Reddit: Netsec

Azure DevOps CICD Pipelines - Command Injection with Parameters, Variables and a discussion on Runner hijacking
2023-05-01 00:42:03 (Reddit: Netsec)
Source: Reddit: Netsec
Sharing a tool I developed to help Blue Teamers discover Persistence on Windows - please check it out!
2023-04-30 05:52:44 (Reddit: Netsec)
Source: Reddit: Netsec
Elastic Security Labs discovers the LOBSHOT malware
2023-04-30 04:10:26 (Reddit: Netsec)
Source: Reddit: Netsec
assetnote/ghostbuster: Eliminate dangling elastic IPs by performing analysis on your resources within all your AWS accounts.
2023-04-30 04:08:48 (Reddit: Netsec)
Source: Reddit: Netsec
Automate Burp Certificate Installation on Android with ChatGPT's Python Tool
2023-04-29 21:25:43 (Reddit: Netsec)
Source: Reddit: Netsec
GitHub - dwisiswant0/siml: siml is a CLI tool for discovering similar, related to, competitive, or alternative options to a given site.
2023-04-29 17:32:14 (Reddit: Netsec)
Source: Reddit: Netsec
State of DNS Rebinding in 2023
2023-04-28 16:50:18 (Reddit: Netsec)
Source: Reddit: Netsec
How Cloud Environments Are Exploited for Smishing Campaigns
2023-04-28 09:55:29 (Reddit: Netsec)
Source: Reddit: Netsec
Chinese Alloy Taurus Updates PingPull Malware
2023-04-28 04:54:43 (Reddit: Netsec)
Source: Reddit: Netsec
Microsoft Exchange Powershell Remoting Deserialization leading to RCE (CVE-2023-21707)
2023-04-28 02:39:22 (Reddit: Netsec)
Source: Reddit: Netsec
CVE-2022-37955: Vulnerability in Microsoft Windows Group Policy Updates Leads to Improper Link Resolution Before File Access (Privilege Escalation CWE-59)
2023-04-28 01:13:52 (Reddit: Netsec)
Source: Reddit: Netsec
Dissecting Npm Malware: Five Packages And Their Evil Install Scripts
2023-04-27 23:48:17 (Reddit: Netsec)
Source: Reddit: Netsec
Android greybox fuzzing with AFL++ Frida mode
2023-04-27 08:36:47 (Reddit: Netsec)
Source: Reddit: Netsec
Odoo: Get your Content Type right, or else! (CVE-2023-1434)
2023-04-27 05:59:28 (Reddit: Netsec)
Source: Reddit: Netsec
User impersonation via stolen UUID code in KeyCloak (CVE-2023-0264)
2023-04-27 04:30:42 (Reddit: Netsec)
Source: Reddit: Netsec
Introducing DeepSecrets: a better appsec tool for secrets scanning
2023-04-27 04:03:07 (Reddit: Netsec)
Source: Reddit: Netsec
Smash PostScript Interpreters Using a Syntax-Aware Fuzzer
2023-04-27 01:36:23 (Reddit: Netsec)
Source: Reddit: Netsec
Fastly 0day: Malformed HTTP/1.1 Request Causes out of Memory Error Within H2O Server
2023-04-26 22:22:29 (Reddit: Netsec)
Source: Reddit: Netsec
RDP is susceptible to a transparent Net-NTLMv2 hash-stealing attack. When disclosed, Microsoft responded: “not a vulnerability, […] by design”.
2023-04-26 06:43:43 (Reddit: Netsec)
Source: Reddit: Netsec
So you think you can block Macros?
