$177.5 M Settlement Proposal: The Second Possible Big Dent In Yahoo’s Treasury For 2013-16 Data Breach Incident
http://bit.ly/2GhodhK
Submitted April 12, 2019 at 09:27AM by Samrat1402
via reddit http://bit.ly/2UdLd50
http://bit.ly/2GhodhK
Submitted April 12, 2019 at 09:27AM by Samrat1402
via reddit http://bit.ly/2UdLd50
Lamanguste
$177.5 M Settlement Proposal: The Second Possible Big Dent In Yahoo’s Treasury For 2013-16 Data Breach Incident
Yahoo today has been learnt offering $177.5 Million to settle a lawsuit related to its 2013 data breach incident which compromised 3 billion user records, the biggest data breach in the history of man
Safety of Your Personal Data Online Is a Life-And-Death Issue
http://bit.ly/2Il0zDp
Submitted April 12, 2019 at 06:13PM by WideFee
via reddit http://bit.ly/2DdbMkY
http://bit.ly/2Il0zDp
Submitted April 12, 2019 at 06:13PM by WideFee
via reddit http://bit.ly/2DdbMkY
Surfshark
Dr. A. Estwick: Safety of Your Personal Data Online Is a Life-And-Death Issue - Surfshark
Cybercrime is real, and your personal data can be used by malicious parties for whatever reasons they have.
A reviewed list on where to find malicious samples
http://bit.ly/2KwX8LH
Submitted April 12, 2019 at 06:30PM by ThisIsLibra
via reddit http://bit.ly/2X59sEg
http://bit.ly/2KwX8LH
Submitted April 12, 2019 at 06:30PM by ThisIsLibra
via reddit http://bit.ly/2X59sEg
reddit
r/netsec - A reviewed list on where to find malicious samples
0 votes and 0 comments so far on Reddit
Apple’s App-Site Association - The New robots.txt
http://bit.ly/2ULhPra
Submitted April 12, 2019 at 07:43PM by digicat
via reddit http://bit.ly/2VDKKug
http://bit.ly/2ULhPra
Submitted April 12, 2019 at 07:43PM by digicat
via reddit http://bit.ly/2VDKKug
ThreatIngestor: a flexible, config-driven framework for harvesting/managing threat intelligence.
http://bit.ly/2U95sRe
Submitted April 12, 2019 at 08:22PM by amusciano
via reddit http://bit.ly/2P7jdPn
http://bit.ly/2U95sRe
Submitted April 12, 2019 at 08:22PM by amusciano
via reddit http://bit.ly/2P7jdPn
GitHub
InQuest/ThreatIngestor
Extract and aggregate threat intelligence. Contribute to InQuest/ThreatIngestor development by creating an account on GitHub.
Credential stuffing attack - Gather information about leaked emails from Pastebin.
http://bit.ly/2P4ZMXH
Submitted April 13, 2019 at 12:09AM by Mysterii8
via reddit http://bit.ly/2VKGlGc
http://bit.ly/2P4ZMXH
Submitted April 13, 2019 at 12:09AM by Mysterii8
via reddit http://bit.ly/2VKGlGc
Medium
Advanced credential stuffing with PEPE
Collect info about email addresses from Pastebin dumps.
VirusTotal for Investigators
http://bit.ly/2KvvEWF
Submitted April 13, 2019 at 11:25AM by digicat
via reddit http://bit.ly/2PbWX7e
http://bit.ly/2KvvEWF
Submitted April 13, 2019 at 11:25AM by digicat
via reddit http://bit.ly/2PbWX7e
reddit
r/netsec - VirusTotal for Investigators
0 votes and 0 comments so far on Reddit
Hack The Box - Redcross Writeup by 0xdf
http://bit.ly/2X6Ccwj
Submitted April 13, 2019 at 08:54PM by Ipp
via reddit http://bit.ly/2VNPWvX
http://bit.ly/2X6Ccwj
Submitted April 13, 2019 at 08:54PM by Ipp
via reddit http://bit.ly/2VNPWvX
0xdf hacks stuff
HTB: RedCross
RedCross was a maze, with a lot to look at and multiple paths at each stage. I’ll start by enumerating a website, and showing two different ways to get a cookie to use to gain access to the admin panel. Then, I’ll get a shell on the box as penelope, either…
Hack The Box - RedCross write-up by 0xRick
http://bit.ly/2Iizdh7
Submitted April 13, 2019 at 08:54PM by Ahm3d_H3sham
via reddit http://bit.ly/2DfCtFU
http://bit.ly/2Iizdh7
Submitted April 13, 2019 at 08:54PM by Ahm3d_H3sham
via reddit http://bit.ly/2DfCtFU
0xRick Owned Root !
Hack The Box - RedCross
Quick Summary Hey guys today RedCross retired and here is my write-up about it. To get an initial shell on this box there are two ways , first one is to exploit an authenticated RCE which gives you a shell as www-data , then escalate to root. The second way…
New linux privilege Escalation techniques abusing sudo token
http://bit.ly/2KBt41x
Submitted April 13, 2019 at 08:35PM by chaign_c
via reddit http://bit.ly/2UWefKI
http://bit.ly/2KBt41x
Submitted April 13, 2019 at 08:35PM by chaign_c
via reddit http://bit.ly/2UWefKI
GitHub
nongiach/sudo_inject
[Linux] Two Privilege Escalation techniques abusing sudo token - nongiach/sudo_inject
Exploiting Apache Solr through OpenCMS
http://bit.ly/2vbESNv
Submitted April 13, 2019 at 10:13PM by smaury
via reddit http://bit.ly/2IscRc8
http://bit.ly/2vbESNv
Submitted April 13, 2019 at 10:13PM by smaury
via reddit http://bit.ly/2IscRc8
Shielder
Exploiting Apache Solr through OpenCMS - Shielder
Exploiting a known XXE in Apache Solr through OpenCMS handleSolrSelect, to read arbitrary files from the OpenCMS' server.
