Port 22

Hosting malicious payloads on Youtube

/u/mthbernardesReddit NetSec

Magellan - SQLite Remote Code Execution Vulnerability

/u/PandryReddit NetSec

SQLite and Chromium RCE

/u/3553xReddit NetSec

phpMyAdmin (AllowArbitraryServer) Arbitrary File Read Vulnerability

/u/AmbulongReddit NetSec

Email Bomb Threats Follow Sextortion Playbook

Curtis Franklin Jr. Senior Editor at Dark ReadingDark Reading - Threat Intelligence

Real-Time Attacks Against Two-Factor Authentication

Bruce SchneierSchneier on Security

Iranian Hackers Target Nuclear Experts, US Officials

Dark Reading StaffDark Reading - Threat Intelligence

NoNameCon 2019 Call for Talks and Workshops

/u/xaocucReddit NetSec

Cylance Narrows The Cybersecurity Skills Gap With Virtual CISO.

/u/xaocucReddit NetSec

Bypassing Firebase client-side authorization to create custom app.goo.gl subdomains

/u/ThomasCZReddit NetSec

Cybercriminals Use Malicious Memes that Communicate with Malware

Trend MicroTrend Micro

How I got a $3k bug bounty from Twitter

/u/edentReddit NetSec

How to protect yourself as the threat of scam apps grows

Lysa MyersESET

New Facebook Bug Exposed 6.8 Million Users Photos to Third-Party Apps

noreply@blogger.com (Mohit Kumar)The Hackers News

2019 Attacker Playbook

Ericka Chickowski Contributing Writer, Dark ReadingDark Reading - Threat Intelligence

Exploiting XXE with local DTD files. Get output from your blind XXE.

/u/kavmaxReddit NetSec

Binder transactions in the bowels of the Linux Kernel

/u/maboteReddit NetSec

Week in security with Tony Anscombe

Shane CurtisESET

New Shamoon Malware Variant Targets Italian Oil and Gas Company

noreply@blogger.com (Swati Khandelwal)The Hackers News

Hackers are Modern Witches

/u/neverforgetdreamReddit NetSec

BSides Columbus 2019 (01Mar2019) CFP (and general registration) is open

/u/SnarkyMooReddit NetSec

Fake Bomb Threat Emails Demanding Bitcoins Sparked Chaos Across US, Canada

noreply@blogger.com (Mohit Kumar)The Hackers News

Malaysian government targeted with mash-up espionage toolkit

EditorESET

Friday Squid Blogging: More Problems with the Squid Emoji

Bruce SchneierSchneier on Security

Spammed Bomb Threat Hoax Demands Bitcoin

BrianKrebsKrebs on Security

Samsung Bug Allowed Full Takeover of User Accounts

/u/Fantastic_FixReddit NetSec

What are Deep Neural Networks Learning About Malware?

Scott Coull (noemail@noemail.org)Fire Eye Threat Research

Exploit | YARA Internals II: Bytecode

/u/bnbdrReddit NetSec

Just Launched - Security Innovation Blockchain CTF V2

/u/mickayzReddit NetSec

Cybercrime Is World's Biggest Criminal Growth Industry

Dark Reading StaffDark Reading - Threat Intelligence

Tildeb: Analyzing the 18-year-old Implant from the Shadow Brokers Leak

Trend MicroTrend Micro

Pentesting with InSecure Chrome

/u/sastdastReddit NetSec

Logitech Keyboard opens WebSocket server with no authentication - Google Project Zero

