Technical Information Security Content & Discussion

8 readers
1 users here now

/r/netsec is a community-curated aggregator of technical information security content. Our mission is to extract signal from the noise — to...

founded 1 year ago
MODERATORS
[email protected]
listing: all - local
651
1
CVE 10.0 vulnerability in PAN-OS (security.paloaltonetworks.com)
submitted 7 months ago by [email protected] to c/[email protected]
0 comments fedilink
 
 
The original post: /r/netsec by /u/kerubi on 2024-04-12 09:29:52.

This issue is applicable only to PAN-OS 10.2, PAN-OS 11.0, and PAN-OS 11.1 firewalls with the configurations for both GlobalProtect gateway and device telemetry enabled.

No patch yet, apply mitigations. Actively exploited.

652
1
Several vulnerabilities in LG WebOS. Chained, lead to RCE. (www.bitdefender.com)
submitted 7 months ago by [email protected] to c/[email protected]
0 comments fedilink
 
 
The original post: /r/netsec by /u/jaymzu on 2024-04-12 06:56:47.
653
1
How a 9.8 critical security vulnerability in ZeroMQ was found (with mostly pure luck) (fangpenlin.com)
submitted 7 months ago by [email protected] to c/[email protected]
0 comments fedilink
 
 
The original post: /r/netsec by /u/louis11 on 2024-04-11 19:36:33.
654
1
Vulnerability Management Goes Much Deeper Than Patching (www.kolide.com)
submitted 7 months ago by [email protected] to c/[email protected]
0 comments fedilink
 
 
The original post: /r/netsec by /u/KolideKenny on 2024-04-11 13:53:20.
655
1
PlasmaPup: Improve Active Directory your security posture. Perfect for admins in large environments wanting quick permission audits, and for large decentalized organizations where you'd like all y... (github.com)
submitted 7 months ago by [email protected] to c/[email protected]
0 comments fedilink
 
 
The original post: /r/netsec by /u/RossGeerlings on 2024-04-11 11:01:59.

Original Title: PlasmaPup: Improve Active Directory your security posture. Perfect for admins in large environments wanting quick permission audits, and for large decentalized organizations where you'd like all your unit admins to be empowered to quickly audit their own OUs.

656
1
The DDoS Report: The complete guide to Distributed Denial of Service (DDoS) attacks for developers and operators (ddos.report)
submitted 7 months ago by [email protected] to c/[email protected]
0 comments fedilink
 
 
The original post: /r/netsec by /u/relaygus on 2024-04-11 10:03:52.
657
1
Command Injection and Backdoor Account in D-Link NAS Devices (github.com)
submitted 7 months ago by [email protected] to c/[email protected]
0 comments fedilink
 
 
The original post: /r/netsec by /u/campuscodi on 2024-04-07 11:40:10.
658
1
Havoc C2 Framework – A Defensive Operator’s Guide (www.immersivelabs.com)
submitted 7 months ago by [email protected] to c/[email protected]
0 comments fedilink
 
 
The original post: /r/netsec by /u/kev-thehermit on 2024-04-10 09:04:55.
659
1
BatBadBut: You can't securely execute commands on Windows (flatt.tech)
submitted 7 months ago by [email protected] to c/[email protected]
0 comments fedilink
 
 
The original post: /r/netsec by /u/toyojuni on 2024-04-10 00:23:08.
660
1
New OpenSecurityTraining2 class: "Architecture 1005: RISC-V Assembly" by Xeno Kovah (~28 hours) (p.ost2.fyi)
submitted 7 months ago by [email protected] to c/[email protected]
0 comments fedilink
 
 
The original post: /r/netsec by /u/OpenSecurityTraining on 2024-04-09 18:43:37.
661
1
Simple python wrapper around Terraform and Ansible to help manage and mature domains for pentesting engagements (github.com)
submitted 7 months ago by [email protected] to c/[email protected]
0 comments fedilink
 
 
The original post: /r/netsec by /u/Fudgedotdotdot on 2024-04-09 18:11:58.
662
1
The Distribution Problem: what's wrong with internal CAs (and what to do about it) (anchor.dev)
submitted 7 months ago by [email protected] to c/[email protected]
0 comments fedilink
 
 
The original post: /r/netsec by /u/ben_burkert on 2024-04-09 16:26:42.
663
1
RUBYCARP: A Detailed Analysis of a Sophisticated Decade-Old Botnet Group (sysdig.com)
submitted 7 months ago by [email protected] to c/[email protected]
0 comments fedilink
 
 
The original post: /r/netsec by /u/MiguelHzBz on 2024-04-09 16:18:22.
664
1
Streamline Threat Hunting: Shortemall Automates Short URL Analysis with a Click (github.com)
submitted 7 months ago by [email protected] to c/[email protected]
0 comments fedilink
 
 
The original post: /r/netsec by /u/osint_matter on 2024-04-08 18:13:19.

