Technical Information Security Content & Discussion

8 readers
1 users here now

/r/netsec is a community-curated aggregator of technical information security content. Our mission is to extract signal from the noise — to...

founded 1 year ago
MODERATORS
[email protected]
listing: all - local
101
1
CSPT Playground - A new tool for learning about finding and exploiting client-side path traversal related vulnerabilities (github.com)
submitted 1 month ago by [email protected] to c/[email protected]
0 comments fedilink
 
 
The original post: /r/netsec by /u/ds_at on 2024-10-10 16:40:35.
102
1
Redefining Ransomware Attacks on AWS using AWS KMS XKS (medium.com)
submitted 1 month ago by [email protected] to c/[email protected]
0 comments fedilink
 
 
The original post: /r/netsec by /u/alt69785 on 2024-10-10 21:15:36.
103
1
Aw, Sugar. Critical Vulnerabilities in SugarWOD (www.n00py.io)
submitted 1 month ago by [email protected] to c/[email protected]
0 comments fedilink
 
 
The original post: /r/netsec by /u/AlmondOffSec on 2024-10-10 21:14:52.
104
1
Measuring Detection Coverage (ipurple.team)
submitted 1 month ago by [email protected] to c/[email protected]
0 comments fedilink
 
 
The original post: /r/netsec by /u/netbiosX on 2024-10-10 07:50:36.
105
1
Can You Get Root With Only a Cigarette Lighter? (www.da.vidbuchanan.co.uk)
submitted 1 month ago by [email protected] to c/[email protected]
0 comments fedilink
 
 
The original post: /r/netsec by /u/gquere on 2024-10-09 14:15:30.
106
1
Palo Alto Expedition: From N-Day to Full Compromise – Horizon3.ai (www.horizon3.ai)
submitted 1 month ago by [email protected] to c/[email protected]
0 comments fedilink
 
 
The original post: /r/netsec by /u/scopedsecurity on 2024-10-09 16:59:51.
107
1
Exploiting AMD atdcm64a.sys arbitrary pointer dereference - Part 3 (security.humanativaspa.it)
submitted 1 month ago by [email protected] to c/[email protected]
0 comments fedilink
 
 
The original post: /r/netsec by /u/0xdea on 2024-10-09 13:06:12.
108
1
MITRE Blog Post: Emulating complete, realistic attack chains with the new Caldera Bounty Hunter plugin (medium.com)
submitted 1 month ago by [email protected] to c/[email protected]
0 comments fedilink
 
 
The original post: /r/netsec by /u/L015H4CK on 2024-10-09 12:24:29.
109
1
How to turn a file write vulnerability in a Node.js application into RCE – even though the target's file system is read-only (www.sonarsource.com)
submitted 1 month ago by [email protected] to c/[email protected]
0 comments fedilink
 
 
The original post: /r/netsec by /u/MegaManSec2 on 2024-10-08 21:19:58.
110
1
EKUwu: Not just another AD CS ESC (trustedsec.com)
submitted 1 month ago by [email protected] to c/[email protected]
0 comments fedilink
 
 
The original post: /r/netsec by /u/AlmondOffSec on 2024-10-08 18:27:56.
111
1
Ivanti Connect Secure - Authenticated RCE via OpenSSL CRLF Injection (CVE-2024-37404) (blog.amberwolf.com)
submitted 1 month ago by [email protected] to c/[email protected]
0 comments fedilink
 
 
The original post: /r/netsec by /u/AlmondOffSec on 2024-10-08 18:26:34.
112
1
Launched Today: The NHI Index (non-human.id)
submitted 1 month ago by [email protected] to c/[email protected]
0 comments fedilink
 
 
The original post: /r/netsec by /u/shlumper3 on 2024-10-08 15:40:16.

https://non-human.id

113
1
Docker Zombie Layers: Why Deleted Layers Can Still Haunt You (blog.gitguardian.com)
submitted 1 month ago by [email protected] to c/[email protected]
0 comments fedilink
 
 
The original post: /r/netsec by /u/guedou on 2024-10-08 11:14:35.
114
1
Open Sourcing Venator – a kubernetes-native threat detection system (medium.com)
submitted 1 month ago by [email protected] to c/[email protected]
0 comments fedilink
 
