SSTI in Confluence Server via Widget Connector (and Recon for Bug Bounties)
http://bit.ly/2DCwefs
Submitted April 28, 2019 at 11:43PM by nibblesec
via reddit http://bit.ly/2WbwJ7x
http://bit.ly/2DCwefs
Submitted April 28, 2019 at 11:43PM by nibblesec
via reddit http://bit.ly/2WbwJ7x
Medium
How I hacked 50+ Companies in 6 hrs
Long story short, I have created my Hackerone/Bugcrowd profiles a way back in 2016 but I have never reported a bug there. I have never…
The only PowerShell Command you will ever need to find out who did what in Active Directory
http://bit.ly/2DBba96
Submitted April 29, 2019 at 06:26AM by yukon-corne1ius
via reddit http://bit.ly/2UNlPDo
http://bit.ly/2DBba96
Submitted April 29, 2019 at 06:26AM by yukon-corne1ius
via reddit http://bit.ly/2UNlPDo
reddit
r/sysadmin - The only PowerShell Command you will ever need to find out who did what in Active Directory
1,797 votes and 115 comments so far on Reddit
SpamTitan Email Security Now Includes Sandboxing and DMARC Authentication
http://bit.ly/2LbAb0V
Submitted April 29, 2019 at 03:19PM by askdjgfczx
via reddit http://bit.ly/2VFFI3X
http://bit.ly/2LbAb0V
Submitted April 29, 2019 at 03:19PM by askdjgfczx
via reddit http://bit.ly/2VFFI3X
WebTitan
SpamTitan Email Security Now Includes Sandboxing and DMARC Authentication - WebTitan
TitanHQ has announced its award-winning email security solution is now even better. Sandboxing and DMARC email authentication have now been added to better protect users from email threats.
Could use some third party opinion about carrer change
http://bit.ly/2XPsleI
Submitted April 29, 2019 at 05:34PM by show_me_sth_new
via reddit http://bit.ly/2LcJPQN
http://bit.ly/2XPsleI
Submitted April 29, 2019 at 05:34PM by show_me_sth_new
via reddit http://bit.ly/2LcJPQN
reddit
r/AskNetsec - Could use some third party opinion about carrer change
0 votes and 3 comments so far on Reddit
Community Health Systems Data Breach Settlement Agreed
http://bit.ly/2ILzMQR
Submitted April 29, 2019 at 05:14PM by asad1234ry
via reddit http://bit.ly/2V4LOem
http://bit.ly/2ILzMQR
Submitted April 29, 2019 at 05:14PM by asad1234ry
via reddit http://bit.ly/2V4LOem
Compliance Junction
Community Health Systems Data Breach Settlement Agreed - Compliance Junction
Facebook Twitter Google+ LinkedIn Patients of Community Health Systems’ (CHS), who had their protected health information (PHI) illegally obtains in a hacking attack in 2014 have been offered compensation in relation to the violation of [...]
CoreHook: Function Intercept Framework
http://bit.ly/2VL8IUx
Submitted April 29, 2019 at 10:18PM by unknownv2
via reddit http://bit.ly/2V1wpvs
http://bit.ly/2VL8IUx
Submitted April 29, 2019 at 10:18PM by unknownv2
via reddit http://bit.ly/2V1wpvs
GitHub
unknownv2/CoreHook
A library that simplifies intercepting application function calls using managed code and the .NET Core runtime - unknownv2/CoreHook
Extract PGP secret keys from Gnuk / Nitrokey Start firmwares
http://bit.ly/2GPFCyi
Submitted April 29, 2019 at 11:50PM by r0t42
via reddit http://bit.ly/2vpdNX8
http://bit.ly/2GPFCyi
Submitted April 29, 2019 at 11:50PM by r0t42
via reddit http://bit.ly/2vpdNX8
reddit
r/crypto - Extract PGP secret keys from Gnuk / Nitrokey Start firmwares
0 votes and 1 comment so far on Reddit
modDetective - Small Python tool that analyzes the modification times of files on a system in order to investigate recent system activity
http://bit.ly/2V8WokV
Submitted April 30, 2019 at 01:54AM by kindredsec
via reddit http://bit.ly/2GJegZj
http://bit.ly/2V8WokV
Submitted April 30, 2019 at 01:54AM by kindredsec
via reddit http://bit.ly/2GJegZj
GitHub
itsKindred/modDetective
modDetective is a small Python tool that chronologizes files based on modification time in order to investigate recent system activity. - itsKindred/modDetective
12 Ways Cloud Upended IT Security (And What You Can Do About It)
http://bit.ly/2IZ9oSK
Submitted April 30, 2019 at 07:01AM by OnlyInstruction
via reddit http://bit.ly/2ZJfbSn
http://bit.ly/2IZ9oSK
Submitted April 30, 2019 at 07:01AM by OnlyInstruction
via reddit http://bit.ly/2ZJfbSn
www.fugue.co
12 Ways Cloud Upended IT Security (And What You Can Do About It)
The cloud represents the most disruptive trend in enterprise IT over the past decade, and security teams have not escaped turmoil during the transition. Here, we take a look at the ways cloud has disrupted security, with insights into how security teams can…
Unknown Data Breach Exposes 80 Million US Households
http://bit.ly/2J3m8aR
Submitted April 30, 2019 at 02:40PM by damaxoh
via reddit http://bit.ly/2IPs6ge
http://bit.ly/2J3m8aR
Submitted April 30, 2019 at 02:40PM by damaxoh
via reddit http://bit.ly/2IPs6ge
vpnMentor
Report: Unknown Data Breach Exposes 80 Million US Households
vpnMentor’s research team discovered a hack affecting 80 million American households. Known hacktivists Noam Rotem and Ran Locar discovered an unprotected ...
