Technical Information Security Content & Discussion

1

Methodology - Security Research: How we discovered over 18,000 API secret tokens & $20M in Stripe tokens (escape.tech)

submitted 7 months ago by [email protected] to c/[email protected]

0 comments fedilink

This is an automated archive.

The original was posted on /r/netsec by /u/AlarmingApartment236 on 2024-01-24 12:42:13+00:00.

2

1

Kubernetes Scheduling And Secure Design (blog.doyensec.com)

submitted 7 months ago by [email protected] to c/[email protected]

0 comments fedilink

This is an automated archive.

The original was posted on /r/netsec by /u/nibblesec on 2024-01-24 08:52:39+00:00.

3

1

15 MCQ questions for practice related to security (practicepedia.in)

submitted 7 months ago by [email protected] to c/[email protected]

0 comments fedilink

This is an automated archive.

The original was posted on /r/netsec by /u/eren_rndm on 2024-01-24 06:29:20+00:00.

4

1

Improving LLM Security Against Prompt Injection: AppSec Guidance For Pentesters and Developers (blog.includesecurity.com)

submitted 7 months ago by [email protected] to c/[email protected]

0 comments fedilink

This is an automated archive.

The original was posted on /r/netsec by /u/907jessejones on 2024-01-23 21:20:28+00:00.

5

1

CVE-2024-0204: Fortra GoAnywhere MFT Authentication Bypass Deep-Dive, IOCs, and Exploit (www.horizon3.ai)

submitted 7 months ago by [email protected] to c/[email protected]

0 comments fedilink

This is an automated archive.

The original was posted on /r/netsec by /u/scopedsecurity on 2024-01-23 20:52:56+00:00.

6

1

Windows - Data Protection API - A journey into various DPAPI potential abuses from an offensive security perspective (tierzerosecurity.co.nz)

submitted 7 months ago by [email protected] to c/[email protected]

0 comments fedilink

This is an automated archive.

The original was posted on /r/netsec by /u/clod81 on 2024-01-23 19:18:51+00:00.

7

1

A recent analysis of the Cactus Ransomware (www.shadowstackre.com)

submitted 7 months ago by [email protected] to c/[email protected]

0 comments fedilink

This is an automated archive.

The original was posted on /r/netsec by /u/ShadowStackRE on 2024-01-23 14:28:24+00:00.

8

1

Export Controls: Explained (www.nextlabs.com)

submitted 7 months ago by [email protected] to c/[email protected]

0 comments fedilink

This is an automated archive.

The original was posted on /r/netsec by /u/zolakrystie on 2024-01-23 11:35:13+00:00.

9

1

Typhooncon 2024 has less than 2 weeks left for CFT submissions. Don't miss out! (typhooncon.com)

submitted 7 months ago by [email protected] to c/[email protected]

0 comments fedilink

This is an automated archive.

The original was posted on /r/netsec by /u/Straight-Zombie-646 on 2024-01-23 10:34:20+00:00.

10

1

Exploiting 0-click Android Bluetooth vulnerability to inject keystrokes without pairing (CVE-2023-45866) (www.mobile-hacker.com)

submitted 7 months ago by [email protected] to c/[email protected]

0 comments fedilink

This is an automated archive.

The original was posted on /r/netsec by /u/barakadua131 on 2024-01-23 09:44:41+00:00.

11

1

[VNCERT/CC] CVE-2023-22527 realworld poc The original PoC: payload is length limited Solution: 1. Write the script file in parts 2. Run the script (github.com)

submitted 7 months ago by [email protected] to c/[email protected]

0 comments fedilink

This is an automated archive.

The original was posted on /r/netsec by /u/arleth94 on 2024-01-23 07:31:46+00:00.

12

1

Many CVE Records Are Listing the Wrong Versions of Software as Being Affected (www.pluginvulnerabilities.com)

submitted 7 months ago by [email protected] to c/[email protected]

0 comments fedilink

This is an automated archive.

The original was posted on /r/netsec by /u/PluginVulns on 2024-01-22 18:56:46+00:00.

13

1

EC2 Privilege Escalation Through User Data (hackingthe.cloud)

submitted 7 months ago by [email protected] to c/[email protected]

0 comments fedilink

This is an automated archive.

The original was posted on /r/netsec by /u/RedTermSession on 2024-01-22 17:32:09+00:00.

14

1

How a vulnerability in WifiKey's AC Gateway allows remote attackers to trigger a pre-auth RCE (ssd-disclosure.com)

submitted 7 months ago by [email protected] to c/[email protected]

0 comments fedilink

This is an automated archive.

