Analysis of false positive on beian.gov.cn requests in regards to Huawei P30 Pro traffic research
http://bit.ly/2GzJumW
Submitted April 23, 2019 at 03:09PM by pe3zx
via reddit http://bit.ly/2GylfUL
http://bit.ly/2GzJumW
Submitted April 23, 2019 at 03:09PM by pe3zx
via reddit http://bit.ly/2GylfUL
GitHub
pe3zx/huawei-block-list
Captured DNS requests from Huawei P30 Pro to a block list - pe3zx/huawei-block-list
GitHub - Cuckoo Sandbox plugin for extracts configuration data of known malware
http://bit.ly/2GtIsru
Submitted April 23, 2019 at 07:22PM by oil_sardine
via reddit http://bit.ly/2VZ3ILX
http://bit.ly/2GtIsru
Submitted April 23, 2019 at 07:22PM by oil_sardine
via reddit http://bit.ly/2VZ3ILX
GitHub
GitHub - JPCERTCC/MalConfScan-with-Cuckoo: Cuckoo Sandbox plugin for extracts configuration data of known malware
Cuckoo Sandbox plugin for extracts configuration data of known malware - GitHub - JPCERTCC/MalConfScan-with-Cuckoo: Cuckoo Sandbox plugin for extracts configuration data of known malware
Getting access to Zendesk’s Google Cloud and Artifactory from GitHub dotfile repos
http://bit.ly/2IQJPTD
Submitted April 23, 2019 at 08:22PM by Mempodipper
via reddit http://bit.ly/2GCDYA3
http://bit.ly/2IQJPTD
Submitted April 23, 2019 at 08:22PM by Mempodipper
via reddit http://bit.ly/2GCDYA3
reddit
r/netsec - Getting access to Zendesk’s Google Cloud and Artifactory from GitHub dotfile repos
0 votes and 0 comments so far on Reddit
Vulnerability Management ZeroOne Release
We at Firo Solutions recently went live with out new Vulnerability Management platform.Check us out and let us know what think:https://firosolutions.com | https://watchers.firosolutions.com
Submitted April 23, 2019 at 08:39PM by FiroSolutions
via reddit http://bit.ly/2UOv6jk
We at Firo Solutions recently went live with out new Vulnerability Management platform.Check us out and let us know what think:https://firosolutions.com | https://watchers.firosolutions.com
Submitted April 23, 2019 at 08:39PM by FiroSolutions
via reddit http://bit.ly/2UOv6jk
Firo Solutions
Vulnerability Management by SaaS
Termshark - a terminal UI for tshark inspired by Wireshark
https://termshark.io/
Submitted April 23, 2019 at 11:57PM by DreamlessMojo
via reddit http://bit.ly/2XHlJz9
https://termshark.io/
Submitted April 23, 2019 at 11:57PM by DreamlessMojo
via reddit http://bit.ly/2XHlJz9
A terminal UI for tshark, inspired by Wireshark
GitHub Gist Recon - The art of finding information leaks in GitHub Gists and elsewhere
http://bit.ly/2L1KzIq
Submitted April 24, 2019 at 03:22AM by _pdp_
via reddit http://bit.ly/2PpUB4C
http://bit.ly/2L1KzIq
Submitted April 24, 2019 at 03:22AM by _pdp_
via reddit http://bit.ly/2PpUB4C
Secapps
GitHub Gist Recon
carbanak source leaked and added to github
http://bit.ly/2GtLprT
Submitted April 24, 2019 at 04:18AM by d4nk1st
via reddit http://bit.ly/2IQdvQV
http://bit.ly/2GtLprT
Submitted April 24, 2019 at 04:18AM by d4nk1st
via reddit http://bit.ly/2IQdvQV
GitHub
Aekras1a/Updated-Carbanak-Source-with-Plugins
https://twitter.com/itsreallynick/status/1120410950430089224 - Aekras1a/Updated-Carbanak-Source-with-Plugins
A quick TLDR of the attacks mentioned in the infamous Mueller report
http://bit.ly/2USDxu3
Submitted April 24, 2019 at 08:33AM by kangsterizer
via reddit http://bit.ly/2XGtLYL
http://bit.ly/2USDxu3
Submitted April 24, 2019 at 08:33AM by kangsterizer
via reddit http://bit.ly/2XGtLYL
reddit
r/netsec - A quick TLDR of the attacks mentioned in the infamous Mueller report
0 votes and 3 comments so far on Reddit
The most common OAuth 2.0 Hacks
http://bit.ly/2Dwd0rQ
Submitted April 24, 2019 at 03:25PM by atomlib_com
via reddit http://bit.ly/2DzOdTH
http://bit.ly/2Dwd0rQ
Submitted April 24, 2019 at 03:25PM by atomlib_com
via reddit http://bit.ly/2DzOdTH
Habr
The most common OAuth 2.0 Hacks
OAuth 2 overview This article assumes that readers are familiar with OAuth 2. However, below a brief denoscription of it is presented below. The application...
