0 votes and 0 comments so far on Reddit

Robust and practical application control for Windows - GitHub - microsoft/AaronLocker: Robust and practical application control for Windows

To provide users and IT teams with actionable intelligence about Chrome extensions, Duo Labs is excited to announce the public beta of CRXcavator (rhymes with “excavator”), a free service that analyzes Chrome extensions and produces comprehensive security…

Learn everything there is to know about building and maintaining your own home or workplace virtual lab environment on the most popular hypervisors today!

JonLuca’s Blog - A blog about tech, programming, and information

0 votes and 0 comments so far on Reddit

Cybercriminals are promising salaries of up to $360,000 a year to accomplices who seek to extort high networth individuals such as C-Level executives, lawyers, and doctors.

Almost 80% of web page loads now use TLS. But almost no one uses TLS in development and pre-production. Why? Because it's hard. That sucks. When dev and staging don't match prod, bad things happen. Today's step release, version 0.8.6, makes using TLS in dev…

What happens when an image is also javanoscript? And when that Image does not even need a payload to extract the malware from the image.. Well then you have a polyglot!

During a red team exercise it's common to set up a relaying infrastructure to separate your external facing footprint from the actual command and control backend. Some of the popular light-weight options are to set up either HAProxy or NGINX on disposable…

Security researchers have discovered a new Malspam campaign exploiting the recently discovered WinRAR ACE flaw to install malware on the computer

The demonstrates CVE-2018-4233 on iOS. This should work on all 64bit iOS 10 devices but currently the kernel exploit has kernel offsets hardcoded for an iPod7,1 10.1.1 until I manage to add liboffs...

Security researchers have discovered a critical remote execution vulnerability in WinRAR software affecting all versions.

How an anomalous space led to fingerprinting Summary On the 2nd of January 2019 Cobalt Strike version 3.13 was released, which contained a fix for an “extraneous space”. This uncommon w…

Google is by far the best search engine, with the most developed algorithms and the largest database of sites. Unfortunately, it is also well known for monitoring its users and using your search history to target ads.

Google Storage is a GCP service that hosts files within GCP "buckets”. Enumerating vulnerable GCP buckets can identify potential cloud weaknesses.

0 votes and 0 comments so far on Reddit

ConsenSys Diligence is deploying vulnerable contracts on purpose.

New TLS Padding Oracles. Contribute to RUB-NDS/TLS-Padding-Oracles development by creating an account on GitHub.

0 votes and 0 comments so far on Reddit