Breaking Widevine Content Protection (DRM) on Streaming Websites
http://bit.ly/2IQ2WOH
Submitted April 30, 2019 at 02:30PM by JustAPenTester
via reddit http://bit.ly/2ZJFKXo
http://bit.ly/2IQ2WOH
Submitted April 30, 2019 at 02:30PM by JustAPenTester
via reddit http://bit.ly/2ZJFKXo
Fidus Information Security
A Primer on Widevine and How It Can Be Abused to Download Encrypted Movies/Shows - Fidus Information Security
First things first, what is Widevine? Widevine is an encryption framework that is used for digital rights management (DRM). It’s owned by Google, but used by a huge array of content creators and streaming services, on account of it being royalty free to use…
Eight Devices, One Exploit: OEM Vulnerabilities
http://bit.ly/2XW9Pl6
Submitted April 30, 2019 at 06:43PM by chicksdigthelongrun
via reddit http://bit.ly/2GSqmRk
http://bit.ly/2XW9Pl6
Submitted April 30, 2019 at 06:43PM by chicksdigthelongrun
via reddit http://bit.ly/2GSqmRk
Medium
Eight Devices, One Exploit
OEM Vulnerabilities
Survey of AWS IAM Exploitation Techniques
http://bit.ly/2Y0lLlP
Submitted April 30, 2019 at 06:36PM by illegitimateDA
via reddit http://bit.ly/2J52JWY
http://bit.ly/2Y0lLlP
Submitted April 30, 2019 at 06:36PM by illegitimateDA
via reddit http://bit.ly/2J52JWY
reddit
r/netsec - Survey of AWS IAM Exploitation Techniques
0 votes and 0 comments so far on Reddit
Misusing TCP Timestamps for uptime calculation & host identification
http://bit.ly/2XV3JkO
Submitted April 30, 2019 at 05:46PM by pimterry
via reddit http://bit.ly/2GWZL5L
http://bit.ly/2XV3JkO
Submitted April 30, 2019 at 05:46PM by pimterry
via reddit http://bit.ly/2GWZL5L
www.scip.ch
Misusing TCP Timestamps
by Veit Hailperin
About 14,000 People Affected by Klaussner Furniture Industries and Vetern Health Administration Breaches
http://bit.ly/2PCUEdu
Submitted May 01, 2019 at 12:57AM by laptop23lap
via reddit http://bit.ly/2Wb6PRc
http://bit.ly/2PCUEdu
Submitted May 01, 2019 at 12:57AM by laptop23lap
via reddit http://bit.ly/2Wb6PRc
HIPAAnswers
About 14,000 People Affected by Klaussner Furniture Industries and Vetern Health Administration Breaches - HIPAAnswers
Facebook Twitter Google+ LinkedIn A security breach on Klaussner Furniture Industries, Inc resulted to the exposure of the protected health information (PHI) of its 9,352...
[PDF] “Johnny, you are fired!” – Spoofing OpenPGP and S/MIME Signatures in Emails
http://bit.ly/2J19VDI
Submitted May 01, 2019 at 01:50AM by _vavkamil_
via reddit http://bit.ly/2DDVP7E
http://bit.ly/2J19VDI
Submitted May 01, 2019 at 01:50AM by _vavkamil_
via reddit http://bit.ly/2DDVP7E
GitHub
RUB-NDS/Johnny-You-Are-Fired
Artifacts for the USENIX publication. Contribute to RUB-NDS/Johnny-You-Are-Fired development by creating an account on GitHub.
