Over 25,000 Linksys Smart Wi-Fi routers vulnerable to sensitive information disclosure flaw
http://bit.ly/2WFM7cw
Submitted May 13, 2019 at 11:15PM by bad_packets
via reddit http://bit.ly/2HoMMc1
http://bit.ly/2WFM7cw
Submitted May 13, 2019 at 11:15PM by bad_packets
via reddit http://bit.ly/2HoMMc1
badpackets.net
Over 25,000 Linksys Smart Wi-Fi routers vulnerable to sensitive information disclosure flaw
Our honeypots frequently detect scans targeting various home automation protocol endpoints. Many of these attacks aim to exploit vulnerable consumer routers. Upon further investigation, we've discovered a persistent flaw affecting Linksys Smart Wi-Fi routers…
Speculation that 3 Large A/V Companies Have Been Compromised by Russian Attackers
http://bit.ly/30gmKAe
Submitted May 13, 2019 at 11:57PM by Hairy_Gear
via reddit http://bit.ly/2E5LFgh
http://bit.ly/30gmKAe
Submitted May 13, 2019 at 11:57PM by Hairy_Gear
via reddit http://bit.ly/2E5LFgh
BleepingComputer
New Details Emerge of Fxmsp's Hacking of Antivirus Companies
It is difficult to fathom that a threat actor may be able to breach the networks of a reputed security company. Yet, this is not only possible but also happened in the past; and it is not far-fetched to believe that it is the case with at least three antivirus…
Thrangrycat vulnerability impacting Cisco products
http://bit.ly/2WIvblt
Submitted May 13, 2019 at 11:42PM by campuscodi
via reddit http://bit.ly/2LGqlEw
http://bit.ly/2WIvblt
Submitted May 13, 2019 at 11:42PM by campuscodi
via reddit http://bit.ly/2LGqlEw
reddit
r/netsec - Thrangrycat vulnerability impacting Cisco products
0 votes and 3 comments so far on Reddit
CSRF mitigation via SameSite (an overview)
http://bit.ly/2YluYVS
Submitted May 13, 2019 at 04:22PM by neverforgetdream
via reddit http://bit.ly/2Q0wDgN
http://bit.ly/2YluYVS
Submitted May 13, 2019 at 04:22PM by neverforgetdream
via reddit http://bit.ly/2Q0wDgN
reddit
r/netsec - CSRF mitigation via SameSite (an overview)
1 vote and 0 comments so far on Reddit
Classic Buffer Overflow still in Play at WhatsApp [Vulnerability]
http://bit.ly/2E72Lu9
Submitted May 14, 2019 at 01:08PM by shoque71
via reddit http://bit.ly/2LQocpY
http://bit.ly/2E72Lu9
Submitted May 14, 2019 at 01:08PM by shoque71
via reddit http://bit.ly/2LQocpY
Linux Kernel Prior to 5.0.8 Vulnerable to Remote Code Execution
http://bit.ly/2W4izbg
Submitted May 14, 2019 at 01:03PM by nar2k16
via reddit http://bit.ly/2vWnm03
http://bit.ly/2W4izbg
Submitted May 14, 2019 at 01:03PM by nar2k16
via reddit http://bit.ly/2vWnm03
BleepingComputer
Linux Kernel Prior to 5.0.8 Vulnerable to Remote Code Execution
Linux machines running distributions powered by kernels prior to 5.0.8 are affected by a race condition vulnerability leading to a use after free, related to net namespace cleanup, exposing vulnerable systems to remote attacks.
