Happy Hacking8

Our thanks to DEFCON for publishing their outstanding DEFCON Conference Blockchain Village Videos on the groups' YouTube channel.
Permalink
The post DEF CON 29 Blockchain Village – Peter Kacherginsky’s ‘COSTA Coinbase Secure Trait Analyzer’ appeared first on Security Boulevard.

Imagine heading to work on a Monday morning. You stop at Starbucks on the way in for a little caffeine jumpstart. Traffic was bad—as usual, but you’ve seen worse. You sit down at your desk and bring your computer to life and find a message on the display letting you know your systems have been encrypted with ransomware. What do you do?
The post Grief Gang’s New Quadruple Extortion Scheme Doesn’t Change the Game appeared first on Security Boulevard.

No sooner had the Open Management Infrastructure (OMI) software agent silently installed by Microsoft on more than half of all Azure instances been revealed then threat actors were already on the case, exploiting the flaws. “Mirai botnet is exploiting #OMIGOD—they drop a version of Mirai DDoS botnet and then close 5896 (OMI SSL port) from..
The post OMIGOD! Azure Vulnerabilities Are Being Exploited appeared first on Security Boulevard.

360-CERT每日安全简报

网络黑灰产也盯上了这个高达3000亿元规模的市场，外挂、黑-卡、小号、批量注册、误封等问题日益严峻。

美国政府网站被发现托管色情内容和垃圾邮件，二者系相同的软件供应商。

众所周知，网络安全的本质是攻与防，不论谈及网络安全的哪一方面都必会涉及到攻与防。

A key challenge facing organizations in the cloud is how to reign in excessive permissions. Benefits frequently come at a cost to security.
The post Why ‘Role’ Permissions Are So Dangerous To Your Cloud Environment appeared first on Radware Blog.
The post Why ‘Role’ Permissions Are So Dangerous To Your Cloud Environment appeared first on Security Boulevard.

How FS Organisations Can Enter The New Age in Digital Banking
michelle
Fri, 09/17/2021 - 09:27
Whether it’s challenges related to data privacy, compliance or a lack of resources and skills, FS organisations need to overcome the hurdles currently impeding the Open Banking revolution.
Sep 10, 2021
This article was first published in Finance Digest.
The financial services (FS) sector is currently undergoing a massive transformation. With the adoption of new digital habits, consumers expect greater convenience, choice, and flexibility in their banking relationships. At the same time, concerted regulatory pressure to encourage innovation and drive competition in banking has accelerated FS organisations’ investment in Open Banking initiatives worldwide. The race to leverage customer data and deliver superior next-gen services and experiences is on.
But there is a problem. The vast majority of FS organisations are failing to comply with mandates such as the EU PSD2-SCA  and meet the enforcement deadlines. In fact, a

影响厂商:Basecamp 奖励:750.0USD 危险等级:medium
由于美国 us-east4.37signals.com 公司的风险投资公司的记录而被董事会收购的次域名

影响厂商:Basecamp(https://hackerone.com/basecamp) 
由于 us-east4.37signals.com 的 NS 记录而导致的子域名接管

Date: 2021-09-17 19:37 UTC
OS: Any
PHP Version: Irrelevant
Package: Scripting Engine problem
Title: error_reporting() and ini_get('error_reporting') can get out of sync using @

Ransomware groups have been exploiting the switch to remote work unlike any other. Ransomware attacks increased by more than 485% in 20201. By 2031, a new organization is expected to fall prey to a ransomware attack every 2 …
The post How brute-force attacks are spearheading ransomware campaigns appeared first on ManageEngine Blog.
The post How brute-force attacks are spearheading ransomware campaigns appeared first on Security Boulevard.

O coronavírus perturbou a vida diária de muitas pessoas ao redor do mundo em um período de tempo surpreendentemente curto. Os estilos de vida mudaram. Um novo normal, embora atingido pelo pânico, se instalou. Muitas organizações adotaram medidas temporárias de …
The post Melhores práticas para garantir a segurança dos dados ao trabalhar remotamente appeared first on ManageEngine Blog.
The post Melhores práticas para garantir a segurança dos dados ao trabalhar remotamente appeared first on Security Boulevard.

In a rather appalling discovery, Microsoft has now released patches for critical vulnerabilities in its Open Management Infrastructure (OMI) software agent which had been silently installed on Azure Linux VMs.
The post OMIGOD! Microsoft Secretly Installed an Open Source Agent with Critical Vulnerabilities on Thousands of Linux VMs appeared first on Security Boulevard.

