Tumblr Patches A Flaw That Could Have Exposed Users’ Account Info [thehackernews] (1)
LuminosityLink Hacking Tool Author Gets 30-Months Prison Sentence [thehackernews] (1)
LibSSH Flaw Allows Hackers to Take Over Servers Without Password [thehackernews] (1)
Google Will Charge Android Phone Makers to Use Its Apps In Europe [thehackernews] (1)
New iPhone Bug Gives Anyone Access to Your Private Photos [thehackernews] (1)
DSA-2018-157: Dell EMC ESRS Virtual Edition Multiple Vulnerabilities [seclists] (1)
Vulnerability Disclose [seclists] (1)
Riverbed SteelConnect Vulnerabilities [seclists] (1)
[waraxe-2018-SA#109] - Multiple vulnerabilities in Wordfence Wordpress plugin [seclists] (1)
Re: Skype Debian package: allows complete machine takeover for Microsoft [seclists] (1)
Multiple vulnerabilities in D-Link routers [seclists] (1)
CVE-2018-8533 Microsoft SQL Server Management Studio 17.9 / 18.0 Preview 4 / REGSRVR file handling XML Injection [seclists] (1)
CVE-2018-8527 Microsoft SQL Server Management Studio 17.9 / 18.0 Preview 4 / xel filetype XML Injection [seclists] (1)
CVE-2018-8532 / Microsoft SQL Server Management Studio 17.9 / 18.0 Preview 4 / XML Injection [seclists] (1)
The Secure Developer - Managing Security with The RealReal’s Julie Tsai [netsec] (1)
Guide to User Data Security (updated) [netsec] (1)
BAE report on the most common cybersecurity misconceptions / closing the gap [netsec] (1)
CVE-2018-18284: Ghostscript sandbox escape (also Tavis Ormandy is officially done with Ghostscript) [netsec] (1)
New OSINT Search Portal [netsec] (1)
Four Ways to Bypass iOS SSL Verification and Certificate Pinning [netsec] (1)
Using Route 53 as Pentest Infrastructure [netsec] (1)
Interactive example of how Facebook leaked 50M access tokens [netsec] (1)
Git RCE - Exploitation details and PoC (CVE-2018-17456) [netsec] (1)
TLS 1.3 (with AEAD) and TLS 1.2 cipher suites demystified: how to pick your ciphers wisely [netsec] (1)
HPE Intelligent Management Center: a case study on the reliability of security fixes [netsec] (1)
How I “found” the database of the Donald Daters App [netsec] (1)
Forging Trusts for Deception in Active Directory [netsec] (1)
Finding XXE in IBM's MaaS360 Platform [netsec] (1)
Detailed Guide to Dirb Tools in Kali Linux [xuanwulab] (1)
Bitdefender GravityZone arbitrary code execution vulnerability disclosure (CVE-2018-8955) [xuanwulab] (1)