Released a public exploit (Local Privilege Escalation) for SMBv3 bug (CVE-2020-0796) Security News & Discussion

---

• Released a public exploit (Local Privilege Escalation) for SMBv3 bug (CVE-2020-0796)
• Security Advisories: D-Link DSL-2640B (CVE-2020-9275, CVE-2020-9279, CVE-2020-9278, CVE-2020-9277 &CVE-2020-9276)
• "RDP to the Internet has grown significantly over the past month (41.5%)"
• Microsoft Windows and Apple macOS use predictable session IDs for the SMB v2/v3 protocols
• Bug bounties. Five Weeks To Your First Bug
• Exploiting Liferay CVE-2020-7961: A quick journey to PoC
• CVE-2020-8515: DrayTek pre-auth remote root RCE (PoC)
• They told me I could be anything, so I became a Kubernetes node – Using K3s for command and control on compromised Linux hosts
• C2Hack, sharing tips and tricks for pentesters
• Scanning JavaScript files for Endpoints and Secrets
• Skimming-as-a-Service: Anatomy of a Magecart Attack Toolkit
• Prototype pollution vulnerability in minimist npm package
• Understanding ASRep Roasting attack in Active Directory

Released a public exploit (Local Privilege Escalation) for SMBv3 bug (CVE-2020-0796) Posted: 30 Mar 2020 06:14 AM PDT submitted by /u/gid0rah [link] [comments]

Security Advisories: D-Link DSL-2640B (CVE-2020-9275, CVE-2020-9279, CVE-2020-9278, CVE-2020-9277 &CVE-2020-9276) Posted: 30 Mar 2020 02:39 AM PDT submitted by /u/gid0rah [link] [comments]

"RDP to the Internet has grown significantly over the past month (41.5%)" Posted: 30 Mar 2020 11:50 AM PDT submitted by /u/limakzi [link] [comments]

Microsoft Windows and Apple macOS use predictable session IDs for the SMB v2/v3 protocols Posted: 30 Mar 2020 08:22 AM PDT submitted by /u/hdmdh [link] [comments]

Bug bounties. Five Weeks To Your First Bug Posted: 30 Mar 2020 05:21 AM PDT submitted by /u/0xsha [link] [comments]

Exploiting Liferay CVE-2020-7961: A quick journey to PoC Posted: 30 Mar 2020 08:31 AM PDT submitted by /u/mabote [link] [comments]

CVE-2020-8515: DrayTek pre-auth remote root RCE (PoC) Posted: 30 Mar 2020 06:45 AM PDT submitted by /u/0xsha [link] [comments]

They told me I could be anything, so I became a Kubernetes node – Using K3s for command and control on compromised Linux hosts Posted: 30 Mar 2020 01:05 PM PDT submitted by /u/thorn42 [link] [comments]

C2Hack, sharing tips and tricks for pentesters Posted: 29 Mar 2020 06:33 PM PDT submitted by /u/navlys [link] [comments]

Scanning JavaScript files for Endpoints and Secrets Posted: 30 Mar 2020 06:20 AM PDT submitted by /u/shantanu14g [link] [comments]

Skimming-as-a-Service: Anatomy of a Magecart Attack Toolkit Posted: 30 Mar 2020 09:31 AM PDT submitted by /u/amirshk [link] [comments]

Prototype pollution vulnerability in minimist npm package Posted: 29 Mar 2020 11:56 PM PDT submitted by /u/lirantal [link] [comments]

Understanding ASRep Roasting attack in Active Directory Posted: 29 Mar 2020 02:54 PM PDT submitted by /u/hackndo [link] [comments]

You are subscribed to email updates from /r/netsec - Information Security News & Discussion. To stop receiving these emails, you may unsubscribe now.	Email delivery powered by Google
Google, 1600 Amphitheatre Parkway, Mountain View, CA 94043, United States