Level up your NetSec game! 🚀 Our new article dives deep into advanced packet analysis with Wireshark for proactive network security monitoring & threat detection. Master the art of packet analysis! A must-read tutorial for every security pro. 🧐
http://bytesectorx.blogspot.com/2025/05/advanced-packet-analysis-for-network.html
#PacketAnalysis #NetworkMonitoring #CyberSecurity #DeepPacketInspection #ThreatDetection #InfoSec #NetSec
Bpfilter boosts packet filtering performance by converting iptables-style rules into fast BPF programs. With fewer rules, speed matches legacy tools; with many, bpfilter handles far more before slowing. Full write-up:
Critical Samlify SSO flaw lets attackers log in as admin
Samlify is used by several SaaS services 🤯❗️
#vulnerability #netsec
https://www.bleepingcomputer.com/news/security/critical-samlify-sso-flaw-lets-attackers-log-in-as-admin/
For people who run large public HTTP services, are there any IP/JA3/fingerprint lists that you use to create outright block lists at your network edge? I'm interested in ones that you know are safe and don't cause false positives for you.
I've used Firehol in the past but unsure how up to date they are these days. Retoots appreciated!
China en North-Korea Produces half of the Attacks with APT Actors Globally! 🤯
#cybersecurity #infosec #Netsec
https://www.darkreading.com/cyber-risk/asia-apt-actors-focus-expands-globally
Mr Hamza is targeting NATO 🤯
https://www.hstoday.us/subject-matter-areas/cybersecurity/ongoing-threat-of-mr-hamza-and-allied-hacktivist-groups/
#cyberdefense #infosec #netsec
iClicker site hack targeted students with #malware via fake CAPTCHA 🤯
#infosec #netsec
https://www.bleepingcomputer.com/news/security/iclicker-hack-targeted-students-with-malware-via-fake-captcha/
I noticed a (minor but abusable) data leak in the RMM/PSA tool Atera a while ago, reported it and it's now fixed. I think it's somewhat interesting so I wrote it up.
https://fyr.io/post/atera-leaked-their-customers-to-mailinator
Tldr: if you tested your SMTP settings, it used a public mailbox on mailinator, allowing anyone to watch for (and respond to, if you're so inclined) mail. Phishing opportunity!
#infosec #atera #privacy #dataleak #mailinator #writeup #phishing #netsec
US indicts Black Kingdom ransomware admin for MS Exchange attacks. ‼️
#ransomware #netsec #infosec
Exposure assessment platforms promise to become a GPS for security pros and teams 🧠
#infosec #netsec #soc
https://www.scworld.com/perspective/exposure-assessment-platforms-promise-to-become-a-gps-for-security-pros
[Project] I built a tool that tracks AWS documentation changes and analyzes security implications
https://awssecuritychanges.com/
Discussions: https://discu.eu/q/https://awssecuritychanges.com/
Okay, so, I own seiyria.com. All emails wildcard go to my gmail. This is clearly a fake email, and I keep seeing them. How can I prevent this? More importantly, is this something someone else is using to phish? All of the links in the email seem legitimate, and they do every time, so I'm not sure what the point would be besides maybe scaring someone.
New writeup: a vulnerability in PHP's extract() function allows attackers to trigger a double-free, which in turn allows arbitrary code execution (native code)
https://ssd-disclosure.com/ssd-advisory-extract-double-free5-x-use-after-free7-x-8-x/
Discussions: https://discu.eu/q/https://ssd-disclosure.com/ssd-advisory-extract-double-free5-x-use-after-free7-x-8-x/
Identifying Overlapping Ideas and Concepts of Methods that Hide Information https://www.growkudos.com/publications/10.1145%252F3729165/reader #cybersecurity #cybersec #taxonomy #survey #steganography #covertchannels #informationhiding #systematization #infosec #netsec
Więcej pokazów hackingu na żywo od sekuraka! 23 kwietnia robimy kolejny włam… tym razem do sieci :-)
Cześć, 18 marca br. zaprosiliśmy Was na wyjątkowe wydarzenie – Dlaczego hackowanie aplikacji webowych jest proste? Michała Sajdaka, który na żywo pokazywał między innymi, jak hackować samochody, jak wejść na pokład samolotu w charakterze pilota czy jak przejąć całą organizację za sprawą kilku żądań HTTP, oglądało ponad 2000 osób, a...
#Aktualności #HackowanieSieci #Netsec #Rzepecki #Szkolenie #Szymczak
"The problem is, these code suggestions often include hallucinated package names that sound real but don’t exist. I’ve seen this firsthand. You paste it into your terminal and the install fails – or worse, it doesn’t fail, because someone has slop-squatted that exact package name."
https://www.theregister.com/2025/04/12/ai_code_suggestions_sabotage_supply_chain/
11 stopni wtajemniczenia – jak zostać Netsecurity Masterem z sekurakiem?
Kto z nas nie chciał zostać hackerem? Filmy takie jak Johnny Mnemonic czy Matrix wyjątkowo pobudzały wyobraźnię. Teraz zwizualizuj sobie, że włamujesz się do sieci jak filmowy hacker – ubrany w bluzę z kapturem, z kawą w ręku, siedzisz przed komputerem, ale legalnie, bez policyjnych syren w tle. Brzmi jak...
#Aktualności #BezpieczeństwoSieci #Jarosiński #Netsec #Rzepecki #Szkolenie #Turba
https://sekurak.pl/11-stopni-wtajemniczenia-jak-zostac-netsecurity-masterem-z-sekurakiem/
Download my WordPress plugin
#Homelab #update - I got #IPFire installed o my #RaspberryPi #router and suddenly all outgoing traffic is blocked. I am happy that I have literally add the devices to the green network to make things but now I am questioning what kind of firewall was already present in #OpenWRT where everything 'just worked'? Apparently #UPnP is such a big security hole. I am stuck without some services but am forced to learn #NetSec so liking it.
For ref - https://community.ipfire.org/t/miniupnpd-deprecated/5707/2
