Port 22

~ 17 Nov 2019 ~

How to Lock Down Your Health and Fitness Data

The connection between EV certificates and secure code signing.

Some Useful AppSec Resources

RdpThief: Extracting Clear-text Credentials from Remote Desktop Clients

HackTheBox: Networked - Writeup by rizemon

7 Courses That Will Help You Start a Lucrative Career in Information Security

CVE-2019-1347: When a mouse over a file is enough to crash your system

~ 16 Nov 2019 ~

Networked-Hackthebox writeup by sif0

WhatsApp bug: CVE-2019-11931

Infectious Executable Stacks [GNU C nested functions]

WhatsApp flaw CVE-2019-11931 could be exploited to install spyware

Networked writeup by phaz0n

New Variant of ZombieLoad enables attacks on MDS-resistant CPUs

HacktheBox-Networked

Hack The Box - Networked Write-up by 0xRick

Hack The Box: Networked - Writeup by Khaotic

Hackers Discovered Only After Maxing Out Victim's Cloud Storage

Generate reverse shell from CLI for linux and Windows.

New WhatsApp Bug Could Have Let Hackers Secretly Install Spyware On Your Devices

~ 15 Nov 2019 ~

Friday Squid Blogging: Planctotuethis Squid

146 New Android Bugs, an Audio Porn Streaming Site, and More News

Cracking passwords to prevent credential stuffing

Denial of service kingpin hit with 13 months denial of freedom and a massive bill to pay

1Password hopes to cross some items off its todo list with help from $200m in venture capital

Nov 21 live webinar: The OWASP API Security Top 10

TPM-Fail Attacks Against Cryptographic Coprocessors

Heap overflow in embedded tls library

A Guide to Common Linux Backdoors and Rootkits

Week in security with Tony Anscombe

Snek - Integrating Python in PowerShell

The Evidence That Links Russias Most Brazen Hacking Efforts

146 New Vulnerabilities All Come Preinstalled on Android Phones

SCShell - Fileless lateral movement tool for Windows

Try as they might, ransomware crooks can't hide their tells when playing hands

Beginner Network Pentesting

[Code release] Geneva engine Evading nationstate censorship with AI

Two Arrested for Stealing $550,000 in Cryptocurrency Using Sim Swapping

~ 14 Nov 2019 ~

What a pair of Massholes! New England duo cuffed over SIM-swapping cryptocoin charges

Upcoming Speaking Engagements

Introducing iVerify, the security toolkit for iPhone users

The Alexander the Great Guide to InfoSec for the C-Suite

Attention is All They Need: Combatting Social Media Information Operations With Neural Language Models

CVE-2019-12758 - Symantec Endpoint Protection - Self-Defense Bypass and Potential Usages

PoC for CVE-2019-1405 and CVE-2019-1322 (Privilege Escalation)

Exploiting Intels Management Engine Part 2: Enabling Red JTAG Unlock on Intel ME 11.x (INTEL-SA-00086)

Exploiting Intels Management Engine Part 1: Understanding PTs TXE PoC (INTEL-SA-00086)

Capture the Flag Planned to Find Missing Persons Information

Attacks on Healthcare Jump 60% in 2019 - So Far

5 Cybersecurity CISO Priorities for the Future

Microsoft issues patch for Internet Explorer zeroday

Microsoft issues patch for Internet Explorer zeroday

Infosec boffins pour cold water on claims Home Office Brexit app can be easily hacked

Technology and Policymakers

US-CERT Warns of Remotely Exploitable Bugs in Medical Devices

Philips IntelliBridge EC40/80

Getting into cybersecurity: Selftaught vs. universityeducated?

Getting into cybersecurity: Selftaught vs. universityeducated?

Siemens Mentor Nucleus Networking Module

Siemens S7-1200 CPU

Siemens Desigo PX Devices

Omron CX-Supervisor

ABB Power Generation Information Manager (PGIM) and Plant Connect

SSD Advisory - iOS Jailbreak via Sandbox Escape and Kernel R/W leading to RCE - SSD Secure Disclosure

OTP Vulnerable demo app for practicing

NPM: AppSec POV on Dependency Management