We found 6 critical PayPal vulnerabilities, and PayPal punished us for it Security News & Discussion

---

• We found 6 critical PayPal vulnerabilities, and PayPal punished us for it
• Bypassing OkHttp Certificate Pinning
• OpenSMTPD: An out of bounds read in smtpd allows an attacker to inject arbitrary commands into the envelope file which are then executed as root.
• Signature Validation Bypass Leading to RCE In Electron-Updater (also used by Trinity Wallet)
• Call For Papers: OWAP's Global AppSec 2020 Dublin
• Windows persistence: Configuring our Machine for Persistence
• Analysis of a VBS Malware Dropper - VBS Malware still a threat in 2020
• Malware and benign windows PE cuckoo reports
• Cable modem jailbreaks
• Pass the Hash
• Parent PID Spoofing
• Releases 2.9.11 of MONARC
• Parent PID Spoofing - Three Process Injection Techniques that implement PPID Spoofing
• New Python django postgresql sql injection
• MyBB 1.8's vulnerability statistics (PHP forum software)

We found 6 critical PayPal vulnerabilities, and PayPal punished us for it Posted: 24 Feb 2020 07:38 AM PST submitted by /u/pimterry [link] [comments]

Bypassing OkHttp Certificate Pinning Posted: 24 Feb 2020 02:34 AM PST submitted by /u/CaptMeelo [link] [comments]

OpenSMTPD: An out of bounds read in smtpd allows an attacker to inject arbitrary commands into the envelope file which are then executed as root. Posted: 24 Feb 2020 08:50 AM PST submitted by /u/VerteFeuille [link] [comments]

Signature Validation Bypass Leading to RCE In Electron-Updater (also used by Trinity Wallet) Posted: 24 Feb 2020 10:08 AM PST submitted by /u/nibblesec [link] [comments]

Call For Papers: OWAP's Global AppSec 2020 Dublin Posted: 24 Feb 2020 11:55 AM PST submitted by /u/kerberosmansour [link] [comments]

Windows persistence: Configuring our Machine for Persistence Posted: 24 Feb 2020 11:12 AM PST submitted by /u/bad3r_ [link] [comments]

Analysis of a VBS Malware Dropper - VBS Malware still a threat in 2020 Posted: 24 Feb 2020 08:31 AM PST submitted by /u/cyberbutler [link] [comments]

Malware and benign windows PE cuckoo reports Posted: 24 Feb 2020 04:18 AM PST submitted by /u/themrzmaster [link] [comments]

Cable modem jailbreaks Posted: 24 Feb 2020 12:10 PM PST submitted by /u/Soulw4xer [link] [comments]

Pass the Hash Posted: 24 Feb 2020 08:03 AM PST submitted by /u/hackndo [link] [comments]

Parent PID Spoofing Posted: 24 Feb 2020 08:13 AM PST submitted by /u/netbiosX [link] [comments]

Releases 2.9.11 of MONARC Posted: 24 Feb 2020 06:05 AM PST submitted by /u/ecbo [link] [comments]

Parent PID Spoofing - Three Process Injection Techniques that implement PPID Spoofing Posted: 24 Feb 2020 09:20 AM PST submitted by /u/netbiosX [link] [comments]

New Python django postgresql sql injection Posted: 24 Feb 2020 07:29 AM PST submitted by /u/vulnwatcher [link] [comments]

MyBB 1.8's vulnerability statistics (PHP forum software) Posted: 23 Feb 2020 08:32 AM PST submitted by /u/HappyRise [link] [comments]

You are subscribed to email updates from /r/netsec - Information Security News & Discussion. To stop receiving these emails, you may unsubscribe now.	Email delivery powered by Google
Google, 1600 Amphitheatre Parkway, Mountain View, CA 94043, United States