2023-04-25 23:42:04 (Reddit: Netsec)
Source: Reddit: Netsec
codingo/dorky: A tool to automate dorking of Github/Shodan and a variety of other sources
2023-04-25 21:26:27 (Reddit: Netsec)
Source: Reddit: Netsec
CVE-2023-27524: Insecure Default Configuration in Apache Superset Leads to Remote Code Execution
2023-04-25 03:53:46 (Reddit: Netsec)
Source: Reddit: Netsec
Intel Trust Domain Extensions (TDX) Security Review by Google Project Zero
2023-04-24 23:40:42 (Reddit: Netsec)
Source: Reddit: Netsec
How AI helps keeping Gmail inboxes malware free
2023-04-24 18:05:50 (Reddit: Netsec)
Source: Reddit: Netsec
New .NET Malware “WhiteSnake” Targets Python Developers, Uses Tor for C&C Communication
2023-04-24 11:24:18 (Reddit: Netsec)
Source: Reddit: Netsec
Book Review: Red Team Blues
2023-04-24 09:31:13 (Reddit: Netsec)
Source: Reddit: Netsec
3D-Printable BusKill (USB Dead Man Switch) Prototype
2023-04-24 09:22:47 (Reddit: Netsec)
Source: Reddit: Netsec
Fortune 500 at Risk: 250M Artifacts Exposed via Misconfigured Registries
2023-04-24 09:16:59 (Reddit: Netsec)
Source: Reddit: Netsec
c0c0n XVI | The cy0ps c0n - Call For Papers & Call For Workshops
2023-04-24 07:48:11 (Reddit: Netsec)
Source: Reddit: Netsec
Detecting and decrypting Sliver C2 – a threat hunter's guide
2023-04-24 07:00:58 (Reddit: Netsec)
Source: Reddit: Netsec
Eating 4 Day Old Sushi - Replicating the SushiSwap Blockchain Hack (Blog and Live Video)
2023-04-24 06:49:39 (Reddit: Netsec)
Source: Reddit: Netsec
ChattyCaty - OSS tool that creates polymorphic programs using GPT models.
2023-04-24 04:52:15 (Reddit: Netsec)
Source: Reddit: Netsec
PaperCut CVE-2023-27350 Deep Dive, Indicators of Compromise, and Exploit POC
2023-04-24 03:23:04 (Reddit: Netsec)
Source: Reddit: Netsec
GCP Cloud Function Abuse
2023-04-23 17:14:42 (Reddit: Netsec)
Source: Reddit: Netsec
Generative AI Design Best Practices for Web Applications
2023-04-23 05:31:05 (Reddit: Netsec)
Source: Reddit: Netsec
Machinegun is a better version of Metasploit's railgun, capable of reliably running arbitrary Windows API functions on a remote computer.
2023-04-23 03:22:33 (Reddit: Netsec)
Source: Reddit: Netsec
ThePhish: an automated phishing email analysis tool - A new version will come when the Python API for TheHive 5 becomes stable, so stay tuned!
2023-04-22 03:55:58 (Reddit: Netsec)
Source: Reddit: Netsec
Vulkan Files
2023-04-22 02:54:20 (Reddit: Netsec)
Source: Reddit: Netsec
The Most Dangerous Codec in the World: Finding and Exploiting Vulnerabilities in H.264 Decoders
2023-04-21 18:49:26 (Reddit: Netsec)
Source: Reddit: Netsec
First-Ever Attack Leveraging Kubernetes RBAC to Backdoor Clusters
2023-04-21 18:28:29 (Reddit: Netsec)
Source: Reddit: Netsec
Hiding in Plain Sight: Unlinking Malicious DLLs from the PEB
2023-04-21 12:35:48 (Reddit: Netsec)
Source: Reddit: Netsec
Compromising Garmin's Sport Watches: A Deep Dive into GarminOS and its MonkeyC Virtual Machine - Anvil Secure
2023-04-21 08:42:31 (Reddit: Netsec)
Source: Reddit: Netsec
Compromising Garmin's Sport Watches: A Deep Dive into GarminOS and its MonkeyC Virtual Machine - Anvil Secure
2023-04-21 08:42:31 (Reddit: Netsec)
Source: Reddit: Netsec
Qakbot Malware Continues to Morph
2023-04-21 07:59:48 (Reddit: Netsec)
Source: Reddit: Netsec
8220 Gang Uses Log4Shell Vulnerability to Install CoinMiner
2023-04-21 07:58:30 (Reddit: Netsec)
Source: Reddit: Netsec
The Case Against Automatic Dependency Updates
2023-04-21 07:49:21 (Reddit: Netsec)
Source: Reddit: Netsec
Windows Secrets Extraction
2023-04-21 06:26:23 (Reddit: Netsec)
Source: Reddit: Netsec
RCE via WebView; Telegram Web, external links; and IP leak; Leak users behind anonymous channel posts.
2023-04-21 04:38:39 (Reddit: Netsec)
Source: Reddit: Netsec
Multiple Vulnerabilities found in Docker Desktop - privesc, code execution, file overwrite/delete and more.
2023-04-20 06:53:34 (Reddit: Netsec)
Source: Reddit: Netsec
The Fuzzing Guide to the Galaxy: An Attempt with Android System Services
2023-04-20 05:39:15 (Reddit: Netsec)
Source: Reddit: Netsec