Major Security Breach Found in Hospital and Supermarket Refrigeration Systems
http://bit.ly/2SjPuYA
Submitted February 09, 2019 at 05:59AM by westondeboer
via reddit http://bit.ly/2GxuJkX
http://bit.ly/2SjPuYA
Submitted February 09, 2019 at 05:59AM by westondeboer
via reddit http://bit.ly/2GxuJkX
Safety Detective
Major Security Breach Found in Hospital and Supermarket Refrigeration Systems
Major security breach uncovered in temperature control system of hospital and supermarket chains including Marks & Spencer, Ocado, Way-on, and others.
The story behind a feature in Windows called ASLR (Address Space Layout Randomization)
http://bit.ly/2RLoewZ
Submitted February 09, 2019 at 09:47AM by Titokhan
via reddit http://bit.ly/2tgOXr6
http://bit.ly/2RLoewZ
Submitted February 09, 2019 at 09:47AM by Titokhan
via reddit http://bit.ly/2tgOXr6
Threadreaderapp
Thread by @JohnLaTwC: "Story time. This one is about a feature in Windows called ASLR. It was 2005. We were working on Windows…
Thread by @JohnLaTwC: "Story time. This one is about a feature in Windows called ASLR. It was 2005. We were working on Windows Vista. Most re the release with the maligned User Account Control feature. For us in Trustworthy Computing it was the first […]"
Article: Best practices to consider before deploying a network virtual appliance on Azure
http://bit.ly/2E0KjDX
Submitted February 09, 2019 at 01:44PM by shehackspurple
via reddit http://bit.ly/2SCHBwr
http://bit.ly/2E0KjDX
Submitted February 09, 2019 at 01:44PM by shehackspurple
via reddit http://bit.ly/2SCHBwr
Microsoft
Best practices to consider before deploying a network virtual appli…
A network virtual appliance (NVA) is a virtual appliance primarily focused on network functions virtualization. A typical network virtual appliance involves various layers of four to seven function…
Hack The Box - Ypuffy write-up by 0xRick
http://bit.ly/2N16mxm
Submitted February 09, 2019 at 08:22PM by Ahm3d_H3sham
via reddit http://bit.ly/2TDhWB6
http://bit.ly/2N16mxm
Submitted February 09, 2019 at 08:22PM by Ahm3d_H3sham
via reddit http://bit.ly/2TDhWB6
0xRick Owned Root !
Hack The Box - Ypuffy
Quick Summary Hey guys today Ypuffy retired and this is my write-up. This box is a little different from the other boxes. It’s not windows or linux , it’s running openbsd which is a unix-like system. I really liked the privilege escalation in this box because…
Gorsair, a tool to remotely access exposed the Docker API of vulnerable Docker containers
http://bit.ly/2Snckyf
Submitted February 09, 2019 at 11:46PM by Ullaakut
via reddit http://bit.ly/2GvKAR4
http://bit.ly/2Snckyf
Submitted February 09, 2019 at 11:46PM by Ullaakut
via reddit http://bit.ly/2GvKAR4
GitHub
Ullaakut/Gorsair
Gorsair hacks its way into remote docker containers that expose their APIs. - Ullaakut/Gorsair
I scanned the whole country of Austria and this is what I've found
http://bit.ly/2RO53m5
Submitted February 10, 2019 at 01:42AM by _vavkamil_
via reddit http://bit.ly/2BtdnCu
http://bit.ly/2RO53m5
Submitted February 10, 2019 at 01:42AM by _vavkamil_
via reddit http://bit.ly/2BtdnCu
I scanned the whole country of Austria and this is what I've found
Personal blog of Christian Haschek
Evil Twin Attack - The Definitive Guide (Updated 2019)
http://bit.ly/2MWWCnJ
Submitted February 10, 2019 at 03:28AM by i_rsX
via reddit http://bit.ly/2RPTcE3
http://bit.ly/2MWWCnJ
Submitted February 10, 2019 at 03:28AM by i_rsX
via reddit http://bit.ly/2RPTcE3
rootsh3ll
Evil Twin Attack [The Definitive Guide] (Updated 2019)
A step-by-step guide to learn how to hack WiFi passwords (WEP/ WPA2/ WPS) in plain-text using the Evil Twin attack method