 
The original post: /r/netsec by /u/No_Piccolo_6303 on 2024-10-08 11:08:57.
115
1
Monocle on Chronicles - Talkback automated infosec aggregator with a newsletter (www.elttam.com)
submitted 1 month ago by [email protected] to c/[email protected]
0 comments fedilink
 
 
The original post: /r/netsec by /u/AnimalStrange on 2024-10-08 09:17:20.
116
1
Hacking Windows through iTunes - Local Privilege Escalation 0-day (CVE-2024–44193) (github.com)
submitted 1 month ago by [email protected] to c/[email protected]
0 comments fedilink
 
 
The original post: /r/netsec by /u/Titokhan on 2024-10-07 11:59:09.
117
1
Effective Fuzzing: A Dav1d Case Study (googleprojectzero.blogspot.com)
submitted 1 month ago by [email protected] to c/[email protected]
0 comments fedilink
 
 
The original post: /r/netsec by /u/AlmondOffSec on 2024-10-04 06:37:25.
118
1
New free 10h OpenSecurityTraining2 class: "Trusted Computing 1102: Intermediate Trusted Platform Module (TPM) usage" by Dimi Tomov is now released (ost2.fyi)
submitted 1 month ago by [email protected] to c/[email protected]
0 comments fedilink
 
 
The original post: /r/netsec by /u/OpenSecurityTraining on 2024-10-06 11:38:15.
119
1
The PrintNightmare is not Over Yet (itm4n.github.io)
submitted 1 month ago by [email protected] to c/[email protected]
0 comments fedilink
 
 
The original post: /r/netsec by /u/AlmondOffSec on 2024-10-05 13:09:55.
120
1
Exploiting Visual Studio via dump files - CVE-2024-30052 (ynwarcs.github.io)
submitted 1 month ago by [email protected] to c/[email protected]
0 comments fedilink
 
 
The original post: /r/netsec by /u/goodbyeselene on 2024-10-04 20:35:51.
121
1
Built your portable pentesting lab with Pi-Tail that is controlled only by your smartphone (www.mobile-hacker.com)
submitted 1 month ago by [email protected] to c/[email protected]
0 comments fedilink
 
 
The original post: /r/netsec by /u/barakadua131 on 2024-10-04 07:23:30.
122
1
Pwning LLaMA.cpp RPC Server with CVE-2024-42478 and CVE-2024-42479 (pwner.gg)
submitted 1 month ago by [email protected] to c/[email protected]
0 comments fedilink
 
 
The original post: /r/netsec by /u/pwntheplanet on 2024-10-04 00:13:34.
123
1
/r/netsec's Q4 2024 Information Security Hiring Thread (zerobytes.monster)
submitted 1 month ago by [email protected] to c/[email protected]
0 comments fedilink
 
 
The original post: /r/netsec by /u/netsec_burn on 2024-10-03 15:49:02.

Overview

If you have open positions at your company for information security professionals and would like to hire from the /r/netsec user base, please leave a comment detailing any open job listings at your company.

We would also like to encourage you to post internship positions as well. Many of our readers are currently in school or are just finishing their education.

Please reserve top level comments for those posting open positions.

Rules & Guidelines

Include the company name in the post. If you want to be topsykret, go recruit elsewhere. Include the geographic location of the position along with the availability of relocation assistance or remote work.

  • If you are a third party recruiter, you must disclose this in your posting.
  • Please be thorough and upfront with the position details.
  • Use of non-hr'd (realistic) requirements is encouraged.
  • While it's fine to link to the position on your companies website, provide the important details in the comment.
  • Mention if applicants should apply officially through HR, or directly through you.
  • Please clearly list citizenship, visa, and security clearance requirements.

You can see an example of acceptable posts by perusing past hiring threads.

Feedback

Feedback and suggestions are welcome, but please don't hijack this thread (use moderator mail instead.)

124
1
When AI Gets Hijacked: Exploiting Hosted Models for Dark Roleplaying (permiso.io)
submitted 1 month ago by [email protected] to c/[email protected]
0 comments fedilink
 
 
The original post: /r/netsec by /u/permis0 on 2024-10-03 13:58:06.
125
1
WhoYouCalling - A tool to get a pcap per process and much more! (github.com)
submitted 1 month ago by [email protected] to c/[email protected]
0 comments fedilink
 
 
The original post: /r/netsec by /u/Radiant-Savings-7114 on 2024-09-29 20:21:37.
view more: ‹ prev next ›