Transforming Splunk to vulnerability scanner Security News & Discussion

---

• Transforming Splunk to vulnerability scanner
• Hunting for SQL injections (SQLis) and Cross-Site Request Forgeries (CSRFs) in WordPress Plugins
• NCC Group admits its training data was leaked online after folders full of CREST pentest certification exam notes posted to GitHub
• Call Me Maybe: Ea­ves­drop­ping En­cryp­ted LTE Calls With Re­VoL­TE
• CVE-2020-11518: how I bruteforced my way into your Active Directory
• Exporting Outlook Private Keys and decrypting S/MIME emails
• Exploiting vBulletin: “A Tale of a Patch Fail”
• Color by numbers: inside a Dharma ransomware-as-a-service attack
• Android Malware Samples Library [Github]
• Color by numbers: inside a Dharma ransomware-as-a-service attack
• Introducing SNIcat: How the security features in state-of-the-art TLS inspection solutions can be exploited for covert data exfiltration
• PIN Bypass in Passwordless WebAuthn on microsoft.com and Nextcloud
• LiteWAF - Lightweight in-app Web Application Firewall to protect your PHP website
• Microsoft Security Advisory - Netlogon Elevation of Privilege Vulnerability (CVE-2020-1472)
• CVE-2020-6932 - Directory Traversal / RCE in QNX Slinger (web server)

Transforming Splunk to vulnerability scanner Posted: 12 Aug 2020 05:17 AM PDT submitted by /u/i_bo0om [link] [comments]

Hunting for SQL injections (SQLis) and Cross-Site Request Forgeries (CSRFs) in WordPress Plugins Posted: 12 Aug 2020 06:14 AM PDT submitted by /u/dedd0s [link] [comments]

NCC Group admits its training data was leaked online after folders full of CREST pentest certification exam notes posted to GitHub Posted: 11 Aug 2020 09:38 PM PDT submitted by /u/kidbomb [link] [comments]

Call Me Maybe: Ea­ves­drop­ping En­cryp­ted LTE Calls With Re­VoL­TE Posted: 12 Aug 2020 01:17 PM PDT submitted by /u/thricethagr8est [link] [comments]

CVE-2020-11518: how I bruteforced my way into your Active Directory Posted: 12 Aug 2020 02:55 AM PDT submitted by /u/honoki [link] [comments]

Exporting Outlook Private Keys and decrypting S/MIME emails Posted: 12 Aug 2020 05:47 AM PDT submitted by /u/gquere [link] [comments]

Exploiting vBulletin: “A Tale of a Patch Fail” Posted: 12 Aug 2020 01:01 AM PDT submitted by /u/timoh [link] [comments]

Color by numbers: inside a Dharma ransomware-as-a-service attack Posted: 12 Aug 2020 10:55 AM PDT submitted by /u/IUsedToBeACave [link] [comments]

Android Malware Samples Library [Github] Posted: 12 Aug 2020 01:58 PM PDT submitted by /u/ka1nsha [link] [comments]

Color by numbers: inside a Dharma ransomware-as-a-service attack Posted: 12 Aug 2020 01:23 PM PDT submitted by /u/packetrat [link] [comments]

Introducing SNIcat: How the security features in state-of-the-art TLS inspection solutions can be exploited for covert data exfiltration Posted: 12 Aug 2020 07:56 AM PDT submitted by /u/marstrander [link] [comments]

PIN Bypass in Passwordless WebAuthn on microsoft.com and Nextcloud Posted: 12 Aug 2020 06:35 AM PDT submitted by /u/Haferflockengebaeck [link] [comments]

LiteWAF - Lightweight in-app Web Application Firewall to protect your PHP website Posted: 12 Aug 2020 04:38 AM PDT submitted by /u/slashtmp00 [link] [comments]

Microsoft Security Advisory - Netlogon Elevation of Privilege Vulnerability (CVE-2020-1472) Posted: 11 Aug 2020 11:23 PM PDT submitted by /u/JamesS237 [link] [comments]

CVE-2020-6932 - Directory Traversal / RCE in QNX Slinger (web server) Posted: 12 Aug 2020 02:25 AM PDT submitted by /u/SRMish3 [link] [comments]

You are subscribed to email updates from /r/netsec - Information Security News & Discussion. To stop receiving these emails, you may unsubscribe now.	Email delivery powered by Google
Google, 1600 Amphitheatre Parkway, Mountain View, CA 94043, United States