CVE-2019-8513: Command injection in macOS TimeMachine allows reliable local root privilege escalation exploit
http://bit.ly/2Xb896S
Submitted April 13, 2019 at 11:27PM by CodeColorist
via reddit http://bit.ly/2XaTrfQ
http://bit.ly/2Xb896S
Submitted April 13, 2019 at 11:27PM by CodeColorist
via reddit http://bit.ly/2XaTrfQ
Medium
Rootpipe Reborn Part I: CVE-2019–8513 TimeMachine root command injection
This writeup is for the command injection in TimeMachine diagnose extension, affects 10.12.x-10.14.3
Anatomy of the Triton Malware Attack.
http://bit.ly/2KDWBaH
Submitted April 14, 2019 at 12:13PM by hacktvist
via reddit http://bit.ly/2UAlGrF
http://bit.ly/2KDWBaH
Submitted April 14, 2019 at 12:13PM by hacktvist
via reddit http://bit.ly/2UAlGrF
CyberArk
Anatomy of the Triton Malware Attack | CyberArk
Schneider Electric SE recently fell victim to a breach of its safety system, which crippled operations at a critical infrastructure facility in the Middle East. It’s the first reported attack on a safety instrumented system...
Spectre Attacks: Exploiting Speculative Execution
http://bit.ly/2EORJIX
Submitted April 14, 2019 at 01:47PM by gotanyofthemexploits
via reddit http://bit.ly/2GdD8by
http://bit.ly/2EORJIX
Submitted April 14, 2019 at 01:47PM by gotanyofthemexploits
via reddit http://bit.ly/2GdD8by
Envoy CVE-2019-9900 and CVE-2019-9901
http://bit.ly/2UBprgn
Submitted April 14, 2019 at 03:53PM by reddit_read_today
via reddit http://bit.ly/2Darmhi
http://bit.ly/2UBprgn
Submitted April 14, 2019 at 03:53PM by reddit_read_today
via reddit http://bit.ly/2Darmhi
Twistlock
Unpacking Envoy Vulnerabilities (CVE-2019-9900 and CVE-2019-9901) and How it Impacts Istio | Twistlock
Recently 2 vulnerabilities in Envoy
P4wnP1 USB shell while evading Symantec detection features.
http://bit.ly/2UVwLTG
Submitted April 14, 2019 at 10:59PM by InitRoot
via reddit http://bit.ly/2KEUWSf
http://bit.ly/2UVwLTG
Submitted April 14, 2019 at 10:59PM by InitRoot
via reddit http://bit.ly/2KEUWSf
Medium
Simple AV Evasion Symantec and P4wnP1 USB
I’ve recently converted my sturdy Raspberry Pi Zero W to a bad USB using the P4wnP1 image and toolkit created my mame82. The ultimate goal…
Timing Attacks reviewed using Machine Learning
http://bit.ly/2VGpyE8
Submitted April 15, 2019 at 02:22AM by fleezenleger
via reddit http://bit.ly/2DhuLLj
http://bit.ly/2VGpyE8
Submitted April 15, 2019 at 02:22AM by fleezenleger
via reddit http://bit.ly/2DhuLLj
parzelsec.
Timing Attacks using Machine Learning
Timing analysis powered up by Gaussian Mixture Models to deal with noisy and small timing differences. This article analyzes, models and implements Timing Attacks using Machine Learning.
Quantum Cryptography
http://bit.ly/2Gp8nl9
Submitted April 15, 2019 at 09:22AM by gotanyofthemexploits
via reddit http://bit.ly/2Iw38BH
http://bit.ly/2Gp8nl9
Submitted April 15, 2019 at 09:22AM by gotanyofthemexploits
via reddit http://bit.ly/2Iw38BH
reddit
r/netsec - Quantum Cryptography
0 votes and 0 comments so far on Reddit
GitHub - realtho/PartyLoud: A simple tool to do several HTTP / HTTPS requests and simulate navigation
http://bit.ly/2IxGI2P
Submitted April 15, 2019 at 04:14PM by Tho_real
via reddit http://bit.ly/2GhrwUJ
http://bit.ly/2IxGI2P
Submitted April 15, 2019 at 04:14PM by Tho_real
via reddit http://bit.ly/2GhrwUJ
GitHub
realtho/PartyLoud
A simple tool to do several HTTP / HTTPS requests and simulate navigation - realtho/PartyLoud
CVE-2019-9730: Local Privilege Elevation in Synaptics Sound Device Driver (Write-Up + Exploit)
http://bit.ly/2UCzOAR
Submitted April 15, 2019 at 06:04PM by xVIoct
via reddit http://bit.ly/2Gcm85o
http://bit.ly/2UCzOAR
Submitted April 15, 2019 at 06:04PM by xVIoct
via reddit http://bit.ly/2Gcm85o
reddit
r/netsec - CVE-2019-9730: Local Privilege Elevation in Synaptics Sound Device Driver (Write-Up + Exploit)
0 votes and 0 comments so far on Reddit
Coerchck - PowerShell Script For Listing Local Admins - Blue Team
http://bit.ly/2Dfrdci
Submitted April 15, 2019 at 07:54PM by Evil1337
via reddit http://bit.ly/2VJMdzm
http://bit.ly/2Dfrdci
Submitted April 15, 2019 at 07:54PM by Evil1337
via reddit http://bit.ly/2VJMdzm
reddit
r/netsec - Coerchck - PowerShell Script For Listing Local Admins - Blue Team
0 votes and 0 comments so far on Reddit