CVE-2019-14899: Inferring and hijacking VPN-tunneled TCP connections. Security News & Discussion

---

• CVE-2019-14899: Inferring and hijacking VPN-tunneled TCP connections.
• Shockwave & Flash co-creator Sarah Allen on lessons learned & system vulnerabilities
• How 3 vulns in CRI-O + an overzealous OOM killer could lead to a container escape
• A graph-based tool for visualizing effective access and resource relationships in AWS environments
• Trivial SecureWorks Red Cloak Agent Local Bypass
• A Practical Consideration of Typosquatting Python Packages
• Extracting Information from Electronic Devices with the SEC Xtractor - Open Source Hardware Release
• Authentication Vulnerabilities in OpenBSD
• Dec 12 Webinar: API Whitelisting / Positive Security Model to prevent OWASP API Top 10 A3, A6 & A8
• NTLMRecon - A fast NTLM reconnaissance tool without external dependencies
• Chepy 1.3.0 released now with basic pcap support, and many more new improvements!
• Anviz Pwn! How broken devices could be?

CVE-2019-14899: Inferring and hijacking VPN-tunneled TCP connections. Posted: 05 Dec 2019 09:27 AM PST submitted by /u/pimterry [link] [comments]

Shockwave & Flash co-creator Sarah Allen on lessons learned & system vulnerabilities Posted: 05 Dec 2019 04:24 AM PST submitted by /u/AaCodeSync [link] [comments]

How 3 vulns in CRI-O + an overzealous OOM killer could lead to a container escape Posted: 05 Dec 2019 08:15 AM PST submitted by /u/prematureretirement [link] [comments]

A graph-based tool for visualizing effective access and resource relationships in AWS environments Posted: 05 Dec 2019 10:16 AM PST submitted by /u/0xdea [link] [comments]

Trivial SecureWorks Red Cloak Agent Local Bypass Posted: 05 Dec 2019 10:40 AM PST submitted by /u/CowbellSteve [link] [comments]

A Practical Consideration of Typosquatting Python Packages Posted: 05 Dec 2019 06:26 AM PST submitted by /u/dabbler33 [link] [comments]

Extracting Information from Electronic Devices with the SEC Xtractor - Open Source Hardware Release Posted: 05 Dec 2019 02:55 AM PST submitted by /u/dionas [link] [comments]

Authentication Vulnerabilities in OpenBSD Posted: 04 Dec 2019 05:46 PM PST submitted by /u/Macpunk [link] [comments]

Dec 12 Webinar: API Whitelisting / Positive Security Model to prevent OWASP API Top 10 A3, A6 & A8 Posted: 05 Dec 2019 10:41 AM PST submitted by /u/DSotnikov [link] [comments]

NTLMRecon - A fast NTLM reconnaissance tool without external dependencies Posted: 04 Dec 2019 08:06 PM PST submitted by /u/RestlessDonger [link] [comments]

Chepy 1.3.0 released now with basic pcap support, and many more new improvements! Posted: 05 Dec 2019 10:34 AM PST submitted by /u/securisec [link] [comments]

Anviz Pwn! How broken devices could be? Posted: 02 Dec 2019 01:48 PM PST submitted by /u/Psecr [link] [comments]

You are subscribed to email updates from /r/netsec - Information Security News & Discussion. To stop receiving these emails, you may unsubscribe now.	Email delivery powered by Google
Google, 1600 Amphitheatre Parkway, Mountain View, CA 94043, United States