Analyzing of CoinHive.JS
https://ift.tt/2u4VKF2
Submitted March 12, 2019 at 10:53PM by SwordSec
via reddit https://ift.tt/2VOWee0
https://ift.tt/2u4VKF2
Submitted March 12, 2019 at 10:53PM by SwordSec
via reddit https://ift.tt/2VOWee0
SwordSec
Analyzing Coinhive.JS - SwordSec
We’ve heard that the coinhive site will be closed and we analyzed 3.1 billion web sites and found sites that host CoinHive malware. We focused on javanoscript files that contain ‘coinhive’ in HTML headers. These websites were cached by some sources in December…
New Ursnif Trojan popping back up stealing cryptocurrency + email ...with Bebloh as a dropper!
https://ift.tt/2HgiVoa
Submitted March 12, 2019 at 10:43PM by hackerxbella
via reddit https://ift.tt/2VWusg2
https://ift.tt/2HgiVoa
Submitted March 12, 2019 at 10:43PM by hackerxbella
via reddit https://ift.tt/2VWusg2
Cybereason
New Ursnif Variant Comes with Enhanced Information Stealing Features
The Cybereason research team observed a new campaign involving Ursnif in the beginning of 2019 attacking users in Japan across multiple customer environments. This Ursnif variant has enhanced stealing modules focused on taking data from mail clients and email…
RFC 8555: Automatic Certificate Management Environment (ACME)
https://ift.tt/2UtdHIO
Submitted March 13, 2019 at 05:31AM by throw0101a
via reddit https://ift.tt/2TKgjVr
https://ift.tt/2UtdHIO
Submitted March 13, 2019 at 05:31AM by throw0101a
via reddit https://ift.tt/2TKgjVr
reddit
r/sysadmin - RFC 8555: Automatic Certificate Management Environment (ACME)
0 votes and 1 comment so far on Reddit
N Ways to Unpack Mobile Malware
https://ift.tt/2J8EGbt
Submitted March 13, 2019 at 01:33PM by wtfse
via reddit https://ift.tt/2u5tGRG
https://ift.tt/2J8EGbt
Submitted March 13, 2019 at 01:33PM by wtfse
via reddit https://ift.tt/2u5tGRG
Pentest Blog
N Ways to Unpack Mobile Malware
This article will briefly explain methods behind the mobile malware unpacking. It will be focusing on Anubis since it is the latest trending malware for almost a year now. Actors use dropper applications as their primary method of distribution. Droppers find…
DLL Hijacking with Ghidra - Practical Examples
https://ift.tt/2u7ZrJO
Submitted March 13, 2019 at 03:34PM by _creosote
via reddit https://ift.tt/2F9xVlJ
https://ift.tt/2u7ZrJO
Submitted March 13, 2019 at 03:34PM by _creosote
via reddit https://ift.tt/2F9xVlJ
reddit
r/netsec - DLL Hijacking with Ghidra - Practical Examples
0 votes and 0 comments so far on Reddit
CVE-2019-0539 Microsoft Edge Chakra Exploitation: Achieving memory full R\W primitive
https://ift.tt/2TyeYRy
Submitted March 13, 2019 at 07:07PM by v0yAgEr
via reddit https://ift.tt/2HAJOT8
https://ift.tt/2TyeYRy
Submitted March 13, 2019 at 07:07PM by v0yAgEr
via reddit https://ift.tt/2HAJOT8
Perception Point
CVE-2019-0539 Exploitation | Perception Point
Achieving full R\W primitive with CVE-2019-0539
WordPress 5.1 CSRF to RCE
https://ift.tt/2T7NkH6
Submitted March 13, 2019 at 07:25PM by albinowax
via reddit https://ift.tt/2Uv7a0h
https://ift.tt/2T7NkH6
Submitted March 13, 2019 at 07:25PM by albinowax
via reddit https://ift.tt/2Uv7a0h
reddit
r/netsec - WordPress 5.1 CSRF to RCE
0 votes and 1 comment so far on Reddit
Smartphones, il est temps d'adopter une approche holistique de la sécurité
https://ift.tt/2HvjsSH
Submitted March 13, 2019 at 08:14PM by KeyDutch
via reddit https://ift.tt/2VWcKsT
https://ift.tt/2HvjsSH
Submitted March 13, 2019 at 08:14PM by KeyDutch
via reddit https://ift.tt/2VWcKsT
Linkedin
Smartphones, il est temps d'adopter une approche holistique de la sécurité
#FSoS (False Sens of Security). L'exemple du déverrouillage d’un Galaxy S10 au moyen d’une simple photo de son détenteur est utile pour démontrer que la "sécurité", dans les faits, c'est la prise en compte de tout un ensemble de nuances.
