Tuesday, December 11, 2018

FreeRTOS tcpip vulnerabilities – Whitepaper

submitted by /u/IamNullByte

Demystifying Kubernetes CVE-2018-1002105 (and a dead simple exploit)

submitted by /u/reddit_read_today

Polkit privilege escalation for users with larger UIDs

submitted by /u/kulinacs

HTTPS in the real world

submitted by /u/businesstrout

Red and blue team tooling for AD joined UNIX boxes

submitted by /u/timb_machine

Billion Laugh Attack in sites google com

submitted by /u/asanso

Free root access in PolicyKit for UIDs > INT_MAX

submitted by /u/fridsun

Kubernetes privilege escalation, its patch day!

submitted by /u/CMDR_Shazbot

Remotely Hijacking Zoom Clients

submitted by /u/chicksdigthelongrun

Abuse MITM possible regardless of HTTPS

submitted by /u/digicat

Using google translator as a proxy to a reverse shell.

submitted by /u/mthbernardes

fuzz.txt – potentially dangerous files for dirbusting

submitted by /u/i_bo0om

Quarter of NHS Trusts Have No Security Pros

Quarter of NHS Trusts Have No Security ProsNew research has revealed a dearth of qualified cybersecurity staff in the NHS and low levels of spending on in-house training for employees. RedScan received Freedom of Information (FOI) responses from 159 trusts...

What is a keylogger? How attackers can monitor everything you type

Keylogger definitionTo read this article in full, please click here(Insider Story)
Computerworld

And that was actually the CLEAN version!

It's more than a few years back, and this oilfield services company is implementing a new email filter, says a pilot fish working there."It was part of an email security product," fish says. "The filter could identify emails containing...

Review: How StackRox protects containers

With the rise of cloud computing and later DevOps, containerization has never been more popular. But cybersecurity has yet to fully catch up. Even security applications designed to work natively in the cloud have trouble protecting the most popular...

Dark web goldmine busted by Europol

What’s the safest way to buy counterfeit banknotes? Not on the dark web market, as 235 people have just discovered to their cost.