当前节点:rss
时间节点
2022年9月20日 22:40Packet Storm
Backdoor.Win32.Hellza.120 malware suffers from a remote command execution vulnerability.
后门。 Win32.Hellza。120恶意软件遭受远程命令执行漏洞。
2022年9月20日 22:40Packet Storm
On Mali devices without the new CSF interface, IMPORTED_USER_BUF is released without flushing host-side VMAs, leading to a page use-after-free vulnerability.
在没有新的 CSF 接口的 Marx 设备上,IMPORTED _ USER _ BUF 在没有刷新主机端 VMA 的情况下发布,这导致了页面免费使用后的漏洞。
2022年9月20日 22:40Packet Storm
Arm Mali has an issue where a driver exposes physical addresses to unprivileged userspace.
Arm Maryland 存在一个问题,即驱动程序将物理地址暴露给没有特权的用户空间。
2022年9月20日 22:40Packet Storm
The Mali driver frees GPU page tables before removing the higher-level PTEs pointing to those page tables (and, therefore, also before issuing the required flushes). This means a racing memory write instruction on the GPU can write to an attacker-controlled physical address.
在删除指向这些页表的更高级别的 PTE 之前(因此,也是在发出所需刷新之前) ,Marx 驱动程序释放 GPU 页表。这意味着 GPU 上的竞速内存写指令可以写入攻击者控制的物理地址。
2022年9月20日 22:40Packet Storm
In the Linux Mali driver, when building with MALI_USE_CSF, the VFS read handler of the main Mali file descriptor (kbase_read()) never looks at its "count" parameter. This means that a simple userspace program that sets up a Mali file descriptor, then calls read(mali_fd, buf, 1), will see read() returning a higher length than requested, and out-of-bounds data in the userspace buffer will be clobbered.
在 Linux Marx 驱动程序中,当使用 MALI _ USE _ CSF 构建时,主要的 Marx 文件描述符(kbase _ read ())的 VFS 读处理程序从不查看它的“ count”参数。这意味着一个简单的用户空间程序,设置一个马里文件描述符,然后调用 read (Mali _ fd,buf,1) ,将看到 read ()返回比请求更长的长度,用户空间缓冲区中的出界数据将被清除。
2022年9月20日 22:40Packet Storm
Ubuntu Security Notice 5619-1 - It was discovered that LibTIFF was not properly performing the calculation of data that would eventually be used as a reference for bound-checking operations. An attacker could possibly use this issue to cause a denial of service or to expose sensitive information. This issue only affected Ubuntu 18.04 LTS. It was discovered that LibTIFF was not properly terminating a function execution when processing incorrect data. An attacker could possibly use this issue to cause a denial of service or to expose sensitive information. This issue only affected Ubuntu 18.04 LTS.
Ubuntu 安全通知5619-1-发现 LibTIFF 没有正确地执行数据计算,这些数据最终将被用作绑定检查操作的参考。攻击者可能会利用这个问题引起分布式拒绝服务攻击或暴露敏感信息。这个问题只影响了 Ubuntu 18.04 LTS。当处理不正确的数据时,发现 LibTIFF 没有正确地终止函数执行。攻击者可能会利用这个问题引起分布式拒绝服务攻击或暴露敏感信息。这个问题只影响了 Ubuntu 18.04 LTS。
2022年9月20日 22:40Packet Storm
Zeek is a powerful network analysis framework that is much different from the typical IDS you may know. While focusing on network security monitoring, Zeek provides a comprehensive platform for more general network traffic analysis as well. Well grounded in more than 15 years of research, Zeek has successfully bridged the traditional gap between academia and operations since its inception. Today, it is relied upon operationally in particular by many scientific environments for securing their cyber-infrastructure. Zeek's user community includes major universities, research labs, supercomputing centers, and open-science communities. This is the source code release.
