[ News | Blogs | Reddits | Lists | Media | ? ] HoneyDB

/r/netsec - Information Security News & Discussion
Attack matrix for Kubernetes (by Microsoft)
Sandboxie Open Source Code is available for download
InfoSec Oasis - Free VR (Optional) InfoSec Conference April 18th
Brim: open source desktop app to analyze pcaps with Zeek.
OSS-Fuzz integration for LibreSSL
Threat Mapper - Powerful vulnerability scanner for Kubernetes and more
A tool for hiding your online assets from online scanners
OhMyZsh dotenv Remote Code Execution
The Magic in Hacking - Exploit Development - 0x00sec
Tale of two hypervisor bugs - Escaping from FreeBSD bhyve
Malware Analysis & Reports
[Video] Malware Theory - Network Worm Basics
Sekhmet Ransomware for Analysis
Sandbox to detonate malware and phishing links for the team at work
Beware of New Coronavirus Wiper Malware. A new wiper malware has been detected that uses a similar method to the 2017 NotPetya wiper malware to trash computers by overwriting the Master Boot Record (MBR) to render computers useless
[Information] Unique PC identifier called by this software (imports in post)
[Blog Article] Weird, Scary, and Annoying malware
Nanocore & CypherIT
Excision: An In-Browser System for Detection of Malicious Third-Party Content Inclusions
Suggestions
Zoomed In: A Look into a Coinminer Bundled with Zoom Installer
blackhat library: Documenting hacking techniques
Universally Evading Sysmon and ETW
I have a question
Simple RCE in Liferay Portal JSON web service
Using Malicious Azure Apps to Infiltrate a Microsoft 365 Tenant
Could i route an nmap scan through a reverse ncat shell?
Jaeles v0.6 - The Swiss Army knife for automated Web Application Testing
Android Coronavirus related malware tracker
Context Menu Persistance using DLL Hijacking
PSA: Spread awareness of "EARN IT Act", our privacy is at risk, again.
What is the point of second hand devices?
Discussion and Disclosure of Web Vulnerabilities
OriginTracer: An In-Browser System for Identifying Extension-based Ad Injection
Userdir URLs like https://example.org/~username/ are dangerous
Excision: An In-Browser System for Detection of Malicious Third-Party Content Inclusions
Crawlium (DeepCrawling): A crawling platform based on Chrome (Chromium) browser to get a deeper look into the ecosystem of content inclusion on the Web.
Daily updated list of COVID-19 themed cyber attacks and threats you should be aware of.
Automatically Generate Content Security Policy Headers (Chrome/Firefox)
Analysis of WP-VCD malware spreading with COVID-19 themed WordPress plugins
Web Cache Deception Named Top Web Hacking Technique of 2019
Deconstructing Web Cache Deception Attacks: They're Bad; Now What?
Detecting Privacy Badger’s Canvas FP detection
Computer Forensics
Crime stories in digital forensics?
Autopsy Training free until 15th May 2020
Redline: File and Process correlation
Re-aquire/create L01 without EnCase
How in-depth is a forensic analyst's on-the-fly knowledge about computers expected to be?
OpenSSL Decryption Lab - Help!
Surface Book acquisition issues
FTKImager closing (no error message or anything)
A lost cause? Found this CD extremely well hidden in my new apartment.
My girlfriend's mother passed away. We have the hard drive from her old computer, but it is locked with an (unknown) ATA password. Is there any way we can get past it?
XSS - Cross Site Scripting
Help: Need help avoiding getting sealed into a double quote.
When logging into Reddit from mobile, can a session be hijacked (determined actors) by injecting malicious Javascript into the login page? If so, can they see the user session live while they browse? (XSS) Are companies like Reddit known to comply with state hackers who target Reddit users?
JavaScript without parentheses using DOMMatrix
WRITE UP – FROM CLOSED AS INFORMATIVE TO $3,500 USD, XSS STORED IN YAHOO! IOS MAIL APP
Critical XSS vulnerability patched in WordPress plugin GDPR Cookie Consent | ZDNet
DOM Clobbering strikes back - Portswigger Research
SVG animate XSS vector - PortSwigger Writeup
Zero-Day Research: Mechanical Keyboard Finder Version 4.31
Top 100 XSS dorks – OpenBugBounty Blog
What does this "Filler" mean in the following payload ???
pwned
Personal details for the entire country of Georgia published online
Hacker Steals Millions of Accounts from Yu-Gi-Oh Fan Project ‘Dueling Network’
Cyberattack paralyzes California City of Torrance email, website, credit card payments
California-based defense contractor Communications & Power Industries (CPI) knocked offline by ransomware attack; paid a ransom of about $500,000 in mid-January, but company still not yet fully operational
Ransomware attack disables IT provider for Australian & New Zealand wool markets; forces cancellation of wool sales across Australia
North Carolina city and county governments of Durham victims of Ryuk ransomware attack
Former DHS official charged with theft of confidential government software, databases
Visser Precision, parts-maker for Tesla, SpaceX, and Boeing hit by data-stealing ransomware. Stolen files and documents published online
360,000 Quebec teachers PII possibly compromised in breach of Ministère de l’Éducation et de l’Enseignement supérieur network
Mexico's Office for Economic Affairs hit by cyber attack; mail and archive servers affected, but "sensitive information" considered not compromised
Cryptography news and discussions
Noob question regarding block cipher modes
How would I make the most secure login if the password can only be 5 characters?
Monthly cryptography wishlist thread, April 2020
why does my bank and other web services want me to have numbers, upper and lower case letters and special characters in my password if they don't increase my password security?
How do you create a cryptographically secure password?
2 encryption structure ideas
Which certification is the most prestigious in the Industry?
can i create an original cryptographically secure password using two decks of playing cards?
Recommendations to learning sources for beginners?
The anti-Crypto Senator Says Zoom is Lying about its end-to-end encryption
Hack Bloc
Fighting Uber with blockchain cooperatives feat. Dardan Isufi from Eva Coop
Do you?
The EARN IT Bill Is the Government's Plan to Scan Every Message Online
Leftists like Noam Chomsky and Richard Wolff Think About Blockchain Positively
Corona Virus - What We Can Do From Home
Memespeech: Censor-proof End-to-End Encryption
Chelsea Manning Hospitalized After Suicide Attempt
Web Application Hacker's Handbook Extras
A step-by-step guide to finding and removing your personal information from the internet
The Blockchain Socialist | I’m a Leftist and Like Crypto, Should I Buy Bitcoin? - "It’s a small price to pay, but don’t worry, Karl will still let you in to Marxist Valhalla in the afterlife."