Netsec – Telegram
Netsec
@RNetsec
7.49K subscribers
22.5K links
This channel posts the feed from r/netsec.
For any suggestions dm @streaak
Donate to keep the bot running https://www.paypal.me/akhilgv
Download Telegram
About
Blog
Apps
Platform
Join
Netsec
7.49K subscribers
Netsec
PKI as a Service with HashiCorp Vault
http://bit.ly/2G0945B

Submitted January 31, 2019 at 11:40PM by friendlytuna
via reddit http://bit.ly/2HJC9nh
Medium
PKI as a Service with HashiCorp Vault
Creating and renewing TLS certificates is a tedious and boring task when done manually. It can be automated by using Let’s Encrypt for…
239 views
Netsec
Exploiting the Magellan bug on 64-bit Chrome Desktop - Exodus Intelligence
http://bit.ly/2COUw4P

Submitted February 01, 2019 at 04:12AM by CuriousExploit
via reddit http://bit.ly/2Uvjzkj
Exodus Intelligence
Exploiting the Magellan bug on 64-bit Chrome Desktop
In this post, we show how to reverse engineer the Magellan bug from the patch and exploit it on a 64bit desktop environment.
234 views
Netsec
The /r/netsec Monthly Discussion Thread - February 2019
OverviewQuestions regarding netsec and discussion related directly to netsec are welcome here.Rules & GuidelinesAlways maintain civil discourse. Be awesome to one another - moderator intervention will occur if necessary.Avoid NSFW content unless absolutely necessary. If used, mark it as being NSFW. If left unmarked, the comment will be removed entirely.If linking to classified content, mark it as such. If left unmarked, the comment will be removed entirely.Avoid use of memes. If you have something to say, say it with real words.All discussions and questions should directly relate to netsec.No tech support is to be requested or provided on /r/netsec.As always, the content & discussion guidelines should also be observed on /r/netsec.FeedbackFeedback and suggestions are welcome, but don't post it here. Please send it to the moderator inbox.

Submitted February 01, 2019 at 10:06AM by AutoModerator
via reddit http://bit.ly/2CZy60t
Reddit
Technical Information Security Content & Discussion
/r/netsec is a community-curated aggregator of technical information security content. Our mission is to extract signal from the noise — to provide value to security practitioners, students, researchers, and hackers everywhere.
249 views
Netsec
Libreoffice (CVE-2018-16858) - Remote Code Execution via Macro/Event execution
http://bit.ly/2Da3gTh

Submitted February 01, 2019 at 07:16PM by albinowax
via reddit http://bit.ly/2WCsEcS
Blogspot
Libreoffice (CVE-2018-16858) - Remote Code Execution via Macro/Event execution
I started to have a look at Libreoffice and discovered a way to achieve remote code execution as soon as a user opens a malicious ODT file...
300 views
Netsec
Rinnegan - A distributed tracer for blackbox systems
http://bit.ly/2G488gu

Submitted February 01, 2019 at 07:33PM by tunnelshade
via reddit http://bit.ly/2UyIq6O
reddit
r/netsec - Rinnegan - A distributed tracer for blackbox systems
4 votes and 0 comments so far on Reddit
234 views
Netsec
ActiveX Exploitation in 2019 :: Instantiation is not Scripting
http://bit.ly/2G6F8EO

Submitted February 01, 2019 at 08:18PM by cbolat
via reddit http://bit.ly/2Usq5Z8
srcincite.io
ActiveX Exploitation in 2019 :: Instantiation is not Scripting
But didn’t Microsoft kill ActiveX? I hear you asking. Well they almost did. As most security practitioners know, ActiveX has had a long history of exploitati...
217 views
Netsec
Introduction to Network Protocol Fuzzing & Buffer Overflow Exploitation
http://bit.ly/2S4XOeD

Submitted February 01, 2019 at 08:03PM by Jwborc39963
via reddit http://bit.ly/2G6Bfjc
./own.sh
Introduction to Network Protocol Fuzzing & Buffer Overflow Exploitation
In this article we will introduce the fundamentals of discovering and exploiting buffer overflow vulnerabilities in Windows applications.
238 views
Netsec
Announced device Ledger Nano X on January, available for pre-order on March.
http://bit.ly/2G4KIaW

Submitted February 01, 2019 at 10:12PM by mdansarul
via reddit http://bit.ly/2BdWZFY
Ledger
Ledger Nano X - Secure your crypto
Make sure your crypto assets are safe anywhere you go with our most advanced hardware wallet yet. The Ledger Nano X is a bluetooth enabled secure device that stores your private keys and offers an easy-to-use experience for crypto owners.
219 views
Netsec
Bypass AppLocker as an Admin
http://bit.ly/2WBBlEk

Submitted February 01, 2019 at 11:23PM by oddvarmoe
via reddit http://bit.ly/2G4Mbhh
Oddvar Moe's Blog
Bypassing AppLocker as an admin
I thought it would be useful to have a blog post about two different techniques you can use to bypass AppLocker if you are an admin on a host that has AppLocker enabled. The first technique that us…
228 views
Netsec
Apple will issue Group FaceTime patch next week.
http://bit.ly/2S1ctY8

