/r/netsec - Information Security News & Discussion - Reddit [PDF]

popular - all - random - users | askreddit - worldnews - videos - funny - todayilearned - pics - gaming - movies - news - gifs - mildlyinteresting - aww - showerthoughts - television - jokes - science - oldschoolcool - sports - iama more » - docum

my subreddits

[root@netsec /]#

hot

new

rising

top

gilded

Want to join? Log in or sign up in seconds. | English

wiki

Thanks for flying air /r/netsec - please check the sidebar before submitting.

search

Welcome to Reddit. Come for the cats, stay for the empathy. BECOME A REDDITOR

and start exploring.

password

remember me

reset password

login

Hack your Holidays with Hak5 Gear - ON SALE NOW (hakshop.com)

45

promoted by hak5darren promoted save

77

username

report

/r/netsec's Q4 2017 Information Security Hiring Thread

hiring thread

submitted 2 months ago by sanitybit [M] - [Featured post]

7

The /r/netsec Monthly Discussion Thread - December 2017

discussion

submitted 22 days ago by AutoModerator [M] - [Featured post]

135

Windows DMA Attacks : Gaining SYSTEM shells using a generic patch (sysdream.com) submitted 20 hours ago by phocean 4 comments

19

share

save

hide

report

/r/netsec - Information Security News

submitted 22 hours ago by eth0izzle share

save

subscribe

hide

report

A community for technical news and discussion of information security and closely related topics.

submitted 1 day ago by TheDauntless_ save

hide

231,044 Hackers

419 Active Users (last 15 minutes)

Intercepting HTTPS Traffic from Apps on Android 7+ using Magisk & Burp | NVISO LABS (blog.nviso.be )

"Give me root, it's a trust exercise."

report

Featured Posts

Zealot: New Apache Struts Campaign Uses EternalBlue and EternalSynergy to Mine Monero on Internal Networks

Q4 2017 InfoSec Hiring Thread

(f5.com)

Getting Started in Information Security

submitted 1 day ago by based2

CitySec Meetups

7 comments

20

Submit Text Post

SwordPhish - free, lightweight and open-source phish reporting tool (github.com)

comment share

213

Submit Content

report

submitted 16 hours ago by alain_proviste

5 comments

28

hide

IDA Plug-in contest 2017 results (hex-rays.com) comment share

47

save

share

save

hide

report

Content Guidelines

Arbitrary Linux kernel memory read+write via incorrect range tracking in eBPF (bugs.chromium.org )

/r/netsec only accepts quality technical posts. Non-technical posts are subject to moderation.

submitted 1 day ago by 0xdea 3 comments

share

save

hide

report

Content should focus on the "how."

2

3

Using ElastAlert to Help Automate Threat Hunting (jordanpotti.com)

Check the new queue for duplicates.

submitted 17 hours ago by ok_bye_now_

Always link to the original source.

comment share

Titles should provide context.

save

hide

report

Ask questions in our Discussion Threads.

ZDI's last Top 5 bug of 2017 details a matched pair of JavaScript bugs that could allow RCE on unpatched versions of Edge.

Hiring posts must go in the Hiring Threads. Commercial advertisement is discouraged. Do not submit prohibited topics.

(zerodayinitiative.com) submitted 21 hours ago by RedmondSecGnome comment share

46

hide

» Our fulltext content guidelines

report

Discussion Guidelines

Processing network security logs with Bro Analysis Tools (BAT) (blog.kitware.com) submitted 1 day ago by waxlamp 6 comments

23

save

share

save

Don't create unnecessary conflict.

hide

report

Keep the discussion on topic. Limit the use of jokes & memes.

Couple words about rsync protocol based on breach of 2k emails from Czech university. (medium.com)

Don't complain about content being a PDF.

submitted 1 day ago by Mysterii8 1 comment share

save

hide

Follow all reddit rules and obey reddiquette.

report

» Our fulltext discussion guidelines

8

State [Monthly Summary] of Linux security in 2017 (linux-audit.com) 1 comment share

22

Prohibited Topics & Sources

submitted 1 day ago by dixon1dw save

hide

report

No populist news articles (CNN, BBC, FOX, etc.) No curated lists.

