Hello Hacking8!

Offensive tooling notes and experiments in AutoIt v3 (https://www.autoitscript.com/site/autoit/)

⚙️
A curated list of dynamic analysis tools for all programming languages, binaries, and more.

前端参数加密渗透测试通用解决方案

解决web及移动端H5数据加密Burp调试问题

MAL-CL (Malicious Command-Line)

本文为安全知识图谱技术白皮书《践行安全知识图谱，携手迈进认知智能》精华解读系列第三篇——利用知识图谱助力攻击画
Read More

战略实施（上） 除了上述战略制定要素，本节还假设国家技术战略围绕《掌舵》一文中提出的四大支柱制定：提升美国的竞
Read More

Date: 2021-12-03 01:12 UTC
OS: Alpinelinux
PHP Version: 8.1.0
Package: Filter related
Title: 2 fiber tests fails on ppc64le

Like most cloud providers, AWS operates under a shared responsibility model. AWS takes care of the security ‘of’ the cloud […]
The post What is the AWS Shared Responsibility Model? appeared first on Sonrai Security.
The post What is the AWS Shared Responsibility Model? appeared first on Security Boulevard.

In part three of a four-part series, Clint Pollock, principal solutions architect at Veracode, details how to use Veracode from the command line in the Cloud9 IDE to submit a software composition analysis (SCA) scan. Check out the video and step-by-step instructions below.
It’s Clint Pollock, principal solutions architect, back again for part three of our four-part series on using Veracode from the command line in Cloud9 IDE. If you haven’t done so already, please check out part one on static policy scans and static sandbox scans and part two on the pipeline scanner.
For part three, we will dive into open source and third-party libraries. Those are libraries that you don't generally fix. You just need to upgrade and keep an eye on these libraries to make sure that they don't have vulnerabilities. Now, inside of the Veracode application profile, there are results on static analysis and software composition analysis. In addition, if you had manual tests or dynamic scanning, you'll see those results there as wel

Retail is known to experience a spike in cybercrime around the holidays. With millions of shoppers conducting business online, the threat landscape usually increases with this jolt in traffic. However, this year, it's not only Retail that should be concerned — research by CORO finds that all mid-market businesses are 490% more likely to experience..
The post All Sectors Should Expect A Holiday Cyberattack Surprise appeared first on Security Boulevard.

WinSCP Password Extractor/Decrypter/Revealer written in go language

WordPress Redux Framework class-redux-helpers.php 敏感信息泄漏漏洞 CVE-2021-38314 | 代码审计复现

RedLine窃密木马最早在2020年3月被发现，是流行的窃密木马家族之一，国内外传播较为广泛。

我们知道深度学习模型容易受到对抗样本攻击，比如在计算机视觉领域，对图像精心设计的扰动可能会导致模型出错。虽然现在对抗样本的研究非常火，但是模型面临的攻击不止有对抗样本攻击。

西班牙巴塞罗那的圣家堂大教堂，本周在尖塔顶端安装了一颗12角玻璃星，将在新年前夕被聚光灯照亮。这座建筑是联合国世界遗产，已经造了130多年，估计还要好几年才能土建完工。（via）
本周话题：低纬度，高海拔，气候优势
上个月，我在四川旅行。离开成都以后，一路向南，就到了攀枝花。
那是一个很奇特的地方，气候与周边截然不同。
从成都开始，就一直是阴天，但到了攀枝花，天天都是阳光明媚的大晴天。而且很暖和，

在安全从业人员的日常工作中，Java相关组件出现高危漏洞的频率比较高。 而代码审计就是挖掘源程序中的代码安全问题，其一直是发现应用程序漏洞的一种非常有效的方法。 代码审计是黑盒渗透测试的重要补充，可以发现更多的隐藏问题。 因此，代码审计通常被认为是 SDL 中非常重要的一部分。

一个 密钥检测/密钥分享/密钥查询/获取CID等微软产品激活 相关的小工具，小巧方便

Sophos-ReversingLabs 20 million sample dataset

Let's track phishing kits to give to research community raw material to study !