/u/rcmaehlReddit NetSec

Marriott Hack Reported as Chinese State-Sponsored

Bruce SchneierSchneier on Security

Education Gets an 'F' for Cybersecurity

Dark Reading StaffDark Reading - Threat Intelligence

Medtronic 9790, 2090 CareLink, and 29901 Encore Programmers

Advisory DocumentICS-Cert Advisories

Schneider Electric GUIcon Eurotherm

Advisory DocumentICS-Cert Advisories

Siemens EN100 Ethernet Communication Module and SIPROTEC 5 Relays

Advisory DocumentICS-Cert Advisories

Remotely controlled EV home chargers the threats and vulnerabilities

Kaspersky LabSecure List

Geutebrck GmbH E2 Series IP Cameras

Advisory DocumentICS-Cert Advisories

GE Mark VIe, EX2100e, EX2100e_Reg, and LS2100e

Advisory DocumentICS-Cert Advisories

Cybercriminals Change Tactics to Outwit Machine-Learning Defense

Dark Reading StaffDark Reading - Threat Intelligence

Locality Sensitive Fuzzy Hashing (in Golang)

/u/glaslosReddit NetSec

Troubleshooting Obscure OpenSSH Failures

/u/CameronNemoReddit NetSec

CVE-2018-8626 | Windows DNS Server Heap Overflow Vulnerability

/u/wconReddit NetSec

Worst Password Blunders of 2018 Hit Organizations East and West

Curtis Franklin Jr. Senior Editor at Dark ReadingDark Reading - Threat Intelligence

Scanning for Flaws, Scoring for Security

BrianKrebsKrebs on Security

IDORs (Insecure Direct Object Reference) over Fortify Software Security Center (SSC) 17.10, 17.20 & 18.10 (CVE-20187690, CVE-20187691)

/u/alt3kxReddit NetSec

Password strength estimation in nonwestern languages - iacr eprint

/u/ahazred8vtReddit NetSec

FLARE Script Series: Automating Objective-C Code Analysis with Emulation

James T. Bennett (noemail@noemail.org)Fire Eye Threat Research

Owning the Virgin Media Hub 3.0

/u/digicatReddit NetSec

Bug Hunting Paves Path to Infosec Careers

Kelly Sheridan Staff Editor, Dark ReadingDark Reading - Threat Intelligence

How we discovered over 50 critical vulnerabilities in Adobe Reader in 50 days.

/u/ynvbReddit NetSec

New Australian Backdoor Law

Bruce SchneierSchneier on Security

GitHub - NASA-SW-VnV/ikos: Static analyzer for C/C++ based on the theory of Abstract Interpretation.

/u/makeshift8Reddit NetSec

From blind XXE to root-level file read access

/u/albinowaxReddit NetSec

Cyberbullying is worringly rising in Spain

/u/jpjournoReddit NetSec

Mac Malware Cracks WatchGuard's Top 10 List

Steve Zurier Freelance WriterDark Reading - Threat Intelligence

Microsoft, PayPal, Google Top Phishing's Favorite Targets in Q3

Dark Reading StaffDark Reading - Threat Intelligence

Cryptocurrency Miner Spreads via Old Vulnerabilities on Elasticsearch

Trend MicroTrend Micro

Higher Education: 15 Books to Help Cybersecurity Pros Be Better

Curtis Franklin Jr. Senior Editor at Dark ReadingDark Reading - Threat Intelligence

Zero-day in Windows Kernel Transaction Manager (CVE-2018-8611)

Boris LarinSecure List

December Patch Tuesday: Year-End Batch Addresses Win32k Elevation of Privilege and Windows DNS Server Vulnerabilities

Trend MicroTrend Micro

Adobe's Year-End Update Patches 87 Flaws in Acrobat Software

noreply@blogger.com (Swati Khandelwal)The Hackers News

Microsoft Issues Patch for Windows Zero-Day Flaw Under Active Attack

noreply@blogger.com (Swati Khandelwal)The Hackers News

Port 22

~ 15 Dec 2018 ~

Hosting malicious payloads on Youtube

~ 14 Dec 2018 ~

Magellan - SQLite Remote Code Execution Vulnerability

SQLite and Chromium RCE

phpMyAdmin (AllowArbitraryServer) Arbitrary File Read Vulnerability

Email Bomb Threats Follow Sextortion Playbook

Real-Time Attacks Against Two-Factor Authentication

Iranian Hackers Target Nuclear Experts, US Officials

NoNameCon 2019 Call for Talks and Workshops

Cylance Narrows The Cybersecurity Skills Gap With Virtual CISO.