Submitted February 02, 2019 at 01:52AM by skoomski
via reddit http://bit.ly/2TyBuXa
9to5Mac
Apple says iOS fix for Group FaceTime bug now coming next week, issues apology
Apple has today released an update on the FaceTime eavesdropping bug and offered an apology. The company says it has patched the flaw on its servers and will roll out an update to iOS users next we…
220 views
Netsec
Vulnerabilities in Tightrope Media Systems Carousel digital signage platform (3 CVEs)
http://bit.ly/2sYoTRD

Submitted February 02, 2019 at 05:33AM by agreenbhm
via reddit http://bit.ly/2UBkXSO
Drew Green's Tech Blog
Vulnerabilities in Tightrope Media Systems Carousel <=7.0.4.104 (and likely newer)
While on a recent penetration test, I discovered a digital signage system made by Tightrope Media Systems (TRMS). The client was using this software on an appliance provided by TRMS which was essen…
231 views
Netsec
"A fresh look on reverse proxy related attacks" by @antyurin
http://bit.ly/2HL3vcP

Submitted February 02, 2019 at 05:26AM by HDKramer
via reddit http://bit.ly/2MPtJKg
Acunetix
A Fresh Look On Reverse Proxy Related Attacks | Acunetix
The goal of this research is to portray the bigger picture of potential attacks on a reverse proxy or the backend servers behind it. In the main part of the article, I will show some examples of vulnerable configurations and exploitation of attacks on various…
241 views
Netsec
Various Google Play ‘Beauty Camera’ Apps Send Users Pornographic Content, Redirect Them to Phishing Websites and Collect Their Pictures
http://bit.ly/2sXempI

Submitted February 02, 2019 at 03:22PM by Titokhan
via reddit http://bit.ly/2BcUKm4
Trendmicro
Various Google Play 'Beauty Camera' Apps Send Users Pornographic Content, Redirect Them to Phishing Websites and Collect Their…
We discovered several beauty camera apps (detected as AndroidOS_BadCamera.HRX) on Google Play that are capable of accessing remote ad configuration servers that can be used for malicious purposes.
307 views
Netsec
APT32/OceanLotus sample: d592b06f9d112c8650091166c19ea05a
http://bit.ly/2D8N4RU

Submitted February 02, 2019 at 07:28PM by m_edmondson
via reddit http://bit.ly/2D2QK80
Marcus Edmondson | Malware Analysis | Security Analytics
APT 32/OceanLotus – Sample:D592B06F9D112C8650091166C19EA05A
Today I wanted to do a post on a sample that I pulled down from 0xffff0800 website here. It is just a quick behavioral analysis in order to rip out some IOC’s for quick wins. A little backgro…
261 views
Netsec
Hack The Box - Dab write-up by 0xRick
http://bit.ly/2RBJJjE

Submitted February 02, 2019 at 08:21PM by Ahm3d_H3sham
via reddit http://bit.ly/2TuKo8g
0xRick Owned Root !
Hack The Box - Dab
Quick Summary Hey guys today dab retired and this is my write-up. Dab was a nice box ,A hard one but it had some funny stuff too , getting user was really annoying because it had a lot of rabbit holes. Root was much better. It’s a linux box and it’s ip is…
271 views
Netsec
Confusing the data miners is important.
http://bit.ly/2HOPOK1

Submitted February 02, 2019 at 11:40PM by wavetranscender
via reddit http://bit.ly/2t3JqnU
reddit
r/Rat_Race_Exit - Confusing the data miners is important.
1 vote and 1 comment so far on Reddit
272 views
Netsec
Docker and Visual Studio Code on a Chromebook
http://bit.ly/2G88yCv

Submitted February 03, 2019 at 06:37PM by kev-thehermit
via reddit http://bit.ly/2D50MFu
techanarchy.net
Dev Tools on a Chromebook | TechAnarchy
Just another DFIR Blog
244 views
Netsec
Interlace: Easily Automate and Multithread Your Pentesting + Bounty Hunting Workflow Without Any Coding
http://bit.ly/2SoA4Bn

Submitted February 03, 2019 at 07:07PM by hakluke
via reddit http://bit.ly/2GqI3Yv
Medium
Interlace: A Tool to Easily Automate and Multithread Your Pentesting & Bug Bounty Workflow Without Any Coding
Before we start, I need to get something off my chest. I’m an efficiency junkie. I’m one of those people who spends 4 hours configuring…
267 views
Netsec
The strange case of the Jekyll and Hyde PDF
http://bit.ly/2G8TfcP

Submitted February 03, 2019 at 11:01PM by alech_de
via reddit http://bit.ly/2D2CQ5E
reddit
r/netsec - The strange case of the Jekyll and Hyde PDF
3 votes and 0 comments so far on Reddit
244 views
Netsec
Scams, American Express, and obfuscated Javanoscript
http://bit.ly/2Tu9Pab

Submitted February 04, 2019 at 01:20AM by JonLuca
via reddit http://bit.ly/2BhY2o1
JonLuca’s Blog
Scams, American Express, and obfuscated Javanoscript
Whenever I get a scam email that manages to circumvent both my and gmail’s email filters, I like to take a closer look at how it did it and what it’s trying to accomplish.
268 views
Netsec
Obfuscated javanoscript, scam emails, and American Express
http://bit.ly/2Tu9Pab

Submitted February 04, 2019 at 09:04AM by JonLuca
via reddit http://bit.ly/2WFf0G0
JonLuca’s Blog
Scams, American Express, and obfuscated Javanoscript
Whenever I get a scam email that manages to circumvent both my and gmail’s email filters, I like to take a closer look at how it did it and what it’s trying to accomplish.
250 views