GNU: A Heuristic for Bad Cryptography Security News & Discussion

---

• GNU: A Heuristic for Bad Cryptography
• Microsoft launches free Memory Forensics and Rootkit Detection service for Linux systems
• An exploitation case study of CVE-2020-1062, a use-after-free vulnerability in IE11
• PHP 7.4+ disable_functions Bypass using FFI
• Fuzzing the Windows API for AV Evasion
• Unauthenticated RCE in Citrix ADC
• Adventures in Citrix Netscaler / ADC security research
• Mitigation efforts for F5 vulnerability 2020-5902 mostly worthless as of 8 July. Go upgrade your code!
• An offensive guide to the Authorization Code grant - Comprehensive and digestible enumeration of security concerns in the OAuth 2.0 Authorization Code flow
• Fuzzing sockets in Teeworlds game
• Windows Process Injection: EM_GETHANDLE, WM_PASTE and EM_SETWORDBREAKPROC
• LoRaWAN 1.0, vulnerabilities and backward compatibility in version 1.1
• Urlgrab - A Golang Utility for Scraping Links from A Website
• Insecure use of unique identifiers leads to exposure of students/children photos

GNU: A Heuristic for Bad Cryptography Posted: 08 Jul 2020 11:33 AM PDT submitted by /u/Soatok [link] [comments]

Microsoft launches free Memory Forensics and Rootkit Detection service for Linux systems Posted: 07 Jul 2020 04:12 PM PDT submitted by /u/dreamygeek [link] [comments]

An exploitation case study of CVE-2020-1062, a use-after-free vulnerability in IE11 Posted: 08 Jul 2020 11:54 AM PDT submitted by /u/rkornmeyer [link] [comments]

PHP 7.4+ disable_functions Bypass using FFI Posted: 08 Jul 2020 08:40 AM PDT submitted by /u/deadmanrose3 [link] [comments]

Fuzzing the Windows API for AV Evasion Posted: 08 Jul 2020 10:54 AM PDT submitted by /u/jack_ullrich [link] [comments]

Unauthenticated RCE in Citrix ADC Posted: 08 Jul 2020 08:20 AM PDT submitted by /u/albinowax [link] [comments]

Adventures in Citrix Netscaler / ADC security research Posted: 08 Jul 2020 12:42 PM PDT submitted by /u/got_nations [link] [comments]

Mitigation efforts for F5 vulnerability 2020-5902 mostly worthless as of 8 July. Go upgrade your code! Posted: 08 Jul 2020 12:12 PM PDT submitted by /u/Korgan13 [link] [comments]

An offensive guide to the Authorization Code grant - Comprehensive and digestible enumeration of security concerns in the OAuth 2.0 Authorization Code flow Posted: 07 Jul 2020 11:31 PM PDT submitted by /u/digicat [link] [comments]

Fuzzing sockets in Teeworlds game Posted: 08 Jul 2020 02:49 AM PDT submitted by /u/logicaltrust-net [link] [comments]

Windows Process Injection: EM_GETHANDLE, WM_PASTE and EM_SETWORDBREAKPROC Posted: 07 Jul 2020 11:57 PM PDT submitted by /u/NoUseForANick [link] [comments]

LoRaWAN 1.0, vulnerabilities and backward compatibility in version 1.1 Posted: 08 Jul 2020 12:22 AM PDT submitted by /u/Zer1t0 [link] [comments]

Urlgrab - A Golang Utility for Scraping Links from A Website Posted: 07 Jul 2020 04:04 PM PDT submitted by /u/PhroznGaming [link] [comments]

Insecure use of unique identifiers leads to exposure of students/children photos Posted: 07 Jul 2020 08:07 PM PDT submitted by /u/blackout08 [link] [comments]

You are subscribed to email updates from /r/netsec - Information Security News & Discussion. To stop receiving these emails, you may unsubscribe now.	Email delivery powered by Google
Google, 1600 Amphitheatre Parkway, Mountain View, CA 94043, United States