NorthSec 2019 — Windows Track Writeup
http://bit.ly/2Ih3uug
Submitted June 04, 2019 at 05:04AM by becojo
via reddit http://bit.ly/2ESJ5dU
http://bit.ly/2Ih3uug
Submitted June 04, 2019 at 05:04AM by becojo
via reddit http://bit.ly/2ESJ5dU
etticblog
NorthSec 2019 — Windows Track Writeup
For many years, my friend Stéphane Sigmen and I were involved in the CTF of Hackfest.ca, a great conference and on-site CTF event that…
Repository of malware samples paired with blog writeups
http://bit.ly/2WzVk6j
Submitted June 04, 2019 at 03:53AM by amusciano
via reddit http://bit.ly/2KnNmtz
http://bit.ly/2WzVk6j
Submitted June 04, 2019 at 03:53AM by amusciano
via reddit http://bit.ly/2KnNmtz
GitHub
InQuest/malware-samples
A collection of malware samples and relevant dissection information, most probably referenced from http://blog.inquest.net - InQuest/malware-samples
I wonder where Huawei will be in 6 months.
http://bit.ly/2wy2AUF
Submitted June 04, 2019 at 03:45AM by MLTechi
via reddit http://bit.ly/2WlJosK
http://bit.ly/2wy2AUF
Submitted June 04, 2019 at 03:45AM by MLTechi
via reddit http://bit.ly/2WlJosK
OneZero
The Huawei Sanction Might Just Pop the Tech Bubble
This crisis is about much more than one company
Reverse Engineering of a Not-so-Secure IoT Device
http://bit.ly/2HLyjIo
Submitted June 04, 2019 at 01:19PM by nada_mau
via reddit http://bit.ly/2XjL1n3
http://bit.ly/2HLyjIo
Submitted June 04, 2019 at 01:19PM by nada_mau
via reddit http://bit.ly/2XjL1n3
MCU on Eclipse
Reverse Engineering of a Not-so-Secure IoT Device
The ‘Internet of Things’ is coming! It started as an overused marketing hype with no real use case (who needs internet connected fridges? Who wants the internet connected toilet paper?)…
The Bible of Kerberos Attacks
http://bit.ly/2HVXvfv
Submitted June 04, 2019 at 03:04PM by gid0rah
via reddit http://bit.ly/3192sZF
http://bit.ly/2HVXvfv
Submitted June 04, 2019 at 03:04PM by gid0rah
via reddit http://bit.ly/3192sZF
Tarlogic Security - Cyber Security and Ethical hacking
Kerberos (II): How to attack Kerberos?
IntroductionIn this article about Kerberos, a few attacks against the protocol will be shown. In order to refresh the concepts behind the following attacks, it is recommended to check the first part of this series which covers Kerberos theory.The post is…
APT34/OilRig update - Jason, new leaked bruteforce tool
http://bit.ly/2Gl8uNy
Submitted June 04, 2019 at 02:59PM by GelosSnake
via reddit http://bit.ly/2WmxZZp
http://bit.ly/2Gl8uNy
Submitted June 04, 2019 at 02:59PM by GelosSnake
via reddit http://bit.ly/2WmxZZp
reddit
r/netsec - APT34/OilRig update - Jason, new leaked bruteforce tool
0 votes and 0 comments so far on Reddit
Another Task Scheduler 0day, Another Task Scheduler Micropatch (The SandboxEscaper Saga)
http://bit.ly/2Kp8Mqc
Submitted June 04, 2019 at 05:33PM by dielel
via reddit http://bit.ly/2ERwZSt
http://bit.ly/2Kp8Mqc
Submitted June 04, 2019 at 05:33PM by dielel
via reddit http://bit.ly/2ERwZSt
0Patch
Another Task Scheduler 0day, Another Task Scheduler Micropatch (The SandboxEscaper Saga)
Backward Compatibility is Hard, and so is Stacked Impersonation by Simon Raner and Mitja Kolsek, the 0patch Team Last August we is...
