• Breaking News

    Thursday, July 2, 2020

    The /r/netsec Monthly Discussion Thread - July 2020 Security News & Discussion

    The /r/netsec Monthly Discussion Thread - July 2020 Security News & Discussion


    The /r/netsec Monthly Discussion Thread - July 2020

    Posted: 02 Jul 2020 09:51 AM PDT

    Overview

    Questions regarding netsec and discussion related directly to netsec are welcome here.

    Rules & Guidelines
    • Always maintain civil discourse. Be awesome to one another - moderator intervention will occur if necessary.
    • Avoid NSFW content unless absolutely necessary. If used, mark it as being NSFW. If left unmarked, the comment will be removed entirely.
    • If linking to classified content, mark it as such. If left unmarked, the comment will be removed entirely.
    • Avoid use of memes. If you have something to say, say it with real words.
    • All discussions and questions should directly relate to netsec.
    • No tech support is to be requested or provided on /r/netsec.

    As always, the content & discussion guidelines should also be observed on /r/netsec.

    Feedback

    Feedback and suggestions are welcome, but don't post it here. Please send it to the moderator inbox.

    submitted by /u/albinowax
    [link] [comments]

    Default password management interface on Telia routers and flaws in Telia's self service system

    Posted: 02 Jul 2020 08:55 AM PDT

    Windows Telemetry service elevation of privilege

    Posted: 02 Jul 2020 12:03 PM PDT

    Intercepting and returning $5000 worth of phished cryptocurrency back to the victim

    Posted: 01 Jul 2020 08:44 PM PDT

    CVE-2020-9497/8: Remote Code Execution in Apache Guacamole RDP Gateway

    Posted: 02 Jul 2020 03:52 AM PDT

    Technical Advisory – macOS Installer Local Root Privilege Escalation (CVE-2020-9817)

    Posted: 02 Jul 2020 04:48 AM PDT

    Leonidas, a framework for executing attacker actions in the cloud. It provides a YAML-based format for defining cloud attacker tactics, techniques and procedures (TTPs) and their associated detection properties.

    Posted: 02 Jul 2020 09:02 AM PDT

    .NET Core Evasion Detection

    Posted: 02 Jul 2020 03:49 AM PDT

    Internal traffic security with machine to machine authentication on Azure

    Posted: 02 Jul 2020 06:23 AM PDT

    Using the right security related http response status codes

    Posted: 02 Jul 2020 08:32 AM PDT

    SpoolSystem is a CNA script for Cobalt Strike which uses the Print Spooler named pipe impersonation trick to gain SYSTEM privileges.

    Posted: 01 Jul 2020 10:14 PM PDT

    Detect lateral movement across vlans with Azure Sentinel

    Posted: 02 Jul 2020 12:22 AM PDT

    Story of stealing mail conversations and contacts in mail.ru and myMail iOS applications via XSS

    Posted: 02 Jul 2020 05:23 AM PDT

    Mobile IoT modules vulnerable to Firmware Over-The-Air updates backdooring at scale

    Posted: 01 Jul 2020 02:50 PM PDT

    SSH Emergency Access

    Posted: 01 Jul 2020 02:36 PM PDT

    No comments:

    Post a Comment