[ News | Blogs | Reddits | Lists | Media | ? ] HoneyDB

/r/netsec - Information Security News & Discussion
SharpHound: Evolution of the BloodHound Ingestor [xpost /r/WindowsSecurity]
Stepping Up the Cloud Security Game
Joomla! Login Bypass via LDAP Injection
Abusing delay load DLLs for remote code injection
BSides Augusta 2017 [Videos]
Evidence Aurora Operation Still Active: Supply Chain Attack Through CCleaner
Breaking out of restricted windows environment
Mystique may be used to discover infection markers that can be used to vaccinate endpoints against malware. It receives as input a malicious sample and automatically generates a list of mutexes that could be used to as “vaccines” against the sample.
Common WiFi Attacks And How To Detect Them
Epson EasyMP Projector Takeover (CVE-2017-12860 / CVE-2017-12861)
Malware Analysis & Reports
Should I switch from Avira back to Avast now?
really weird antivirus scam
CCleaner Compromised to Distribute Malware for Almost a Month
How to Keep Your Android Device From Xafecopy Trojan Malware?
What is the best AV at the moment?
Found a rat, looks very similar to NJRAT, anyone have more info/builder?
"WhatApps" app on an android device.
Reverse engineering and malware analysis
HookAds Campaign Leads to RIG EK and Drops ZeuS Panda.
Found this obfuscated VBScript running on a computer, but no idea what it is doing.
blackhat library: Documenting blackhat hacking techniques
Efficient and advanced man in the middle framework : XEROSPLOIT
Credentials Recovery Tool : Lazagne V2.2 RELEASED
Brute Force router to get the password (works like a charm)
How to hack wifi using pixie dust attack
SIP-Based Audit and Attack Tool
Domain information gathering using the linux terminal
Using nmap for information gathering(can be used to scan Public IP ranges)
MSFvenom Payload Creator
Beware of the Bashware: A New Method for Any Malware to Bypass Security Solutions
They're Trying to Hack Your PayPal Account!
Discussion and Disclosure of Web Vulnerabilities
Cyber Security worksop for developers @ NYC
Massive US credit bureau hack affecting 143-m customers raises troubling questions
Cybersecurity has become an $80 billion industry, growing at 10 percent per year. But despite the hefty amount of investment in security tools and products, the number of attacks is outpacing the spend rate
Abandoned Domain Takeover as a Web Security Risk
Identify malicious traffic in web server logs
10 tips for reducing insider security threats.- Follow employee termination principles carefully
The State of Cybersecurity with Tom Kemp and Parham Eftekhari
[#blogged] Cookies and Scream - Open redirects from an encoded & "safe" input?!
This database can help if you're troubleshooting bot traffic or suspicious IPs
Looks like Amazon may have an xss hole
Computer Forensics
Tableau Imager 1.21.5 Error - Destination File Path Invalid Format
How do you search a dump file?
Types of ports for hard drive
Potential artifact appdata\local\crashdumps iexplore.exe.***.dmp
Digital forensics Research paper topic
Does anyone know of a tool that will run a dictionary attack on a disk with Checkpoint full disk encryption?
Is a CF Expert need to know digital image forensics?
iOS Question: Why so many springboard screenshots?
Career Advice: Getting into a DFIR team?
Jpeg File Format
XSS - Cross Site Scripting
XSS Files Find, Exploit, Eliminate
Reflected XSS in Yahoo!
The Grave Accent and XSS
This chart is everything. Literally.
Reflected XSS Bug Patched in Popular WooCommerce WordPress Plugin | Threatpost
XSStrike - Crawl, Fuzz & Bruteforce Parameters For XSS || It Can Also De...
Can someone check if this download has a XSS vulnerability and if I should be worried?
Non-Alphabetic JavaScript for XSS
Is "OpenBugBounty" legal to use?
New XSS Auditor Bypass
pwned
Vevo Music Video Service Hacked — 3.12TB of Internal Data Leaked
CCleaner got pwned by hackers!
Vevo Just Got Hacked
Equifax Hackers Stole 200k Credit Card Accounts in One Fell Swoop
Massive US credit bureau hack affecting 143-m customers raises troubling questions
Equifax Data Breach Notification
Metasploit Module for Apache Struts 2 REST (CVE-2017-9805) Now available for download
More Celebrity Photos Leaked
US Voting Machine Supplier Leaks 1.8 Million Chicago Voter Records
[Self-pwn] Game of Thrones season 7 episode 6 leaks after HBO accidentally airs it across Europe
Cryptography related news and discussions
Why Keccak (SHA-3) is not ARX
Is CryptoNight an ideal key derivation function?
Moxie Marlinspike interview at TechCrunch Disrupt
Introducing Keybase Teams: an open source and end-to-end encrypted Slack-like app
The Loopix Anonymity System Wants to Be a More Secure Alternative to Tor
How my phrase can recover the private keys in my Nano Ledger S? What is the mechanism behind it?
Systems with multiple required passwords?
PyDHE - a Fully Python Diffie-Hellman API
Root Causes of False Positive Chrome Certificate Errors (study based on data from Chrome's telemetry)
Starting new blog, mostly on crypto concepts. Please provide feedback!
Hack Bloc
Dark Overlord Hackers target Montana school districts.
a cooperative and transparent approach to operating our social platforms
Security.txt Standard Proposed, Similar to Robots.txt
Long Range WiFi Hacking Station at Home Using Powerful Antenna
SMT: An encrypted file container, that you can send to another person who wont know the PW, but can put files in it and send it back to you.
Hackerñol - 00001000 - Colectivo AnarcoHacker Hispagatos en Defcon/Bsides y Entrevistas [Interview in english with the actual hackbloc founder at minute 1:20
Leveraging fear of WannaCry for Spamming and Phishing
Critical Pacemaker Vulnerability Revealed - Millions of Lives at Risk
Winter is Coming as Malware
Intel ME controller chip has secret kill switch