Cyberbullying is worringly rising in Spain
https://ift.tt/2RThxK7
Submitted December 12, 2018 at 06:29PM by jpjourno
via reddit https://ift.tt/2Qt3tKD
https://ift.tt/2RThxK7
Submitted December 12, 2018 at 06:29PM by jpjourno
via reddit https://ift.tt/2Qt3tKD
Centre de Seguretat de la Informació de Catalunya
El civismo en la red
Cuarto eje de la campaña 'Practica els hàbits cibersaludables'
From blind XXE to root-level file read access
https://ift.tt/2EgZPfB
Submitted December 12, 2018 at 07:16PM by albinowax
via reddit https://ift.tt/2rzxWI2
https://ift.tt/2EgZPfB
Submitted December 12, 2018 at 07:16PM by albinowax
via reddit https://ift.tt/2rzxWI2
Honoki
From blind XXE to root-level file read access
Polyphemus, by Johann Heinrich Wilhelm Tischbein, 1802 (Landesmuseum Oldenburg) On a recent bug bounty adventure, I came across an XML endpoint that responded interestingly to attempted XXE exploit…
IKOS 2.1: an open source static analyzer for C and C++
https://ift.tt/2Gd1HZr
Submitted December 12, 2018 at 07:54PM by makeshift8
via reddit https://ift.tt/2PyxKSJ
https://ift.tt/2Gd1HZr
Submitted December 12, 2018 at 07:54PM by makeshift8
via reddit https://ift.tt/2PyxKSJ
reddit
r/C_Programming - IKOS 2.1: an open source static analyzer for C and C++
30 votes and 8 comments so far on Reddit
How we discovered over 50 critical vulnerabilities in Adobe Reader in 50 days.
https://ift.tt/2Gf2hFY
Submitted December 12, 2018 at 08:59PM by ynvb
via reddit https://ift.tt/2rznznC
https://ift.tt/2Gf2hFY
Submitted December 12, 2018 at 08:59PM by ynvb
via reddit https://ift.tt/2rznznC
Check Point Research
50 CVEs in 50 Days: Fuzzing Adobe Reader - Check Point Research
A Fuzzing Drill Hits the Motherlode Research By: Yoav Alon, Netanel Ben-Simon Introduction The year 2017 was an inflection point in the vulnerability landscape. The number of new vulnerabilities reported that year was around 14,000, which is over twice the…
GitHub - NASA-SW-VnV/ikos: Static analyzer for C/C++ based on the theory of Abstract Interpretation.
https://ift.tt/2PAWlXr
Submitted December 12, 2018 at 08:28PM by makeshift8
via reddit https://ift.tt/2QLJWEx
https://ift.tt/2PAWlXr
Submitted December 12, 2018 at 08:28PM by makeshift8
via reddit https://ift.tt/2QLJWEx
GitHub
NASA-SW-VnV/ikos
Static analyzer for C/C++ based on the theory of Abstract Interpretation. - NASA-SW-VnV/ikos
Owning the Virgin Media Hub 3.0
https://ift.tt/2RVxteM
Submitted December 12, 2018 at 10:45PM by digicat
via reddit https://ift.tt/2zUmV8K
https://ift.tt/2RVxteM
Submitted December 12, 2018 at 10:45PM by digicat
via reddit https://ift.tt/2zUmV8K
reddit
r/netsec - Owning the Virgin Media Hub 3.0
2 votes and 0 comments so far on Reddit
CVE-2018-8626 | Windows DNS Server Heap Overflow Vulnerability
https://ift.tt/2Eiw1iI
Submitted December 13, 2018 at 01:03AM by wcon
via reddit https://ift.tt/2Puvkop
https://ift.tt/2Eiw1iI
Submitted December 13, 2018 at 01:03AM by wcon
via reddit https://ift.tt/2Puvkop
reddit
r/netsec - CVE-2018-8626 | Windows DNS Server Heap Overflow Vulnerability
5 votes and 2 comments so far on Reddit
Password strength estimation in nonwestern languages - iacr eprint
https://ift.tt/2QvI936
Submitted December 13, 2018 at 12:31AM by ahazred8vt
via reddit https://ift.tt/2C9vVs9
https://ift.tt/2QvI936
Submitted December 13, 2018 at 12:31AM by ahazred8vt
via reddit https://ift.tt/2C9vVs9
reddit
r/netsec - Password strength estimation in nonwestern languages - iacr eprint
2 votes and 0 comments so far on Reddit
Troubleshooting Obscure OpenSSH Failures
https://ift.tt/2RV6Kim
Submitted December 13, 2018 at 06:21AM by CameronNemo
via reddit https://ift.tt/2zTICG8
https://ift.tt/2RV6Kim
Submitted December 13, 2018 at 06:21AM by CameronNemo
via reddit https://ift.tt/2zTICG8
Pivotal Engineering Journal
Troubleshooting Obscure OpenSSH Failures
How an elusive CI (Continuous Integration) error led us to uncover a hidden man-in-the-middle ssh proxy.
