Port 22

Phorpiex Botnet Sending Out Millions of Sextortion Emails Using Hacked Computers

noreply@blogger.com (Unknown)The Hackers News

salesforce/policy_sentry: IAM Least Privilege Policy Generator

/u/GallusReddit NetSec

Facebook Now Pays Hackers for Reporting Security Bugs in 3rd-Party Apps

noreply@blogger.com (Unknown)The Hackers News

API Hacking GraphQL

/u/ghostlulzReddit NetSec

The City Of Baltimore Blew Off A $76,000 Ransomware Demand Only To Find Out A Bunch Of Its Data Had Never Been Backed Up

/u/reddmnReddit NetSec

Wardriving for autonomous vehicle communications

/u/fo0batReddit NetSec

Extract headers and POST data using Berpee

/u/xscorp7Reddit NetSec

Sure is quiet from Adobe. No security fixes this month? Great job. Oh no, wait, what's that stampede sound...

Shaun NicholsThe Register

Facebook Sweetens Deal for Hackers to Catch Security Bugs

Lily Hay NewmanWired

Sodinokibi Ransomware: Where Attackers' Money Goes

Kelly Sheridan Staff Editor, Dark ReadingDark Reading - Threat Intelligence

IoT Attacks Up Significantly in First Half of 2019

Dark Reading StaffDark Reading - Threat Intelligence

More Breaches, Less Certainty Cause Dark Web Prices to Plateau

Robert Lemos Contributing WriterDark Reading - Threat Intelligence

Cracking the Passwords of Early Internet Pioneers

Bruce SchneierSchneier on Security

Streaming devices track viewing habits, study finds

Amer OwaidaESET

WordPress 5.2.4 Security Release Breakdown

/u/FireFartReddit NetSec

CacheBrowser: Bypassing Chinese Firewall Without Proxies

/u/alexlashReddit NetSec

Ye olde Blue Screen of Death is back this time, a bad Symantec update is to blame

Tim AndersonThe Register

Ye olde Blue Screen of Death is back this time, a bad Symantec update is to blame

Tim AndersonThe Register

Protect Linux servers from vulnerabilities by enabling Unattended Upgrades on Ubuntu/Debian

/u/modelopReddit NetSec

LOWKEY: Hunting for the Missing Volume Serial ID

Tobias Krueger (noemail@noemail.org)Fire Eye Threat Research

BriansClub Hack Rescues 26M Stolen Cards

BrianKrebsKrebs on Security

IoT: a malware story

Dan DemeterSecure List

Adobe Releases Out-of-Band Security Patches for 82 Flaws in Various Products

noreply@blogger.com (Swati Khandelwal)The Hackers News

Firefox Blocks Inline and Eval JavaScript on Internal Pages to Prevent Injection Attacks

noreply@blogger.com (Swati Khandelwal)The Hackers News

Request smuggling between Amazon ALBs and Go net/http

/u/GallusReddit NetSec

Report to Your Management with the Definitive 'Incident Response for Management' Presentation Template

noreply@blogger.com (The Hacker News)The Hackers News

a small non real world ctf challange

/u/h43zReddit NetSec

CVE-2019-14287: Sudo Flaw Lets Linux Users Run Commands As Root Even When They're Restricted

/u/ohyeahwellReddit NetSec

Sudo? More like Su-doh: There's a fun bug that gives restricted sudoers root access (if your config is non-standard)

Chris WilliamsThe Register

Potential bypass of Runas user restrictions

/u/ga-vuReddit NetSec

Apple insists it's totally not doing that thing it wasn't accused of: We're not handing over Safari URLs to Tencent just people's IP addresses

Thomas ClaburnThe Register

Pitney Bowes: Can we be frank? Ransomware has borked our dead-tree post systems

Iain ThomsonThe Register

Sophos for Sale: Thoma Bravo Offers $3.9B

Kelly Sheridan Staff Editor, Dark ReadingDark Reading - Threat Intelligence

Fun with Amazon S3 Leaks and bucket takeover attack

/u/Mysterii8Reddit NetSec

Reversing private APIs, Safeway, and not-so-extreme couponing

/u/JonLucaReddit NetSec

Tamper Protection Arrives for Microsoft Defender ATP

Dark Reading StaffDark Reading - Threat Intelligence

Safeway coupons, automation, and reversing private APIs

/u/JonLucaReddit NetSec

Welcome to the Future. PsHolix (Global 3D display industry: View 3D content on displays without the need of 3D glasses) is Going Public! Please use the referral code- pshibo31 to receive an additional 5% discount. Register for the IBO today

