM by yaraz
via reddit https://ift.tt/2RfEwi6
https://ift.tt/2pHdiVK
Submitted November 26, 2018 at 10:40PM by yaraz
via reddit https://ift.tt/2RfEwi6
reddit
r/netsec - Orchestrator: A lightweight security incident ticketing + automation + collaboration tool (now in private beta)
0 votes and 1 comment so far on Reddit
Exploit-Database got a face lift (and captcha removed)
https://ift.tt/1HHo1m3
Submitted November 26, 2018 at 11:48PM by offsec
via reddit https://ift.tt/2r5mLGJ
https://ift.tt/1HHo1m3
Submitted November 26, 2018 at 11:48PM by offsec
via reddit https://ift.tt/2r5mLGJ
Exploit-Db
Offensive Security’s Exploit Database Archive
The Exploit Database - Exploits, Shellcode, 0days, Remote Exploits, Local Exploits, Web Apps, Vulnerability Reports, Security Articles, Tutorials and more.
Practical tcpdump Examples
https://ift.tt/1IwtXLs
Submitted November 27, 2018 at 12:07AM by danielrm26
via reddit https://ift.tt/2QhijDb
https://ift.tt/1IwtXLs
Submitted November 27, 2018 at 12:07AM by danielrm26
via reddit https://ift.tt/2QhijDb
Daniel Miessler
Practical tcpdump Examples - Daniel Miessler
Practical tcpdump examples that gives you maximum packet carving in the minimum amount of time. Includes numerous examples and explanations ranging from basic to advanced—including how to isolate hosts, networks, and specific protocols.
Xipology — Exploiting DNS caching as a covert channel / carrier
https://ift.tt/2PXundl
Submitted November 27, 2018 at 04:16AM by midael
via reddit https://ift.tt/2r4ZULB
https://ift.tt/2PXundl
Submitted November 27, 2018 at 04:16AM by midael
via reddit https://ift.tt/2r4ZULB
Medium
Xipology (⅓) — Exploiting DNS caching as a carrier
This is our story of exploiting caching Domain Name System (DNS) servers to break network segregation.
With Zen 2 on the way, the AMD Platform Security Processor should be addressed.
https://ift.tt/2r2PMD4
Submitted November 27, 2018 at 03:49PM by up-sky-7
via reddit https://ift.tt/2Q2mmnC
https://ift.tt/2r2PMD4
Submitted November 27, 2018 at 03:49PM by up-sky-7
via reddit https://ift.tt/2Q2mmnC
reddit
r/Amd - With Zen 2 on the way, the AMD Platform Security Processor should be addressed.
901 votes and 138 comments so far on Reddit
Debian alert DLA-1594-1 (xml-security-c)
https://ift.tt/2FILwCJ
Submitted November 27, 2018 at 08:53PM by jdrch
via reddit https://ift.tt/2P6EcAb
https://ift.tt/2FILwCJ
Submitted November 27, 2018 at 08:53PM by jdrch
via reddit https://ift.tt/2P6EcAb
reddit
r/netsec - Debian alert DLA-1594-1 (xml-security-c)
0 votes and 0 comments so far on Reddit
Debian alert DLA-1596-1 (squid3)
https://ift.tt/2r6B9P1
Submitted November 27, 2018 at 08:52PM by jdrch
via reddit https://ift.tt/2zthhKt
https://ift.tt/2r6B9P1
Submitted November 27, 2018 at 08:52PM by jdrch
via reddit https://ift.tt/2zthhKt
reddit
r/netsec - Debian alert DLA-1596-1 (squid3)
0 votes and 0 comments so far on Reddit
Debian alert DSA-4344-1 (roundcube)
https://ift.tt/2FSYiPo
Submitted November 27, 2018 at 08:52PM by jdrch
via reddit https://ift.tt/2P3axrK
https://ift.tt/2FSYiPo
Submitted November 27, 2018 at 08:52PM by jdrch
via reddit https://ift.tt/2P3axrK
reddit
r/netsec - Debian alert DSA-4344-1 (roundcube)
0 votes and 0 comments so far on Reddit
Debian alert DLA-1593-1 (phpbb3)
https://ift.tt/2r6BbX9
Submitted November 27, 2018 at 08:50PM by jdrch
via reddit https://ift.tt/2zrSiqO
https://ift.tt/2r6BbX9
Submitted November 27, 2018 at 08:50PM by jdrch
via reddit https://ift.tt/2zrSiqO
reddit
r/netsec - Debian alert DLA-1593-1 (phpbb3)
0 votes and 0 comments so far on Reddit
Debian alert DLA-1588-1 (icecast2)
https://ift.tt/2FSYjTs
Submitted November 27, 2018 at 08:49PM by jdrch
via reddit https://ift.tt/2P7HEed