Round 1 Submissions - Post-Quantum Cryptography (csrc.nist.gov)

No question posts.

submitted 1 day ago by based2 2 comments

share

save

hide

No social media posts.

report

No image-only/video-only posts.

28

Weird machines, exploitability, and provable unexploitability (ieeexplore.ieee.org )

pdf

submitted 1 day ago by mttd 1 comment share

41

save

No tech-support requests. hide

report

No full-disclosure posts. No paywall/regwall content.

ZDI releases 4th of their Top 5 bugs of 2017 - a VMware guest-to-host escape in vmnat.exe (zerodayinitiative.com)

No commercial advertisements.

submitted 1 day ago by RedmondSecGnome comment share

1049

No livestreams.

save

hide

No crowdfunding posts.

report

No Personally Identifying Information!

SQL Injection Cheat Sheet (sqlwiki.netspi.com)

» Our fulltext list of prohibited topics & sources

submitted 2 days ago by nylithic 31 comments

share

save

hide

Social

report

Join us on IRC: #r_netsec on freenode

21

AppLocker - How insecure is it really? - Part 2 (oddvar.moe ) submitted 1 day ago by oddvarmoe 7 comments

14

We're also on: Twitter, Facebook, & Google+

share

save

hide

Related Reddits

report

/r/blackhat - Hackers on Steroids

Hardening Windows with AppLocker - Part 2 - Mitigate mshta.exe (oddvar.moe )

/r/computerforensics - IR Archaeologists

submitted 1 day ago by oddvarmoe comment share

save

hide

/r/crypto - Cryptography news and discussion

report

/r/Cyberpunk - High-Tech Low-Lifes

11

Reversing EVM bytecode with radare2 (blog.positive.com)

/r/HackBloc - Hacktivism & Crypto-anarchy

submitted 2 days ago by alexlash

/r/lockpicking - Popular Hacker Hobby

comment share

4

report

/r/Malware - Malware reports and information /r/netsecstudents - netsec for noobs students /r/onions - Things That Make You Cry

submitted 2 days ago by ___atomlib___ save

hide

/r/privacy - Orwell Was Right

report

/r/pwned - "What Security?" /r/REMath - Math behind reverse engineering

Massive Cryptomining Campaign Targeting WordPress Sites (wordfence.com)

/r/ReverseEngineering - Binary Reversing

submitted 2 days ago by grepnork 1 comment share

8

hide

Nhash: petty pranks with big finances (securelist.com) comment share

22

save

save

hide

/r/rootkit - Software and hardware rootkits

report

/r/securityCTF - CTF new and write-ups /r/SocialEngineering - Free Candy

Efficient Time Based Blind SQL Injection using MySQL Bit Functions and Operators (stealingthe.network)

/r/sysadmin - Overworked Crushed Souls

submitted 2 days ago by smittix comment share

save

hide

/r/vrd - Vulnerability Research and Development

report

/r/xss - Cross Site Scripting

15

Day 3 of ZDI's Top 5 bugs of 2017 details an Apple Safari type confusion vulnerability (zerodayinitiative.com) submitted 2 days ago by RedmondSecGnome comment share

434

hide

report

Yeelight, the Bluetooth LED Bedside Lamp from Xiaomi that Spies on You, Part One (medium.com) submitted 3 days ago by petermal67 62 comments

9

save

share

save

hide

report

[PDF] North Korea Bitten by Bitcoin Bug: Financially motivated campaigns reveal new dimension of the Lazarus Group (proofpoint.com) submitted 3 days ago by f00l 1 comment share

31

save

hide

report

WannaCry: End of Year Retrospective (blog.kryptoslogic.com) submitted 3 days ago by not_2sec4u 8 comments

share

save

hide

MODERATORS

report

view more: next ›

message the moderators

sanitybit dguido asteriskpound HockeyInJune ranok overflowingInt gsuberland AutoModerator sk3lmonkey ...and 1 more »

Use of this site constitutes acceptance of our User Agreement and Privacy Policy. © 2017 reddit inc. All rights reserved. REDDIT and the ALIEN Logo are registered trademarks of reddit inc. Advertise - technology