Zeek 是一个强大的网络分析框架,与您可能知道的典型 IDS 有很大不同。在关注网络安全监视的同时,Zeek 也为更一般的网络流量分析提供了一个全面的平台。Zeek 拥有超过15年的研究经验,自成立以来已成功地弥合了学术界与运营部门之间的传统鸿沟。如今,许多科学环境尤其依赖它来保障其网络基础设施的安全。Zeek 的用户社区包括主要的大学、研究实验室、超级计算中心和开放科学社区。这是源代码发布版。
2022年9月20日 21:40Packet Storm
2022年9月20日 21:40Packet Storm
2022年9月20日 21:40Packet Storm
2022年9月20日 21:40Packet Storm
2022年9月20日 21:34Data Breach – Security Affairs
Uber disclosed additional details about the security breach, the company blames a threat actor allegedly affiliated with the LAPSUS$ hacking group. Uber revealed additional details about the recent security breach, the company believes that the threat actor behind the intrusion is affiliated with the LAPSUS$ hacking group. Over the last months, the Lapsus$ gang compromised […]
The post Uber believes that the LAPSUS$ gang is behind the recent attack appeared first on Security Affairs.
Uber 披露了更多有关安全漏洞的细节,该公司指责一名据称隶属于 LAPSUS $黑客组织的威胁分子。Uber 透露了最近安全漏洞的更多细节,该公司认为入侵背后的威胁行为者与 LAPSUS $黑客组织有关。在过去的几个月里,拉普萨斯黑帮妥协了[ ... ]
Uber 认为 LAPSUS $gang 是最近攻击事件的幕后黑手,这个帖子首先出现在《安全事务》上。
2022年9月20日 20:40Github_POC
Multiple API endpoints in Atlassian Bitbucket Server and Data Center 7.0.0 before version 7.6.17, from version 7.7.0 before version 7.17.10, from version 7.18.0 before version 7.21.4, from version 8.0.0 before version 8.0.3, from version 8.1.0 before version 8.1.3, and from version 8.2.0 before version 8.2.2, and from version 8.3.0 before 8.3.1 allows remote attackers with read permissions to a public or private Bitbucket repository to execute arbitrary code by sending a malicious HTTP request. This vulnerability was reported via our Bug Bounty Program by TheGrandPew.
[GitHub]CVE-2022-36804 Atlassian Bitbucket Command Injection Vulnerability
Bitbucket 7.6.17之前的版本7.7.0,版本7.17.10之前的版本7.7.0,版本7.21.4之前的版本7.18.0,版本8.0.3之前的版本8.0.0,版本8.1.3之前的版本8.1.0,版本8.2.2之前的版本8.2.0,以及版本8.3.1之前的版本8.3.0中的多个 API 端点允许对公共或私有 Bitbucket 存储库具有读权限的远程攻击者通过发送恶意 HTTP 请求来执行任意代码。这个漏洞是通过我们的错误赏金计划报道的。
[ gitHub ] CVE-2022-36804 Bitbucket 命令注入漏洞
2022年9月20日 20:40Github_POC
Multiple API endpoints in Atlassian Bitbucket Server and Data Center 7.0.0 before version 7.6.17, from version 7.7.0 before version 7.17.10, from version 7.18.0 before version 7.21.4, from version 8.0.0 before version 8.0.3, from version 8.1.0 before version 8.1.3, and from version 8.2.0 before version 8.2.2, and from version 8.3.0 before 8.3.1 allows remote attackers with read permissions to a public or private Bitbucket repository to execute arbitrary code by sending a malicious HTTP request. This vulnerability was reported via our Bug Bounty Program by TheGrandPew.
[GitHub]Proof of Concept exploit for CVE-2022-36804 affecting BitBucket versions <8.3.1
Bitbucket 7.6.17之前的版本7.7.0,版本7.17.10之前的版本7.7.0,版本7.21.4之前的版本7.18.0,版本8.0.3之前的版本8.0.0,版本8.1.3之前的版本8.1.0,版本8.2.2之前的版本8.2.0,以及版本8.3.1之前的版本8.3.0中的多个 API 端点允许对公共或私有 Bitbucket 存储库具有读权限的远程攻击者通过发送恶意 HTTP 请求来执行任意代码。这个漏洞是通过我们的错误赏金计划报道的。
[ GitHub ] CVE-2022-36804的概念验证漏洞对 BitBucket 版本 < 8.3.1的影响
2022年9月20日 19:36Stories by SAFARAS K A on Medi
Web 3.0 Security: Four Key Issues That Concern the Tech Community
The tech community is actively discussing Web 3.0, the new version of the Internet. Although the concept of a modernized network is more or less clear, there is still no lucid algorithm for a large-scale reform of the digital environment. Cornell University professor James Grimmelmann says Web 3.0 will fix everything people don’t like about the current web, even if it’s controversial. And while the evolution of the Internet has great prospects, it does not rule out serious Web 3.0 security issues. Let’s take a look at four bottlenecks in next-generation Internet cyber security.