Locality Sensitive Fuzzy Hashing (in Golang)
https://ift.tt/2PA9Nui
Submitted December 13, 2018 at 02:08PM by glaslos
via reddit https://ift.tt/2G9PN2i
https://ift.tt/2PA9Nui
Submitted December 13, 2018 at 02:08PM by glaslos
via reddit https://ift.tt/2G9PN2i
Medium
Locality Sensitive Fuzzy Hashing
Using hashes maximized for collision probability (in Golang)
Pentesting with InSecure Chrome
https://ift.tt/2C9FO9p
Submitted December 13, 2018 at 07:30PM by sastdast
via reddit https://ift.tt/2LdG0Hw
https://ift.tt/2C9FO9p
Submitted December 13, 2018 at 07:30PM by sastdast
via reddit https://ift.tt/2LdG0Hw
jabbari.io
InSecure Chrome
This site is design to share my work with programming enthusists like me. My main focus is on software development and security
Logitech Keyboard opens WebSocket server with no authentication - Google Project Zero
https://ift.tt/2BaMPoA
Submitted December 13, 2018 at 07:00PM by rcmaehl
via reddit https://ift.tt/2PBPzjS
https://ift.tt/2BaMPoA
Submitted December 13, 2018 at 07:00PM by rcmaehl
via reddit https://ift.tt/2PBPzjS
reddit
r/netsec - Logitech Keyboard opens WebSocket server with no authentication - Google Project Zero
34 votes and 10 comments so far on Reddit
Just Launched - Security Innovation Blockchain CTF V2
https://ift.tt/2rBQ2Je
Submitted December 13, 2018 at 09:04PM by mickayz
via reddit https://ift.tt/2Esywjf
https://ift.tt/2rBQ2Je
Submitted December 13, 2018 at 09:04PM by mickayz
via reddit https://ift.tt/2Esywjf
Securityinnovation
Just Launched - Security Innovation Blockchain CTF V.2
Since we launched the Security Innovation Blockchain CTF, we have seen the demand for educational resources in the field of smart contract security increase. SI has recently launched V2 of our Blockchain CTF. We also formed a partnership with ConsenSys Diligence…
Samsung Bug Allowed Full Takeover of User Accounts
https://ift.tt/2ryrAbZ
Submitted December 13, 2018 at 11:23PM by Fantastic_Fix
via reddit https://ift.tt/2UB3p9Y
https://ift.tt/2ryrAbZ
Submitted December 13, 2018 at 11:23PM by Fantastic_Fix
via reddit https://ift.tt/2UB3p9Y
InfoSec-IT
Samsung Bug Allowed Full Takeover of User Accounts | InfoSec-IT
Malicious users could have seized control over any Samsung account due to a recent vulnerability. By tricking users into a clicking on a malicious link.
