Abusing the new default filter mode in Chrome to execute the XSS.
http://bit.ly/2L6eiA6
Submitted April 25, 2019 at 07:31PM by terjanq
via reddit http://bit.ly/2GKgUiU
http://bit.ly/2L6eiA6
Submitted April 25, 2019 at 07:31PM by terjanq
via reddit http://bit.ly/2GKgUiU
Medium
XSS-Auditor — the protector of unprotected
and the deceiver of protected.
Vulnhub Write-up —DC-1
http://bit.ly/2GK67oG
Submitted April 27, 2019 at 03:29AM by Eta-Meson
via reddit http://bit.ly/2Zz4py1
http://bit.ly/2GK67oG
Submitted April 27, 2019 at 03:29AM by Eta-Meson
via reddit http://bit.ly/2Zz4py1
Medium
Vulnhub Write-up —DC-1
This is the write-up of the Machine DC-1:1 from Vulnhub.
Dropping the password expiration policies (MS Security baseline for Win 10 / 2019)
http://bit.ly/2XFnFbq
Submitted April 27, 2019 at 04:48AM by the_gnarts
via reddit http://bit.ly/2V196Ss
http://bit.ly/2XFnFbq
Submitted April 27, 2019 at 04:48AM by the_gnarts
via reddit http://bit.ly/2V196Ss
reddit
r/netsec - Dropping the password expiration policies (MS Security baseline for Win 10 / 2019)
0 votes and 2 comments so far on Reddit
ARIN-prop-266: BGP Hijacking is an ARIN Policy Violation
http://bit.ly/2ZDSrmD
Submitted April 27, 2019 at 10:18AM by knotdjb
via reddit http://bit.ly/2UI4Xh6
http://bit.ly/2ZDSrmD
Submitted April 27, 2019 at 10:18AM by knotdjb
via reddit http://bit.ly/2UI4Xh6
www.arin.net
ARIN-prop-266: BGP Hijacking is an ARIN Policy Violation
Building your own JTAG, ISP, & Chip Off Lab
http://bit.ly/2ZAfRcJ
Submitted April 27, 2019 at 03:14PM by dukeofmola
via reddit http://bit.ly/2UEzzAl
http://bit.ly/2ZAfRcJ
Submitted April 27, 2019 at 03:14PM by dukeofmola
via reddit http://bit.ly/2UEzzAl
Farley Forensics
Building your own JTAG, ISP, & Chip Off Lab - Farley Forensics
Have you ever wanted to get started with JTAG, ISP, & Chip Off extractions but never knew what you needed to get started?
Docker Hub user data breach of 190,000 accounts
http://bit.ly/2W4UPkk
Submitted April 27, 2019 at 04:42PM by ston1th
via reddit http://bit.ly/2GM7IKS
http://bit.ly/2W4UPkk
Submitted April 27, 2019 at 04:42PM by ston1th
via reddit http://bit.ly/2GM7IKS
reddit
r/docker - Docker Hub user data breach of 190,000 accounts
93 votes and 16 comments so far on Reddit
sniff-paste: regex driven Pastebin OSINT Harvester
http://bit.ly/2XQBuDI
Submitted April 27, 2019 at 06:37PM by amusciano
via reddit http://bit.ly/2vqY21G
http://bit.ly/2XQBuDI
Submitted April 27, 2019 at 06:37PM by amusciano
via reddit http://bit.ly/2vqY21G
GitHub
needmorecowbell/sniff-paste
Pastebin OSINT Harvester. Contribute to needmorecowbell/sniff-paste development by creating an account on GitHub.