What I Learned After a Year as a Cybersecurity Mentor
http://bit.ly/2Pyt7d2
Submitted May 01, 2019 at 02:33AM by DorkNowitzki41
via reddit http://bit.ly/2GWgkic
http://bit.ly/2Pyt7d2
Submitted May 01, 2019 at 02:33AM by DorkNowitzki41
via reddit http://bit.ly/2GWgkic
VeteranSec
What I Learned After a Year as a Cybersecurity Mentor
When I
From Workstation to Domain Admin: Why Secure Administration Isn’t Secure and How to Fix It by Sean Metcalf
http://bit.ly/2PExROh
Submitted May 01, 2019 at 04:18AM by dukeofmola
via reddit http://bit.ly/2WeD5TH
http://bit.ly/2PExROh
Submitted May 01, 2019 at 04:18AM by dukeofmola
via reddit http://bit.ly/2WeD5TH
Insinuator.net
#TR19 Active Directory Security Summaries
This blogpost contains summaries of talks from this year’s TROOPERS19 Active Directory Security Track.
From Workstation to Domain Admin: Why Secure Administration Isn't Secure and How to Fix It by Sean Metcalf
Active Directory is probably used in almost…
From Workstation to Domain Admin: Why Secure Administration Isn't Secure and How to Fix It by Sean Metcalf
Active Directory is probably used in almost…
The /r/netsec Monthly Discussion Thread - May 2019
OverviewQuestions regarding netsec and discussion related directly to netsec are welcome here.Rules & GuidelinesAlways maintain civil discourse. Be awesome to one another - moderator intervention will occur if necessary.Avoid NSFW content unless absolutely necessary. If used, mark it as being NSFW. If left unmarked, the comment will be removed entirely.If linking to classified content, mark it as such. If left unmarked, the comment will be removed entirely.Avoid use of memes. If you have something to say, say it with real words.All discussions and questions should directly relate to netsec.No tech support is to be requested or provided on /r/netsec.As always, the content & discussion guidelines should also be observed on /r/netsec.FeedbackFeedback and suggestions are welcome, but don't post it here. Please send it to the moderator inbox.
Submitted May 01, 2019 at 10:06AM by AutoModerator
via reddit http://bit.ly/2LoV1K2
OverviewQuestions regarding netsec and discussion related directly to netsec are welcome here.Rules & GuidelinesAlways maintain civil discourse. Be awesome to one another - moderator intervention will occur if necessary.Avoid NSFW content unless absolutely necessary. If used, mark it as being NSFW. If left unmarked, the comment will be removed entirely.If linking to classified content, mark it as such. If left unmarked, the comment will be removed entirely.Avoid use of memes. If you have something to say, say it with real words.All discussions and questions should directly relate to netsec.No tech support is to be requested or provided on /r/netsec.As always, the content & discussion guidelines should also be observed on /r/netsec.FeedbackFeedback and suggestions are welcome, but don't post it here. Please send it to the moderator inbox.
Submitted May 01, 2019 at 10:06AM by AutoModerator
via reddit http://bit.ly/2LoV1K2
Reddit
Technical Information Security Content & Discussion
/r/netsec is a community-curated aggregator of technical information security content. Our mission is to extract signal from the noise — to provide value to security practitioners, students, researchers, and hackers everywhere.
Vulmap: Online Local Vulnerability Scanners Project
http://bit.ly/2J7fDns
Submitted May 01, 2019 at 01:26PM by drodrouw
via reddit http://bit.ly/2GUT4Rl
http://bit.ly/2J7fDns
Submitted May 01, 2019 at 01:26PM by drodrouw
via reddit http://bit.ly/2GUT4Rl
GitHub
vulmon/Vulmap
Vulmap Online Local Vulnerability Scanners Project - vulmon/Vulmap
5 Reasons Your Network Infrastructure Needs an Upgrade
http://bit.ly/2XQqWEA
Submitted May 01, 2019 at 01:55PM by anubhavsingh2709
via reddit http://bit.ly/2IUfyEC
http://bit.ly/2XQqWEA
Submitted May 01, 2019 at 01:55PM by anubhavsingh2709
via reddit http://bit.ly/2IUfyEC
elink
5 Reasons Your Network Infrastructure Needs an Upgrade