Web 3.0: a beautiful theory or a real thing?
The evolution of the Internet has been gradual. The good old Web 1.0 was based on static pages with links. Users did not have the opportunity to register on sites, interact with pages, and add information on their own. The first version was like a worldwide digital library, where you could only read information uploaded by sit
2022年9月20日 19:36Stories by SAFARAS K A on Medi
Domain-based Message Authentication Reporting and Conformance (DMARC) and its importance for businesses
Photo by Charles Forerunner on Unsplash
Hackers are constantly searching for new ways to trick employees, customers, and partners by abusing company brands and domains, primarily by sending malicious emails. This is why DMARC becomes such an indispensable tool for organizations. To strengthen the security of your company’s domains and emails, you should adopt DMARC. In this article, we’ll explain why you should.
Introduction to DMARC
DMARC (Domain-based Message Authentication Reporting and Conformance) is a technical specification for identifying emails through alignment of SPF and DKIM mechanisms. With DMARC in place, domain owners, large and small, can protect their emails from phishing, spoofing, and business email compromise. In order to protect your organization from phishing attacks, DMARC is an email authentication standard. When you configure it, it tells the world whether or not your emails are fro
2022年9月20日 19:36Stories by SAFARAS K A on Medi
Photo by Online Marketing on Unsplash
Introduction
In healthcare, data has considerable value as a potential target for hackers. Phishing involves the exploitation of data for malicious purposes via targeted communications (email/messaging). Several studies reported that clients declined telehealth appointments due to lack of trust in telehealth cybersecurity, according to Arlington Research and Kaspersky. This study discusses peer-reviewed literature regarding phishing and healthcare and reports on an internal evaluation targeting hospital staff. The survey found that a third of physicians had their patients’ data compromised when utilizing remote telehealth. In addition, 32% of respondents said third-party vendor vulnerabilities made their organization vulnerable to phishing attacks and caused cybersecurity challenges. Increasing evidence suggests that healthcare employees are especially vulnerable to phishing attacks. Further, the industry is suffering from associated lawsuits as well, adding to its growin
2022年9月20日 19:36Stories by SAFARAS K A on Medi
Hi! This blog will teach you how CSRF attacks happen and how we can prevent them.
So the big question is …
Cross-site request forgery is a web security vulnerability that allows attackers to perform actions on behalf of the victim. An attacker can perform all the relevant actions on the vulnerable web on the behalf of the user.
Explanation:
Let’s take an example of a typical website that is vulnerable to cross-site request forgery and it allows a normal user to signup, update passwords, change email and delete the account, and other basic functionalities. And there is no other mechanism of validating the user performed action other than the session. An attacker can generate a URL to change a user’s email and trick the victim to click on the link and perform the action sometimes just visiting the malicious URL will automatically perform the action and changes the email which can lead to a full account takeover.
The URL could be the link of the exploit hosted on the server which includes the request form to com
2022年9月20日 19:35Stories by SAFARAS K A on Medi
Hi! This blog will teach you how CSRF attacks happen and how we can prevent them.
So the big question is …
Cross-site request forgery is a web security vulnerability that allows attackers to perform actions on behalf of the victim. An attacker can perform all the relevant actions on the vulnerable web on the behalf of the user.
Explanation:
Let’s take an example of a typical website that is vulnerable to cross-site request forgery and it allows a normal user to signup, update passwords, change email and delete the account, and other basic functionalities. And there is no other mechanism of validating the user performed action other than the session. An attacker can generate a URL to change a user’s email and trick the victim to click on the link and perform the action sometimes just visiting the malicious URL will automatically perform the action and changes the email which can lead to a full account takeover.
