Automating Data Flow Diagram Management with Terraform
https://ift.tt/2zOumyb

Submitted December 07, 2018 at 12:15AM by hammertime00
via reddit https://ift.tt/2zKhF7w

XSS to XXE in PrinceXML v10 and below
https://ift.tt/2zKzyDs

Submitted December 07, 2018 at 01:28AM by sxcurity
via reddit https://ift.tt/2SsDEXw

Kubernetes PoC exploit for CVE-2018-1002105.
I created a Proof-of-Concept exploit for the Kubernetes bug that was published recently. You can find it here: https://github.com/evict/poc_CVE-2018-1002105.It requires the exec permission on at least one pod. The payload dumps the contents of the etcd pod.

Submitted December 06, 2018 at 08:21PM by _evict
via reddit https://ift.tt/2EheTuj

France might be losing its first big information war
https://ift.tt/2L15Nm9

Submitted December 07, 2018 at 04:44AM by liotier
via reddit https://ift.tt/2Pl9ROE

aclpwn.py: Active Directory ACL exploitation with BloodHound
https://ift.tt/2RCQvXl

Submitted December 07, 2018 at 02:07PM by digicat
via reddit https://ift.tt/2RHBhjx

Facebook engineers discovered technique of adding read call log/SMS permissions during an app update without notifying the user. Was used in a production release (x-post /r/programming)
https://ift.tt/2Qlnti7

Submitted December 07, 2018 at 04:07PM by nakilon
via reddit https://ift.tt/2PtEQbu

PHP Malware Examination Part 2
https://ift.tt/2BWHTFq

Submitted December 07, 2018 at 03:16PM by phpsystems
via reddit https://ift.tt/2B0JiJc

Remote code execution with EL injection
https://ift.tt/2G4EPey

Submitted December 07, 2018 at 04:59PM by geekadi
via reddit https://ift.tt/2L2O0Lg

AndroidProjectCreator release (version 1.0-stable)
https://ift.tt/2Qk2c8q

Submitted December 07, 2018 at 06:44PM by ThisIsLibra
via reddit https://ift.tt/2PnHwal

How to steal Ethers: scanning for vulnerable smart contracts
https://ift.tt/2G2vELq

Submitted December 07, 2018 at 09:03PM by palkeo
via reddit https://ift.tt/2BXV9JX

WebKit-RegEx-Exploit - Safari on iOS and MacOS
https://ift.tt/2QG0qOp

Submitted December 07, 2018 at 11:37PM by alxjsn
via reddit https://ift.tt/2QiGkuq

Polkit privilege escalation for users with larger UIDs
https://ift.tt/2Rw4G0e

Submitted December 07, 2018 at 11:58PM by kulinacs
via reddit https://ift.tt/2zKbLmL

Responder - tool to perform exploitation in Windows Active Directory Environment
https://ift.tt/2B10WwJ

Submitted December 08, 2018 at 11:49AM by indishell1046
via reddit https://ift.tt/2QjespL

Smart Contract Auditing: Human vs. Machine
https://ift.tt/2UeXHdM

Submitted December 08, 2018 at 05:55PM by arrowflakes
via reddit https://ift.tt/2QJEceo

RCE in PHP or how to bypass disable_functions in PHP installations (CVE-2018–19518)
https://ift.tt/2RPQ38h

Submitted December 08, 2018 at 11:09PM by i_bo0om
via reddit https://ift.tt/2Qi5TM2

Bypassing Authentication Using Javanoscript Debugger.
https://ift.tt/2QIUnsr

Submitted December 08, 2018 at 11:32PM by beyonderdabas
via reddit https://ift.tt/2BYe7jN

Demystifying Kubernetes CVE-2018-1002105 (and a dead simple exploit)
https://ift.tt/2Putx2C

Submitted December 09, 2018 at 02:42PM by reddit_read_today
via reddit https://ift.tt/2Ejtc1L

FreeRTOS tcpip vulnerabilities - Whitepaper
https://ift.tt/2PleesS

Submitted December 10, 2018 at 03:24AM by IamNullByte
via reddit https://ift.tt/2G4Owtd

Automating Simple Buffer Overflow with Winappdbg and Python -part 1
https://ift.tt/2L4Ci2G

Submitted December 10, 2018 at 10:09AM by beyonderdabas
via reddit https://ift.tt/2RSJmSU

[Jenkins] Code execution through crafted URLs
https://ift.tt/2Eelhm7

Submitted December 10, 2018 at 02:01PM by 6793746895F62C0E447A
via reddit https://ift.tt/2B5eO94

Study finds 5 out of 17 tested CAs underpinning web security are vulnerable to spoofed Domain Validation via IP fragmentation attack
https://ift.tt/2B6dcMp

Submitted December 11, 2018 at 08:39AM by SushiAndWoW
via reddit https://ift.tt/2zQWpgq