Netsec – Telegram
Netsec
@RNetsec
7.49K subscribers
22.5K links
This channel posts the feed from r/netsec.
For any suggestions dm @streaak
Donate to keep the bot running https://www.paypal.me/akhilgv
Download Telegram
About
Blog
Apps
Platform
Join
Netsec
7.49K subscribers
Netsec
Introducing ee-outliers: open-source framework to detect outliers in Elasticsearch events
https://ift.tt/2G7hI2S

Submitted December 12, 2018 at 02:56AM by daanraman
via reddit https://ift.tt/2rvmcpV
NVISO Labs
Announcement: open-sourcing ee-outliers
Today, we are excited to announce we are open-sourcing ee-outliers, our in-house developed framework to detect outliers in events stored in Elasticsearch! The framework was developed for the purpos…
189 views
Netsec
Binary Exploitation
https://ift.tt/2UD2kyk

Submitted December 12, 2018 at 05:08AM by johnhammond010
via reddit https://ift.tt/2RQvFUn
534 views
Netsec
Searching systematically for PHP disable_functions bypasses
https://ift.tt/2zT8T78

Submitted December 12, 2018 at 05:34AM by gid0rah
via reddit https://ift.tt/2rzf2kB
x-c3ll.github.io
Searching systematically for PHP disable_functions bypasses ::



DoomsDay Vault
Some ideas about how to extract hidden parameters in PHP functions and how to find potential bypasses
198 views
Netsec
Jailbreaking RouterOS & misc GNU inetutils <= 1.9.4 vulnerabilities.
Here are steps to jailbreak Mikrotik routers using arbitrary file creation vulnerabilities through telnethttps://hacker.house/releasez/expl0itz/mikrotik-jailbreak.txt​Here are heap and stack overflows in GNU inetutils <= 1.9.4 telnet.c client in the handling environment variables. Stack overflow is present in TELOPT_XDISPLOC optionhttps://hacker.house/releasez/expl0itz/inetutils-telnet.txt​These issues can be found all over embedded devices and in mainstream Linux distributions like Arch Linux due to the proliferation of GNU code re-use.

Submitted December 12, 2018 at 12:20AM by hackerfantastic
via reddit https://ift.tt/2LdQMxl
reddit
r/netsec - Jailbreaking RouterOS & misc GNU inetutils <= 1.9.4 vulnerabilities.
1 vote and 0 comments so far on Reddit
212 views
Netsec
Cyberbullying is worringly rising in Spain
https://ift.tt/2RThxK7

Submitted December 12, 2018 at 06:29PM by jpjourno
via reddit https://ift.tt/2Qt3tKD
Centre de Seguretat de la Informació de Catalunya
El civismo en la red
Cuarto eje de la campaña 'Practica els hàbits cibersaludables'
192 views
Netsec
From blind XXE to root-level file read access
https://ift.tt/2EgZPfB

Submitted December 12, 2018 at 07:16PM by albinowax
via reddit https://ift.tt/2rzxWI2
Honoki
From blind XXE to root-level file read access
Polyphemus, by Johann Heinrich Wilhelm Tischbein, 1802 (Landesmuseum Oldenburg) On a recent bug bounty adventure, I came across an XML endpoint that responded interestingly to attempted XXE exploit…
196 views
Netsec
IKOS 2.1: an open source static analyzer for C and C++
https://ift.tt/2Gd1HZr

Submitted December 12, 2018 at 07:54PM by makeshift8
via reddit https://ift.tt/2PyxKSJ
reddit
r/C_Programming - IKOS 2.1: an open source static analyzer for C and C++
30 votes and 8 comments so far on Reddit
197 views
Netsec
How we discovered over 50 critical vulnerabilities in Adobe Reader in 50 days.
https://ift.tt/2Gf2hFY

Submitted December 12, 2018 at 08:59PM by ynvb
via reddit https://ift.tt/2rznznC
Check Point Research
50 CVEs in 50 Days: Fuzzing Adobe Reader - Check Point Research
A Fuzzing Drill Hits the Motherlode Research By: Yoav Alon, Netanel Ben-Simon Introduction The year 2017 was an inflection point in the vulnerability landscape. The number of new vulnerabilities reported that year was around 14,000, which is over twice the…
203 views
Netsec
GitHub - NASA-SW-VnV/ikos: Static analyzer for C/C++ based on the theory of Abstract Interpretation.
https://ift.tt/2PAWlXr

Submitted December 12, 2018 at 08:28PM by makeshift8
via reddit https://ift.tt/2QLJWEx
GitHub
NASA-SW-VnV/ikos
Static analyzer for C/C++ based on the theory of Abstract Interpretation. - NASA-SW-VnV/ikos
192 views
Netsec
Owning the Virgin Media Hub 3.0
https://ift.tt/2RVxteM

