Information Security News
we are @sec_nerd twin brother and we will be covering cyber incidents, exploits and articles about information security in english.
#start
@sec_nerd_en
we are @sec_nerd twin brother and we will be covering cyber incidents, exploits and articles about information security in english.
#start
@sec_nerd_en
This #PHP #security issue is very nice
https://bugs.php.net/bug.php?id=76582
#php
#security
@sec_nerd_en
https://bugs.php.net/bug.php?id=76582
#php
#security
@sec_nerd_en
Information Security pinned «Information Security News we are @sec_nerd twin brother and we will be covering cyber incidents, exploits and articles about information security in english. #start @sec_nerd_en»
RDP Pivoting with Metasploit
http://www.hackingarticles.in/rdp-pivoting-metasploit/
#msf
#rdp
#windows
#pivoting
@sec_nerd_en
http://www.hackingarticles.in/rdp-pivoting-metasploit/
#msf
#rdp
#windows
#pivoting
@sec_nerd_en
Hacking Articles
RDP Pivoting with Metasploit - Hacking Articles
In our previous tutorial we had discussed on SSH pivoting and today we are going to discuss RDP pivoting. From Offensive Security Pivoting is a technique
Practical case: Buffer Overflow 0x01
https://maxkersten.nl/binary-analysis-course/assembly-basics/practical-case-buffer-overflow-0x01/
#aslr
#gdb
@sec_nerd_en
https://maxkersten.nl/binary-analysis-course/assembly-basics/practical-case-buffer-overflow-0x01/
#aslr
#gdb
@sec_nerd_en
"If you don't stop asking me if we are nearly there yet, I will turn this bus round; and none of you will get to see Salisbury cathedral. Do you hear me?"
#fun
#russia
@sec_nerd_en
#fun
#russia
@sec_nerd_en
https://resources.infosecinstitute.com/2-malware-researchers-handbook-demystifying-pe-file/#gref
#PE32_Extended
#Windows_Internals
@sec_nerd_en
#PE32_Extended
#Windows_Internals
@sec_nerd_en
Infosecinstitute
Malware researcher’s handbook (demystifying PE file) | Infosec
(For the Introduction, click here)
PE file
Portable executable file format is a type of format that is used in Windows (both x86 and x64).
As per Wikipe
PE file
Portable executable file format is a type of format that is used in Windows (both x86 and x64).
As per Wikipe
This media is not supported in your browser
VIEW IN TELEGRAM
A Chinese company is developing software that can read lips - likely to be used alongside facial recognition tech at some point
#facial_recognition
#china
#ai
@sec_nerd_en
#facial_recognition
#china
#ai
@sec_nerd_en
Hide an ADS in a folder > create a sub-folder > the hidden #ADS is automatically duplicated in the new sub-folder! Is this a feature or a bug? #DFIR
#windows
#cmd
@sec_nerd_en
#windows
#cmd
@sec_nerd_en
VLAN Hopping and Mitigation
https://www.alienvault.com/blogs/security-essentials/vlan-hopping-and-mitigation
#network
#vlon_hopping
#pentest
#pivoting
@sec_nerd_en
https://www.alienvault.com/blogs/security-essentials/vlan-hopping-and-mitigation
#network
#vlon_hopping
#pentest
#pivoting
@sec_nerd_en
Alienvault
VLAN Hopping: How to Prevent an Attack
We’ll start with a few concepts:
VLAN
A virtual local area network (VLAN) is used to share the physical network while creating virtual segmentations to divide specific groups. For example, a host on VLAN 1 is separated from any host on VLAN 2. Any packets…
VLAN
A virtual local area network (VLAN) is used to share the physical network while creating virtual segmentations to divide specific groups. For example, a host on VLAN 1 is separated from any host on VLAN 2. Any packets…
Blockchain betting app mocks competitor for getting hacked. Gets hacked four days later
hacker going online by the pseudonym of "aabbccddeefg" has exploited a vulnerability to steal over 24,400 EOS coins ($125,000) from a blockchain-based betting app.
The hack took place last night, and the targeted app is called EOSBet Dice, run by a company named EOSBet Cassino. The app lets users bet EOS cryptocurrency as part of a classic dice game
The game has been running online for a few months, but yesterday, a Reddit user spotted that an EOS user named aabbccddeefg had siphoned a large stack of funds from the EOSBet Dice's shared money pool.
The Redditor says he identified a vulnerability in the dice game's source code --which, in turn, was based on an open source EOS dice-betting game called Fair Dice.
The hacker operated by sending a transaction to the EOSBet main game account, which exploited a lack of proper parameter checks that allowed the hacker to trick the game into sending back fake earnings.
https://www.zdnet.com/article/blockchain-betting-app-mocks-competitor-for-getting-hacked-gets-hacked-four-days-later/
#news
#breach
#btc
#cryptocurrency
@sec_nerd_en
hacker going online by the pseudonym of "aabbccddeefg" has exploited a vulnerability to steal over 24,400 EOS coins ($125,000) from a blockchain-based betting app.
The hack took place last night, and the targeted app is called EOSBet Dice, run by a company named EOSBet Cassino. The app lets users bet EOS cryptocurrency as part of a classic dice game
The game has been running online for a few months, but yesterday, a Reddit user spotted that an EOS user named aabbccddeefg had siphoned a large stack of funds from the EOSBet Dice's shared money pool.
The Redditor says he identified a vulnerability in the dice game's source code --which, in turn, was based on an open source EOS dice-betting game called Fair Dice.
The hacker operated by sending a transaction to the EOSBet main game account, which exploited a lack of proper parameter checks that allowed the hacker to trick the game into sending back fake earnings.
https://www.zdnet.com/article/blockchain-betting-app-mocks-competitor-for-getting-hacked-gets-hacked-four-days-later/
#news
#breach
#btc
#cryptocurrency
@sec_nerd_en
ZDNet
Blockchain betting app mocks competitor for getting hacked. Gets hacked four days later
Hacker steals roughly $220,000 from blockchain-based online gambling app by exploiting vulnerability in EOS smart contract (game's source code).
Backup solution provider Veeam are notifying customers of a security breach of one of the customer databases #infosec #security
#news
#breach
@sec_nerd_en
#news
#breach
@sec_nerd_en