Welcome to our

Cyber Security News Aggregator

Cyber Tzar

provide a

cyber security risk management

platform; including automated penetration tests and risk assesments culminating in a "cyber risk score" out of 1,000, just like a credit score.

Navigation

Return to Planet "Home"

Ordered/grouped:

Filter applied:

Current page:

Go to "Navigation Help" (page end)

Articles in this collection: 6,045

Source: /r/netsec - Information Security News and Discussion

Articles recieved 18/06/2021

02:05

Certified Pre-Owned: Abusing Active Directory Certificate Services

🔥🔥

Articles recieved 16/06/2021

04:05	Finding Privilege Escalation Vulnerabilities in Windows using Process Monitor	🔥🔥
04:05	RetroArch for Windows - Versions 1.9.0 - 1.9.4 (High-Risk Vuln)	🔥🔥
04:05	I’m putting a WiFi router into a wall charger (Part 1)	🔥🔥

Articles recieved 15/06/2021

15:05	Hack The Box: Tenet - Write-up by Khaotic	🔥🔥
15:05	How I found the silliest logical vulnerability for $750	🔥🔥
15:05	Rediscovering N Days: PAM360 information disclosure	🔥🔥
15:05	CVE-2019-17240 - Bludit 3.2.9 Auth Bruteforce Bypass in Go lang	🔥🔥
15:05	Three investigation Workflows to reduce FALSE POSITIVE ALERTS - AWS; OKTA; CYREN	🔥🔥
15:05	[crypto] Critical Bug Identified in 88mph Awarded with $42,069 Bounty \| iosiro	🔥🔥
15:05	Exploiting outdated Apache Airflow instances	🔥🔥
15:05	Adversary emulation with Prelude Operator and Elastic Security	🔥🔥
06:05	Bulletproof SSL and TLS	🔥🔥
06:05	[Blog] Instant VirusTotal checks from an air-gapped computer	🔥🔥
06:05	Detecting Proxies and VPN's with Latency Measurements	🔥🔥
06:05	(Technical) Infosec Core Competencies	🔥🔥
06:05	Achieving QSEE, Qualcomm's TEE, code execution on Qualcomm IPQ40xx-based devices using a restricted write vulnerability (i.e. CVE-2020-11256).	🔥🔥
06:05	Intel CET In Action \| Offensive Security	🔥🔥
06:05	Open-source libraries and tools to perform fully homomorphic encryption (FHE)	🔥🔥
06:05	Technical descriptions of 0days found - EC-CUBE, SoyCMS, BaserCMS	🔥🔥
06:05	Incremental Machine Leaning by Example: Detecting Suspicious Activity with Zeek Data Streams, River, and JA3 Hashes	🔥🔥
06:05	Mistune — iOS Remote code execution vulnerabilities that have been hiding for a decade	🔥🔥
06:05	Celeborn: API Unhooker	🔥🔥
06:05	Stealing tokens, emails, files and more in Microsoft Teams through malicious tabs	🔥🔥

Articles recieved 13/06/2021

20:05	Reverse Engineering with Ghidra course offer	🔥🔥
15:05	SharpHook - Offensive api hooking tool written in C#	🔥🔥
15:05	Crypto Exchange Security: "As of today, there are a total of 51 hacking events, with lost funds amounting to a total of approximately $2.1 billion at the time of these hacks, with the Mt.Gox hack of 2014 being the biggest casualty yet with $661,348,000 of stolen funds."	🔥🔥
00:05	Securely Erasing Your iPhone or iPad — With a Power Drill	🔥🔥

Articles recieved 12/06/2021

18:05	So Many Ways to Own Dell EMC Networker	🔥🔥
18:04	Don't use commands, use code: the tale of Netsh & PortProxy	🔥🔥

Articles recieved 11/06/2021

19:05	Securing Samsung devices default applications	🔥🔥
19:04	Ive created a easy to use Honeypot called "Pottr" for real time threat detection, please check out my demo, feedback is very much appreciated :)	🔥🔥
02:05	ThunderCats Hack the FSB \| Your Taxes Didn’t Pay For This Op	🔥🔥
02:05	EDR Evasion: Unhooking DLLs With C#	🔥🔥
02:05	Abusing SIP for Cross-Site Scripting? Most definitely!	🔥🔥
02:05	Privilege escalation with polkit: How to get root on Linux with a seven-year-old bug	🔥🔥
02:05	Building a WebAuthn Click Farm — Are CAPTCHAs Obsolete?	🔥🔥

Articles recieved 10/06/2021

09:06

Pop-Ups in a good-world

🔥🔥

Articles recieved 09/06/2021

22:04	c0c0n 2021 \| Call For Papers & Call For Workshops is now open	🔥🔥
22:04	Let's share salary information 💰💰in InfoSec 👨‍💻👩🏿‍💻 globally 🌍 and make it publicly available	🔥🔥
22:04	How i was able to bypass parental pin of showmax	🔥🔥
22:04	Big Stages Implementation And Library Files	🔥🔥
22:04	On how to access (protected) networks	🔥🔥
22:04	Hacking Unity Games with Malicious GameObjects	🔥🔥
22:04	Now Available: Impacket Release v0.9.23	🔥🔥
14:05	ALPACA Attack	🔥🔥
14:05	Author spoofing in Google Colaboratory	🔥🔥
08:06	The Walls Have Ears - Compromising a Conference Table Microphone	🔥🔥
06:05	Fuzzing the Office Ecosystem - Check Point Research	🔥🔥
06:05	How much security gain do you get by implementing a NAC solution? The answers might suprise you.	🔥🔥
06:05	Dead Ends in Cryptanalysis #2: Timing Side-Channels	🔥🔥
06:05	NoSql Injection Cheatsheet	🔥🔥
06:05	Hacker's guide to deep-learning side-channel attacks: code walkthrough	🔥🔥