Guide for IR policies, plans, and more
http://bit.ly/2WLATDE
Submitted February 10, 2019 at 08:10AM by AllUrRootRBelong2Me
via reddit http://bit.ly/2SlYZ9n
http://bit.ly/2WLATDE
Submitted February 10, 2019 at 08:10AM by AllUrRootRBelong2Me
via reddit http://bit.ly/2SlYZ9n
Google Docs
SecKC - IR Manual (Draft).pdf
CANalyzat0r: Security analysis toolkit for proprietary car protocols
http://bit.ly/2RSPUzN
Submitted February 10, 2019 at 09:55PM by Titokhan
via reddit http://bit.ly/2MW4l5k
http://bit.ly/2RSPUzN
Submitted February 10, 2019 at 09:55PM by Titokhan
via reddit http://bit.ly/2MW4l5k
GitHub
schutzwerk/CANalyzat0r
Security analysis toolkit for proprietary car protocols - schutzwerk/CANalyzat0r
Checking Firewall Equivalence with Z3
http://bit.ly/2WU7jft
Submitted February 11, 2019 at 03:56AM by maslen
via reddit http://bit.ly/2SqA054
http://bit.ly/2WU7jft
Submitted February 11, 2019 at 03:56AM by maslen
via reddit http://bit.ly/2SqA054
Medium
Checking Firewall Equivalence with Z3
Lessons I’ve learned from software engineering are uniformly cynical:
[Cfrg] Structure in the S-box of the Russian algorithms (RFC 6986, RFC 7801)
http://bit.ly/2TKFC6I
Submitted February 11, 2019 at 02:06PM by xaocuc
via reddit http://bit.ly/2SFURAv
http://bit.ly/2TKFC6I
Submitted February 11, 2019 at 02:06PM by xaocuc
via reddit http://bit.ly/2SFURAv
First Android Clipper found on Google Play
http://bit.ly/2SIhXGG
Submitted February 11, 2019 at 01:57PM by lukasstefanko
via reddit http://bit.ly/2MXb2Ee
http://bit.ly/2SIhXGG
Submitted February 11, 2019 at 01:57PM by lukasstefanko
via reddit http://bit.ly/2MXb2Ee
Lukas Stefanko
Android Clipper found on Google Play | video demo - Lukas Stefanko
The first Android Trojan Clipper - that exchanges cryptocurrency address in copied clipboard - was discovered on Google Play.
7 things to do on Clean Out Your Computer Day 2019
http://bit.ly/2DpRNio
Submitted February 11, 2019 at 02:42PM by HenryArchippus
via reddit http://bit.ly/2UMnwBs
http://bit.ly/2DpRNio
Submitted February 11, 2019 at 02:42PM by HenryArchippus
via reddit http://bit.ly/2UMnwBs
Medium
7 things to do on Clean Out Your Computer Day 2019
It’s National Clean Out Your Computer Day, and I want to help you celebrate it by rolling up your sleeves and getting to work. It’s a…
DNSGrep — Quickly Searching Large DNS Datasets
http://bit.ly/2MZP4k9
Submitted February 11, 2019 at 04:12PM by albinowax
via reddit http://bit.ly/2SFJJDP
http://bit.ly/2MZP4k9
Submitted February 11, 2019 at 04:12PM by albinowax
via reddit http://bit.ly/2SFJJDP
reddit
r/netsec - DNSGrep — Quickly Searching Large DNS Datasets
1 vote and 0 comments so far on Reddit
New vulnerability in runc allows container escape, root-level code execution in Docker
http://bit.ly/2N25Rmp
Submitted February 11, 2019 at 09:09PM by eagle2120
via reddit http://bit.ly/2SLokcg
http://bit.ly/2N25Rmp
Submitted February 11, 2019 at 09:09PM by eagle2120
via reddit http://bit.ly/2SLokcg
seclists.org
oss-sec: CVE-2019-5736: runc container breakout (all versions)
Sorry, Adobe Reader, We're Not Letting You Phone Home Without User's Consent (0day)
http://bit.ly/2TQqFjm
Submitted February 11, 2019 at 10:01PM by dielel
via reddit http://bit.ly/2Bvdygt
http://bit.ly/2TQqFjm
Submitted February 11, 2019 at 10:01PM by dielel
via reddit http://bit.ly/2Bvdygt
0Patch
Sorry, Adobe Reader, We're Not Letting You Phone Home Without User's Consent (0day)
by Mitja Kolsek, the 0patch Team Today we'll look at a fairly simple vulnerability in Adobe Reader DC that allows a PDF document automati...
