Sophisticated Phishing Using Homograph Attacks
http://bit.ly/2LZ69xE
Submitted May 22, 2019 at 07:56PM by slashcrypto
via reddit http://bit.ly/2WnGO4m
http://bit.ly/2LZ69xE
Submitted May 22, 2019 at 07:56PM by slashcrypto
via reddit http://bit.ly/2WnGO4m
Offensity
Sophisticated Spear Phishing Campaigns using Homograph Attacks | Offensity
Use offense to plan defense.
New Windows 10 zero-day gets published to Github by SandboxEscaper
http://bit.ly/2VGqZS0
Submitted May 22, 2019 at 08:41PM by ThrowAway823434-234
via reddit http://bit.ly/30DOFu8
http://bit.ly/2VGqZS0
Submitted May 22, 2019 at 08:41PM by ThrowAway823434-234
via reddit http://bit.ly/30DOFu8
Neowin
New Windows 10 zero-day gets published to Github by SandboxEscaper
A new Windows 10 zero-day has surfaced on Github. The vulnerability, which Microsoft isn't believed to have been forewarned about, was released by SandboxEscaper who has previously released zero-days.
Building backdoors for Apache (PoC inside with socks5 support, root shell, hiding logs...)
http://bit.ly/2QhHQcE
Submitted May 22, 2019 at 08:25PM by gid0rah
via reddit http://bit.ly/2wjVp25
http://bit.ly/2QhHQcE
Submitted May 22, 2019 at 08:25PM by gid0rah
via reddit http://bit.ly/2wjVp25
Tarlogic Security - Cyber Security and Ethical hacking
Backdoors in XAMP stack (part III): Apache Modules
This third fascicle of the series about backdoors for web servers based on the XAMP stack (Apache2, MySQL, PHP), will focus on the development of modules for Apache2 in the context of a Red Team operation . The use of modules and plugins for web servers as…
Fuzz a WebSocket with the Python Kitty Fuzzing Framework (OWASP ZAP didn't work for this case)
http://bit.ly/2JVx2A1
Submitted May 22, 2019 at 09:46PM by andreashappe
via reddit http://bit.ly/2VJcX26
http://bit.ly/2JVx2A1
Submitted May 22, 2019 at 09:46PM by andreashappe
via reddit http://bit.ly/2VJcX26
snikt.net
To Fuzz a WebSocket
During a recent assignment the customer server was utilizing a WebSocket for some notification transport, part of my assignment was to fuzz-test the used WebSocket (and the messages transported over it).
To do this, I turned to my typical tools:
PortSwigger…
To do this, I turned to my typical tools:
PortSwigger…
No, 2FA Does Not Stop Credential Stuffing Attacks
http://bit.ly/2HLB8YL
Submitted May 22, 2019 at 10:24PM by jsoverson
via reddit http://bit.ly/30zsTYx
http://bit.ly/2HLB8YL
Submitted May 22, 2019 at 10:24PM by jsoverson
via reddit http://bit.ly/30zsTYx
Medium
No, 2FA Does Not Stop Credential Stuffing Attacks
Credential Stuffing Myth debunked.
Introducing py-ews: A cross-platform Python package to interact with eDiscovery endpoints using Exchange Web Services for Exchange 2010 to 2019 and Office 365
Hello Everyone, I recently released an open-source Python package called py-ews. Py-ews allows you to (at this time) interact with the Exchange 2010 to 2019 (on-premises) and Office 365 eDiscovery endpoints to:GetSearchableMailboxes: Automatically identify all mailboxes in your environment that you have access rights to search.SearchMailboxes: By using Microsoft’s Advanced Query Syntax you can search a single or all mailboxes in your environment.DeleteItem: You can HardDelete, SoftDelete or MoveToDeletedItems a mail item.Autodiscover: Autodiscover enables you to call a single endpoint when communicating with EWS.ResolveNames: Translate a users email address into a detailed user object to retrieve properties from.GetInboxRules: Determine the inbox rules of a single mailbox.You can read more about it with this blog post: https://swimlane.com/blog/swimlane-research-team-py-ews/The official documentation is here: https://py-ews.readthedocs.io/en/latest/Also, this is my first pypi python package (I previously have wrote and distributed a lot of PowerShell modules).I hope this helps some of you out there! Cheers!
