|[ News | Blogs | Reddits | Lists | Media | ? ] HoneyDB|
/r/netsec - Information Security News & Discussion
Using Zero Trust principles to protect against sophisticated attacks like Solorigate - Microsoft Security
Malware Analysis & Reports
Blackhat Library: Hacking techniques and research
what do you think about this idea ? Dns spoofing + Rouge AP to achieve a perfect timed splash/captive portal mimc page that pops up instantly whenever a user tries to open an app , then it phishes them for the creds + 2FA if required getting them convinced that the pop is/from the real app.
Hacks used to involve lots of shell cmds... Now modular malware, which looks benign and is injected with malicious behaviors, is the new normal. Great piece from a cyber engineer here.
Discussion and Disclosure of Web Vulnerabilities
Bug bounty 100 uniques security issues learning in JUST 20 hours. Search in YouTube for "bug bounty tutorial uday datrak"
Anyone know an alternative to VPN that still lets you control who can reach your site/service, but with a more convenient client-side setup?
Mail allegedly from Voodoo Bear claiming they will DDOS us unless we pay them BTC - anyone else? If so did they follow through?
Is Computer Forensics InfoSec Pro Guide still relevant and the first book someone new to the field should read?
XSS - Cross Site Scripting
Is urlencodeuri from https://localdomain.pw/xss/?urlencodeuri=foo is vulerable to HTML Entities xss attack?
Is there alternate testphp vulnweb website that have low level cloudflare web application firewall that protect it from cross site script attack?
How a xss injector bypass a cloudflare xss filter that done nothing but encode its xss payload, prevent it from attacked?
Scotland environmental regulator hit by ‘ongoing’ ransomware attack since Christmas Eve - internal systems and external data products are still offline
Washingtonstate -based Jefferson Healthcare falls victim to phishing attack, 2,500+ patients' data exposed
European Medicines Agency compromised by cybercriminals who 'manipulated' stolen COVID-19 vaccine data before leaking it online, in an attempt to "undermine trust" in COVID-19 vaccines
eHealth cyberattack affected millions of files, was one of Sask.'s worst breaches ever: privacy commissioner | CBC News
Cryptography news and discussions
[A bit off topic] Craig Wright is making fraudulent lawsuits claiming copyright on the Bitcoin whitepaper
Pretty sure somebody's using the application called something shell tethering my phone to a computer how it going to go about disabling the tether.. he's Arduino board attached to a raspberry pi to transmit 2.4 and kind of doing screen grabs with in source software the idea is how to put a stop to i