Local Privilege Escalation in many Ricoh Printer Drivers for Windows (CVE-2019-19363) + Exploit Security News & Discussion

---

• Local Privilege Escalation in many Ricoh Printer Drivers for Windows (CVE-2019-19363) + Exploit
• SpecterOps Adversary Tactics: PowerShell Course & Lab Material
• ConnectWise Control 19.3.25270.7185 - Eight Vulnerabilities, Including Critical
• Whitepaper on Attacking and Defending Terraform Infrastructure as Code @ GitHub
• How to Build an Automated Recon Pipeline with Python and Luigi - Part I
• CVE-2020-2655 - JSSE Client Authentication Bypass
• Docker container that logs all DNS and new outbound TCP/UDP connections.
• EFS Ransomware

Local Privilege Escalation in many Ricoh Printer Drivers for Windows (CVE-2019-19363) + Exploit Posted: 22 Jan 2020 01:06 AM PST submitted by /u/aunga [link] [comments]

SpecterOps Adversary Tactics: PowerShell Course & Lab Material Posted: 22 Jan 2020 12:17 PM PST submitted by /u/sanitybit [link] [comments]

ConnectWise Control 19.3.25270.7185 - Eight Vulnerabilities, Including Critical Posted: 22 Jan 2020 07:33 AM PST submitted by /u/breach_house [link] [comments]

Whitepaper on Attacking and Defending Terraform Infrastructure as Code @ GitHub Posted: 22 Jan 2020 11:48 AM PST submitted by /u/sanitybit [link] [comments]

How to Build an Automated Recon Pipeline with Python and Luigi - Part I Posted: 22 Jan 2020 06:36 AM PST Morning all, I'm releasing an automated pipeline for bugbounty target reconnaissance today. Along with it are 6 blog posts detailing the build process / design. The github repo is tagged to correspond to blog posts. Enjoy! 🙃 repo: https://github.com/epi052/recon-pipeline Blog posts (part 1): https://epi052.gitlab.io/notes-to-self/blog/2019-09-01-how-to-build-an-automated-recon-pipeline-with-python-and-luigi/ submitted by /u/epi052 [link] [comments]

CVE-2020-2655 - JSSE Client Authentication Bypass Posted: 21 Jan 2020 11:18 PM PST submitted by /u/0xdea [link] [comments]

Docker container that logs all DNS and new outbound TCP/UDP connections. Posted: 21 Jan 2020 08:43 PM PST Finally got this Docker container ready that can log all DNS and new outbound TCP/UDP connections using a modified version of suricata, an open source intrusion detection system. If you log DNS requests, this takes it one step further by matching your outbound traffic with DNS requests. This means that it can detect traffic that might be DoH (DNS over https). Tested using a workstation running Ubuntu (host and container). Alpha software, so please don't use this on a production network. Happy to make modifications it if you have a use case that others will benefit from. https://github.com/morsgiathatch/suricata_edits/tree/master/DOCKER/syn_detector submitted by /u/1stOctet [link] [comments]

EFS Ransomware Posted: 21 Jan 2020 03:56 PM PST submitted by /u/ikotler [link] [comments]

You are subscribed to email updates from /r/netsec - Information Security News & Discussion. To stop receiving these emails, you may unsubscribe now.	Email delivery powered by Google
Google, 1600 Amphitheatre Parkway, Mountain View, CA 94043, United States