当前节点:rss
时间节点
2021年10月26日 09:03Security Boulevard
Ransomware has the potential to affect any organization with exposed defenses. The challenges presented by a multi-stage ransomware attack to large organizations with a mature security team in place are unique and require an informed response.
The post Webinar: Live Attack Simulation – Ransomware Threat Hunter Series appeared first on Security Boulevard.
2021年10月26日 09:03Security Boulevard
via the respected security expertise of Robert M. Lee and the superlative illustration talents of Jeff Haas at Little Bobby Comic
Permalink
The post Robert M. Lee’s & Jeff Haas’ Little Bobby Comic – ‘WEEK 352’ appeared first on Security Boulevard.
2021年10月26日 09:03Security Boulevard
When it comes to cyber attacks, most businesses think: “It could never happen to us,” but some plots are just hitting a little too close to home.
Related: T-Mobile breach reflects rising mobile device attacks
For instance, if you’ve ever … (more…)
The post GUEST ESSAY: Here’s why castle-wall defenses utterly fail at stopping deceptive adversaries appeared first on Security Boulevard.
2021年10月26日 09:03Security Boulevard
Last week, Sonatype reported our discovery of three malicious npm cryptomining packages on npm: klow, klown, and okhsa. These packages, which infiltrated the npm registry between October 12th and 15th, installed Monero miners on Windows, macOS, and Linux machines. Interestingly, at least one of these packages was seen impersonating a popular, legitimate library called “ua-parser-js.”
The post Popular npm Project Used by Millions Hijacked in Supply-Chain Attack appeared first on Security Boulevard.
2021年10月26日 09:03Security Boulevard
Welcome to the final week of Cybersecurity Awareness Month.  The theme this week is “Cybersecurity...
The post Cybersecurity First: Making Security a Priority appeared first on Gurucul.
The post Cybersecurity First: Making Security a Priority appeared first on Security Boulevard.
2021年10月26日 09:03Security Boulevard
Un reciente informe de Forrester presenta algunos consejos para identificar los propulsores de valor y definir indicadores para medir el rendimiento; todo enfocado en ofrecer la mejor experiencia para el cliente (CX).
La sigla de CX (Customer Experiencie – …
The post Los consejos de Forrester para medir el valor entregado a los clientes appeared first on ManageEngine Blog.
The post Los consejos de Forrester para medir el valor entregado a los clientes appeared first on Security Boulevard.
2021年10月26日 09:03Security Boulevard
SecureLink.com looks a little different today. There are new phrases, the iconic blue and orange is a few shades darker, and our logo is more modern. That’s because today marks a new chapter in SecureLink’s continuous journey to offer industry-leading cybersecurity and privacy solutions.  We’ve spent the past six months virtually brainstorming, physically drawing on […]
The post SecureLink’s New Chapter appeared first on SecureLink.
The post SecureLink’s New Chapter appeared first on Security Boulevard.
2021年10月26日 09:03Security Boulevard
Our thanks to DEFCON for publishing their outstanding DEFCON 29 Aerospace Village videos on the organizations’ YouTube channel.
Permalink
The post DEF CON 29 Aerospace Village – Allan Tart’s ‘Holistic View Of A Flight With Crowd Sourced Data’ appeared first on Security Boulevard.
2021年10月26日 09:03Security Boulevard
Nothing pairs quite as well as cybersecurity and Halloween. Prepare for more than trick-or-treaters this spooky season with these 5 wicked Website Security tips.
1 – Make a horcrux ( aka backup your data) –
In Harry Potter, a horcrux lets wizards store a fragment of their soul in different objects as a safeguard against death. Similarly, a backup can restore your site to life after it’s compromised by a cyber attack.
Attackers are always looking to exploit vulnerabilities.
Continue reading 7 Scary Good Tips to Secure Your Website at Sucuri Blog.
The post 7 Scary Good Tips to Secure Your Website appeared first on Security Boulevard.