Articles recieved 08/06/2021

12:05	How to: Find WordPress Plugin Vulnerabilities Free eBooK	🔥🔥
11:05	Signal “Safety Number” denied as vulnerability but they patched it anyway... issues shrugged off while patches silently rolled out - vulnerability still active on macOS.	🔥🔥
11:05	Hack The Box: Scriptkiddie - Write-up by Khaotic	🔥🔥
11:05	Updated Mimikatz in Metasploit to play with recent features like RDP plaintext credential dumping	🔥🔥
11:05	Qualcomm IPQ40xx: Breaking into QSEE using Fault Injection	🔥🔥
11:05	Let’s Encrypt Change Affects OpenSSL 1.0.x and CentOS 7	🔥🔥
11:05	Dockerfile-sec is a simple but powerful rules-based security checker for Dockerfiles	🔥🔥
11:05	Windows Kernel Debugging & Exploitation Part 2 - Stack Overflow	🔥🔥

Articles recieved 07/06/2021

22:05	New Netcat Alternative Made In Rust	🔥🔥
22:05	NobleBaron \| New Poisoned Installers Could Be Used In Supply Chain Attacks	🔥🔥
14:05	MesaLabs AmegaView: Information Disclosure to RCE	🔥🔥
14:05	Compromising Joomla by chaining a pass reset vulnerability & stored xss for Privesc	🔥🔥
03:05	The SaaS CTO Security Checklist Redux	🔥🔥

Articles recieved 06/06/2021

22:05	Volatile Memory Forensic Analysis: jackcr difr challenge	🔥🔥
22:05	reqstress - a benchmarking&stressing tool that can send raw HTTP requests	🔥🔥
22:05	Detecting Brightdata's (formerly Luminati Networks) Data Collector as a Bot	🔥🔥
11:30	Froala Editor Version 3.2.6 - High-Risk XSS Bug	🔥🔥
11:30	Vault1317 protocol: a modern approach for metadata protection with deniability	🔥🔥
11:30	Guide to P-code Injection: Changing the intermediate representation of code on the fly in Ghidra	🔥🔥
11:30	Revisiting Realtek – A New Set of Critical Wi-Fi Vulnerabilities Discovered by Automated Zero-Day Analysis	🔥🔥
11:30	New CVE database that visualizes CVEs and shows exploit price and eco impact	🔥🔥
11:30	WE.LOCK: Unlocking Smart Locks with Web Vulnerabilities	🔥🔥
11:30	Exploiting a zero-day WebAssembly Vulnerability (CVE-2021-30734) in Apple Safari	🔥🔥
11:30	UI Security - Thinking Outside the Viewport	🔥🔥
11:30	WebLogic RCE Leads to XMRig	🔥🔥
11:30	Why We Hash Passwords	🔥🔥
11:30	OSX/Hydromac: A new macOS malware leaked from a Flashcards app	🔥🔥
11:30	More macOS Installer Flaws	🔥🔥
11:30	Automatically deploy only relevant security updates for Linux CentOS using Errata plugin from Vulners	🔥🔥
11:30	XSS in the AWS Console	🔥🔥
11:30	ASP.NET Cryptography for Pentesters	🔥🔥
11:30	Easy Hypervisor Heap Visualization with PyPANDA and HeapInspect	🔥🔥
11:30	Open source CIS Benchmark scan for Zoom security and compliance	🔥🔥
11:30	QNAP Q’center Post-Auth Remote Code Execution via QPKG	🔥🔥
11:30	SSRF Cheat Sheet & Bypass Techniques	🔥🔥
11:30	iOS User Enrollment and Trusted Certificates - or how BYOD can lead to certificates being trusted by your personal apps..	🔥🔥
11:30	An In-memory Embedding of CPython with SCYTHE	🔥🔥
11:30	Dynamic payload generation with mingw	🔥🔥
11:30	Kubernetes Goat - Designed to be an intentionally vulnerable cluster environment to learn and practice Kubernetes security	🔥🔥
11:30	hashlookup.circl.lu - public ReST API to lookup hash values against known database of files (NSRL NDS)	🔥🔥
11:30	Password Managers.	🔥🔥
11:30	/r/netsec's Q2 2021 Information Security Hiring Thread	🔥🔥

Get your Free Scan and Score Certificate

Cyber Tzar Free Score Certificate

Get your repeat Free Scan and Score Certificate

Cyber Tzar Score Summary

Cyber Security Made Simple

Cyber Tzar Your Score Explained

Cyber Tzar Platform Highlights

Cyber Tzar Gold Score Certificate

Cyber Tzar Sites

Cyber Tzar Score Analysis

Developer? Secuity Assesor? Risk Manager? Actary? We can help, whatever you need

Cyber Tzar Risk Impact Distribution