Good stuff for AFL fuzzer (intro guide)
http://bit.ly/2USXPDT
Submitted April 24, 2019 at 04:15PM by kerby_e
via reddit http://bit.ly/2IDA0t2
http://bit.ly/2USXPDT
Submitted April 24, 2019 at 04:15PM by kerby_e
via reddit http://bit.ly/2IDA0t2
Habr
Zoo AFL
In this article, we're going to talk about not the classical AFL itself but about utilities designed for it and its modifications, which, in our view, can...
Deobfuscating APT32 Flow Graphs with Cutter and Radare2
http://bit.ly/2DuuViI
Submitted April 24, 2019 at 04:58PM by Megabeets
via reddit http://bit.ly/2UBKMRY
http://bit.ly/2DuuViI
Submitted April 24, 2019 at 04:58PM by Megabeets
via reddit http://bit.ly/2UBKMRY
Check Point Research
Deobfuscating APT32 Flow Graphs with Cutter and Radare2 - Check Point Research
Research by: Itay Cohen The Ocean Lotus group, also known as APT32, is a threat actor which has been known to target East Asian countries such as Vietnam, Laos and the Philippines. The group strongly focuses on Vietnam, especially private sector companies…
Besder - An Investigative Journey Part 1
http://bit.ly/2Zy8JgI
Submitted April 24, 2019 at 07:43PM by redcodefinal
via reddit http://bit.ly/2UR7MBE
http://bit.ly/2Zy8JgI
Submitted April 24, 2019 at 07:43PM by redcodefinal
via reddit http://bit.ly/2UR7MBE
blog.0x42424242.in
Besder - An Investigative Journey Part 1
Hello everyone, and welcome to my investigative journey into the Besder IP20H1 network camera! Last time, ( Part 1 , Part 2 ), I covered the...
Ekaterina Khrustaleva, ImmuniWeb: There's No Silver Bullet for IoT Security
http://bit.ly/2PlcPnU
Submitted April 24, 2019 at 08:16PM by KeyDutch
via reddit http://bit.ly/2UVnjjI
http://bit.ly/2PlcPnU
Submitted April 24, 2019 at 08:16PM by KeyDutch
via reddit http://bit.ly/2UVnjjI
TechNadu
Ekaterina Khrustaleva, ImmuniWeb: There's No Silver Bullet for IoT Security
Immuniweb's Ekaterina Khrustaleva discusses in an interview for TechNadu the security landscape of today, IoT, and how ImmuniWeb can help.
On insecure zip handling, Rubyzip and Metasploit RCE (CVE-2019-5624)
http://bit.ly/2W5XuKr
Submitted April 24, 2019 at 08:29PM by nibblesec
via reddit http://bit.ly/2PoXBy4
http://bit.ly/2W5XuKr
Submitted April 24, 2019 at 08:29PM by nibblesec
via reddit http://bit.ly/2PoXBy4
Doyensec
On insecure zip handling, Rubyzip and Metasploit RCE (CVE-2019-5624) · Doyensec's Blog
Doyensec's Blog :: Doyensec is an independent security research and development company focused on vulnerability discovery and remediation.