The original was posted on /r/netsec by /u/SSDisclosure on 2024-01-22 16:54:20+00:00.

15

1

Vulnerability in Gambio pertains to an insecure deserialization flaw, which ultimately allows an attacker to execute remote code on affected systems. (herolab.usd.de)

submitted 7 months ago by [email protected] to c/[email protected]

0 comments fedilink

This is an automated archive.

The original was posted on /r/netsec by /u/usdAG on 2024-01-22 12:53:34+00:00.

16

1

Domain Escalation – Backup Operator (pentestlab.blog)

submitted 7 months ago by [email protected] to c/[email protected]

0 comments fedilink

This is an automated archive.

The original was posted on /r/netsec by /u/netbiosX on 2024-01-22 11:07:35+00:00.

17

1

AsyncRAT: Config Decryption Techniques and Salt Analysis - Securityinbits (www.securityinbits.com)

submitted 7 months ago by [email protected] to c/[email protected]

0 comments fedilink

This is an automated archive.

The original was posted on /r/netsec by /u/securityinbits on 2024-01-22 04:59:40+00:00.

18

1

Just released v10.1 of scanme a go package for scanning private and public IPs for open TCP ports 👁️ - it would be great to have some feedback from you pros, thanks in advance for any contribution! (github.com)

submitted 7 months ago by [email protected] to c/[email protected]

0 comments fedilink

This is an automated archive.

The original was posted on /r/netsec by /u/Technical_Shelter621 on 2024-01-21 15:02:49+00:00.

19

1

LogBoost - A tool for parsing and enriching IP addresses in any type of log/file with GEO, DNS, OSINT IOCs and ASN context (github.com)

submitted 7 months ago by [email protected] to c/[email protected]

0 comments fedilink

This is an automated archive.

The original was posted on /r/netsec by /u/panscanner on 2024-01-20 15:00:19+00:00.

20

1

Technical Deepdive of the Okta HAR Breach Incident (www.rezonate.io)

submitted 7 months ago by [email protected] to c/[email protected]

0 comments fedilink

This is an automated archive.

The original was posted on /r/netsec by /u/Or1rez on 2024-01-19 17:29:02+00:00.

21

1

Taking over WhatsApp accounts by reading voicemails (medium.com)

submitted 7 months ago by [email protected] to c/[email protected]

0 comments fedilink

This is an automated archive.

The original was posted on /r/netsec by /u/AffectionateOrchid10 on 2024-01-19 13:56:33+00:00.

22

1

npm Package Found Delivering RAT Through Signed Microsoft Executable (blog.phylum.io)

submitted 7 months ago by [email protected] to c/[email protected]

0 comments fedilink

This is an automated archive.

The original was posted on /r/netsec by /u/louis11 on 2024-01-19 03:17:35+00:00.

23

0

High Signal Detection and Exploitation of Ivanti's Pulse Connect Secure Auth Bypass & RCE (www.assetnote.io)

submitted 7 months ago by [email protected] to c/[email protected]

0 comments fedilink

This is an automated archive.

The original was posted on /r/netsec by /u/Mempodipper on 2024-01-19 00:50:10+00:00.

24

0

How Praetorian Discovered a Critical TensorFlow Supply Chain Attack (www.praetorian.com)

submitted 7 months ago by [email protected] to c/[email protected]

0 comments fedilink

This is an automated archive.

The original was posted on /r/netsec by /u/cyberforce218 on 2024-01-18 22:05:32+00:00.

25

1

Outlook Vulnerability Discovery and New Ways to Leak NTLM Hashes (www.varonis.com)

submitted 7 months ago by [email protected] to c/[email protected]

0 comments fedilink

This is an automated archive.

The original was posted on /r/netsec by /u/lohacker0 on 2024-01-18 15:59:31+00:00.

Technical Information Security Content &amp; Discussion

This is an automated archive.

This is an automated archive.

This is an automated archive.

This is an automated archive.

This is an automated archive.

This is an automated archive.

This is an automated archive.

This is an automated archive.

This is an automated archive.

This is an automated archive.

This is an automated archive.

This is an automated archive.

This is an automated archive.

This is an automated archive.

This is an automated archive.

This is an automated archive.

This is an automated archive.

This is an automated archive.

This is an automated archive.

This is an automated archive.

This is an automated archive.

This is an automated archive.

This is an automated archive.

This is an automated archive.

This is an automated archive.

Technical Information Security Content & Discussion