Intro to firmware reversing with radare2 Security News & Discussion

---

• Intro to firmware reversing with radare2
• CVE-2020-10558 | Tesla Model 3 Vulnerability - Disable Autopilot Notifications, Speedometer, Web Browser, Climate Controls, Turn Signals, Navigation, etc.
• XSSLash - A Tale of Playing Quiplash at Work - Fidus Information Security
• Hacking Docker Remotely, interesting read.
• Exploring the krook attack
• Password Hunting in File-shares with Machine Learning: SharpML
• Clang checker for symbolic execution
• Autorize 1.4 is out! Burpsuite extension for automatic authorization enforcement detection

Intro to firmware reversing with radare2 Posted: 20 Mar 2020 06:16 AM PDT submitted by /u/haystack_car_hacker [link] [comments]

CVE-2020-10558 | Tesla Model 3 Vulnerability - Disable Autopilot Notifications, Speedometer, Web Browser, Climate Controls, Turn Signals, Navigation, etc. Posted: 19 Mar 2020 07:50 PM PDT submitted by /u/safekeepsecurity [link] [comments]

XSSLash - A Tale of Playing Quiplash at Work - Fidus Information Security Posted: 20 Mar 2020 07:22 AM PDT submitted by /u/JustAPenTester [link] [comments]

Hacking Docker Remotely, interesting read. Posted: 19 Mar 2020 10:43 PM PDT submitted by /u/ch0ks [link] [comments]

Exploring the krook attack Posted: 20 Mar 2020 02:22 AM PDT ESET IT security experts revealed at the RSA 2020 conference that they discovered a major security flaw in Wi-Fi networks with WPA2 CCMP encryption. A flaw related to Broadcom and Cyrpress chips found in a very large number of devices. The "Krook" flaw therefore affects smartphones as well as tablets, laptops and connected objects from the most well-known brands; Samsung, Apple, Amazon, Google, Xiaomi or Asus and Huawei. According to ESET researchers, the wifi security flaw concerns more than a billion devices, but also wifi access points. Based on this research, the Hexway team created and published a PoC exploit of the kr00k attack. In the article you'll find more details about this PoC development and the way it works. submitted by /u/ArinaLy [link] [comments]

Password Hunting in File-shares with Machine Learning: SharpML Posted: 20 Mar 2020 03:08 AM PDT submitted by /u/hunniccyber [link] [comments]

Clang checker for symbolic execution Posted: 19 Mar 2020 11:20 PM PDT submitted by /u/citypw [link] [comments]

Autorize 1.4 is out! Burpsuite extension for automatic authorization enforcement detection Posted: 16 Mar 2020 02:47 PM PDT Come and celebrate 300 stars with us! Check it out on Github: https://github.com/Quitten/Autorize submitted by /u/quitten11 [link] [comments]

You are subscribed to email updates from /r/netsec - Information Security News & Discussion. To stop receiving these emails, you may unsubscribe now.	Email delivery powered by Google
Google, 1600 Amphitheatre Parkway, Mountain View, CA 94043, United States