ORIGINALLY AIRED ON SEPTEMBER 13, 2021 Articles discussed in this episode: 00:00 – BHIS – Talkin’ Bout [infosec] News 2021-09-13 02:59 – Story # 1: https://cyberworkx.in/2021/08/31/authentication-bypass-vulnerability-in-exchange-server/ 04:43 – Story # 1b: https://techcommunity.microsoft.com/t5/exchange-team-blog/how-to-update-ad-schema-to-address-cve-2021-34470-if-exchange-is/ba-p/2617083 07:22 – Story # 2: https://cyberworkx.in/2021/09/08/microsoft-warns-of-new-zeroday-vulnerability-hunting-down-windows-users/ 13:16 – Story # 3: https://therecord.media/ghostscript-zero-day-allows-full-server-compromises/ 17:28 – Story # 3b: https://xkcd.com/2347/ 22:03 – Story # 4: […]
The post Talkin’ About Infosec News – 9/17/2021 appeared first on Black Hills Information Security.

The Fortinet Security Summit was held as part of the PGA TOUR’s Fortinet Championship event. Learn about Fortinet's Security Summit and practical insights for cybersecurity leaders.
The post Fortinet Security Summit Discusses Practical Insights For Cybersecurity Leaders appeared first on Security Boulevard.

The newest wearable tech on the market is a pair of glasses that can record 30-second videos and take photos, the result of a collaborative effort between Facebook and Ray-Ban. The glasses, called Ray-Ban Stories, are “designed for frictionless media capture of the world around you” according to Wired. The reporters who tried them out said the glasses are lightweight and very simple to operate. The reporters also noted that the LED indicator light on the front of the glasses, intended to alert anyone nearby that the glasses were recording, is exceptionally dim, making it potentially easy to record covertly.
The post Facebook Releases Video Capture Glasses | Avast appeared first on Security Boulevard.

One of the important pieces of information that has come out of the US-led withdrawal from Afghanistan is that some of the equipment left behind was used for a biometric data collection program. The US military had used devices to capture fingerprints, iris scans, and facial images to build a database of the Afghan population to help fight terrorists.
The post Government Use Of Biometric Data | Avast appeared first on Security Boulevard.

Constella’s new report zeros in on Spain to analyze how insults and threats contribute to polarization and digital risk online
The post Wall Street Journal Cites Constella’s Independent Report on Online Polarization and Digital Risk appeared first on Constella.
The post Wall Street Journal Cites Constella’s Independent Report on Online Polarization and Digital Risk appeared first on Security Boulevard.

Our thanks to DEFCON for publishing their outstanding DEFCON Conference Blockchain Village Videos on the groups' YouTube channel.
Permalink
The post DEF CON 29 Blockchain Village – Michael Lewellen’s ‘Ethereum Hacks & How To Stop Them’ appeared first on Security Boulevard.

Using OMI on Microsoft Azure? Drop everything and patch this critical vulnerability.
The post ‘OMIGOD’ Azure Critical Bugfix? Do It Yourself—Because Microsoft Won’t appeared first on Security Boulevard.

via the Comic Noggins of Nitrozac and Snaggy at The Joy of Tech®!
Permalink
The post The Joy of Tech® ‘Cinematic Mode’ appeared first on Security Boulevard.

Either out of necessity or convenience, the adoption of digital banking has skyrocketed since early 2020 and much of this...
The post Fighting Digital Banking’s Fraud Problem appeared first on Entrust Blog.
The post Fighting Digital Banking’s Fraud Problem appeared first on Security Boulevard.

We’re excited to announce Casey Bisson has been appointed the Head of Product Growth at BluBracket. BluBracket’s mission is to empower individual developers with the information and tools they need to enhance security across all aspects of their development workflows. BluBracket is on a journey to enable this transformation by helping organizations shift left on […]
The post BluBracket to Enable Developer Empowerment – Appoints Casey Bisson Head of Product Growth appeared first on Security Boulevard.

Dubbo 源码分析 by ourren

Web应用组件自动化发现的探索 by ourren

更多最新文章，请访问SecWiki

Simple Attendance System version 1.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.

Ubuntu Security Notice 5080-2 - USN-5080-1 fixed several vulnerabilities in Libgcrypt. This update provides the corresponding update for Ubuntu 16.04 ESM. It was discovered that Libgcrypt incorrectly handled ElGamal encryption. An attacker could possibly use this issue to recover sensitive information.

Cloudron version 6.2 suffers from a cross site scripting vulnerability.

Ubuntu Security Notice 5082-1 - Maxim Levitsky and Paolo Bonzini discovered that the KVM hypervisor implementation for AMD processors in the Linux kernel allowed a guest VM to disable restrictions on VMLOAD/VMSAVE in a nested guest. An attacker in a guest VM could use this to read or write portions of the host's physical memory. Maxim Levitsky discovered that the KVM hypervisor implementation for AMD processors in the Linux kernel did not properly prevent a guest VM from enabling AVIC in nested guest VMs. An attacker in a guest VM could use this to write to portions of the host's physical memory. Various other issues were also addressed.