A Saga of Code Executions on Zimbra
https://ift.tt/2Hw5VdF
Submitted March 13, 2019 at 09:18PM by albinowax
via reddit https://ift.tt/2J8izlq
https://ift.tt/2Hw5VdF
Submitted March 13, 2019 at 09:18PM by albinowax
via reddit https://ift.tt/2J8izlq
Tint0
A Saga of Code Executions on Zimbra
Zimbra is well known for its signature email product, Zimbra Collaboration Suite. Putting client-side vulnerabilities aside, Zimbra seems to...
Millions of Binaries Later: a Look Into Linux Hardening in the Wild
https://ift.tt/2TjSVhv
Submitted March 13, 2019 at 09:08PM by eberkut
via reddit https://ift.tt/2XW2ItJ
https://ift.tt/2TjSVhv
Submitted March 13, 2019 at 09:08PM by eberkut
via reddit https://ift.tt/2XW2ItJ
Capsule8
Millions of Binaries Later: a Look Into Linux Hardening in the Wild • Capsule8
TL;DR In this post, we explore the adoption of Linux hardening schemes across five popular distributions by examining their out-of-the-box properties. For each distribution, we analyzed its default kernel configuration, … Read of "Millions of Binaries Later:…
Docker container for creating the phishing sites using Blackeye
https://ift.tt/2HuE5OY
Submitted March 14, 2019 at 12:20AM by vishnudxb
via reddit https://ift.tt/2Hjdllc
https://ift.tt/2HuE5OY
Submitted March 14, 2019 at 12:20AM by vishnudxb
via reddit https://ift.tt/2Hjdllc
GitHub
vishnudxb/docker-blackeye
Docker container for creating the phishing sites using Blackeye - vishnudxb/docker-blackeye
Extracting BitLocker keys from a TPM
https://ift.tt/2Uz4U8n
Submitted March 14, 2019 at 04:04AM by fuckup1337
via reddit https://ift.tt/2F8xS9z
https://ift.tt/2Uz4U8n
Submitted March 14, 2019 at 04:04AM by fuckup1337
via reddit https://ift.tt/2F8xS9z
reddit
r/netsec - Extracting BitLocker keys from a TPM
0 votes and 1 comment so far on Reddit
Amazon CloudWatch suspicious behavior 2019
https://ift.tt/2Falsye
Submitted March 14, 2019 at 01:43PM by gorblefork
via reddit https://ift.tt/2THEiVz
https://ift.tt/2Falsye
Submitted March 14, 2019 at 01:43PM by gorblefork
via reddit https://ift.tt/2THEiVz
reddit
r/aws - Amazon CloudWatch suspicious behavior 2019
0 votes and 3 comments so far on Reddit
More than 300 plugins could be used to exploit Wordpress Phar injection
https://ift.tt/2Jbwpna
Submitted March 14, 2019 at 02:27PM by shin2903
via reddit https://ift.tt/2O58d4u
https://ift.tt/2Jbwpna
Submitted March 14, 2019 at 02:27PM by shin2903
via reddit https://ift.tt/2O58d4u
CyStack Security Blog
Further attack surface of Wordpress PHAR injection
SummaryIn August 2018, Sam Thomas presented a new vulnerability of Wordpress at Black Hat USA 2018. The PHP object injection vulnerability is not new, but the way attacker can trigger this error is worth mentioning. In this article, I will go over the detail…
SimBad: A Rogue Adware Campaign On Google Play
https://ift.tt/2UAnNHO
Submitted March 14, 2019 at 04:12PM by Titokhan
via reddit https://ift.tt/2u7MnUQ
https://ift.tt/2UAnNHO
Submitted March 14, 2019 at 04:12PM by Titokhan
