#NetSec

ByteSectorXbytesectorx
2025-05-23

Level up your NetSec game! 🚀 Our new article dives deep into advanced packet analysis with Wireshark for proactive network security monitoring & threat detection. Master the art of packet analysis! A must-read tutorial for every security pro. 🧐

bytesectorx.blogspot.com/2025/

TechnoTenshi :verified_trans: :Fire_Lesbian:technotenshi@infosec.exchange
2025-05-23

Bpfilter boosts packet filtering performance by converting iptables-style rules into fast BPF programs. With fewer rules, speed matches legacy tools; with many, bpfilter handles far more before slowing. Full write-up:

lwn.net/Articles/1017705/

#linux #bpf #netsec #firewall

🄷e⃞i⃞t⃞e⃞c⃞ Ⓜ️Heitec
2025-05-22

Critical Samlify SSO flaw lets attackers log in as admin
Samlify is used by several SaaS services 🤯❗️

bleepingcomputer.com/news/secu

2025-05-22

For people who run large public HTTP services, are there any IP/JA3/fingerprint lists that you use to create outright block lists at your network edge? I'm interested in ones that you know are safe and don't cause false positives for you.

I've used Firehol in the past but unsure how up to date they are these days. Retoots appreciated!

#netsec #ja3 #blocklist

🄷e⃞i⃞t⃞e⃞c⃞ Ⓜ️Heitec
2025-05-21

China en North-Korea Produces half of the Attacks with APT Actors Globally! 🤯

darkreading.com/cyber-risk/asi

🄷e⃞i⃞t⃞e⃞c⃞ Ⓜ️Heitec
2025-05-12
2025-05-09

I noticed a (minor but abusable) data leak in the RMM/PSA tool Atera a while ago, reported it and it's now fixed. I think it's somewhat interesting so I wrote it up.

fyr.io/post/atera-leaked-their

Tldr: if you tested your SMTP settings, it used a public mailbox on mailinator, allowing anyone to watch for (and respond to, if you're so inclined) mail. Phishing opportunity!

#infosec #atera #privacy #dataleak #mailinator #writeup #phishing #netsec

🄷e⃞i⃞t⃞e⃞c⃞ Ⓜ️Heitec
2025-05-03
🄷e⃞i⃞t⃞e⃞c⃞ Ⓜ️Heitec
2025-04-26

Exposure assessment platforms promise to become a GPS for security pros and teams 🧠

scworld.com/perspective/exposu

DevOps Weeklydevops_discussions
2025-04-25

[Project] I built a tool that tracks AWS documentation changes and analyzes security implications

awssecuritychanges.com/

Discussions: discu.eu/q/https://awssecurity

2025-04-22

Okay, so, I own seiyria.com. All emails wildcard go to my gmail. This is clearly a fake email, and I keep seeing them. How can I prevent this? More importantly, is this something someone else is using to phish? All of the links in the email seem legitimate, and they do every time, so I'm not sure what the point would be besides maybe scaring someone.

PHP Weeklyphp_discussions
2025-04-17

New writeup: a vulnerability in PHP's extract() function allows attackers to trigger a double-free, which in turn allows arbitrary code execution (native code)

ssd-disclosure.com/ssd-advisor

Discussions: discu.eu/q/https://ssd-disclos

2025-04-16

Więcej pokazów hackingu na żywo od sekuraka! 23 kwietnia robimy kolejny włam… tym razem do sieci :-)

Cześć, 18 marca br. zaprosiliśmy Was na wyjątkowe wydarzenie – Dlaczego hackowanie aplikacji webowych jest proste? Michała Sajdaka, który na żywo pokazywał między innymi, jak hackować samochody, jak wejść na pokład samolotu w charakterze pilota czy jak przejąć całą organizację za sprawą kilku żądań HTTP, oglądało ponad 2000 osób, a...

#Aktualności #HackowanieSieci #Netsec #Rzepecki #Szkolenie #Szymczak

sekurak.pl/wiecej-pokazow-hack

2025-04-14

"The problem is, these code suggestions often include hallucinated package names that sound real but don’t exist. I’ve seen this firsthand. You paste it into your terminal and the install fails – or worse, it doesn’t fail, because someone has slop-squatted that exact package name."

theregister.com/2025/04/12/ai_

#WebDev #security #NetSec

2025-04-03

11 stopni wtajemniczenia – jak zostać Netsecurity Masterem z sekurakiem?

Kto z nas nie chciał zostać hackerem? Filmy takie jak Johnny Mnemonic czy Matrix wyjątkowo pobudzały wyobraźnię. Teraz zwizualizuj sobie, że włamujesz się do sieci jak filmowy hacker – ubrany w bluzę z kapturem, z kawą w ręku, siedzisz przed komputerem, ale legalnie, bez policyjnych syren w tle. Brzmi jak...

#Aktualności #BezpieczeństwoSieci #Jarosiński #Netsec #Rzepecki #Szkolenie #Turba

sekurak.pl/11-stopni-wtajemnic

2025-04-02

What are those usernames lol #netsec

The word cloud shows the most commonly used usernames that have been used in attempted attacks on our Honeypots in the last 14 days.
2025-03-27

#Homelab #update - I got #IPFire installed o my #RaspberryPi #router and suddenly all outgoing traffic is blocked. I am happy that I have literally add the devices to the green network to make things but now I am questioning what kind of firewall was already present in #OpenWRT where everything 'just worked'? Apparently #UPnP is such a big security hole. I am stuck without some services but am forced to learn #NetSec so liking it.

For ref - community.ipfire.org/t/miniupn

Client Info

Server: https://mastodon.social
Version: 2025.04
Repository: https://github.com/cyevgeniy/lmst