Bypassing Firebase client-side authorization to create custom app.goo.gl subdomains

Cybercriminals Use Malicious Memes that Communicate with Malware

How I got a $3k bug bounty from Twitter

How to protect yourself as the threat of scam apps grows

New Facebook Bug Exposed 6.8 Million Users Photos to Third-Party Apps

2019 Attacker Playbook

Exploiting XXE with local DTD files. Get output from your blind XXE.

Binder transactions in the bowels of the Linux Kernel

Week in security with Tony Anscombe

New Shamoon Malware Variant Targets Italian Oil and Gas Company

Hackers are Modern Witches

BSides Columbus 2019 (01Mar2019) CFP (and general registration) is open

Fake Bomb Threat Emails Demanding Bitcoins Sparked Chaos Across US, Canada

Malaysian government targeted with mash-up espionage toolkit

~ 13 Dec 2018 ~

Friday Squid Blogging: More Problems with the Squid Emoji

Spammed Bomb Threat Hoax Demands Bitcoin

Samsung Bug Allowed Full Takeover of User Accounts

What are Deep Neural Networks Learning About Malware?

Exploit | YARA Internals II: Bytecode

Just Launched - Security Innovation Blockchain CTF V2

Cybercrime Is World's Biggest Criminal Growth Industry

Tildeb: Analyzing the 18-year-old Implant from the Shadow Brokers Leak

Pentesting with InSecure Chrome

Logitech Keyboard opens WebSocket server with no authentication - Google Project Zero

Marriott Hack Reported as Chinese State-Sponsored

Education Gets an 'F' for Cybersecurity

Medtronic 9790, 2090 CareLink, and 29901 Encore Programmers

Schneider Electric GUIcon Eurotherm

Siemens EN100 Ethernet Communication Module and SIPROTEC 5 Relays

Remotely controlled EV home chargers the threats and vulnerabilities

Geutebrck GmbH E2 Series IP Cameras

GE Mark VIe, EX2100e, EX2100e_Reg, and LS2100e

Cybercriminals Change Tactics to Outwit Machine-Learning Defense

Locality Sensitive Fuzzy Hashing (in Golang)

Troubleshooting Obscure OpenSSH Failures

~ 12 Dec 2018 ~

CVE-2018-8626 | Windows DNS Server Heap Overflow Vulnerability

Worst Password Blunders of 2018 Hit Organizations East and West

Scanning for Flaws, Scoring for Security

IDORs (Insecure Direct Object Reference) over Fortify Software Security Center (SSC) 17.10, 17.20 & 18.10 (CVE-20187690, CVE-20187691)

Password strength estimation in nonwestern languages - iacr eprint

FLARE Script Series: Automating Objective-C Code Analysis with Emulation

Owning the Virgin Media Hub 3.0

Bug Hunting Paves Path to Infosec Careers

How we discovered over 50 critical vulnerabilities in Adobe Reader in 50 days.

New Australian Backdoor Law

GitHub - NASA-SW-VnV/ikos: Static analyzer for C/C++ based on the theory of Abstract Interpretation.

From blind XXE to root-level file read access

Cyberbullying is worringly rising in Spain

Mac Malware Cracks WatchGuard's Top 10 List

Microsoft, PayPal, Google Top Phishing's Favorite Targets in Q3

Cryptocurrency Miner Spreads via Old Vulnerabilities on Elasticsearch

Higher Education: 15 Books to Help Cybersecurity Pros Be Better

Zero-day in Windows Kernel Transaction Manager (CVE-2018-8611)

December Patch Tuesday: Year-End Batch Addresses Win32k Elevation of Privilege and Windows DNS Server Vulnerabilities

Adobe's Year-End Update Patches 87 Flaws in Acrobat Software

Microsoft Issues Patch for Windows Zero-Day Flaw Under Active Attack