via reddit https://ift.tt/2u7MnUQ
Check Point Research
SimBad: A Rogue Adware Campaign On Google Play - Check Point Research
Research by: Elena Root and Andrey Polkovnichenko Check Point researchers from the Mobile Threat Team have discovered a new adware campaign on the Google Play Store. This particular strain of Adware was found in 206 applications, and the combined download…
Generic Windows 7,8,10 SMEP, KASLR & DEP Bypass Using the Page Table's Self-reference Entry
https://ift.tt/2XZP9Ju
Submitted March 14, 2019 at 07:50PM by scalys7
via reddit https://ift.tt/2Co5j6p
https://ift.tt/2XZP9Ju
Submitted March 14, 2019 at 07:50PM by scalys7
via reddit https://ift.tt/2Co5j6p
GitHub
scalys7/Privilege-Escalation-Framework
Privilege Escilation training project, with an emphasis on the distinction between vulnerability research & it's exposure and exploitation methods(which are CVE-independent.) - scalys7/Priv...
pypykatz agent
https://ift.tt/2O1Y8p0
Submitted March 15, 2019 at 12:31AM by fuckup1337
via reddit https://ift.tt/2TLBZAK
https://ift.tt/2O1Y8p0
Submitted March 15, 2019 at 12:31AM by fuckup1337
via reddit https://ift.tt/2TLBZAK
GitHub
skelsec/pypykatz_agent_dn
Pypykatz agent implemented in .NET. Contribute to skelsec/pypykatz_agent_dn development by creating an account on GitHub.
pypykatz Server
https://ift.tt/2O4bdhL
Submitted March 15, 2019 at 12:30AM by fuckup1337
via reddit https://ift.tt/2JcEtUL
https://ift.tt/2O4bdhL
Submitted March 15, 2019 at 12:30AM by fuckup1337
via reddit https://ift.tt/2JcEtUL
GitHub
skelsec/pypykatz_server
Pypykatz server. Contribute to skelsec/pypykatz_server development by creating an account on GitHub.
Never miss a single call for papers for security conferences!
http://cfptime.org
Submitted March 15, 2019 at 12:20AM by PaulSec
via reddit https://ift.tt/2T6YjjZ
http://cfptime.org
Submitted March 15, 2019 at 12:20AM by PaulSec
via reddit https://ift.tt/2T6YjjZ
reddit
r/netsec - Never miss a single call for papers for security conferences!
0 votes and 0 comments so far on Reddit
Pypykatz Server - With this you won't need to run mimikatz/pypykatz on the target machine, only a tiny agent (13kB) that takes the info from the server on what parts of the lsass process to read.
https://ift.tt/2O4bdhL
Submitted March 15, 2019 at 01:44AM by fuckup1337
via reddit https://ift.tt/2UC2OEH
https://ift.tt/2O4bdhL
Submitted March 15, 2019 at 01:44AM by fuckup1337
via reddit https://ift.tt/2UC2OEH
GitHub
skelsec/pypykatz_server
Pypykatz server. Contribute to skelsec/pypykatz_server development by creating an account on GitHub.
Email-Enum: Check if an email is registered on mainstream websites!
https://ift.tt/2O6tMSe
Submitted March 15, 2019 at 02:34AM by Banqu
via reddit https://ift.tt/2CfasxF
https://ift.tt/2O6tMSe
Submitted March 15, 2019 at 02:34AM by Banqu
via reddit https://ift.tt/2CfasxF
GitHub
Frint0/email-enum
Email-Enum searches mainstream websites and tells you if an email is registered! - Frint0/email-enum