Awesome Cellular Hacking Security News & Discussion

---

• Awesome Cellular Hacking
• Awesome Mainframe Hacking
• Face ID fails to prevent access to iCloud Keychain passwords in iOS 13 Public Beta
• Discovering CVE-2019-13504, CVE-2019-13503 and the Importance of API Fuzzimg
• Fuzzing DNS zone parsers
• Second order SQL injection in ZoneMinder
• pyattck: A Python package to interact with the Mitre ATT&CK Framework
• Citrix (NetScaler) SD-WAN Multiple RCE + Auth bypass to RCE

Awesome Cellular Hacking Posted: 11 Jul 2019 04:07 AM PDT submitted by /u/pentest4life [link] [comments]

Awesome Mainframe Hacking Posted: 11 Jul 2019 03:36 AM PDT submitted by /u/s4n7h0 [link] [comments]

Face ID fails to prevent access to iCloud Keychain passwords in iOS 13 Public Beta Posted: 11 Jul 2019 09:33 AM PDT submitted by /u/stevemoser [link] [comments]

Discovering CVE-2019-13504, CVE-2019-13503 and the Importance of API Fuzzimg Posted: 11 Jul 2019 07:05 AM PDT submitted by /u/jekapats [link] [comments]

Fuzzing DNS zone parsers Posted: 11 Jul 2019 11:31 AM PDT submitted by /u/pimterry [link] [comments]

Second order SQL injection in ZoneMinder Posted: 11 Jul 2019 07:14 AM PDT submitted by /u/Sjoerder [link] [comments]

pyattck: A Python package to interact with the Mitre ATT&CK Framework Posted: 11 Jul 2019 11:54 AM PDT Hey all, I just released a new Python package called pyattck. This package enables you to retrieve data from the Mitre ATT&CK Framework, as well as relationship data points (e.g. Actors -> Their Tools, Malware, & Techniques). Here is some sample code on how to use pyattck: ```python from pyattck import Attck attack = Attck() accessing actors for actor in attack.actors: print(actor) # accessing malware used by an actor or group for malware in actor.malware: print(malware) # accessing tools used by an actor or group for tool in actor.tools: print(tool) # accessing techniques used by an actor or group for technique in actor.techniques: print(technique) accessing malware for malware in attack.malwares: print(malware) # accessing actor or groups using this malware for actor in malware.actors: print(actor) # accessing techniques that this malware is used in for technique in malware.techniques: print(technique) accessing mitigation for mitigation in attack.mitigations: print(mit) # accessing techniques related to mitigation recommendations for technique in mitigation.techniques: print(technique) accessing tactics for tactic in attack.tactics: print(tactic) # accessing techniques related to this tactic for technique in tactic.techniques: print(technique) accessing techniques for technique in attack.techniques: print(technique) # accessing tactics that this technique belongs to for tactic in technique.tactics: print(tactic) # accessing mitigation recommendations for this technique for mitigation in technique.mitigation: print(mitigation) # accessing actors using this technique for actor in technique.actors: print(actor) accessing tools for tool in attack.tools: print(tool) # accessing techniques this tool is used in for technique in tool.techniques: print(technique) # accessing actor or groups using this tool for actor in tool.actors: print(actor) ``` Check it out and let me know what you think! Blog: https://swimlane.com/blog/swimlane-research-team-open-sources-pyattack/ Docs: https://pyattck.readthedocs.io/en/latest/ Repo: https://github.com/swimlane/pyattck submitted by /u/_Unas_ [link] [comments]

Citrix (NetScaler) SD-WAN Multiple RCE + Auth bypass to RCE Posted: 11 Jul 2019 08:44 AM PDT submitted by /u/lynerc [link] [comments]

You are subscribed to email updates from /r/netsec - Information Security News & Discussion. To stop receiving these emails, you may unsubscribe now.	Email delivery powered by Google
Google, 1600 Amphitheatre Parkway, Mountain View, CA 94043, United States