https://ift.tt/2FSYjTs
Submitted November 27, 2018 at 08:49PM by jdrch
via reddit https://ift.tt/2P7HEed
reddit
r/netsec - Debian alert DLA-1588-1 (icecast2)
0 votes and 0 comments so far on Reddit
Debian alert DLA-1589-1 (icecast2)
https://ift.tt/2r9LD0c
Submitted November 27, 2018 at 08:49PM by jdrch
via reddit https://ift.tt/2P3tESv
https://ift.tt/2r9LD0c
Submitted November 27, 2018 at 08:49PM by jdrch
via reddit https://ift.tt/2P3tESv
reddit
r/netsec - Debian alert DLA-1589-1 (icecast2)
0 votes and 0 comments so far on Reddit
Debian alert DLA-1595-1 (gnuplot5)
https://ift.tt/2FSYluy
Submitted November 27, 2018 at 08:48PM by jdrch
via reddit https://ift.tt/2zteP6J
https://ift.tt/2FSYluy
Submitted November 27, 2018 at 08:48PM by jdrch
via reddit https://ift.tt/2zteP6J
reddit
r/netsec - Debian alert DLA-1595-1 (gnuplot5)
0 votes and 0 comments so far on Reddit
USN-3826-1: QEMU vulnerabilities
https://ift.tt/2DK6vT8
Submitted November 27, 2018 at 08:47PM by jdrch
via reddit https://ift.tt/2P5MkkG
https://ift.tt/2DK6vT8
Submitted November 27, 2018 at 08:47PM by jdrch
via reddit https://ift.tt/2P5MkkG
Ubuntu
USN-3826-1: QEMU vulnerabilities | Ubuntu security notices
Daniel Shapira and Arash Tohidi discovered that QEMU incorrectly handled NE2000 device emulation. An attacker inside the guest could use this issue to cause QEMU to crash, resulting in a denial of service. (CVE-2018-10839)
It was discovered that QEMU incorrectly…
It was discovered that QEMU incorrectly…
SIEMENS PATCHES MAJOR FIREWALL FLAW, OTHER VULNERABILITIES
https://ift.tt/2RflZCH
Submitted November 27, 2018 at 08:05PM by UnixLinuxPro
via reddit https://ift.tt/2P5ItnI
https://ift.tt/2RflZCH
Submitted November 27, 2018 at 08:05PM by UnixLinuxPro
via reddit https://ift.tt/2P5ItnI
TechGenix
Siemens patches major firewall flaw, other vulnerabilities
German conglomerate Siemens has been busy trying to close several gaps in its security infrastructure caused by critical vulnerabilities.
PLC Bug Hunt: A Team Building Activity
https://ift.tt/2QkZRJK
Submitted November 27, 2018 at 07:57PM by chicksdigthelongrun
via reddit https://ift.tt/2QgOv9N
https://ift.tt/2QkZRJK
Submitted November 27, 2018 at 07:57PM by chicksdigthelongrun
via reddit https://ift.tt/2QgOv9N
Medium
PLC Bug Hunt
A Team Building Activity
Exposing the Public IPs of Tor Services Through SSL Certificates
https://ift.tt/2DNvvsD
Submitted November 27, 2018 at 10:09PM by ziyahanalbeniz
via reddit https://ift.tt/2E0Kyjv
https://ift.tt/2DNvvsD
Submitted November 27, 2018 at 10:09PM by ziyahanalbeniz
via reddit https://ift.tt/2E0Kyjv
Netsparker
Exposing the Public IPs of Tor Services Through SSL Certificates
This blog post explains how the Tor network, selected for anonymity, can actually be used to discover users' IP addresses due to an incorrect SSL configuration. It includes examples, screenshots and recommendations for further reading.
Exploiting developer infrastructure is insanely easy
https://ift.tt/2DWyKig
Submitted November 27, 2018 at 11:11PM by ihsw
via reddit https://ift.tt/2Ro64SE
https://ift.tt/2DWyKig
Submitted November 27, 2018 at 11:11PM by ihsw
via reddit https://ift.tt/2Ro64SE
Medium
Exploiting developer infrastructure is insanely easy
How an npm package was taken over to infect mobile apps and steal bitcoins.
I couldn't find any XSS reverse shell exploits... so I made one
https://ift.tt/2RizIbP
Submitted November 27, 2018 at 11:41AM by skedar46
via reddit https://ift.tt/2TN6ALo
https://ift.tt/2RizIbP
Submitted November 27, 2018 at 11:41AM by skedar46
via reddit https://ift.tt/2TN6ALo
GitHub
raz-varren/xsshell
An XSS reverse shell framework. Contribute to raz-varren/xsshell development by creating an account on GitHub.