Month: September 2016
-
RCE exploit found in Metasploit itself, delighting irony lovers everywhere. via /r/netsec
RCE exploit found in Metasploit itself, delighting irony lovers everywhere. http://ift.tt/2cQPeH4 Submitted September 20, 2016 at 03:49PM by pimterry via reddit http://ift.tt/2cWqW2f
-
How to Maximize the Return From Your Threat Intelligence Reporting
Key Takeaways Reporting is always limited by the quality of your intelligence. Make sure you’re providing genuine value, not just filling pages. If you want to maximize the value of your threat intelligence, you need to share it as widely within your organization as possible. You never know who might find it useful. Ask every…
-
North Korea accidentally leaks DNS for .kp: only 28 domains via /r/netsec
North Korea accidentally leaks DNS for .kp: only 28 domains http://ift.tt/2dd1lQk Submitted September 20, 2016 at 11:26AM by bdzz via reddit http://ift.tt/2cVLU15
-
Microsoft lets Beijing fondle its bits in new source code audit hub
Microsoft lets Beijing fondle its bits in new source code audit hub http://ift.tt/2cqwEbx Microsoft has opened a technology centre in China to reassure Beijing it does not have backdoors in its software. The so-called Transparency Centre is the third Redmond has opened to reassure governments that Microsoft’s wares are secure. Redmond’s trustworthy computing corporate veep…
-
Cisco finds new Zero-Day Exploit linked to NSA Hackers
Cisco finds new Zero-Day Exploit linked to NSA Hackers http://ift.tt/2czKt4V Network equipment vendor Cisco is finally warning its customers of another zero-day vulnerability the company discovered in the trove of NSA’s hacking exploits and implants leaked by the group calling itself “The Shadow Brokers.” Last month, the Shadow Brokers published firewall exploits, implants, and hacking…
-
Remote Attack Tesla Motors: Video demonstration by Keen Security via /r/netsec
Remote Attack Tesla Motors: Video demonstration by Keen Security http://ift.tt/2dft4m2 Submitted September 20, 2016 at 05:26AM by gremlin0x00 via reddit http://ift.tt/2clk9Qf
-
Ruby OpenSSL + GCM Nonce Reuse Bug via /r/netsec
Ruby OpenSSL + GCM Nonce Reuse Bug http://ift.tt/2d6ypxi Submitted September 20, 2016 at 02:17AM by PlenoJure via reddit http://ift.tt/2cMnsgz
-
Heap based overflow exploitation use case – The macabre dance of memory chunks via /r/netsec
Heap based overflow exploitation use case – The macabre dance of memory chunks http://ift.tt/2d1XjtD Submitted September 19, 2016 at 01:35PM by nl3dee via reddit http://ift.tt/2cLYI8c
-
Burp Suite REST API for automated security testing via /r/netsec
Burp Suite REST API for automated security testing I found this REST API for Burp Suite on VMware's GitHub repo: http://ift.tt/2bZVAbd It's looks like a cool wrapper to add Burp Suite automation into a CI/CD pipeline. What do you guys think? Submitted September 19, 2016 at 09:36PM by qfaf via reddit http://ift.tt/2cLX86l
-
Vawtrak v2, a close look at the cybercriminal groups behind the threat
Vawtrak v2, a close look at the cybercriminal groups behind the threat http://ift.tt/2d2tAk2 Security experts from the cyber threat intelligence firm Blueliv have published a report on the banking Trojan Vawtrak v2 its criminal ecosystem. Security experts from the cyber threat intelligence firm Blueliv have conducted a technical investigation on the banking Trojan Vawtrak v2 and…
securityXspace 