Buffer Overflow Practical Examples , metasploit , gdb and objdump !
http://bit.ly/2LXrq7l
Submitted January 08, 2019 at 07:18PM by Ahm3d_H3sham
via reddit http://bit.ly/2AAqpNT
http://bit.ly/2LXrq7l
Submitted January 08, 2019 at 07:18PM by Ahm3d_H3sham
via reddit http://bit.ly/2AAqpNT
0xRick Owned Root !
Buffer Overflow Practical Examples , metasploit , gdb and objdump ! - protostar stack3
Introduction Hey I’m back again with another article , today I’m going to solve protostar stack3 but this time it’s going to be a bit different , In the last two articles I solved stack0 , stack1 and stack2 and I used the source code of the binaries to identify…
Engineering Security (2014) by Peter Guttman
http://bit.ly/1itm1mL
Submitted January 08, 2019 at 10:34PM by nickpsecurity
via reddit http://bit.ly/2LWLfvy
http://bit.ly/1itm1mL
Submitted January 08, 2019 at 10:34PM by nickpsecurity
via reddit http://bit.ly/2LWLfvy
Reddit
From the netsec community on Reddit: Engineering Security (2014) by Peter Guttman
Posted by nickpsecurity - 24 votes and 3 comments
Adware Disguised as Game, TV, Remote Control Apps Infect 9 Million Google Play Users
http://bit.ly/2Tvfaxk
Submitted January 08, 2019 at 10:16PM by EvanConover
via reddit http://bit.ly/2shmGQY
http://bit.ly/2Tvfaxk
Submitted January 08, 2019 at 10:16PM by EvanConover
via reddit http://bit.ly/2shmGQY
Trendmicro
Adware Disguised as Game, TV, Remote Control Apps Infect 9 Million Google Play Users - TrendLabs Security Intelligence Blog
We recently discovered an active adware family (AndroidOS_HidenAd) disguised as 85 apps on the Google Play store with a total of 9 million downloads.
LeakLooker — Find open databases in a second
http://bit.ly/2sitr56
Submitted January 08, 2019 at 11:21PM by Mysterii8
via reddit http://bit.ly/2CbmfvW
http://bit.ly/2sitr56
Submitted January 08, 2019 at 11:21PM by Mysterii8
via reddit http://bit.ly/2CbmfvW
Medium
LeakLooker — Find open databases in a second
TL;DR With LeakLooker you can find publicly open MongoDB, CouchDB and Elasticsearch database, it also includes Kibana instances. Script…
TCP SYN Packet Denial Of Service Vulnerability on the WIFI interface of Samsung devices
http://bit.ly/2wKYQzU
Submitted January 08, 2019 at 11:20PM by hemorro
via reddit http://bit.ly/2Rknljp
http://bit.ly/2wKYQzU
Submitted January 08, 2019 at 11:20PM by hemorro
via reddit http://bit.ly/2Rknljp
reddit
r/netsec - TCP SYN Packet Denial Of Service Vulnerability on the WIFI interface of Samsung devices
1 vote and 0 comments so far on Reddit
'Spoofing' Google Search results
http://bit.ly/2TD1P63
Submitted January 09, 2019 at 05:17AM by Wietze-
via reddit http://bit.ly/2FeiRV3
http://bit.ly/2TD1P63
Submitted January 09, 2019 at 05:17AM by Wietze-
via reddit http://bit.ly/2FeiRV3
www.wietzebeukema.nl
Spoofing Google Search results
Use of Deserialisation in .NET Framework Methods and Classes
http://bit.ly/2ABM08C
Submitted January 09, 2019 at 01:50PM by digicat
via reddit http://bit.ly/2SKL6Om
http://bit.ly/2ABM08C
Submitted January 09, 2019 at 01:50PM by digicat
via reddit http://bit.ly/2SKL6Om
OS Page Cache Attacks: new hardware-agnostic side-channel attack
http://bit.ly/2VAPdyt
Submitted January 09, 2019 at 01:48PM by CyberBullets
via reddit http://bit.ly/2RmAysg
http://bit.ly/2VAPdyt
Submitted January 09, 2019 at 01:48PM by CyberBullets
via reddit http://bit.ly/2RmAysg
RCE in Steam Chat
http://bit.ly/2Reqkd7
Submitted January 09, 2019 at 07:13PM by albinowax
via reddit http://bit.ly/2VH0dKo
http://bit.ly/2Reqkd7
Submitted January 09, 2019 at 07:13PM by albinowax
via reddit http://bit.ly/2VH0dKo
HackerOne
Valve disclosed on HackerOne: XSS in steam react chat client
# 1. Background
The Steam Chat client is a particularly interesting system to attack because it's built using a modern set of technologies with strong security characteristics.
It's built on...
The Steam Chat client is a particularly interesting system to attack because it's built using a modern set of technologies with strong security characteristics.