/u/CorsakinaReddit NetSec

Securing Docker Containers - Blue-Team

/u/Evil1337Reddit NetSec

Tearoff of Nottingham: Uni to lose chunk of IT to outsourcing

Kat HallThe Register

When Using Cloud, Paranoia Can Pay Off

Robert Lemos Contributing WriterDark Reading - Threat Intelligence

Bypass McAfee with McAfee

/u/vasiliborodinReddit NetSec

Factoring 2048-bit Numbers Using 20 Million Qubits

Bruce SchneierSchneier on Security

Sudo Flaw Lets Linux Users Run Commands As Root Even When They're Restricted

noreply@blogger.com (Unknown)The Hackers News

A glimpse into the present state of security in robotics

Dmitry GalovSecure List

Connecting the dots: Exposing the arsenal and methods of the Winnti Group

Marc-Etienne M.LveillESET

iTunes Users Endangered: A Newly Found Exploit May Lead to a Ransomware Infection

/u/StaorminReddit NetSec

Microsoft's GitHub announces acquisition of Semele A code analysis tool that can detect potential security vulnerabilities

/u/HamzaOPLEXReddit NetSec

BSidesSF 2020 CFP is open!

/u/reedlodenReddit NetSec

Imperva cloud firewall pwned, how Teamviewer was ransacked, D-Link bug uncovered, etc

Shaun NicholsThe Register

Imperva cloud firewall pwned, D-Link bug uncovered plus more

Shaun NicholsThe Register

Apple Under Fire Over Sending Some Users Browsing Data to China's Tencent

noreply@blogger.com (Swati Khandelwal)The Hackers News

OSWE/AWAE PREP: xss to Rce case study

/u/sarthaksainiReddit NetSec

The MacOS Catalina Privacy and Security Features You Should Know

David NieldWired

HackTheBox: Writeup - Writeup by rizemon

/u/rizemonReddit NetSec

Blockchain based command and control server

/u/sarthaksainiReddit NetSec

My write-up on WRITEUP HTB

/u/sarthaksainiReddit NetSec

Writeup (HackTheBox) walkthrough by phaz0n

/u/_phaz0nReddit NetSec

Hack The Box - Writeup Write-up by 0xRick

/u/Ahm3d_H3shamReddit NetSec

Hack The Box: Writeup - Writeup by Khaotic

/u/KhaoticdudeReddit NetSec

An iTunes Bug Let Hackers Spread Ransomware

Brian BarrettWired

Intelligence Gathering on U.S. Critical Infrastructure

/u/Mysterii8Reddit NetSec

Windows 10: iTunes and iCloud can infect you with a ransomware, update them!

/u/HamzaOPLEXReddit NetSec

SIM Cards in 29 Countries Vulnerable to Remote Simjacker Attacks

noreply@blogger.com (Swati Khandelwal)The Hackers News

Friday Squid Blogging: Apple Fixes Squid Emoji

Bruce SchneierSchneier on Security

Port 22

~ 16 Oct 2019 ~

Phorpiex Botnet Sending Out Millions of Sextortion Emails Using Hacked Computers

salesforce/policy_sentry: IAM Least Privilege Policy Generator

Facebook Now Pays Hackers for Reporting Security Bugs in 3rd-Party Apps

API Hacking GraphQL

~ 15 Oct 2019 ~

The City Of Baltimore Blew Off A $76,000 Ransomware Demand Only To Find Out A Bunch Of Its Data Had Never Been Backed Up

Wardriving for autonomous vehicle communications

Extract headers and POST data using Berpee

Sure is quiet from Adobe. No security fixes this month? Great job. Oh no, wait, what's that stampede sound...