2021年10月26日 09:03Security Boulevard
As readers of the AppSec Observer blog are aware, application attacks have continued unabated throughout the massive economic and social changes of the past two years. Most readers are also aware that an increasing number of cyberattacks target the software supply chain. The devastating SolarWinds attack in 2020 was followed by the supply chain attack on Colonial Pipeline that disrupted fuel supplies in the eastern U.S., the attack on Kaseya that impacted hundreds of its customers’ customers, and many more. Frequent supply chain attacks have become something of a “new normal” for those of us whose everyday work involves protecting applications.
The post SECURING THE SOFTWARE SUPPLY CHAIN STARTS WITH A SOFTWARE BILL OF MATERIALS (SBOM) appeared first on Security Boulevard.
2021年10月26日 07:04Trustwave Blog
The Russia-based cyber gang Nobelium, which is believed to be responsible for the December 2020 SolarWinds attack, is on the move again, targeting resellers and IT service providers attempting to infiltrate their customer’s systems.
2021年10月26日 05:05Stories by SAFARAS K A on Medi
Assessing the cyber security posture and cyber threat landscape of an organization is a primary task of any purple team and threat…
Continue reading on InfoSec Write-ups »
2021年10月26日 03:06Stories by SAFARAS K A on Medi
Zeno — THM Writeup (Abusing service file misconfigurations)
Hello all, today we be doing Zeno from TryHackMe. It is rated Medium and the description says “Do you have the same patience as the great stoic philosopher Zeno? Try it out!”
Port scanning
There was some problem with nmap and because of that it wasn’t able to show all the open ports. Rushi suggested to me that I use Rustscan. Thanks Rushi :D
Found few more ports. So now I redid the nmap scan on these ports:
We have a web server on port 12340. Let’s check that.
The web server
After some directory busting with different wordlists, I found these to be of interest:
/index.html (Status: 200)
/rms (Status: 301)
/index.html does not return anything useful. /rms is Restaurant Management System. After exploring the website with burp proxy turned on in the background, I have found a few parameterized requests. We can do SQLi in the delete order query: http://10.10.200.163:12340/rms/delete-order.php?id=0' or 1-- -
sqlmap
We have time based SQLi. After some time
2021年10月26日 03:06Stories by SAFARAS K A on Medi
or how Response 200 OK w/ size 0 doesn’t always mean 0
Continue reading on InfoSec Write-ups »
2021年10月26日 03:06Stories by SAFARAS K A on Medi
Before Understanding CORS, we need to know about SOP(Same Origin Policy). SOP is built as a security mechanism to safeguard web applications from requesting resources from another website.
In a Simple way, your-website.com cannot access resources from another-website.com. So, to access resources, those 2 websites must have same protocol(HTTP/HTTPS), same domain name , same port number(80/443).
Note:- Even a subdomain such as api.your-website.com do not have access to fetch domain from its root domain(your-webiste.com) because those 2 websites have different domain according to rules of SOP.
If your website(your-website.com) needs access to api.your-website.com, then we need to enable/Configure CORS(Cross-Origin Resource Sharing) for that website to access a resource.
To configure CORS, the website will set headers such as Access-Control-Allow-Origin and Access-Control-Allow-Credentials. Although there are more headers to configure cors, these are the widely used methods today.
Access-Control-Allow-Origin:- Va
2021年10月26日 03:05Stories by SAFARAS K A on Medi
or how Response 200 OK w/ size 0 doesn’t always mean 0
Continue reading on InfoSec Write-ups »
2021年10月26日 03:05Files ≈ Packet Storm
Red Hat Security Advisory 2021-3960-01 - The OpenJDK 8 packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. This release of the Red Hat build of OpenJDK 8 for portable Linux serves as a replacement for Red Hat build of OpenJDK 8 and includes security and bug fixes as well as enhancements. For further information, refer to the release notes linked to in the References section.
2021年10月26日 03:05Files ≈ Packet Storm
Red Hat Security Advisory 2021-3961-01 - The OpenJDK 8 packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. This release of the Red Hat build of OpenJDK 8 for Windows serves as a replacement for the Red Hat build of OpenJDK 8 and includes security and bug fixes, and enhancements. For further information, refer to the release notes linked to in the References section.
2021年10月26日 03:05Files ≈ Packet Storm
Online Event Booking and Reservation System version 1.0 suffers from a persistent cross site scripting vulnerability.