It's built on...
polkit: temporary auth hijacking via PID reuse and non-atomic fork - project-zero
http://bit.ly/2RH1sKw
Submitted January 09, 2019 at 07:08PM by danielkza
via reddit http://bit.ly/2QD5Ohq
http://bit.ly/2RH1sKw
Submitted January 09, 2019 at 07:08PM by danielkza
via reddit http://bit.ly/2QD5Ohq
reddit
r/netsec - polkit: temporary auth hijacking via PID reuse and non-atomic fork - project-zero
1 vote and 0 comments so far on Reddit
RCE On Your Build Server: Gradle Plugin Portal: Clickjacking & Cross-Site Request Forgery enabling Account Takeover
http://bit.ly/2ACqP6m
Submitted January 09, 2019 at 07:50PM by Fido488
via reddit http://bit.ly/2sgxXAW
http://bit.ly/2ACqP6m
Submitted January 09, 2019 at 07:50PM by Fido488
via reddit http://bit.ly/2sgxXAW
Medium
Gradle Plugin Portal: Clickjacking & Cross-Site Request Forgery enabling Account Takeover
Two security vulnerabilities in the Gradle Plugin Portal would have allowed any website to change the username, email & password of any…
5 Best VPN Services with free Trials while torrenting or pirating.
http://bit.ly/2AFI3zZ
Submitted January 09, 2019 at 09:33PM by asa25640
via reddit http://bit.ly/2TEIEc3
http://bit.ly/2AFI3zZ
Submitted January 09, 2019 at 09:33PM by asa25640
via reddit http://bit.ly/2TEIEc3
AndowMac
5 Best VPN Services in 2019 Chosen by Users (Updated January 2019) - AndowMac
11 VPN also known as Virtual Private Network is the best way to surf the internet anonymously without revealing any
Trammell Hudson - Modchips of the State
http://bit.ly/2Fl8r5w
Submitted January 09, 2019 at 09:54PM by liotier
via reddit http://bit.ly/2Fjfix0
http://bit.ly/2Fl8r5w
Submitted January 09, 2019 at 09:54PM by liotier
via reddit http://bit.ly/2Fjfix0
reddit
r/netsec - Trammell Hudson - Modchips of the State
2 votes and 0 comments so far on Reddit
A Policy Based Approach to Docker Security and Compliance
http://bit.ly/2CaxiWd
Submitted January 09, 2019 at 11:58PM by weighanchore
via reddit http://bit.ly/2RnHtkY
http://bit.ly/2CaxiWd
Submitted January 09, 2019 at 11:58PM by weighanchore
via reddit http://bit.ly/2RnHtkY
Anchore
A Policy Based Approach to Container Security and Compliance
At Anchore, we take a preventative, policy-based compliance approach, specific to organizational needs. Our philosophy of scanning and evaluating Docker images against user-defined policies as early as possible in the development lifecycle, greatly reduces…
2FA Can Be Bypassed with New Tool
http://bit.ly/2FhRrO2
Submitted January 09, 2019 at 11:56PM by Fantastic_Fix
via reddit http://bit.ly/2QACTKS
http://bit.ly/2FhRrO2
Submitted January 09, 2019 at 11:56PM by Fantastic_Fix
via reddit http://bit.ly/2QACTKS
InfoSec-IT
2FA Can Be Bypassed with New Tool | InfoSec-IT
2 Factor Authentication may not be as secure as you think, as a new tool has been released that can bypass the security feature.
PacketFence v8.3 is out! Clickatell support, spoofing detection based on device profiling and see what's coming up in v9!
http://bit.ly/2LZPwhH
Submitted January 10, 2019 at 01:28AM by extrafu
via reddit http://bit.ly/2QzTvSO
http://bit.ly/2LZPwhH
Submitted January 10, 2019 at 01:28AM by extrafu
via reddit http://bit.ly/2QzTvSO
reddit
r/netsec - PacketFence v8.3 is out! Clickatell support, spoofing detection based on device profiling and see what's coming up in…
2 votes and 1 comment so far on Reddit
RCE via DHCP in Windows
http://bit.ly/2TCwvVe
Submitted January 10, 2019 at 02:44AM by jeffrossisfat
via reddit http://bit.ly/2CZb3nH
http://bit.ly/2TCwvVe
Submitted January 10, 2019 at 02:44AM by jeffrossisfat
via reddit http://bit.ly/2CZb3nH
reddit
r/netsec - RCE via DHCP in Windows
1 vote and 1 comment so far on Reddit
Circumventing Limited Visibility in Detection Engineering
http://bit.ly/2RCYpDi
Submitted January 10, 2019 at 03:06AM by beaulambeau
via reddit http://bit.ly/2RnZZK0
http://bit.ly/2RCYpDi
Submitted January 10, 2019 at 03:06AM by beaulambeau
via reddit http://bit.ly/2RnZZK0
Red Canary
How To Detect Cybersecurity Threats with Limited Visibility
Security tools have limited visibility, but you can work around endpoint detection and response (EDR) and other tooling limitations with these tips.
System Down: a systemd-journald exploit
http://bit.ly/2RmCkt9
Submitted January 10, 2019 at 10:40AM by 0xdea
via reddit http://bit.ly/2FlVM2S
http://bit.ly/2RmCkt9
Submitted January 10, 2019 at 10:40AM by 0xdea
via reddit http://bit.ly/2FlVM2S
Chinese Criminals pull off an Italian Job...
http://bit.ly/2ADogkG
Submitted January 10, 2019 at 12:59PM by Taur3an
via reddit http://bit.ly/2FkUBjw
http://bit.ly/2ADogkG
Submitted January 10, 2019 at 12:59PM by Taur3an
via reddit http://bit.ly/2FkUBjw
The Economic Times
How Chinese hackers pulled off the Italian con job, a Rs 130-crore heist
The hackers sent spoofed emails of group CEO and held fake conference calls to fool India head of Italian company Tecnimont SpA.
Top 10 GDPR Violations and Incidents of 2018
http://bit.ly/2VFL9Nb
Submitted January 10, 2019 at 06:40PM by KeyDutch
via reddit http://bit.ly/2FjleWI
http://bit.ly/2VFL9Nb
Submitted January 10, 2019 at 06:40PM by KeyDutch
via reddit http://bit.ly/2FjleWI
Htbridge
Top 10 GDPR Violations and Incidents of 2018
A brief overview of the most important security and privacy incidents that may have serious GDPR ramifications.