由于软件中用于起草智能合约部分存在漏洞，区块链公司MonoX Finance被黑客成功窃取了 3100 万美元加密货币。

IT Admins have our own language and cadence. But our users don't speak that language. How can you better engage with users? Translate the techspeak!
The post Talking to Muggles appeared first on JumpCloud.
The post Talking to Muggles appeared first on Security Boulevard.
IT 管理员有自己的语言和节奏。但是我们的用户不会说这种语言。如何更好地与用户交流？翻译技术术语！
与麻瓜交谈的帖子首先出现在 JumpCloud 上。
《与麻瓜交谈》这篇文章最先出现在安全大道上。

In January 2021, technology vendor Ubiquiti Inc. [NYSE:UI] disclosed that a breach at a third party cloud provider had exposed customer account credentials. In March, a Ubiquiti employee warned that the company had drastically understated the scope of the incident, and that the third-party cloud provider claim was a fabrication. On Wednesday, a former Ubiquiti developer was arrested and charged with stealing data and trying to extort his employer while pretending to be a whistleblower.
The post Ubiquiti Developer Charged With Extortion, Causing 2020 “Breach” appeared first on Security Boulevard.

有新的漏洞组件被发现啦,组件ID:Django
django-helpdesk is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Django-helpdesk 在网页生成过程中容易受到不当中和输入的影响(“跨网站脚本”)

PHP反序列化常见的是使用unserilize()进行反序列化，除此之外还有其它的反序列化方法。就是用到了本文的主要内容——phar反序列化...

影响厂商:Slack 奖励: 危险等级:medium
存储在 files.slack. com

影响厂商:Shopify 奖励: 危险等级:low
绕过“装箱单模板”中的 HTML 过滤器导致 SSRF 到内部 Kubernetes 端点

Summary The Network Flow Analysis software (formerly known as CA Network Flow Analysis) is a network traffic monitoring solution, which is used to monitor and optimize the performance of network infrastructures. The “Interfaces” Section of the Network Flow Analysis web application made use of a Flash application, which performed SOAP requests. The Flash request was … Continue reading Technical Advisory – Authenticated SQL Injection in SOAP Request in Broadcom CA Network Flow Analysis (CVE-2021-44050) →

Summary The Network Flow Analysis software (formerly known as CA Network Flow Analysis) is a network traffic monitoring solution, which is used to monitor and optimize the performance of network infrastructures. The “Interfaces” Section of the Network Flow Analysis web application made use of a Flash application, which performed SOAP requests. The Flash request was … Continue reading Technical Advisory – Authenticated SQL Injection in SOAP Request (CVE-2021-44050) →
网络流量分析软件(以前称为 CA 网络流量分析)是一种网络流量监控解决方案，用于监控和优化网络基础设施的性能。网络流分析 web 应用程序的“接口”部分使用了执行 SOAP 请求的 Flash 应用程序。Flash 请求是... 继续阅读 SOAP 请求中的技术咨询-身份验证 SQL 注入(CVE-2021-44050)→

Date: 2021-12-02 18:30 UTC
OS: IBM i 7.2
PHP Version: 8.0.13
Package: ODBC related
Title: PDO_ODBC doesn't handle fixed-length character columns with character conversio

Finland’s National Cyber Security Centre (NCSC-FI) has issued a warning about malicious SMS messages that have been spammed out to mobile users, directing iPhone owners to phishing sites and Android users to download malware. The messages are written in Finnish but without the customary accented characters. In some instances, the messages pose as a notification […]… Read More
The post FluBot malware warning after 70,000 attacks launched over SMS appeared first on The State of Security.
The post FluBot malware warning after 70,000 attacks launched over SMS appeared first on Security Boulevard.