The URL could be the link of the exploit hosted on the server which includes the request form to com
2022年9月20日 19:34Data Breach – Security Affairs
American Airlines disclosed a data breach, threat actors had access to an undisclosed number of employee email accounts. American Airlines recently suffered a data breach, threat actors compromised a limited number of employee email accounts. The intruders had access to sensitive personal information contained in the accounts, but the company’s data breach notification states that it is not aware […]
The post American Airlines disclosed a data breach appeared first on Security Affairs.
美国航空公司披露了一起数据泄露事件,威胁行为者获取了数量不明的员工电子邮件账户。美国航空公司最近遭遇数据泄露威胁行为者入侵了数量有限的员工电子邮件账户。入侵者可以访问账户中包含的敏感个人信息,但该公司的数据泄露通知表明,它并不知情[ ... ... ]
美国航空公司披露的数据泄露首先出现在安全事务上。
2022年9月20日 19:32Fuzzing Labs
A Journey Into Fuzzing WebAssembly Virtual Machines [BlackHat USA 2022] Abstract Since the MVP release in 2017, WebAssembly evolve gradually, bringing new adepts and new VM implementations over time. It’s now possible to run WebAssembly modules over every modern browser, in some blockchain, or using a standalone VM. In the same way that multiple JavaScript...
模糊 WebAssembly 虚拟机之旅[ BlackHat USA 2022]摘要自2017年 MVP 发布以来,WebAssembly 逐渐发展,随着时间的推移带来了新的专家和新的 VM 实现。现在可以在每个现代浏览器上、在某个区块链中或使用独立的 VM 运行 WebAssembly 模块。就像多个 JavaScript..。
2022年9月20日 17:09Seebug
关于星链计划 「404星链计划」是知道创宇404实验室于2020年8月提出的开源项目收集计划,这个计划的初衷是将404实验室内部一些工具通过开源的方式发挥其更大的价值,也就是“404星链计划1.0”,这里面有为大家熟知的Pocsuite3、ksubdomain等等,很快我们就收到了许多不错的反馈。2020年11月,我们将目光投向了整个安全圈,以星链计划成员为核心,筛选优质、有意义、有趣、坚持...
2022年9月20日 15:36Stories by SAFARAS K A on Medi
If you have two-factor authentication (2FA) enabled on your account, you can’t be compromised, right?
Continue reading on InfoSec Write-ups »
如果您的帐户启用了双因素身份验证(2FA) ,那么您就不会受到损害,对吗?
继续阅读资讯安全网的文章”
2022年9月20日 15:36Stories by SAFARAS K A on Medi
Sharkbot Virus is an Android banking Trojan which is being distributed on Google Play Store. Read More about this in this article.
Photo by David Clode on Unsplash
Introduction
The Cleafy Threat Intelligence Team discovered SharkBot at the end of October 2021, an Android banking malware. According to Cleafy’s blog post, SharkBot’s main goal is to initiate money transfers (from compromised devices) through Automatic Transfer Systems (ATS). Android malware rarely uses this attack technique, which is an advanced attack technique. Aside from other Android banking malware, such as Anatsa/Teabot or Oscorp, other Android banking malware requires a live operator to insert and authorize money transfers, allowing adversaries to auto-fill fields in legitimate mobile banking apps. In addition, the ATS features enable adversaries to scale up their operations with minimal effort. By using them, the malware can receive a list of events to simulate, and the malware will simulate them to transfer the money.
Modus Operandi
The
2022年9月20日 15:36Stories by SAFARAS K A on Medi
Get that coveted experience before you land a cloud security job
Continue reading on InfoSec Write-ups »
在你得到一份云安全工作之前获得你梦寐以求的经验
继续阅读资讯安全网的文章”
2022年9月20日 14:39Github_POC
Multiple API endpoints in Atlassian Bitbucket Server and Data Center 7.0.0 before version 7.6.17, from version 7.7.0 before version 7.17.10, from version 7.18.0 before version 7.21.4, from version 8.0.0 before version 8.0.3, from version 8.1.0 before version 8.1.3, and from version 8.2.0 before version 8.2.2, and from version 8.3.0 before 8.3.1 allows remote attackers with read permissions to a public or private Bitbucket repository to execute arbitrary code by sending a malicious HTTP request. This vulnerability was reported via our Bug Bounty Program by TheGrandPew.
