Bypassing Payments Using Webhooks Security News & Discussion

---

• Bypassing Payments Using Webhooks
• We're Making 12 Million Sensitive URLs Available for Download
• Scanning the Alexa Top 1M for .DS_Store files
• How to analyze memory from newer builds of Windows 10 with Volatility
• Severe Security Advisory on AMD Processors
• Parsing the .DS_Store file format
• Assessment Mindset - I hope this mindmap could be useful for the infosec community when doing pentesting, bug bounty and red-team assessments. Feel free to contribute.
• CVE 2018-1057: Authenticated [Samba] users can change other users' password
• The Java Soothsayer: A practical application for insecure randomness (With free 0day).
• Diamorphine + Hideusage fork. Kernel rootkit to spoof system load and load averages.
• Metta: Uber’s Open Source Tool for Adversarial Simulation
• Reverse Engineering a Self-Modifying Binary with radare2
• Reverse engineering of Mikrotik exploit from Vault 7 CIA Leaks [Working PoC (Full Sources) and PDF Article - See Comment]
• IDN Homograph attack is back for some crypto
• Attacking Merkle Trees with a Second Preimage Attack
• Analysis of a Kubernetes hack -- Backdooring through kubelet
• 6 digit PINs and the usefulness of password restrictions
• OCEANLOTUS: OLD TECHNIQUES, NEW BACKDOOR [PDF]
• Coffee Meets Bagel data leak found by reverse engineering API
• Reversing a Self-Modifying Binary with radare2
• JavaScript Zero: real JavaScript, and zero side-channel attacks

Bypassing Payments Using Webhooks Posted: 13 Mar 2018 10:02 AM PDT submitted by /u/cablej [link] [comments]

We're Making 12 Million Sensitive URLs Available for Download Posted: 13 Mar 2018 11:03 AM PDT submitted by /u/cwings [link] [comments]

Scanning the Alexa Top 1M for .DS_Store files Posted: 13 Mar 2018 01:20 AM PDT submitted by /u/al-maisan [link] [comments]

How to analyze memory from newer builds of Windows 10 with Volatility Posted: 13 Mar 2018 05:51 AM PDT submitted by /u/13Cubed [link] [comments]

Severe Security Advisory on AMD Processors Posted: 13 Mar 2018 07:45 AM PDT submitted by /u/I_am_UNIX [link] [comments]

Parsing the .DS_Store file format Posted: 13 Mar 2018 02:25 AM PDT submitted by /u/gehaxelt [link] [comments]

Assessment Mindset - I hope this mindmap could be useful for the infosec community when doing pentesting, bug bounty and red-team assessments. Feel free to contribute. Posted: 13 Mar 2018 08:05 AM PDT submitted by /u/s0pas [link] [comments]

CVE 2018-1057: Authenticated [Samba] users can change other users' password Posted: 13 Mar 2018 12:57 PM PDT submitted by /u/FUS_ROH_yay [link] [comments]

The Java Soothsayer: A practical application for insecure randomness (With free 0day). Posted: 13 Mar 2018 09:53 AM PDT submitted by /u/alex91ar [link] [comments]

Diamorphine + Hideusage fork. Kernel rootkit to spoof system load and load averages. Posted: 13 Mar 2018 10:03 AM PDT submitted by /u/alex91ar [link] [comments]

Metta: Uber’s Open Source Tool for Adversarial Simulation Posted: 13 Mar 2018 09:37 AM PDT submitted by /u/mubix [link] [comments]

Reverse Engineering a Self-Modifying Binary with radare2 Posted: 13 Mar 2018 09:36 AM PDT submitted by /u/Megabeets [link] [comments]

Reverse engineering of Mikrotik exploit from Vault 7 CIA Leaks [Working PoC (Full Sources) and PDF Article - See Comment] Posted: 13 Mar 2018 11:16 AM PDT submitted by /u/TechLord2 [link] [comments]

IDN Homograph attack is back for some crypto Posted: 13 Mar 2018 08:49 AM PDT submitted by /u/jekapats [link] [comments]

Attacking Merkle Trees with a Second Preimage Attack Posted: 13 Mar 2018 12:35 AM PDT submitted by /u/__Joker [link] [comments]

Analysis of a Kubernetes hack -- Backdooring through kubelet Posted: 13 Mar 2018 01:05 PM PDT submitted by /u/jc_sec [link] [comments]

6 digit PINs and the usefulness of password restrictions Posted: 13 Mar 2018 12:16 PM PDT submitted by /u/OrdisLux [link] [comments]

OCEANLOTUS: OLD TECHNIQUES, NEW BACKDOOR [PDF] Posted: 13 Mar 2018 11:24 AM PDT submitted by /u/TechLord2 [link] [comments]

Coffee Meets Bagel data leak found by reverse engineering API Posted: 12 Mar 2018 07:50 PM PDT submitted by /u/breadfag [link] [comments]

Reversing a Self-Modifying Binary with radare2 Posted: 13 Mar 2018 11:07 AM PDT submitted by /u/TechLord2 [link] [comments]

JavaScript Zero: real JavaScript, and zero side-channel attacks Posted: 13 Mar 2018 01:59 AM PDT submitted by /u/al-maisan [link] [comments]

You are subscribed to email updates from /r/netsec - Information Security News & Discussion. To stop receiving these emails, you may unsubscribe now.	Email delivery powered by Google
Google, 1600 Amphitheatre Parkway, Mountain View, CA 94043, United States