"Web scraping considered dangerous": Exploiting the telnet service in scrapy < 1.5.2
http://bit.ly/2WMRwi8
Submitted May 14, 2019 at 01:03PM by csalazars
via reddit http://bit.ly/2PZAf2z
http://bit.ly/2WMRwi8
Submitted May 14, 2019 at 01:03PM by csalazars
via reddit http://bit.ly/2PZAf2z
Medium
“Web scraping considered dangerous”: Exploiting the telnet service in scrapy < 1.5.2
Disclaimer: scrapy 1.5.2 has been released on January 22th, to avoid being exploited you must disable telnet console (enabled by default)…
Help with getting started with Infoblox
http://bit.ly/2LURNyz
Submitted May 14, 2019 at 03:04PM by kolastyl
via reddit http://bit.ly/2JCHI6t
http://bit.ly/2LURNyz
Submitted May 14, 2019 at 03:04PM by kolastyl
via reddit http://bit.ly/2JCHI6t
reddit
r/sysadmin - Help with getting started with Infoblox
0 votes and 0 comments so far on Reddit
Sinkholing BadWPAD infrastructure - wpad.pl / wpadblocking.com case (part 4)
http://bit.ly/2Q2IsTv
Submitted May 14, 2019 at 06:41PM by adamziaja_com
via reddit http://bit.ly/2E7Hssp
http://bit.ly/2Q2IsTv
Submitted May 14, 2019 at 06:41PM by adamziaja_com
via reddit http://bit.ly/2E7Hssp
blog.redteam.pl
Sinkholing BadWPAD infrastructure - wpad.pl / wpadblocking.com case (part 4)
red team, blue team, penetration testing, red teaming, threat hunting, digital forensics, incident response, cyber security, IT security
LES: Linux privilege escalation auditing tool
http://bit.ly/2VUxYev
Submitted May 14, 2019 at 06:32PM by mzet-
via reddit http://bit.ly/30lJ4Z5
http://bit.ly/2VUxYev
Submitted May 14, 2019 at 06:32PM by mzet-
via reddit http://bit.ly/30lJ4Z5
reddit
r/netsec - LES: Linux privilege escalation auditing tool
0 votes and 0 comments so far on Reddit
Fxmsp Claims Breaches of Three Major Anti-Virus Companies (Symantec, Trend Micro & McAfee)
http://bit.ly/2PWPcCz
Submitted May 14, 2019 at 08:47PM by oracleofmist
via reddit http://bit.ly/2Q6NnD8
http://bit.ly/2PWPcCz
Submitted May 14, 2019 at 08:47PM by oracleofmist
via reddit http://bit.ly/2Q6NnD8
mysite1
Top-Tier Russian Hacking Collective Claims Breaches of Three Major Anti-Virus Companies
"Fxmsp" is a Russian- and English-speaking high-profile hacking collective. They specialize in breaching highly-secure protected networks to access private corp
WhatsApp exploit allowed spyware to be installed
http://bit.ly/2vVJozQ
Submitted May 14, 2019 at 09:22PM by BeerJunky
via reddit http://bit.ly/2W0hbqq
http://bit.ly/2vVJozQ
Submitted May 14, 2019 at 09:22PM by BeerJunky
via reddit http://bit.ly/2W0hbqq
reddit
r/Scams - WhatsApp exploit allowed spyware to be installed
17 votes and 5 comments so far on Reddit
Myth Busting: Tor
http://bit.ly/2vVJpUq
Submitted May 14, 2019 at 09:21PM by CondiMesmer
via reddit http://bit.ly/2LIsNtZ
http://bit.ly/2vVJpUq
Submitted May 14, 2019 at 09:21PM by CondiMesmer
via reddit http://bit.ly/2LIsNtZ
My thoughts on security.
Slicing onions: Part 1 - Myth-busting Tor. — My thoughts on security.
The Tor network is an anonymity system designed to protect the privacy and anonymity of its users. Unlike VPN service, Tor is both free t...
Multiple versions of WhatsApp vulnerable to RCE
http://bit.ly/2WH7biJ
Submitted May 14, 2019 at 09:21PM by sudopanda
via reddit http://bit.ly/2W2tn9U
http://bit.ly/2WH7biJ
Submitted May 14, 2019 at 09:21PM by sudopanda
via reddit http://bit.ly/2W2tn9U
Lansweeper IT Asset Management
WhatsApp Zero-Day Vulnerability Allows Remote Spyware Installation
Our custom WhatsApp vulnerability report can tell you in no time which devices have a vulnerable WhatsApp version in place and need to be patched.