macOS - Getting root with benign AppStore apps
http://bit.ly/2QLM78M
Submitted June 04, 2019 at 09:45PM by PositivePeter
via reddit http://bit.ly/2wDUh9K
http://bit.ly/2QLM78M
Submitted June 04, 2019 at 09:45PM by PositivePeter
via reddit http://bit.ly/2wDUh9K
theevilbit.github.io
macOS - Getting root with benign AppStore apps
This writeup is intended to be a bit of storytelling. I would like to show how I went down the rabbit hole in a quick ’research’ I wanted to do, and eventually found a local privilege escalation vulnerability in macOS. I also want to show, tell about all…
Vim/Neovim Arbitrary Code Execution via Modelines
https://github.com/numirias/security/blob/master/doc/2019-06-04_ace-vim-neovim.md
Submitted June 04, 2019 at 11:08PM by Fa1l3r
via reddit https://www.reddit.com/r/netsec/comments/bwrjrx/vimneovim_arbitrary_code_execution_via_modelines/?utm_source=ifttt
https://github.com/numirias/security/blob/master/doc/2019-06-04_ace-vim-neovim.md
Submitted June 04, 2019 at 11:08PM by Fa1l3r
via reddit https://www.reddit.com/r/netsec/comments/bwrjrx/vimneovim_arbitrary_code_execution_via_modelines/?utm_source=ifttt
GitHub
security/doc/2019-06-04_ace-vim-neovim.md at master · numirias/security
Some of my security stuff and vulnerabilities. Nothing advanced. More to come. - numirias/security
Quest Diagnostics says 11.9 million patients' financial and medical information may have been exposed in data breach
https://www.cnbc.com/2019/06/03/quest-diagnostics-says-nearly-12-million-patients-may-have-had-data-breached.html
Submitted June 04, 2019 at 10:40PM by RGray805
via reddit http://bit.ly/2EU4dR0
https://www.cnbc.com/2019/06/03/quest-diagnostics-says-nearly-12-million-patients-may-have-had-data-breached.html
Submitted June 04, 2019 at 10:40PM by RGray805
via reddit http://bit.ly/2EU4dR0
CNBC
Quest Diagnostics says 11.9 million patients' financial and medical information may have been exposed in data breach
About 11.9 million Quest Diagnostics patients may have had their financial, medical and other personal information exposed in a data breach, the company said Monday.
secDevLabs: Open-source training lab with OWASP Top10 based vulnerable apps to be secured by developers through Pull Requests
http://bit.ly/2WnT59P
Submitted June 04, 2019 at 10:23PM by Krlier
via reddit http://bit.ly/2WaLLJW
http://bit.ly/2WnT59P
Submitted June 04, 2019 at 10:23PM by Krlier
via reddit http://bit.ly/2WaLLJW
GitHub
globocom/secDevLabs
Laboratory for those who are interested in learning about web security - globocom/secDevLabs
Bypassing CA cert checks in Flutter based apps on Android
http://bit.ly/2QK2TVK
Submitted June 05, 2019 at 12:08AM by fridgehead
via reddit http://bit.ly/2WMBdF5
http://bit.ly/2QK2TVK
Submitted June 05, 2019 at 12:08AM by fridgehead
via reddit http://bit.ly/2WMBdF5
Orangewi.re Labs
Bypassing Root CA checks in Flutter based apps on Android
I recently started looking at Android apps based on the Flutter framework, I’d not come across any before and after a pub discussion about something entirely unrelated managed to find one to …
CapsAttacks: Testing Adversarial Attacks on Capsule Networks
http://bit.ly/2WjImNE
Submitted June 05, 2019 at 12:18AM by Yuqing7
via reddit http://bit.ly/2Wqm2Sz
http://bit.ly/2WjImNE
Submitted June 05, 2019 at 12:18AM by Yuqing7
via reddit http://bit.ly/2Wqm2Sz
Medium
CapsAttacks: Testing Adversarial Attacks on Capsule Networks
Convolutional Neural Networks (CNNs) have been proven vulnerable to attacks by adversarial samples. These slight image modifications are…
Google's Project Zero hacks Windows Notepad to offer remote shell access
http://bit.ly/30XUnHk
Submitted June 05, 2019 at 01:05AM by cos
via reddit http://bit.ly/2IcRlWY
http://bit.ly/30XUnHk
Submitted June 05, 2019 at 01:05AM by cos
via reddit http://bit.ly/2IcRlWY
MSPoweruser
Google’s Project Zero hacks Windows Notepad to offer remote shell access
It seems Windows Notepad’s days of innocence is over, as Threatpost reports that Google’s Project Zero has managed to corrupt the app into an entry point for full system access. Tavis Ormandy, from Google’s Project Zero managed to find a memory corruption…
SameSite cookies in practice
http://bit.ly/318CxBv
Submitted June 05, 2019 at 12:49PM by neverforgetdream
via reddit http://bit.ly/2XsS5O8
http://bit.ly/318CxBv