[GitHub]Somewhat Reliable PoC Exploit for CVE-2022-36804 (BitBucket Critical Command Injection)
Bitbucket 7.6.17之前的版本7.7.0,版本7.17.10之前的版本7.7.0,版本7.21.4之前的版本7.18.0,版本8.0.3之前的版本8.0.0,版本8.1.3之前的版本8.1.0,版本8.2.2之前的版本8.2.0,以及版本8.3.1之前的版本8.3.0中的多个 API 端点允许对公共或私有 Bitbucket 存储库具有读权限的远程攻击者通过发送恶意 HTTP 请求来执行任意代码。这个漏洞是通过我们的错误赏金计划报道的。
[ GitHub ] CVE-2022-36804(BitBucket 关键命令注入)有点可靠的 PoC 开发
2022年9月20日 14:39Seebug
作者:b1cc@墨云科技VLab Team 原文链接:https://mp.weixin.qq.com/s/w0HYPpdMxhcPvKvtSJf_CQ 2021年10月12日,日本安全厂商 Flatt security 披露了 Linux 内核提权漏洞CVE-2021-34866。11月5日,@HexRabbit 在 Github 上公布了此漏洞的利用方式,并写文分析,技术高超,行文简洁。...
2022年9月20日 14:39绿盟科技博客
本文对2022年网络披露的安全事件进行处理、分析与分类,给出热点事件并简要分析,以俄乌战争期间网络空间安全事件为例,简析认知战在国家对抗中的作用。
2022年9月20日 12:09blog.badsectorlabs.com每周安全新闻
CloudFox (@sethsec + @cvendramini2), MiraclePtr in Chrome, Jetty hacking (@m1ke_n1), ExternalC2 myths (@RET2_pwn), NTLMv1 attacks (@n00py1 + @an0n_r0), Golden Ticket patches soon (@varonis), plaintext Citrix passwords (@gentilkiwi), and more!
CloudFox (@sethsec +@cvendramini2) ,Chrome 中的 MiraclePtr,Jetty 黑客(@m1ke _ n1) ,ExternalC2神话(@RET2 _ pwn) ,NTLMv1攻击(@n00py1 +@an0n _ r0) ,金票补丁(@varonis) ,明文 Citrix 密码(@gentilkiwi) ,等等!
2022年9月20日 11:31360漏洞预警
360-CERT每日安全简报
2022年9月20日 10:39跳跳糖
好久以前,在我完成 Glibc2.23 的基本堆利用学习以后,IO_FILE 的利用就被提上日程了,但苦于各种各样的麻烦因素,时至今日,我才终于动笔开始学习这种利用技巧,实属惭愧。
近几年,由于堆利用的条件越来越苛刻,加之几个常用的劫持 hook 被删除,IO 的地位逐渐有超过堆利用的趋势,因此为了跟上这几年的新潮,赶紧回来学习一下 IO 流的利用技巧。
2022年9月20日 03:09Github_POC
pfSense pfBlockerNG through 2.1.4_26 allows remote attackers to execute arbitrary OS commands as root via shell metacharacters in the HTTP Host header. NOTE: 3.x is unaffected.
[GitHub]CVE-2022-31814 Exploitation Toolkit.
PfSense pfBlockerNG 到2.1.4 _ 26允许远程攻击者通过 HTTP Host 头中的 shell 元字符以 root 身份执行任意的 OS 命令。注意: 3.x 不受影响。
[ GitHub ] CVE-2022-31814开发工具包。
2022年9月20日 02:39Github_POC
[GitHub]CVE-2022-31814 Exploitation Toolkit.