Topic: Simple Attendance System 1.0 SQL Injection Risk: Medium Text:# Exploit Title: Simple Attendance System 1.0 - Authenticated bypass # Exploit Author: Abdullah Khawaja (hax.3xploit) # Date:...

Library Management System version 1.0 suffers from a remote blind time-based SQL injection vulnerability.

Topic: WordPress WooCommerce Booster 5.4.3 Authentication Bypass Risk: Medium Text:# Exploit Title: WordPress Plugin WooCommerce Booster Plugin 5.4.3 - Authentication Bypass # Date: 2021-09-16 # Exploit Autho...

Topic: Impress CMS 1.4.2 Remote Code Execution Risk: High Text:# Exploit Title: ImpressCMS 1.4.2 - Remote Code Execution (RCE) (Authenticated) # Date: 15-09-2021 # Exploit Author: Halit AK...

Ubuntu Security Notice 5071-2 - USN-5071-1 fixed vulnerabilities in the Linux kernel for Ubuntu 20.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement kernel from Ubuntu 20.04 LTS for Ubuntu 18.04 LTS. Maxim Levitsky and Paolo Bonzini discovered that the KVM hypervisor implementation for AMD processors in the Linux kernel allowed a guest VM to disable restrictions on VMLOAD/VMSAVE in a nested guest. An attacker in a guest VM could use this to read or write portions of the host's physical memory. Various other issues were also addressed.

Topic: elFinder Archive Command Injection Risk: High Text:## # This module requires Metasploit: https://metasploit.com/download # Current source: https://github.com/rapid7/metasploit-...

WordPress WooCommerce Booster plugin version 5.4.3 suffers from an authentication bypass vulnerability.

Topic: Zenitel AlphaCom XE Audio Server 11.2.3.10 Shell Upload Risk: High Text:I. VULNERABILITY - AlphaWeb XE - Authenticated Insecure File Upload leading to RCE II. CVE REFERENCE - ...

Ubuntu Security Notice 5081-1 - It was discovered that Qt incorrectly handled certain XBM image files. If a user or automated system were tricked into opening a specially crafted PPM file, a remote attacker could cause Qt to crash, resulting in a denial of service. It was discovered that Qt incorrectly handled certain graphics operations. If a user or automated system were tricked into performing certain graphics operations, a remote attacker could cause Qt to crash, resulting in a denial of service. Various other issues were also addressed.

Windows Media Player version 12.0.9600.19145 suffers from an improper synchronization vulnerability that cause a freeze or an exploitable buffer overrun crash and may potentially lead to code execution and information disclosure.

Topic: Ulfius Web Framework Remote Memory Corruption Risk: High Text:#!/usr/bin/python3 # # guul.py # # Ulfius Web Framework Remote Memory Corruption Vulnerability # # Jeremy Brown # Sept 2...

Ubuntu Security Notice 5083-1 - It was discovered that Python incorrectly handled certain RFCs. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 16.04 ESM. It was discovered that Python incorrectly handled certain server responses. An attacker could possibly use this issue to cause a denial of service.

This Metasploit module exploits a buffer overflow within the 'action' parameter of the /uapi-cgi/instantrec.cgi page of Geutebruck G-Cam EEC-2xxx and G-Code EBC-21xx, EFD-22xx, ETHC-22xx, and EWPC-22xx devices running firmware versions equal to 1.12.0.27 as well as firmware versions 1.12.13.2 and 1.12.14.5. Successful exploitation results in remote code execution as the root user.

Red Hat Security Advisory 2021-3556-01 - Red Hat OpenShift Serverless 1.17.0 release of the OpenShift Serverless Operator. This version of the OpenShift Serverless Operator is supported on Red Hat OpenShift Container Platform versions 4.6, 4.7 and 4.8, and includes security and bug fixes and enhancements.

Ubuntu Security Notice 5073-2 - Maxim Levitsky and Paolo Bonzini discovered that the KVM hypervisor implementation for AMD processors in the Linux kernel allowed a guest VM to disable restrictions on VMLOAD/VMSAVE in a nested guest. An attacker in a guest VM could use this to read or write portions of the host's physical memory. Maxim Levitsky discovered that the KVM hypervisor implementation for AMD processors in the Linux kernel did not properly prevent a guest VM from enabling AVIC in nested guest VMs. An attacker in a guest VM could use this to write to portions of the host's physical memory. Various other issues were also addressed.