New security bug in Intel CPU's
http://mdsattacks.com/
Submitted May 14, 2019 at 10:50PM by pannenkoekenmetspek
via reddit http://bit.ly/2JBUDFG
http://mdsattacks.com/
Submitted May 14, 2019 at 10:50PM by pannenkoekenmetspek
via reddit http://bit.ly/2JBUDFG
reddit
New security bug in Intel CPU's
Posted in r/netsec by u/pannenkoekenmetspek • 543 points and 138 comments
Prevent a worm by updating Remote Desktop Services (CVE-2019-0708) – Microsoft Security Response Center
http://bit.ly/2JknhvG
Submitted May 15, 2019 at 01:42AM by raincan
via reddit http://bit.ly/2WJLGOa
http://bit.ly/2JknhvG
Submitted May 15, 2019 at 01:42AM by raincan
via reddit http://bit.ly/2WJLGOa
reddit
r/netsec - Prevent a worm by updating Remote Desktop Services (CVE-2019-0708) – Microsoft Security Response Center
0 votes and 1 comment so far on Reddit
John the Ripper 1.9.0-jumbo-1 password cracker is out
http://bit.ly/2HC49Gr
Submitted May 15, 2019 at 02:38AM by solardiz
via reddit http://bit.ly/2VAw4jy
http://bit.ly/2HC49Gr
Submitted May 15, 2019 at 02:38AM by solardiz
via reddit http://bit.ly/2VAw4jy
reddit
r/netsec - John the Ripper 1.9.0-jumbo-1 password cracker is out
0 votes and 0 comments so far on Reddit
SSDD - Remote desktop RCE CVE-2019-0708.
http://bit.ly/2HkzZIF
Submitted May 15, 2019 at 05:14AM by SpecialistFagazine
via reddit http://bit.ly/2Hpprqq
http://bit.ly/2HkzZIF
Submitted May 15, 2019 at 05:14AM by SpecialistFagazine
via reddit http://bit.ly/2Hpprqq
reddit
r/netsec - SSDD - Remote desktop RCE CVE-2019-0708.
0 votes and 1 comment so far on Reddit
WhatsApp flaw used to install spyware by simply calling the target - Help Net Security
http://bit.ly/2W06qEp
Submitted May 15, 2019 at 01:34PM by DuckGuy528
via reddit http://bit.ly/2vYXxw9
http://bit.ly/2W06qEp
Submitted May 15, 2019 at 01:34PM by DuckGuy528
via reddit http://bit.ly/2vYXxw9
Help Net Security
WhatsApp flaw used to install spyware by simply calling the target - Help Net Security
A zero-day flaw in WhatsApp allowed attackers to install spyware on smartphones without any user interaction, Financial Times has reported.
DEFCON Quals 2019 Veryandroidoso Solution with Frida
http://bit.ly/2VoFmuk
Submitted May 15, 2019 at 02:24PM by eybisi_
via reddit http://bit.ly/30lnnIH
http://bit.ly/2VoFmuk
Submitted May 15, 2019 at 02:24PM by eybisi_
via reddit http://bit.ly/30lnnIH
Ahmet Bilal Can
DEF CON Quals 2019 : VERYANDROIDOSO
Here is my writeup for VERYANDROIDOSO task. Ofcourse with frida :D App takes input from us and checks if it is correct flag. Length of flag should be 23 enclosed with OOO{..}. Also inside of brackets
RIDL, FALLOUT and ZombieLoad
http://bit.ly/2HqIdxJ
Submitted May 15, 2019 at 05:02PM by thatstevelord
via reddit http://bit.ly/2VpVQSL
http://bit.ly/2HqIdxJ
Submitted May 15, 2019 at 05:02PM by thatstevelord
via reddit http://bit.ly/2VpVQSL
blog.cygenta.co.uk
RIDL, FALLOUT and ZombieLoad
So three(3) new hardware based vulnerabilities were released and whilst we all
remember Spectre or Meltdown from last year these ones, these new
vulnerabilities show that hardware based attacks are not going to go away any
time soon, not only that but the…
remember Spectre or Meltdown from last year these ones, these new
vulnerabilities show that hardware based attacks are not going to go away any
time soon, not only that but the…