2022年9月20日 02:39Github_POC
Multiple API endpoints in Atlassian Bitbucket Server and Data Center 7.0.0 before version 7.6.17, from version 7.7.0 before version 7.17.10, from version 7.18.0 before version 7.21.4, from version 8.0.0 before version 8.0.3, from version 8.1.0 before version 8.1.3, and from version 8.2.0 before version 8.2.2, and from version 8.3.0 before 8.3.1 allows remote attackers with read permissions to a public or private Bitbucket repository to execute arbitrary code by sending a malicious HTTP request. This vulnerability was reported via our Bug Bounty Program by TheGrandPew.
[GitHub]Proof of Concept exploit for CVE-2022-36804 affecting BitBucket versions <8.3.1
Bitbucket 7.6.17之前的版本7.7.0,版本7.17.10之前的版本7.7.0,版本7.21.4之前的版本7.18.0,版本8.0.3之前的版本8.0.0,版本8.1.3之前的版本8.1.0,版本8.2.2之前的版本8.2.0,以及版本8.3.1之前的版本8.3.0中的多个 API 端点允许对公共或私有 Bitbucket 存储库具有读权限的远程攻击者通过发送恶意 HTTP 请求来执行任意代码。这个漏洞是通过我们的错误赏金计划报道的。
[ GitHub ] CVE-2022-36804的概念验证漏洞对 BitBucket 版本 < 8.3.1的影响
2022年9月20日 02:39Packet Storm
VIAVIWEB Wallpaper Admin suffers from remote shell upload and remote SQL injection vulnerabilities.
VIAVIWEB 壁纸管理员遭受远程外壳程序上传和远程 SQL 注入漏洞。
2022年9月20日 02:39Packet Storm
Ubuntu Security Notice 5613-2 - USN-5613-1 fixed vulnerabilities in Vim. Unfortunately that update failed to include binary packages for some architectures. This update fixes that regression. It was discovered that Vim was not properly performing bounds checks when executing spell suggestion commands. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. It was discovered that Vim was using freed memory when dealing with regular expressions through its old regular expression engine. If a user were tricked into opening a specially crafted file, an attacker could crash the application, leading to a denial of service, or possibly achieve code execution. It was discovered that Vim was not properly performing checks on name of lambda functions. An attacker could possibly use this issue to cause a denial of service. This issue affected only Ubuntu 22.04 LTS. It was discovered that Vim was incorrectly performing bounds checks when processing invalid commands with composing
2022年9月20日 02:39Packet Storm
Ubuntu Security Notice 5617-1 - It was discovered that memory contents previously stored in microarchitectural special registers after RDRAND, RDSEED, and SGX EGETKEY read operations on Intel client and Xeon E3 processors may be briefly exposed to processes on the same or different processor cores. A local attacker could use this to expose sensitive information. Julien Grall discovered that Xen incorrectly handled memory barriers on ARM-based systems. An attacker could possibly use this issue to cause a denial of service, obtain sensitive information or escalate privileges.
Ubuntu 安全公告5617-1——发现在 Intel 客户端和至强 E3处理器上的 RDRAND、 RDSEED 和 SGX EGETKEY 读操作之后,以前存储在微架构专用寄存器中的内存内容可能会短暂地暴露在相同或不同处理器核上的进程中。本地攻击者可以使用这个来暴露敏感信息。Julien Grall 发现 Xen 在基于 ARM 的系统上错误地处理了内存屏障。攻击者可能会利用这个问题引起分布式拒绝服务攻击、获取敏感信息或升级特权。
2022年9月20日 01:34Data Breach – Security Affairs
Revolut has suffered a cyberattack, threat actors have had access to personal information of tens of thousands of customers. The financial technology company Revolut suffered a ‘highly targeted’ cyberattack over the weekend, threat actors had access to the personal information of 0.16% of its customers (approximately 50,000 users). The company states that it has already contacted the […]
The post Revolut security breach: data of +50,000 users exposed appeared first on Security Affairs.