Submitted June 05, 2019 at 12:49PM by neverforgetdream
via reddit http://bit.ly/2XsS5O8
reddit
r/netsec - SameSite cookies in practice
0 votes and 0 comments so far on Reddit
Build an easy RDP Honeypot with Raspberry PI 3 and observe the infamous attacks as (BlueKeep) CVE-2019–0708
http://bit.ly/2WJfH3X
Submitted June 05, 2019 at 01:22PM by alt3kx
via reddit http://bit.ly/2QMRy76
http://bit.ly/2WJfH3X
Submitted June 05, 2019 at 01:22PM by alt3kx
via reddit http://bit.ly/2QMRy76
Medium
Build an easy RDP Honeypot with Raspberry PI 3 and observe the infamous attacks as (BlueKeep) CVE-2019–0708
Last weeks a big activity on networks trying to attack RDP service , maybe a botnets looking an infected “zombies” on RDP services or…
How to create an EVIL LTE Twin
http://bit.ly/2wBYMlh
Submitted June 05, 2019 at 04:43PM by pentest4life
via reddit http://bit.ly/2XrvIst
http://bit.ly/2wBYMlh
Submitted June 05, 2019 at 04:43PM by pentest4life
via reddit http://bit.ly/2XrvIst
Medium
How to create an EVIL LTE Twin
Be very careful when playing with any cellular bands. Denial of service attacks can have devastating and sometimes jail worthy…
Pulling Credentials from Logs in Exagrid Appliances
http://bit.ly/2MF0mgW
Submitted June 05, 2019 at 06:00PM by regul8_
via reddit http://bit.ly/2XqKQ9u
http://bit.ly/2MF0mgW
Submitted June 05, 2019 at 06:00PM by regul8_
via reddit http://bit.ly/2XqKQ9u
InquisIT
Exagrid Directory Traversal Vulnerability (CVE-2019-12310) to “Support” Credential Extraction - InquisIT
Summary The Exagrid backup appliance at version 4.8.1.1044.P50 suffers from a directory traversal vulnerability at “http://EXAGRID_IP/monitor/data/Upgrade/” (case sensitive) which allows unauthenticated access to detailed log files. Active “support” credentials…
Launching Incidents: an open source web app for organizing non-trivial security investigations
https://github.com/veeral-patel/incidentsJIRA, Google Docs, and Slack are sufficient for small security incidents, but as more people get involved and the scope of the investigation grows, it's hard to feel in control and not miss things.Our insight is that incidents are trees of tickets, where some tickets are leads.https://i.redd.it/ji74b2mwpe231.pngVideo Demo: https://www.youtube.com/watch?v=Z7U2iYwOpQ4Live Demo: http://134.209.4.68(Author here, feel free to ask questions)
Submitted June 05, 2019 at 02:49AM by yaraz
via reddit http://bit.ly/2wz5rwH
https://github.com/veeral-patel/incidentsJIRA, Google Docs, and Slack are sufficient for small security incidents, but as more people get involved and the scope of the investigation grows, it's hard to feel in control and not miss things.Our insight is that incidents are trees of tickets, where some tickets are leads.https://i.redd.it/ji74b2mwpe231.pngVideo Demo: https://www.youtube.com/watch?v=Z7U2iYwOpQ4Live Demo: http://134.209.4.68(Author here, feel free to ask questions)
Submitted June 05, 2019 at 02:49AM by yaraz
via reddit http://bit.ly/2wz5rwH
GitHub
GitHub - veeral-patel/incidents: Please use https://github.com/veeral-patel/true-positive instead
Please use https://github.com/veeral-patel/true-positive instead - veeral-patel/incidents
Bypassing CSP with policy injection
http://bit.ly/2MxLdy6
Submitted June 05, 2019 at 06:43PM by albinowax
via reddit http://bit.ly/2XuT80e
http://bit.ly/2MxLdy6
Submitted June 05, 2019 at 06:43PM by albinowax
via reddit http://bit.ly/2XuT80e
portswigger.net
Bypassing CSP with policy injection | Blog
Whilst testing PayPal looking for ways to bypass CSP and mixed content protection I found an interesting behaviour. PayPal was putting a GET parameter called token inside the report-uri directive of t
We Decide What You See: Remote Code Execution on a Major IPTV Platform - Check Point Research
http://bit.ly/2WmQnl4
Submitted June 05, 2019 at 07:48PM by omriher
via reddit http://bit.ly/2WvuJLH
http://bit.ly/2WmQnl4
Submitted June 05, 2019 at 07:48PM by omriher
via reddit http://bit.ly/2WvuJLH
Check Point Research
We Decide What You See: Remote Code Execution on a Major IPTV Platform - Check Point Research
Research by: Ronen Shustin Introduction About a year ago Check Point Research discovered critical vulnerabilities in a Ukrainian TV streaming platform that, if exploited, could leave service providers exposed to a serious breach. The risks would be their…