Submitted May 22, 2019 at 09:33PM by _Unas_
via reddit http://bit.ly/2X2m67g
Hello Everyone, I recently released an open-source Python package called py-ews. Py-ews allows you to (at this time) interact with the Exchange 2010 to 2019 (on-premises) and Office 365 eDiscovery endpoints to:GetSearchableMailboxes: Automatically identify all mailboxes in your environment that you have access rights to search.SearchMailboxes: By using Microsoft’s Advanced Query Syntax you can search a single or all mailboxes in your environment.DeleteItem: You can HardDelete, SoftDelete or MoveToDeletedItems a mail item.Autodiscover: Autodiscover enables you to call a single endpoint when communicating with EWS.ResolveNames: Translate a users email address into a detailed user object to retrieve properties from.GetInboxRules: Determine the inbox rules of a single mailbox.You can read more about it with this blog post: https://swimlane.com/blog/swimlane-research-team-py-ews/The official documentation is here: https://py-ews.readthedocs.io/en/latest/Also, this is my first pypi python package (I previously have wrote and distributed a lot of PowerShell modules).I hope this helps some of you out there! Cheers!
Submitted May 22, 2019 at 09:33PM by _Unas_
via reddit http://bit.ly/2X2m67g
Docs
QueryString (QueryStringType)
The QueryString element contains a mailbox query string based on Advanced Query Syntax (AQS).
Write-up | WD My Cloud RCE
http://bit.ly/2YGhBzN
Submitted May 23, 2019 at 01:19AM by bnbdr
via reddit http://bit.ly/2VHOfio
http://bit.ly/2YGhBzN
Submitted May 23, 2019 at 01:19AM by bnbdr
via reddit http://bit.ly/2VHOfio
https://bnbdr.github.io/
WD My Cloud RCE
*slaps NAS* This baby fits so many CVEs
How to Create a Malware Detection System With Machine Learning
http://bit.ly/2WZPhb3
Submitted May 23, 2019 at 04:10AM by evilsocket
via reddit http://bit.ly/2ECrAPd
http://bit.ly/2WZPhb3
Submitted May 23, 2019 at 04:10AM by evilsocket
via reddit http://bit.ly/2ECrAPd
evilsocket
How to Create a Malware Detection System With Machine Learning
In this post we’ll talk about two topics I love and that have been central elements of my (private) research for the last ~7 years: machine learning and malware detection. Having a rather empirical an
Multithreaded powershell noscript to exfiltrate data securely
http://bit.ly/2VTy46G
Submitted May 23, 2019 at 03:43AM by p3nt4
via reddit http://bit.ly/2YC1TWi
http://bit.ly/2VTy46G
Submitted May 23, 2019 at 03:43AM by p3nt4
via reddit http://bit.ly/2YC1TWi
GitHub
p3nt4/MagicCopy
Powershell noscript to exfiltrate large files quickly and securely - p3nt4/MagicCopy
Love is in the air: Reverse Engineering a shitty drone :: EzequielTBH Blog's
http://bit.ly/2VJWKK2
Submitted May 23, 2019 at 07:52AM by EzequielTBH
via reddit http://bit.ly/2wnFW1n
http://bit.ly/2VJWKK2
Submitted May 23, 2019 at 07:52AM by EzequielTBH
via reddit http://bit.ly/2wnFW1n
ezequieltbh.me
Love is in the air: Reverse Engineering a shitty drone
On March 9, 2018, (hey, better late than never :), Security Jam, a security meeting/conference, was held, where speakers present their Research in a relaxed environment.
Last year I was lucky enough to be able to participate as a Speaker giving a talk called:…
Last year I was lucky enough to be able to participate as a Speaker giving a talk called:…
New Zero-Day Exploit for Bug in Windows 10 Task Scheduler
http://bit.ly/30CuqwH
Submitted May 23, 2019 at 10:43AM by 0x2dend
via reddit http://bit.ly/2HJZXUW
http://bit.ly/30CuqwH
Submitted May 23, 2019 at 10:43AM by 0x2dend
via reddit http://bit.ly/2HJZXUW
BleepingComputer
New Zero-Day Exploit for Bug in Windows 10 Task Scheduler
Exploit developer SandboxEscaper has quietly dropped a new zero-day exploit for the Windows operating system just a week after Microsoft's monthly cycle of security updates.
Fun With Custom URI Schemes, featuring another Origin RCE
http://bit.ly/2YGOwEn
Submitted May 23, 2019 at 10:41AM by bigsn00p
via reddit http://bit.ly/2VXBcia
http://bit.ly/2YGOwEn
Submitted May 23, 2019 at 10:41AM by bigsn00p
via reddit http://bit.ly/2VXBcia
zeropwn.github.io
Fun With Custom URI Schemes
Take a look into how custom URI schemes can be used to leverage underlying vulnerabilities in applications.