Revolut 遭受了网络攻击,威胁者已经获取了数万名客户的个人信息。上周末,金融科技公司 Revolut 遭受了一次“高度针对性”的网络攻击,威胁者可以访问其0.16% 的客户(约5万名用户)的个人信息。该公司表示已经联系了[ ... ]
后起义安全漏洞: + 50,000用户的数据首先出现在安全事务上。
2022年9月19日 23:36Stories by SAFARAS K A on Medi
👩‍💻Hacking Smart Contracts, Android Vulnerability, RCE, Prototype Poisoning, Anti-Human Server Plugin, and much more…
Learn about this anti-human server plugin that kicks human players out of a minecraft server with a new challenge at the end.
Hey 👋
Welcome to the #IWWeekly25 — the Monday newsletter that brings the best in Infosec straight to your inbox.
This week’s NL is brought to you by IWCON — the world’s largest virtual cybersecurity conference and networking event.
Yes, we’re sponsoring our own newsletter :)
As you might already know, we’re hosting IWCON2.0 on 17th-18th December this year, and it’s going to be even bigger and better 🔥
We already received so much praise for the speaker line up and session topics. If you haven’t checked them yet, do it now and book your tickets.
Coming back to today’s NL, here are our top picks for this week: 7 articles, 6 Threads, 5 videos, 2 GitHub repos and tools, 1 job alert to help you maximize the benefit from this newsletter and take a massive jump ahead in your ca
2022年9月19日 23:34Packet Storm
Genesys PureConnect as of their build on 08-October-2020 suffers from a cross site scripting vulnerability.
Genesys pureConnect 在2020年10月8日建成时,遭遇了一个跨网站脚本漏洞。
2022年9月19日 23:34Packet Storm
WordPress GetYourGuide Ticketing plugin version 1.0.1 suffers from a persistent cross site scripting vulnerability.
WordPress getyouGuide 票务插件版本1.0.1一直存在跨网站脚本漏洞。
2022年9月19日 23:34Packet Storm
OpenCart 3.x Newsletter Custom Popup module version 4.0 suffers from a remote blind SQL injection vulnerability.
OpenCart 3.x Newsletter Custom Popup module version 4.0存在远程盲 SQL 注入漏洞。
2022年9月19日 23:34Packet Storm
Red Hat Security Advisory 2022-6541-01 - PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. Issues addressed include file overwrite and traversal vulnerabilities.
红帽安全咨询2022-6541-01-PHP 是一个常用的 HTML 嵌入式脚本语言 Apache HTTP Server。解决的问题包括文件覆盖和遍历漏洞。
2022年9月19日 23:34Packet Storm
Owlfiles File Manager version 12.0.1 suffers from local file inclusion and path traversal vulnerabilities.
Owlfiles File Manager 版本12.0.1存在本地文件包含和路径遍历漏洞。
2022年9月19日 23:34Packet Storm
PhotoSync version 4.7 suffers from a local file inclusion vulnerability.
PhotoSync 版本4.7存在本地文件包含漏洞。
2022年9月19日 23:34Packet Storm
Red Hat Security Advisory 2022-6551-01 - The redhat-virtualization-host packages provide the Red Hat Virtualization Host. These packages include redhat-release-virtualization-host, ovirt-node, and rhev-hypervisor. Red Hat Virtualization Hosts are installed using a special build of Red Hat Enterprise Linux with only the packages required to host virtual machines. RHVH features a Cockpit user interface for monitoring the host's resources and performing administrative tasks. The ovirt-node-ng packages provide the Red Hat Virtualization Host. These packages include redhat-release-virtualization-host, ovirt-node, and rhev-hypervisor. Red Hat Virtualization Hosts are installed using a special build of Red Hat Enterprise Linux with only the packages required to host virtual machines. RHVH features a Cockpit user interface for monitoring the host's resources and performing administrative tasks. Issues addressed include denial of service, information leakage, privilege escalation, and use-after-free vulnerabilities.
红
2022年9月19日 23:34Packet Storm
SoX versions 14.4.2 and below suffer from a division by zero attack when handling WAV files, resulting in denial of service vulnerability and possibly loss of data.