New Offensive USB Cable Allows Remote Attacks over WiFi
http://bit.ly/2GoTr7Q
Submitted February 11, 2019 at 11:10PM by Nynir
via reddit http://bit.ly/2RYZlhu
http://bit.ly/2GoTr7Q
Submitted February 11, 2019 at 11:10PM by Nynir
via reddit http://bit.ly/2RYZlhu
BleepingComputer
New Offensive USB Cable Allows Remote Attacks over WiFi
Like a scene from a James Bond or Mission Impossible movie, a new offensive USB cable plugged into a computer could allow attackers to execute commands over WiFi as if they were using the computer's keyboard.
Russia considers unplugging from Internet
https://bbc.in/2I6bm4J
Submitted February 11, 2019 at 11:22PM by Hobscob
via reddit http://bit.ly/2Gzgaxk
https://bbc.in/2I6bm4J
Submitted February 11, 2019 at 11:22PM by Hobscob
via reddit http://bit.ly/2Gzgaxk
BBC News
Russia considers 'unplugging' from internet
Russia may briefly disconnect from the internet as part of a test of its cyber-defences.
Abusing SUDO Advance for Linux Privilege Escalation - RedTeam Tips
http://bit.ly/2N2UCds
Submitted February 12, 2019 at 08:14AM by sandeep1337
via reddit http://bit.ly/2SOu70G
http://bit.ly/2N2UCds
Submitted February 12, 2019 at 08:14AM by sandeep1337
via reddit http://bit.ly/2SOu70G
Penetration Testing and CyberSecurity Solution - SecureLayer7
Abusing SUDO Advance for Linux Privilege Escalation – RedTeam Tips
Abusing SUDO Advance for Linux Privilege Escalation If you have a limited shell that has access to some programs using thesudocommand you might be able to escalate your privileges. here I show some of the binary which helps you to escalate privilege using…
Post Exploitation
http://bit.ly/2UVEo8H
Submitted February 12, 2019 at 03:25PM by mstfknn
via reddit http://bit.ly/2E4D9Ph
http://bit.ly/2UVEo8H
Submitted February 12, 2019 at 03:25PM by mstfknn
via reddit http://bit.ly/2E4D9Ph
PRISMA CSI
6 - Post Exploitation • PRISMA CSI
Post Exploitation, Domain Exploitation, Meterpreter, Crackmapexec, Empire, Local Privilege Escalation, Persistence, Pivoting
Collection #1-5 analysis, 8 billion unique account with password, 301Gb of passwords. French blog
http://bit.ly/2GFqMun
Submitted February 12, 2019 at 04:37PM by rmsisme
via reddit http://bit.ly/2N2shUX
http://bit.ly/2GFqMun
Submitted February 12, 2019 at 04:37PM by rmsisme
via reddit http://bit.ly/2N2shUX
Advens
2019 sera forte en mots de passe volés – le record est battu !
2019 commence par un record battu ! Des compilations de plusieurs centaines de Giga sont apparues, d’abord en vente sur le darknet puis échangées par torrents à partir de plusieurs forums, sous les noms :« Collection #1 à 5 » ou « bigDB ». Essayons de voir…