A recent survey by EdWeek Research Center and ManagedMethods uncovers a cloud security “achievement gap” Over the past several months, we partnered with EdWeek Research Center to survey K-12 technology leaders, decision-makers, and influencers to try to gain a better understanding of how they perceive cloud security. Responses to the survey uncovered what can only […]
The post A Cloud Security Achievement Gap: Are District Leaders Taking Cybersecurity Seriously Enough? appeared first on ManagedMethods.
The post A Cloud Security Achievement Gap: Are District Leaders Taking Cybersecurity Seriously Enough? appeared first on Security Boulevard.

via the textual amusements of Thomas Gx, along with the Illustration talents of Etienne Issartia and superb translation skillset of Mark Nightingale - the creators of CommitStrip!
Permalink
The post CommitStrip ‘No Documentation’ appeared first on Security Boulevard.

Fraudsters are finding faster and more sophisticated ways of taking advantage of  increasingly popular Buy Now Pay Later (BNPL) services, where consumers can access credit on interest-free installments. It becomes harder and harder for BNPL providers to fight BNPL fraud. BNPL services received a boost during the pandemic, as many people were facing financial hardships. […]
The post Buy Now, Pay Never: The Rising Concern of BNPL Fraud appeared first on Security Boulevard.

Topic: CA Network Flow Analysis SQL Injection Risk: Medium Text: --BEGIN PGP SIGNED MESSAGE -- Hash: SHA256 CA20211201-01: Security Notice for CA Network Flow Analysis Issued: December...

Topic: Advanced Comment System 1.0 Remote Command Execution Risk: High Text:# Exploit Title: Advanced Comment System 1.0 - Remote Command Execution (RCE) # Date: November 30, 2021 # Exploit Author: Nic...

Topic: Online Enrollment Management System In PHP And PayPal 1.0 Cross Site Scripting Risk: Low Text:# Exploit Title: Online Enrollment Management System in PHP and PayPal 1.0 - 'U_NAME' Stored Cross-Site Scripting # Date: 2021...

Topic: MilleGPG5 5.7.2 Luglio 2021 Privilege Escalation Risk: Medium Text:# Exploit Title: MilleGPG5 5.7.2 Luglio 2021 (x64) - Local Privilege Escalation # Date: 2021-07-19 # Author: Alessandro 'mind...

Topic: persistsolution - Sql Injection Vulnerability Risk: Medium Text:********************************************************* #Exploit Title: persistsolution - Sql Injection Vulnerability #Date...

Topic: Harshainfotech - Sql Injection Vulnerability Risk: Medium Text:********************************************************* #Exploit Title: Harshainfotech - Sql Injection Vulnerability #Date...

The HIPAA Privacy Rule has been relatively unchanged  since the regulation was established on April 14, 2003. […]

C# Utilities for Windows Notification Facility

A hacker stole $31 million from the blockchain company MonoX Finance , by exploiting a bug in software the service uses to draft smart contracts.
Specifically, the hack used the same token as both the tokenIn and tokenOut, which are methods for exchanging the value of one token for another. MonoX updates prices after each swap by calculating new prices for both tokens. When the swap is completed, the price of tokenIn­that is, the token sent by the user­decreases and the price of tokenOut­or the token received by the user­increases.
By using the same token for both tokenIn and tokenOut, the hacker greatly inflated the price of the MONO token because the updating of the tokenOut overwrote the price update of the tokenIn. The hacker then exchanged the token for $31 million worth of tokens on the Ethereum and Polygon blockchains...
The post Smart Contract Bug Results in $31 Million Loss appeared first on Security Boulevard.
一名黑客利用区块链公司 MonoX Finance 用于起草智能合同的软件漏洞，从该公司窃取了3100万美元。
具体来说，黑客使用了与 tokenIn 和 tokenOut 相同的

