2019-05-03 Random Interesting Shit

Categories Hacker Shit, Information Technology, News Feed Stuff, Security Stuff, Stuff To Learn

ESI Injection Part 2: Abusing specific implementations
https://www.gosecure.net/blog/2019/05/02/esi-injection-part-2-abusing-specific-implementations
#hackerstuff #HackThePlanet

How to Reverse Malware on macOS Without Getting Infected | Part 1
https://www.sentinelone.com/blog/how-to-reverse-macos-malware-part-one/
#hackerstuff #HackThePlanet

“Mysterious” Hacker Group is on a Supply Chain Hijacking Spree
https://www.wired.com/story/barium-supply-chain-hackers/
#hackerstuff #HackThePlanet

Infosec_Reference – An Information Security Reference That Doesn’t Suck
https://github.com/rmusser01/Infosec_Reference
#hackerstuff #HackThePlanet

2019-05-02 Random Interesting Shit

Categories Hacker Shit, Information Technology, News Feed Stuff, Security Stuff, Stuff To Learn

Pre-Installed Software Flaw Exposes Most Dell Computers to Remote Hacking
https://thehackernews.com/2019/05/dell-computer-hacking.html
#hackerstuff #HackThePlanet

DHS Orders Federal Agencies to Patch Critical Flaws Within 15 Days
https://thehackernews.com/2019/05/dhs-patch-vulnerabilities.html
#hackerstuff #HackThePlanet

Firm suffers largest ever DDoS attack peaking at 580 million PPS
https://www.hackread.com/firm-suffers-largest-ever-ddos-attack-peaking-at-580-million-pps/
#hackerstuff #HackThePlanet

Zero to Hero – Practical Network Pentesting course – Wednesdays at 8pm EST
https://www.thecybermentor.com/zero-to-hero-pentesting
#hackerstuff #HackThePlanet

2019-04-24 Random Interesting Shit

Categories Hacker Shit, Information Technology, News Feed Stuff, Security Stuff, Stuff To Learn

‘Karkoff’ Is the New ‘DNSpionage’ With Selective Targeting Strategy
https://thehackernews.com/2019/04/karkoff-dnspionage-malware.html
#hackerstuff #HackThePlanet

Hackers Actively Exploiting Widely-Used Social Share Plugin for WordPress
https://thehackernews.com/2019/04/wordpress-plugin-hacking.html
#hackerstuff #HackThePlanet

Write-up for Gemini Inc: 1

Write-up for Gemini Inc: 1


#hackerstuff #HackThePlanet

Bodybuilding.com suffers data breach; issues password reset for all users

Bodybuilding.com suffers data breach; issues password reset for all users


#hackerstuff #HackThePlanet

Wall Street market exit scam? Admins steal $30 million worth of crypto

Wall Street market exit scam? Admins steal $30 million worth of crypto


#hackerstuff #HackThePlanet

Building a VPN for Mobile Devices at the Network Level

Building a VPN for Mobile Devices at the Network Level


#hackerstuff #HackThePlanet

On insecure zip handling, Rubyzip and Metasploit RCE (CVE-2019-5624)
https://blog.doyensec.com/2019/04/24/rubyzip-bug.html
#hackerstuff #HackThePlanet

Ekaterina Khrustaleva, ImmuniWeb: There’s No Silver Bullet for IoT Security

Ekaterina Khrustaleva, ImmuniWeb: There’s No Silver Bullet for IoT Security


#hackerstuff #HackThePlanet

Besder – An Investigative Journey Part 1
http://blog.0x42424242.in/2019/04/besder-investigative-journey-part-1_24.html
#hackerstuff #HackThePlanet

The most common OAuth 2.0 Hacks
https://habr.com/en/post/449182/
#hackerstuff #HackThePlanet

2019-04-23 Random Interesting Shit

Categories Hacker Shit, Information Technology, Security Stuff, Stuff To Learn

Source Code for CARBANAK Banking Malware Found On VirusTotal
https://thehackernews.com/2019/04/carbanak-malware-source-code.html
#hackerstuff #HackThePlanet

huawei-block-list – Captured DNS requests from Huawei P30 Pro to a block list
https://github.com/pe3zx/huawei-block-list#explanation-for-an-existing-of-beiangovcn
#hackerstuff #HackThePlanet

Ignoring Atlassian Confluence Security Advisories?
https://b4d.sablun.org/blog/2019-04-19-ignoring-atlassian-confluence-security-advisories/
#hackerstuff #HackThePlanet

How I found 5 ReDOS Vulnerabilities in Mod Security CRS
https://medium.com/@somdevsangwan/how-i-found-5-redos-vulnerabilities-in-mod-security-crs-ce8474877e6e?sk=c64852245215d6fead387acbd394b7db
#hackerstuff #HackThePlanet

2019-04-22 Random Interesting Shit

Categories Hacker Shit, Information Technology, Security Stuff, Stuff To Learn

The Weather Channel goes offline after ransomware attack

The Weather Channel goes offline after ransomware attack


#hackerstuff #HackThePlanet

WannaCry hero MalwareTech pleads guilty to writing banking malware

WannaCry hero MalwareTech pleads guilty to writing banking malware


#hackerstuff #HackThePlanet

viewgen – a ViewState tool capable of generating both signed and encrypted payloads with leaked validation keys
https://github.com/0xACB/viewgen
#hackerstuff #HackThePlanet