2021年10月26日 03:05Files ≈ Packet Storm
Ubuntu Security Notice 5122-1 - It was discovered that Apport could be tricked into writing core files as root into arbitrary directories in certain scenarios. A local attacker could possibly use this issue to escalate privileges. This update will cause Apport to generate all core files in the /var/lib/apport/coredump directory.
2021年10月26日 03:05Files ≈ Packet Storm
Engineers Online Portal version 1.0 suffers from a persistent cross site scripting vulnerability.
2021年10月26日 03:05Files ≈ Packet Storm
Engineers Online Portal version 1.0 suffers from multiple remote SQL injection vulnerabilities. Original discovery of SQL injection in this version is attributed to n11secur1ty in October of 2021.
2021年10月26日 03:05Files ≈ Packet Storm
Red Hat Security Advisory 2021-3968-01 - The OpenJDK 11 packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. This release of the Red Hat build of OpenJDK 11 for Windows serves as a replacement for the Red Hat build of OpenJDK 11 and includes security and bug fixes, and enhancements. For further information, refer to the release notes linked to in the References section.
2021年10月26日 03:05Files ≈ Packet Storm
Red Hat Security Advisory 2021-3967-01 - The OpenJDK 11 packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. This release of the Red Hat build of OpenJDK 11 for portable Linux serves as a replacement for the Red Hat build of OpenJDK 11 and includes security and bug fixes, and enhancements. For further information, refer to the release notes linked to in the References section.
2021年10月26日 03:05Files ≈ Packet Storm
GridPro Request Management for Windows Azure Pack versions 2.0.7905 and below suffer from a traversal vulnerability that can allow for arbitrary execution of Powershell scripts.
2021年10月26日 03:05Files ≈ Packet Storm
FreeSWITCH versions 1.10.6 and below suffer from a SIP digest leak vulnerability. An attacker can perform a SIP digest leak attack against FreeSWITCH and receive the challenge response of a gateway configured on the FreeSWITCH server. This is done by challenging FreeSWITCH's SIP requests with the realm set to that of the gateway, thus forcing FreeSWITCH to respond with the challenge response which is based on the password of that targeted gateway.
2021年10月26日 03:05Files ≈ Packet Storm
phpMyAdmin version 4.8.1 remote code execution exploit.
2021年10月26日 03:05Files ≈ Packet Storm
FreeSWITCH versions 1.10.6 and below suffer from a SIP flooding denial of service vulnerability.
2021年10月26日 03:05Files ≈ Packet Storm
Online Student Admission System version 1.0 suffers from remote SQL injection and shell upload vulnerabilities.
2021年10月26日 03:05Files ≈ Packet Storm
WordPress Media-Tags plugin version 3.2.0.2 suffers from a persistent cross site scripting vulnerability.
2021年10月26日 03:05Files ≈ Packet Storm
Red Hat Security Advisory 2021-3971-01 - Redis is an advanced key-value store. Issues addressed include denial of service and integer overflow vulnerabilities.
2021年10月26日 03:05Files ≈ Packet Storm
This Metasploit module exploits an unauthenticated remote code execution vulnerability which exists in Apache version 2.4.49 (CVE-2021-41773). If files outside of the document root are not protected by ‘require all denied’ and CGI has been explicitly enabled, it can be used to execute arbitrary commands. This vulnerability has been reintroduced in the Apache 2.4.50 fix (CVE-2021-42013).
2021年10月26日 03:05Files ≈ Packet Storm
FreeSWITCH versions 1.10.6 and below fails to authenticate SIP MESSAGE requests, leading to spam and message spoofing vulnerabilities.
2021年10月26日 03:05Files ≈ Packet Storm
Botan is a C++ library of cryptographic algorithms, including AES, DES, SHA-1, RSA, DSA, Diffie-Hellman, and many others. It also supports X.509 certificates and CRLs, and PKCS #10 certificate requests, and has a high level filter/pipe message processing system. The library is easily portable to most systems and compilers, and includes a substantial tutorial and API reference. This is the current stable release.
2021年10月26日 03:05Files ≈ Packet Storm
WordPress Ninja Tables plugin version 4.1.7 suffers from a persistent cross site scripting vulnerability.