None of us likes to be told what to do. Especially when what we’re being told (or ordered) to do is tedious, expensive, unexciting, or counter to productivity or forward momentum, we just aren’t inclined to comply so willingly. We immediately push back and find reasons both legitimate and not-so-legitimate to support our disinclination. When finally forced, many of us then put in a faint-hearted effort at token compliance and hope for the best. Let’s face it, that’s human nature.
The post The Ethical Side of Data Privacy Compliance appeared first on Security Boulevard.
我们都不喜欢别人告诉我们该做什么。特别是当我们被告知(或被命令)去做的事情是乏味的、昂贵的、不令人兴奋的，或者与生产力或前进的动力相反时，我们就不愿意顺从。我们立即反击，找到合理和不合理的理由来支持我们的不愿意。当最终被迫的时候，我们中的许多人只是敷衍了事，希望能得到最好的结果。让我们面对现实吧，这是人类的本性。
数据隐私合规的道德方面最先出现在安全大道上。

The Planned Parenthood branch in Los Angeles revealed that it was the victim of a ransomware attack that resulted in attackers obtaining sensitive information on about 400,000 patients. All ransomware attacks and data breaches are bad, but this one is particularly egregious because the sensitive nature of the compromised information could destroy families or possibly put lives in danger.
The post Planned Parenthood Ransomware Attack Puts Lives at Risk appeared first on Security Boulevard.

There has been a steady stream of significant cyberattacks headlining the news since December 2020 and the Sunburst attack on SolarWinds Orion platform. Fueled by the anonymity afforded by payments made in cryptocurrency, cyber criminals have stepped up their attacks and have gotten bolder with their ransom demands, often seeking millions of dollars. While these […]
The post How to Reduce the Financial Impact of Cyberattacks to Your Business first appeared on Untangle.
The post How to Reduce the Financial Impact of Cyberattacks to Your Business appeared first on Security Boulevard.

Our thanks to DEFCON for publishing their outstanding DEF CON 29 Red Team Village videos on the Conferences’ YouTube channel.
Permalink
The post DEF CON 29 Red Team Village – ‘CTF Recap and Upcoming Events’ appeared first on Security Boulevard.

The Planned Parenthood Los Angeles affiliate announced that their computer network was hit by a ransomware attack. The compromise occurred between October 9 and 17 and affected around 400,000 patients’ data.
The post Planned Parenthood Ransomware Attack Has Far Reaching Implications appeared first on Security Boulevard.

Knox Platform for Enterprise (KPE) is a government-grade mobile solution for IT admins to manage and secure Samsung phones, tablets, and watches for business. Knox Platform for Enterprise is the updated Knox Workspace container security solution, which allows IT admins …
The post Knox Platform for Enterprise is now available free of cost to customers appeared first on ManageEngine Blog.
The post Knox Platform for Enterprise is now available free of cost to customers appeared first on Security Boulevard.

A Vulnerability Management (VM) program is more than just ticking off a box in the compliance checklist, it is central to any holistic security strategy. Organizations may think that their.
The post Measuring the Performance of Vulnerability Management: Which Metrics Matter, Which Don’t? appeared first on Indusface.
The post Measuring the Performance of Vulnerability Management: Which Metrics Matter, Which Don’t? appeared first on Security Boulevard.

In the third of a four-part series on the NOBELIUM nation-state attack, we share how Microsoft product teams built new detections into products to better protect customers.
The post Behind the unprecedented effort to protect customers against the NOBELIUM nation-state attack appeared first on Microsoft Security Blog.

Our approach to threat hunting is designed to evaluate impact and escalate potential threats for investigation, based on how damaging the potential threat would be. It is also designed for speed: due to the highly time-sensitive nature of the threat response, the most dangerous potential threats are analyzed first.
The post Structured threat hunting: One way Microsoft Threat Experts prioritizes customer defense appeared first on Microsoft Security Blog.

Nearly one in three victims succumb to extortion, estimates Group-IB

影响厂商:Glassdoor 奖励: 危险等级:low
通过链接标签注入 CSS 白名单域旁路 https://www.glassdoor.com