DNS based threat hunting and DoH (DNS over HTTPS)
http://bit.ly/2UWTsHV
Submitted April 25, 2019 at 02:09AM by adamziaja_com
via reddit http://bit.ly/2ITyBxS
http://bit.ly/2UWTsHV
Submitted April 25, 2019 at 02:09AM by adamziaja_com
via reddit http://bit.ly/2ITyBxS
blog.redteam.pl
DNS based threat hunting and DoH (DNS over HTTPS)
Techblog o cyberbezpieczeństwie
Gaining Access to Card Data Using the Windows Domain to Bypass Firewalls
http://bit.ly/2UCyQ2n
Submitted April 25, 2019 at 01:57AM by timewarpUK
via reddit http://bit.ly/2XNltyH
http://bit.ly/2UCyQ2n
Submitted April 25, 2019 at 01:57AM by timewarpUK
via reddit http://bit.ly/2XNltyH
Markitzeroday
Gaining Access to Card Data Using the Windows Domain to Bypass Firewalls
This post details how to bypass firewalls to gain access to the Cardholder Data Environment (or CDE, to use the parlance of our times). End goal: to extract ...
procSpy - Python tool for monitoring and logging user-run commands
http://bit.ly/2ZtyrmR
Submitted April 25, 2019 at 04:03AM by kindredsec
via reddit http://bit.ly/2Gu2F0a
http://bit.ly/2ZtyrmR
Submitted April 25, 2019 at 04:03AM by kindredsec
via reddit http://bit.ly/2Gu2F0a
GitHub
itsKindred/procSpy
Python tool that monitors and logs user-run commands on a Linux system for either offensive or defensive purposes.. - itsKindred/procSpy
Private Key Extraction from Qualcomm Hardware-backed Keystores
http://bit.ly/2GJfO5R
Submitted April 25, 2019 at 09:13AM by Titokhan
via reddit http://bit.ly/2IUNQ9M
http://bit.ly/2GJfO5R
Submitted April 25, 2019 at 09:13AM by Titokhan
via reddit http://bit.ly/2IUNQ9M
reddit
r/netsec - Private Key Extraction from Qualcomm Hardware-backed Keystores
0 votes and 0 comments so far on Reddit
Through the cloud – remote debugging to crack MQ
http://bit.ly/2GFtgsp
Submitted April 25, 2019 at 01:00PM by zoh4rs
via reddit http://bit.ly/2UVcqi0
http://bit.ly/2GFtgsp
Submitted April 25, 2019 at 01:00PM by zoh4rs
via reddit http://bit.ly/2UVcqi0
Komodosec | Cyber Security Consulting infrastructure and Application
Through the cloud – remote debugging to crack MQ
In a simple penetration test the tester is presented with a target, say a web application, and attacks it from his workstation. However, systems can be far more
Next Gen Phishing – Leveraging Azure Information Protection
http://bit.ly/2XISpbg
Submitted April 25, 2019 at 06:17PM by oddvarmoe
via reddit http://bit.ly/2UzDD4R
http://bit.ly/2XISpbg
Submitted April 25, 2019 at 06:17PM by oddvarmoe
via reddit http://bit.ly/2UzDD4R
TrustedSec
Cybersecurity Education from the Experts | TrustedSec Blog Posts
Learn more about how to safeguard your company through our educational blog posts on everything from updated tech to the newest scams infiltrating organizations today.
TA505 targeting banks with lolbins and ServHelper, what's crazy is how targeted an operation this was, not spray and pray
http://bit.ly/2DBhtJL
Submitted April 25, 2019 at 06:51PM by hackerxbella
via reddit http://bit.ly/2VkhBaN
http://bit.ly/2DBhtJL
Submitted April 25, 2019 at 06:51PM by hackerxbella
via reddit http://bit.ly/2VkhBaN
Cybereason
Threat Actor TA505 Targets Financial Enterprises Using LOLBins and a New Backdoor Malware
In this research, we introduce a meticulously planned, malicious operation against a financial institution in April of 2019 by TA505.