2021年10月26日 03:05Files ≈ Packet Storm
WordPress version 4.9.6 arbitrary file deletion exploit. Original discovery of this vulnerability is attributed to VulnSpy in June of 2018.
2021年10月26日 03:05Files ≈ Packet Storm
Ubuntu Security Notice 5123-1 - Multiple security issues were discovered in MySQL and this update includes new upstream MySQL versions to fix these issues. MySQL has been updated to 8.0.27 in Ubuntu 20.04 LTS, Ubuntu 21.04, and Ubuntu 21.10. Ubuntu 18.04 LTS has been updated to MySQL 5.7.36. In addition to security fixes, the updated packages contain bug fixes, new features, and possibly incompatible changes. Various other issues were also addressed.
2021年10月26日 03:05Files ≈ Packet Storm
Gestionale Open version 11.00.00 suffers from a local privilege escalation vulnerability.
2021年10月26日 03:05Files ≈ Packet Storm
Ubuntu Security Notice 5123-2 - USN-5123-1 fixed several vulnerabilities in MySQL. This update provides the corresponding update for Ubuntu 16.04 ESM. Multiple security issues were discovered in MySQL and this update includes new upstream MySQL versions to fix these issues. MySQL has been updated to 8.0.27 in Ubuntu 20.04 LTS, Ubuntu 21.04, and Ubuntu 21.10. Ubuntu 18.04 LTS has been updated to MySQL 5.7.36. Various other issues were also addressed.
2021年10月26日 03:05Files ≈ Packet Storm
FreeSWITCH versions 1.10.5 and below fail to authenticate SIP SUBSCRIBE requests by default.
2021年10月26日 03:05Files ≈ Packet Storm
FreeSWITCH versions 1.10.6 and below suffer from a denial of service vulnerability when handling invalid SRTP packets.
2021年10月26日 01:07Software Integrity Blog
Over seven years later, the Heartbleed vulnerability still offers important lessons in application security.
The post How to cybersecurity: Heartbleed deep dive appeared first on Software Integrity Blog.
2021年10月26日 01:07PHP Bugs
Date: 2021-10-25 15:39 UTC
OS: Windows
PHP Version: 8.0.12
Package: *Directory/Filesystem functions
Title: RecursiveIteratorIterator still calls ->getChildren() when depth reaches limit
2021年10月26日 01:07Microsoft Security Response Ce
We are excited to announce the launch of Comms Hub to the Researcher Portal submission experience! With this launch, security researchers will be able to streamline communication with MSRC case SPMs (case managers), attach additional files, track case and bug bounty status all in the Researcher Portal. Summary – What is Comms Hub? Comms Hub …
We’re Excited to Announce the Launch of Comms Hub! Read More »
2021年10月26日 01:05CXSECURITY Database RSS Feed -
Topic: WordPress Plugin TaxoPress 3.0.7.1 Stored Cross-Site Scripting (XSS) (Authenticated) Risk: Low Text:# Exploit Title: WordPress Plugin TaxoPress 3.0.7.1 - Stored Cross-Site Scripting (XSS) (Authenticated) # Date: 23-10-2021 # ...
2021年10月26日 01:05CXSECURITY Database RSS Feed -
Topic: Hikvision Web Server Build 210702 Command Injection Risk: Medium Text:# Exploit Title: Hikvision Web Server Build 210702 - Command Injection # Exploit Author: bashis # Vendor Homepage: https://ww...
2021年10月26日 01:05test
某mpv播放器因格式化字符串导致远程代码执行漏洞深入分析(CVE-2021-30145) by ourren

漫谈在安全公司做内部安全的体验 by ourren

区块链隐私保护技术解析——之门罗币(monero) by ourren

SecWiki周刊(第399期) by ourren

更多最新文章,请访问SecWiki
2021年10月26日 01:05Microsoft Security Blog
Learn about targets and methods used by today’s nation-state threat actors, and how your organization can create a more secure environment.
The post Microsoft Digital Defense Report shares new insights on nation-state attacks appeared first on Microsoft Security Blog.