Exploit | YARA Internals II: Bytecode
https://ift.tt/2QShSzp
Submitted December 13, 2018 at 10:23PM by bnbdr
via reddit https://ift.tt/2SMF7bo
https://ift.tt/2QShSzp
Submitted December 13, 2018 at 10:23PM by bnbdr
via reddit https://ift.tt/2SMF7bo
https://bnbdr.github.io/
YARA Internals II: Bytecode
and how it can still be used to run arbitrary code
IDORs (Insecure Direct Object Reference) over Fortify Software Security Center (SSC) 17.10, 17.20 & 18.10 (CVE-2018–7690, CVE-2018–7691)
https://ift.tt/2El0RqJ
Submitted December 13, 2018 at 12:40AM by alt3kx
via reddit https://ift.tt/2Etx6oF
https://ift.tt/2El0RqJ
Submitted December 13, 2018 at 12:40AM by alt3kx
via reddit https://ift.tt/2Etx6oF
Medium
IDORs (Insecure Direct Object Reference) over Fortify Software Security Center (SSC) 17.10, 17.20 & 18.10 (CVE-2018–7690, CVE-2018–7691)
Hello everyone, we continue disclosure some CVEs/exploits (0days) with specific software/hardware products. Few months ago during my…
Hackers are Modern Witches
https://ift.tt/2A7JbfF
Submitted December 14, 2018 at 12:25PM by neverforgetdream
via reddit https://ift.tt/2Pxklup
https://ift.tt/2A7JbfF
Submitted December 14, 2018 at 12:25PM by neverforgetdream
via reddit https://ift.tt/2Pxklup
reddit
r/netsec - Hackers are Modern Witches
0 votes and 4 comments so far on Reddit
BSides Columbus 2019 (01Mar2019) CFP (and general registration) is open
https://ift.tt/2BgpguI
Submitted December 14, 2018 at 10:39AM by SnarkyMoo
via reddit https://ift.tt/2QtjPCW
https://ift.tt/2BgpguI
Submitted December 14, 2018 at 10:39AM by SnarkyMoo
via reddit https://ift.tt/2QtjPCW
reddit
r/netsec - BSides Columbus 2019 (01Mar2019) CFP (and general registration) is open
1 vote and 0 comments so far on Reddit
Exploiting XXE with local DTD files. Get output from your blind XXE.
https://ift.tt/2QUJwf2
Submitted December 14, 2018 at 03:06PM by kavmax
via reddit https://ift.tt/2UJzvk7
https://ift.tt/2QUJwf2
Submitted December 14, 2018 at 03:06PM by kavmax
via reddit https://ift.tt/2UJzvk7
Mohemiv
Exploiting XXE with local DTD files
This little technique can force your blind XXE to output anything you want!
Binder transactions in the bowels of the Linux Kernel
https://ift.tt/2CdFXZr
Submitted December 14, 2018 at 02:50PM by mabote
via reddit https://ift.tt/2Elz21v
https://ift.tt/2CdFXZr
Submitted December 14, 2018 at 02:50PM by mabote
via reddit https://ift.tt/2Elz21v
reddit
r/netsec - Binder transactions in the bowels of the Linux Kernel
3 votes and 1 comment so far on Reddit
How I got a $3k bug bounty from Twitter
https://ift.tt/2Gft3ht
Submitted December 14, 2018 at 05:58PM by edent
via reddit https://ift.tt/2ULjdXG
https://ift.tt/2Gft3ht
Submitted December 14, 2018 at 05:58PM by edent
via reddit https://ift.tt/2ULjdXG
Terence Eden's Blog
$3k Bug Bounty - Twitter's OAuth Mistakes
Imagine the scenario. You’re trying out some cool new Twitter app. It asks you to sign in via OAuth as per usual. You look through the permissions – phew – it doesn’t want t…