Submitted December 12, 2018 at 10:45PM by digicat
via reddit https://ift.tt/2zUmV8K
reddit
r/netsec - Owning the Virgin Media Hub 3.0
2 votes and 0 comments so far on Reddit
190 views
Netsec
CVE-2018-8626 | Windows DNS Server Heap Overflow Vulnerability
https://ift.tt/2Eiw1iI

Submitted December 13, 2018 at 01:03AM by wcon
via reddit https://ift.tt/2Puvkop
reddit
r/netsec - CVE-2018-8626 | Windows DNS Server Heap Overflow Vulnerability
5 votes and 2 comments so far on Reddit
191 views
Netsec
Password strength estimation in nonwestern languages - iacr eprint
https://ift.tt/2QvI936

Submitted December 13, 2018 at 12:31AM by ahazred8vt
via reddit https://ift.tt/2C9vVs9
reddit
r/netsec - Password strength estimation in nonwestern languages - iacr eprint
2 votes and 0 comments so far on Reddit
197 views
Netsec
Troubleshooting Obscure OpenSSH Failures
https://ift.tt/2RV6Kim

Submitted December 13, 2018 at 06:21AM by CameronNemo
via reddit https://ift.tt/2zTICG8
Pivotal Engineering Journal
Troubleshooting Obscure OpenSSH Failures
How an elusive CI (Continuous Integration) error led us to uncover a hidden man-in-the-middle ssh proxy.
202 views
Netsec
Locality Sensitive Fuzzy Hashing (in Golang)
https://ift.tt/2PA9Nui

Submitted December 13, 2018 at 02:08PM by glaslos
via reddit https://ift.tt/2G9PN2i
Medium
Locality Sensitive Fuzzy Hashing
Using hashes maximized for collision probability (in Golang)
201 views
Netsec
Pentesting with InSecure Chrome
https://ift.tt/2C9FO9p

Submitted December 13, 2018 at 07:30PM by sastdast
via reddit https://ift.tt/2LdG0Hw
jabbari.io
InSecure Chrome
This site is design to share my work with programming enthusists like me. My main focus is on software development and security
191 views
Netsec
Logitech Keyboard opens WebSocket server with no authentication - Google Project Zero
https://ift.tt/2BaMPoA

Submitted December 13, 2018 at 07:00PM by rcmaehl
via reddit https://ift.tt/2PBPzjS
reddit
r/netsec - Logitech Keyboard opens WebSocket server with no authentication - Google Project Zero
34 votes and 10 comments so far on Reddit
207 views
Netsec
Just Launched - Security Innovation Blockchain CTF V2
https://ift.tt/2rBQ2Je

Submitted December 13, 2018 at 09:04PM by mickayz
via reddit https://ift.tt/2Esywjf
Securityinnovation
Just Launched - Security Innovation Blockchain CTF V.2
Since we launched the Security Innovation Blockchain CTF, we have seen the demand for educational resources in the field of smart contract security increase. SI has recently launched V2 of our Blockchain CTF. We also formed a partnership with ConsenSys Diligence…
214 views
Netsec
Samsung Bug Allowed Full Takeover of User Accounts
https://ift.tt/2ryrAbZ

Submitted December 13, 2018 at 11:23PM by Fantastic_Fix
via reddit https://ift.tt/2UB3p9Y
InfoSec-IT
Samsung Bug Allowed Full Takeover of User Accounts | InfoSec-IT
Malicious users could have seized control over any Samsung account due to a recent vulnerability. By tricking users into a clicking on a malicious link. 
196 views
Netsec
Exploit | YARA Internals II: Bytecode
https://ift.tt/2QShSzp

Submitted December 13, 2018 at 10:23PM by bnbdr
via reddit https://ift.tt/2SMF7bo
https://bnbdr.github.io/
YARA Internals II: Bytecode
and how it can still be used to run arbitrary code
191 views
Netsec
IDORs (Insecure Direct Object Reference) over Fortify Software Security Center (SSC) 17.10, 17.20 & 18.10 (CVE-2018–7690, CVE-2018–7691)
https://ift.tt/2El0RqJ

Submitted December 13, 2018 at 12:40AM by alt3kx
via reddit https://ift.tt/2Etx6oF
Medium
IDORs (Insecure Direct Object Reference) over Fortify Software Security Center (SSC) 17.10, 17.20 & 18.10 (CVE-2018–7690, CVE-2018–7691)
Hello everyone, we continue disclosure some CVEs/exploits (0days) with specific software/hardware products. Few months ago during my…
198 views
Netsec
Hackers are Modern Witches
https://ift.tt/2A7JbfF

Submitted December 14, 2018 at 12:25PM by neverforgetdream
via reddit https://ift.tt/2Pxklup
reddit
r/netsec - Hackers are Modern Witches
0 votes and 4 comments so far on Reddit
179 views