MuddyWater leak (OnGoing)
http://bit.ly/2GBKkhQ
Submitted April 27, 2019 at 07:45PM by GelosSnake
via reddit http://bit.ly/2J0mfUC
http://bit.ly/2GBKkhQ
Submitted April 27, 2019 at 07:45PM by GelosSnake
via reddit http://bit.ly/2J0mfUC
reddit
r/netsec - MuddyWater leak (OnGoing)
0 votes and 0 comments so far on Reddit
Hack The Box - Irked Write-up by 0xRick
http://bit.ly/2GOQb4E
Submitted April 27, 2019 at 08:32PM by Ahm3d_H3sham
via reddit http://bit.ly/2DA5qfC
http://bit.ly/2GOQb4E
Submitted April 27, 2019 at 08:32PM by Ahm3d_H3sham
via reddit http://bit.ly/2DA5qfC
0xRick Owned Root !
Hack The Box - Irked
Quick Summary Hey guys, today Irked retired and here’s my write-up about it. It was an easy straightforward machine, no rabbit holes and such things. To get an initial shell on the box we will exploit an RCE vulnerable irc server called UnrealIRCd. After…
6 buckets of a security bug (for product security teams)
http://bit.ly/2INBgd2
Submitted April 27, 2019 at 10:50PM by nibblesec
via reddit http://bit.ly/2IJWrwN
http://bit.ly/2INBgd2
Submitted April 27, 2019 at 10:50PM by nibblesec
via reddit http://bit.ly/2IJWrwN
reddit
r/netsec - 6 buckets of a security bug (for product security teams)
0 votes and 0 comments so far on Reddit
How to build a passive IMSI catcher
http://bit.ly/2WcgYwW
Submitted April 28, 2019 at 03:41AM by fo0bat
via reddit http://bit.ly/2XPeq8v
http://bit.ly/2WcgYwW
Submitted April 28, 2019 at 03:41AM by fo0bat
via reddit http://bit.ly/2XPeq8v
Harrison's Sandbox
Building a Passive IMSI Catcher
This post walks through the processes of building a passive IMSI catcher. The purpose of this post is to be educational - to highlight the ease of which these devices can be built, and to practically show how privacy is already being compromised today.
AutoMacTC: Automating Mac Forensic Triage | CrowdStrike
http://bit.ly/2UHPazc
Submitted April 28, 2019 at 02:23PM by digicat
via reddit http://bit.ly/2PyzCww
http://bit.ly/2UHPazc
Submitted April 28, 2019 at 02:23PM by digicat
via reddit http://bit.ly/2PyzCww
Crowdstrike
AutoMacTC: Automating Mac Forensic Triage | CrowdStrike
CrowdStrike introduces AutoMacTC, a new tool for automating Mac forensic triage. Learn how AutoMacTC works and how it amplifies your incident response efforts.
The inception bar: a new phishing method
http://bit.ly/2voHFTo
Submitted April 28, 2019 at 02:23PM by _vavkamil_
via reddit http://bit.ly/2voqXDP
http://bit.ly/2voHFTo
Submitted April 28, 2019 at 02:23PM by _vavkamil_
via reddit http://bit.ly/2voqXDP
jameshfisher.com
The inception bar: a new phishing method
Welcome to HSBC, the world’s seventh-largest bank! Of course, the page you’re reading isn’t actually hosted on hsbc.com; it’s hosted on jameshfisher.com. But when you visit this site on Chrome for mobile, and scroll a little way, the page is able to display…
Call for Papers @ Camp++, a security camp in a 19th century fort @ Komárom, Hungary
http://bit.ly/2VvP3uJ
Submitted April 28, 2019 at 04:18PM by dn3t
via reddit http://bit.ly/2GOBQVP
http://bit.ly/2VvP3uJ
Submitted April 28, 2019 at 04:18PM by dn3t
via reddit http://bit.ly/2GOBQVP
reddit
r/netsec - Call for Papers @ Camp++, a security camp in a 19th century fort @ Komárom, Hungary
0 votes and 0 comments so far on Reddit
