Hacker News
- Spring Core on JDK9 is vulnerable to remote code execution https://www.praetorian.com/blog/spring-core-jdk9-rce/ 70 comments
- Machine Learning Tutorial https://www.praetorian.com/blog/machine-learning-tutorial 2 comments
- Statistics Will Crack Your Password http://www.praetorian.com/blog/statistics-will-crack-your-password-mask-structure 5 comments
Lobsters
- Ruby Unsafe Reflection Vulnerabilities https://www.praetorian.com/blog/ruby-unsafe-reflection-vulnerabilities 3 comments ruby
- How Praetorian Discovered a Critical TensorFlow Supply Chain Attack https://www.praetorian.com/blog/tensorflow-supply-chain-compromise-via-self-hosted-runner-attack/ 5 comments netsec
- CVE-2023-46747: Pre-Auth Remote Code Execution in F5-BIGIP via AJP Request Smuggling https://www.praetorian.com/blog/refresh-compromising-f5-big-ip-with-request-smuggling-cve-2023-46747/ 9 comments netsec
- Azure B2C – Crypto Misuse and Account Compromise https://www.praetorian.com/blog/azure-b2c-crypto-misuse-and-account-compromise/ 2 comments crypto
- Spring Core on JDK9+ is vulnerable to remote code execution https://www.praetorian.com/blog/spring-core-jdk9-rce/ 7 comments netsec
- Spring Core RCE has been confirmed https://www.praetorian.com/blog/spring-core-jdk9-rce/ 9 comments programming
- Confirmed remote code execution (RCE) in Spring Core, an extremely popular Java framework https://www.praetorian.com/blog/spring-core-jdk9-rce/ 10 comments sysadmin
- Introducing GoKart, a Smarter Go Security Scanner https://www.praetorian.com/blog/introducing-gokart/ 5 comments netsec
- Email Security (SPF, DKIM, and DMARC) https://www.praetorian.com/blog/email-security/ 38 comments netsec
- An Opinionated Series on Why Signal Protocol is Well-Designed: Deniability https://www.praetorian.com/blog/an-opinionated-series-on-why-signal-protocol-is-well-designed-deniability 27 comments crypto
- SPAM Filters: A Reliable Protection Against Phishing Attacks? https://www.praetorian.com/blog/email-filters-reliable-phishing-protection 8 comments netsec
- WhatsApp End-to-end Encryption: Why this cryptographer thinks Signal Protocol is well-designed https://www.praetorian.com/blog/whatsapp-end-to-end-encryption-why-signal-protocol-is-well-designed 10 comments crypto
- Secure Password Storage in Go, Python, Ruby, Java, Haskell, and NodeJS https://www.praetorian.com/blog/secure-password-storage-in-go-python-ruby-java-haskell-and-nodejs 12 comments haskell
- Secure Password Storage in Go, Python, Ruby, Java, Haskell, and NodeJS https://www.praetorian.com/blog/secure-password-storage-in-go-python-ruby-java-haskell-and-nodejs 10 comments programming
- Automatic password cracking of responder and friends with Gladius https://www.praetorian.com/blog/gladius-automatic-responder-cracking 3 comments netsec
- The Reason My Lamp is Insecure https://www.praetorian.com/blog/reason-why-my-internet-of-things-iot-lamp-is-insecure 6 comments programming
- Javascript Sensor API and new browser features raise privacy concerns https://www.praetorian.com/blog/javascript-sensor-api-new-browser-features-webrtc-raise-privacy-concerns 3 comments javascript
- Pwning Gnomes: Where CTF meets SANS HolidayHack 2015 https://www.praetorian.com/blog/engineer-spotlight-cory-duplantis-and-the-2015-sans-holiday-hack-write-up 19 comments netsec
- NIST Cybersecurity Framework vs. NIST Special Publication 800-53 http://www.praetorian.com/blog/nist-cybersecurity-framework-vs-nist-special-publication-800-53 5 comments netsec