Short'Em All is a URL scanning tool trusted by CTI Analysts and Security Researchers. It's designed to scan short URLs and provide insights into potential security risks or useful information. This tool automates the process of scanning URLs, allowing users to focus on analyzing the results.

665
1
League of legends stalkerware (leagueoflegends.com)
submitted 7 months ago by [email protected] to c/[email protected]
0 comments fedilink
 
 
The original post: /r/netsec by /u/Cyfiefie on 2024-04-06 15:10:15.

League of legends queue manipulation trojan

Anyone know how that exploit works where the pc is hacked and hosted on a sophisticated user platform so that bad actors can perform data requests and stalk targets ingame by launching multiple queues

666
1
Don't trust the cache :Exposing Web cache vulnerabilities (anasbetis023.medium.com)
submitted 7 months ago by [email protected] to c/[email protected]
0 comments fedilink
 
 
The original post: /r/netsec by /u/anasbetis94 on 2024-04-05 17:13:36.

I tried to gather all the related Web Cache vulnerabilities techniques into one blog post.

667
1
Galactical Bug Hunting: How we discovered new issues in CD Projekt Red’s Gaming Platform (www.anvilsecure.com)
submitted 7 months ago by [email protected] to c/[email protected]
0 comments fedilink
 
 
The original post: /r/netsec by /u/proccessunknown on 2024-04-05 15:29:09.
668
1
Wifi credential dumping (www.r-tec.net)
submitted 7 months ago by [email protected] to c/[email protected]
0 comments fedilink
 
 
The original post: /r/netsec by /u/S3cur3Th1sSh1t on 2024-04-05 09:13:19.

My latest blog post

669
1
Security Advisory: Systems with a SONIX Technology Webcam vulnerable to DLL hijacking attack allowing attackers to execute malicious DLL and escalate privileges (herolab.usd.de)
submitted 7 months ago by [email protected] to c/[email protected]
0 comments fedilink
 
 
The original post: /r/netsec by /u/usdAG on 2024-04-05 08:33:30.
670
1
Diving Deeper into AI Package Hallucinations (www.lasso.security)
submitted 7 months ago by [email protected] to c/[email protected]
0 comments fedilink
 
 
The original post: /r/netsec by /u/mowaptpop on 2024-04-05 08:10:59.
671
1
unch 😗: Hides message with invisible Unicode characters (github.com)
submitted 7 months ago by [email protected] to c/[email protected]
0 comments fedilink
 
 
The original post: /r/netsec by /u/dwisiswant0 on 2024-04-03 22:25:26.
672
1
Gram - Self-hosted Threat Modeling Webapp (github.com)
submitted 7 months ago by [email protected] to c/[email protected]
0 comments fedilink
 
 
The original post: /r/netsec by /u/Tethik on 2024-04-03 19:52:38.
673
1
Showcasing Incinerator a Powerful Android Malware Reversing Tool (boschko.ca)
submitted 7 months ago by [email protected] to c/[email protected]
0 comments fedilink
 
 
The original post: /r/netsec by /u/WiseTuna on 2024-04-03 16:14:59.
674
1
Kobold letters – Why HTML emails are a risk to your organization (lutrasecurity.com)
submitted 7 months ago by [email protected] to c/[email protected]
0 comments fedilink
 
 
The original post: /r/netsec by /u/lutrasecurity on 2024-04-03 15:36:42.
675
1
Persistence - DLL Proxy Loading (pentestlab.blog)
submitted 7 months ago by [email protected] to c/[email protected]
0 comments fedilink
 
 
The original post: /r/netsec by /u/netbiosX on 2024-04-03 07:53:52.
view more: ‹ prev next ›