by Mitja Kolsek, the 0patch Team Today we'll look at a fairly simple vulnerability in Adobe Reader DC that allows a PDF document automati...

Like a scene from a James Bond or Mission Impossible movie, a new offensive USB cable plugged into a computer could allow attackers to execute commands over WiFi as if they were using the computer's keyboard. 

Russia may briefly disconnect from the internet as part of a test of its cyber-defences.

Abusing SUDO Advance for Linux Privilege Escalation If you have a limited shell that has access to some programs using thesudocommand you might be able to escalate your privileges. here I show some of the binary which helps you to escalate privilege using…

Post Exploitation, Domain Exploitation, Meterpreter, Crackmapexec, Empire, Local Privilege Escalation, Persistence, Pivoting

2019 commence par un record battu ! Des compilations de plusieurs centaines de Giga sont apparues, d’abord en vente sur le darknet puis échangées par torrents à partir de plusieurs forums, sous les noms :« Collection #1 à 5 » ou « bigDB ». Essayons de voir…

It is particularly on IoT security.. please ask your question and share your knowledge

WebARX researcher found a vulnerability in popular WordPress plugin Simple Social Buttons. Read more to find out what vulnerability allows.

This proof-of concept (PoC) is released for educational purposes and evaluation by researchers, and should not be used in any unintended way. Furthermore, this PoC and any other related material has been published only after disclosing it to Xiaomi Researcher:…

2 votes and 1 comment so far on Reddit

Not a Coinhive Writeup

1 vote and 1 comment so far on Reddit

Collection of PowerShell network security noscripts for system administrators. - thom-s/netsec-ps-noscripts

1 vote and 0 comments so far on Reddit

The Anchore Engine is an open source project that provides a centralized service for deep inspection, analysis and certification of container images. It is provided as a Docker container image that can be run standalone or on an orchestration platform such…

An online certificate authority and related tools for secure automated certificate management, so you can use TLS everywhere. - smallstep/certificates

In January 2019, I discovered a privilege escalation vulnerability in default installations of Ubuntu Linux. This was due to a bug in the snapd API, a default service. Any local user could exploit this vulnerability to obtain immediate root access to the…

From IoT Pentesting to IoT Security . Contribute to V33RU/IoTSecurity101 development by creating an account on GitHub.

1 vote and 2 comments so far on Reddit

As somebody who is in the Infosec/Cybersecurity industry, it is common knowledge that the laws relating to Hacking and Cybersecurity are laughably out-of-date, and as a result, it is technically prosecute somebody just for visiting a website and clicking…