Facebook Sweetens Deal for Hackers to Catch Security Bugs

Sodinokibi Ransomware: Where Attackers' Money Goes

IoT Attacks Up Significantly in First Half of 2019

More Breaches, Less Certainty Cause Dark Web Prices to Plateau

Cracking the Passwords of Early Internet Pioneers

Streaming devices track viewing habits, study finds

WordPress 5.2.4 Security Release Breakdown

CacheBrowser: Bypassing Chinese Firewall Without Proxies

Ye olde Blue Screen of Death is back this time, a bad Symantec update is to blame

Ye olde Blue Screen of Death is back this time, a bad Symantec update is to blame

Protect Linux servers from vulnerabilities by enabling Unattended Upgrades on Ubuntu/Debian

LOWKEY: Hunting for the Missing Volume Serial ID

BriansClub Hack Rescues 26M Stolen Cards

IoT: a malware story

Adobe Releases Out-of-Band Security Patches for 82 Flaws in Various Products

Firefox Blocks Inline and Eval JavaScript on Internal Pages to Prevent Injection Attacks

Request smuggling between Amazon ALBs and Go net/http

Report to Your Management with the Definitive 'Incident Response for Management' Presentation Template

~ 14 Oct 2019 ~

a small non real world ctf challange

CVE-2019-14287: Sudo Flaw Lets Linux Users Run Commands As Root Even When They're Restricted

Sudo? More like Su-doh: There's a fun bug that gives restricted sudoers root access (if your config is non-standard)

Potential bypass of Runas user restrictions

Apple insists it's totally not doing that thing it wasn't accused of: We're not handing over Safari URLs to Tencent just people's IP addresses

Pitney Bowes: Can we be frank? Ransomware has borked our dead-tree post systems

Sophos for Sale: Thoma Bravo Offers $3.9B

Fun with Amazon S3 Leaks and bucket takeover attack

Reversing private APIs, Safeway, and not-so-extreme couponing

Tamper Protection Arrives for Microsoft Defender ATP

Safeway coupons, automation, and reversing private APIs

Welcome to the Future. PsHolix (Global 3D display industry: View 3D content on displays without the need of 3D glasses) is Going Public! Please use the referral code- pshibo31 to receive an additional 5% discount. Register for the IBO today

Securing Docker Containers - Blue-Team

Tearoff of Nottingham: Uni to lose chunk of IT to outsourcing

When Using Cloud, Paranoia Can Pay Off

Bypass McAfee with McAfee

Factoring 2048-bit Numbers Using 20 Million Qubits

Sudo Flaw Lets Linux Users Run Commands As Root Even When They're Restricted

A glimpse into the present state of security in robotics

Connecting the dots: Exposing the arsenal and methods of the Winnti Group

iTunes Users Endangered: A Newly Found Exploit May Lead to a Ransomware Infection

Microsoft's GitHub announces acquisition of Semele A code analysis tool that can detect potential security vulnerabilities

BSidesSF 2020 CFP is open!

Imperva cloud firewall pwned, how Teamviewer was ransacked, D-Link bug uncovered, etc

Imperva cloud firewall pwned, D-Link bug uncovered plus more

Apple Under Fire Over Sending Some Users Browsing Data to China's Tencent

~ 13 Oct 2019 ~

OSWE/AWAE PREP: xss to Rce case study

The MacOS Catalina Privacy and Security Features You Should Know

HackTheBox: Writeup - Writeup by rizemon

~ 12 Oct 2019 ~

Blockchain based command and control server

My write-up on WRITEUP HTB

Writeup (HackTheBox) walkthrough by phaz0n

Hack The Box - Writeup Write-up by 0xRick

Hack The Box: Writeup - Writeup by Khaotic

An iTunes Bug Let Hackers Spread Ransomware

Intelligence Gathering on U.S. Critical Infrastructure

Windows 10: iTunes and iCloud can infect you with a ransomware, update them!

SIM Cards in 29 Countries Vulnerable to Remote Simjacker Attacks

~ 11 Oct 2019 ~

Friday Squid Blogging: Apple Fixes Squid Emoji