Insights as incident responders on Business Email Compromises
http://bit.ly/2Mjb64P
Submitted May 23, 2019 at 02:19PM by Bobbygehim
via reddit http://bit.ly/2YKbYRg
http://bit.ly/2Mjb64P
Submitted May 23, 2019 at 02:19PM by Bobbygehim
via reddit http://bit.ly/2YKbYRg
Linkedin
Responding to a Business Email Compromise - Part 3
This three-part blog series is about Business Email Compromises (BEC) targeting Office 365 environments and our insights as incident responders. The first post can be found here and contains an introduction to BEC attacks and the challenges that often arise…
Why Reverse Tabnabbing Matters (an Example on Reddit)
http://bit.ly/2X9zEhe
Submitted May 23, 2019 at 01:32PM by RedTeamPentesting
via reddit http://bit.ly/2EsZ1nf
http://bit.ly/2X9zEhe
Submitted May 23, 2019 at 01:32PM by RedTeamPentesting
via reddit http://bit.ly/2EsZ1nf
reddit
r/netsec - Why Reverse Tabnabbing Matters (an Example on Reddit)
0 votes and 1 comment so far on Reddit
Abusing jQuery for CSS powered timing attacks | Blog
http://bit.ly/2HQsSXE
Submitted May 23, 2019 at 05:58PM by minecrater1
via reddit http://bit.ly/2wgU64g
http://bit.ly/2HQsSXE
Submitted May 23, 2019 at 05:58PM by minecrater1
via reddit http://bit.ly/2wgU64g
portswigger.net
Abusing jQuery for CSS powered timing attacks | Blog
Arthur Saftnes did some quite awesome research last year on timing attacks with jQuery CSS selectors, in fact it was probably my favourite blog post from last year. It's a common design pattern for we
BadWPAD wpad.software case and DNS threat hunting
http://bit.ly/2YQ15NP
Submitted May 23, 2019 at 11:08PM by adamziaja_com
via reddit http://bit.ly/30Fibj1
http://bit.ly/2YQ15NP
Submitted May 23, 2019 at 11:08PM by adamziaja_com
via reddit http://bit.ly/30Fibj1
blog.redteam.pl
BadWPAD wpad.software case and DNS threat hunting
red team, blue team, penetration testing, red teaming, threat hunting, digital forensics, incident response, cyber security, IT security
Is there a technical term for these "light codes"? I looked around on Wikipedia and could find any mention, seems like an interesting stego technique
http://bit.ly/2HyBqTU
Submitted May 23, 2019 at 11:08PM by MaroonOriole77
via reddit http://bit.ly/2VKvY40
http://bit.ly/2HyBqTU
Submitted May 23, 2019 at 11:08PM by MaroonOriole77
via reddit http://bit.ly/2VKvY40
reddit
r/UnresolvedMysteries - Light code found hidden within Zodiac Killers My name is letter that came with a bomb diagram.
3,658 votes and 296 comments so far on Reddit
Counting Outdated Honeypots: Legal and Useful
http://bit.ly/2WYP8F2
Submitted May 24, 2019 at 08:01AM by amv42
via reddit http://bit.ly/2Eq37fx
http://bit.ly/2WYP8F2
Submitted May 24, 2019 at 08:01AM by amv42
via reddit http://bit.ly/2Eq37fx
reddit
r/honeypot - Counting Outdated Honeypots: Legal and Useful
5 votes and 2 comments so far on Reddit
Having some fun with HTTP 301 cache poisoning
http://bit.ly/2JEwSOa
Submitted May 24, 2019 at 06:24PM by piotrd_
via reddit http://bit.ly/2EvIy1t
http://bit.ly/2JEwSOa
Submitted May 24, 2019 at 06:24PM by piotrd_
via reddit http://bit.ly/2EvIy1t
blog.duszynski.eu
Permanent URL Hijack Through 301 HTTP Redirect Cache Poisoning
This blog post describes an interesting technique of abusing the standard HTTP 301 responses (“Permanent redirect”) to poison browser cache and achieve endpoint persistence for chosen non-TLS resources.
Combined with the “Client Domain Hooking” attack, this…
Combined with the “Client Domain Hooking” attack, this…
A brief analysis on CVE-2019-11815
http://bit.ly/2HAHKtZ
Submitted May 24, 2019 at 10:23PM by staz0t
via reddit http://bit.ly/2YPepC1
http://bit.ly/2HAHKtZ
Submitted May 24, 2019 at 10:23PM by staz0t
via reddit http://bit.ly/2YPepC1
reddit
r/netsec - A brief analysis on CVE-2019-11815
0 votes and 1 comment so far on Reddit
Cryptography Dispatches - a new newsletter by Filippo Valsorda @FiloSottile
http://bit.ly/2VNYB0j
Submitted May 24, 2019 at 11:50PM by gbrayut
via reddit http://bit.ly/30EwJzn
http://bit.ly/2VNYB0j
Submitted May 24, 2019 at 11:50PM by gbrayut
via reddit http://bit.ly/30EwJzn
buttondown.email
Cryptography Dispatches
Cryptography Dispatches is [Filippo Valsorda](https://blog.filippo.io/hi)'s newsletter. It tries to bring longer form discussion of the cryptography engineering topics touched on [@FiloSottile](https://twitter.com/FiloSottile), but broader breath than those…