GitHub - jrentenaar/Office-365-Extractor: The Office 365 Extractor is a tool that allows for complete and reliable extraction of the Unified Audit Log (UAL)
http://bit.ly/2DBc1Xq
Submitted April 28, 2019 at 02:05PM by Bobbygehim
via reddit http://bit.ly/2XQzoDZ
http://bit.ly/2DBc1Xq
Submitted April 28, 2019 at 02:05PM by Bobbygehim
via reddit http://bit.ly/2XQzoDZ
GitHub
jrentenaar/Office-365-Extractor
The Office 365 Extractor is a tool that allows for complete and reliable extraction of the Unified Audit Log (UAL) - jrentenaar/Office-365-Extractor
HackTheBox Write-up Irked
http://bit.ly/2PCSPNB
Submitted April 29, 2019 at 12:08AM by Eta-Meson
via reddit http://bit.ly/2WaZTn7
http://bit.ly/2PCSPNB
Submitted April 29, 2019 at 12:08AM by Eta-Meson
via reddit http://bit.ly/2WaZTn7
Medium
HackTheBox Write-up Irked
This is the write-up of the Machine IRKED from HackTheBox
SSTI in Confluence Server via Widget Connector (and Recon for Bug Bounties)
http://bit.ly/2DCwefs
Submitted April 28, 2019 at 11:43PM by nibblesec
via reddit http://bit.ly/2WbwJ7x
http://bit.ly/2DCwefs
Submitted April 28, 2019 at 11:43PM by nibblesec
via reddit http://bit.ly/2WbwJ7x
Medium
How I hacked 50+ Companies in 6 hrs
Long story short, I have created my Hackerone/Bugcrowd profiles a way back in 2016 but I have never reported a bug there. I have never…
The only PowerShell Command you will ever need to find out who did what in Active Directory
http://bit.ly/2DBba96
Submitted April 29, 2019 at 06:26AM by yukon-corne1ius
via reddit http://bit.ly/2UNlPDo
http://bit.ly/2DBba96
Submitted April 29, 2019 at 06:26AM by yukon-corne1ius
via reddit http://bit.ly/2UNlPDo
reddit
r/sysadmin - The only PowerShell Command you will ever need to find out who did what in Active Directory
1,797 votes and 115 comments so far on Reddit
SpamTitan Email Security Now Includes Sandboxing and DMARC Authentication
http://bit.ly/2LbAb0V
Submitted April 29, 2019 at 03:19PM by askdjgfczx
via reddit http://bit.ly/2VFFI3X
http://bit.ly/2LbAb0V
Submitted April 29, 2019 at 03:19PM by askdjgfczx
via reddit http://bit.ly/2VFFI3X
WebTitan
SpamTitan Email Security Now Includes Sandboxing and DMARC Authentication - WebTitan
TitanHQ has announced its award-winning email security solution is now even better. Sandboxing and DMARC email authentication have now been added to better protect users from email threats.
Could use some third party opinion about carrer change
http://bit.ly/2XPsleI
Submitted April 29, 2019 at 05:34PM by show_me_sth_new
via reddit http://bit.ly/2LcJPQN
http://bit.ly/2XPsleI
Submitted April 29, 2019 at 05:34PM by show_me_sth_new
via reddit http://bit.ly/2LcJPQN
reddit
r/AskNetsec - Could use some third party opinion about carrer change
0 votes and 3 comments so far on Reddit
Community Health Systems Data Breach Settlement Agreed
http://bit.ly/2ILzMQR
Submitted April 29, 2019 at 05:14PM by asad1234ry
via reddit http://bit.ly/2V4LOem
http://bit.ly/2ILzMQR
Submitted April 29, 2019 at 05:14PM by asad1234ry
via reddit http://bit.ly/2V4LOem
Compliance Junction
Community Health Systems Data Breach Settlement Agreed - Compliance Junction
Facebook Twitter Google+ LinkedIn Patients of Community Health Systems’ (CHS), who had their protected health information (PHI) illegally obtains in a hacking attack in 2014 have been offered compensation in relation to the violation of [...]