2021年10月26日 01:00The Daily Swig | Cybersecurity
2021年10月26日 01:00The Daily Swig | Cybersecurity
Developer moves quickly to address vulnerabilities after his account was compromised
2021年10月25日 23:03Security Boulevard
Last week, I reported 80 apps belonging to a premium SMS scam campaign, which signs victims up for expensive premium SMS services that earn a bad actor or actors money while ultimately leaving victims completely empty-handed, to Google’s Security Team. This led to their swift removal from the Google Play Store. The apps that I discovered are part of the UltimaSMS campaign, consisting of 151 apps that at one point or another had been available for download on the Google Play Store. These apps have been downloaded more than 10.5 million times, and are nearly identical in structure and functionality; essentially copies of the same fake app used to spread the premium SMS scam campaign. This leads me to believe that one bad actor or group is behind the entire campaign. I have dubbed the campaign “UltimaSMS”, because one of the first apps I discovered was called Ultima Keyboard 3D Pro.
The post Premium SMS Scam Apps on Play Store | Avast appeared first on Security Boulevard.
2021年10月25日 23:03Security Boulevard
In May 2017, Marcus Hutchins - AKA MalwareTech - became a hero for stopping WannaCry, a particularly nasty ransomware that spread quickly all over the world. Yet his fame also brought to light his troubled past as the teenage Black Hat hacker who created KRONOS, a dangerous rootkit. Should a criminal-turned-hero be punished for his past crimes? Check it out...
The post Malicious Life Podcast: Marcus Hutchins – A Controversial Hero appeared first on Security Boulevard.
2021年10月25日 23:03Security Boulevard
The cloud is the default environment of our time. Rented infrastructure helps lower your taxes and risks by moving most of the operations to your cloud provider. Using the cloud lets you focus on your customer’s needs without constantly worrying about database updates or OS maintenance.
The post How to Debug Node.JS Tests with Thundra Foresight appeared first on Security Boulevard.
2021年10月25日 23:03Security Boulevard
A survey of 545 IT decision-makers from organizations in the U.S. and United Kingdom (UK) found three-quarters of respondents (75%) are reevaluating their remote access strategy in the wake of new ways of working and the growth in cloud application use. The survey polled organizations with 1,000 or more employees and was conducted by Menlo..
The post Menlo Security Survey Sees Orgs Reevaluating Remote Access Strategy appeared first on Security Boulevard.
2021年10月25日 23:02GuidePoint Security
Malware and ransomware may involve some fancy–albeit malicious–code, but for the vast majority of cybercriminals, phishing still […]
2021年10月25日 23:00The Daily Swig | Cybersecurity
Ethical hacker bags top prize for double spend flaw in smart contract
2021年10月25日 21:03Security Boulevard
In the episode, Tripwire’s Maurice Uenuma discusses the role of integrity when it comes to zero trust architecture. With results from our latest research survey on The White House’s Executive Order and zero trust, he and Tim make the case that zero trust cannot be maintained without proper Integrity controls at its foundation. Spotify: https://open.spotify.com/show/5UDKiGLlzxhiGnd6FtvEnmStitcher: […]… Read More
The post No Integrity, No Trust. The Foundation of Zero Trust Architecture appeared first on The State of Security.
The post No Integrity, No Trust. The Foundation of Zero Trust Architecture appeared first on Security Boulevard.
2021年10月25日 21:02Real-time communications secur
The FreeSWITCH team has just published version v1.10.7 which fixes a number of security issues that we reported. If you use FreeSWITCH, please do upgrade to get these security updates. To learn about the background work that went into getting these security bugs squashed, follow Sandro’s talk called Killing bugs … one vulnerability report at a time. This will be presented at at ClueCon on Thursday, October 28th. Here are the titles of each advisory and a very short summary:
2021年10月25日 19:05PHP Bugs
Date: 2021-10-25 09:31 UTC
OS:
PHP Version: Irrelevant
Package: xdiff
Title: xdiff_string_bpatch() and others missing
2021年10月25日 18:59360漏洞预警
近期,360烽火实验室发现一起针对巴以地区攻击活动,攻击者使用了多种商业间谍软件,同时也基于开源代码构建了独有的间谍软件。通过分析,我们发现该攻击活动自2018年开始,并持续至今。根据攻击者使用的伪装对象,我们推测攻击目标可能为巴以地区。