SoX 版本14.4.2及以下版本在处理 WAV 文件时受到零除攻击,导致分布式拒绝服务攻击漏洞和可能丢失数据。
2022年9月19日 23:34Packet Storm
Ubuntu Security Notice 5616-1 - Asaf Modelevsky discovered that the Intel 10GbE PCI Express Ethernet driver for the Linux kernel performed insufficient control flow management. A local attacker could possibly use this to cause a denial of service. Moshe Kol, Amit Klein and Yossi Gilad discovered that the IP implementation in the Linux kernel did not provide sufficient randomization when calculating port offsets. An attacker could possibly use this to expose sensitive information.
Ubuntu 安全公告5616-1-Asaf Modelevsky 发现用于 Linux 内核的 Intel 10GbE PCI Express 以太网驱动程序执行的控制流管理不足。当地的攻击者可能会利用这个引起分布式拒绝服务攻击。Moshe Kol,Amit Klein 和 Yossi Gilad 发现 Linux 内核中的 IP 实现在计算端口偏移量时没有提供足够的随机性。攻击者可能会使用这个来暴露敏感信息。
2022年9月19日 23:31burp
Infosec advocate speaks to The Daily Swig about the benefits of, and barriers to, ‘shifting left’
信息安全倡导者对《每日摇摆》谈到了“向左转”的好处和障碍
2022年9月19日 23:09Packet Storm
2022年9月19日 23:09Packet Storm
2022年9月19日 23:09Packet Storm
2022年9月19日 21:36Stories by SAFARAS K A on Medi
The terrifying world of Cross-Site Scripting (XSS) (Part 2) — StackZero
Introduction
I already discussed the vulnerability in the XSS Intro in Part 1 of the article. Anyway, just for a quick refresh, XSS is a vulnerability that enables attackers to inject malicious code into webpages viewed by other users.
There are 3 types of XSS:
What I’m going to do in the 2nd part of the article is just build a simple vulnerable application and then try to exploit them. Even if it will contain just what is necessary to understand, I’ll try to implement all types of vulnerabilities.
Let’s try together to reach the goal and better understand XSS.
Before starting here a list of related articles for a quick navigation:
The terrifying world of Cross-Site Scripting (XSS) (Part 1)
The terrifying world of Cross-Site Scripting (XSS) (Part 2)
XSS in practice: how to exploit XSS in web applications
Reflected XSS DVWA — An Exploit With Real World Consequences
Requirements
I think that to make everything more readable, Python will be 
2022年9月19日 21:35Stories by SAFARAS K A on Medi
Hello everyone, one of the most interesting functions is file uploading, vulnerabilities in file uploads usually lead you to critical or high-severity, so let’s start with this scenario that i faced while bug bunting
Let’s consider our target domain is target.com
While hunting on our target i came across the subdomain edu.target.com the service provided by the program is a teaching platform as there are different types of users like students and teachers who aim to help students to learn tech-related topics like software engineering robotics etc…
Let’s start our story
I came across the upload function trying to upload an image to analyze how the function works
let’s try to upload PHP script
i found that server didn’t respond
after some analysis of the application behavior, i figured out that if the request didn’t pass the validation the connection will be closed and the server will not respond to the request
Now let’s try to bypass the validation on the php extension
let’s start by figuring if the application
2022年9月19日 21:35Stories by SAFARAS K A on Medi
Hello everyone, one of the most interesting functions is file uploading, vulnerabilities in file uploads usually lead you to critical or high-severity, so let’s start with this scenario that i faced while bug bunting
Let’s consider our target domain is target.com
While hunting on our target i came across the subdomain edu.target.com the service provided by the program is a teaching platform as there are different types of users like students and teachers who aim to help students to learn tech-related topics like software engineering robotics etc…
Let’s start our story
I came across the upload function trying to upload an image to analyze how the function works
let’s try to upload PHP script
i found that server didn’t respond
after some analysis of the application behavior, i figured out that if the request didn’t pass the validation the connection will be closed and the server will not respond to the request
Now let’s try to bypass the validation on the php extension
let’s start by figuring if the application
2022年9月19日 21:09checkpoint research
For the latest discoveries in cyber research for the week of 19th September, please download our Threat Intelligence Bulletin. Top Attacks and Breaches Uber has suffered a data breach, allegedly by an 18-year-old hacker who managed to gain access using social engineering tactics on an employee. The hacker claims to have access to Uber’s internal... Click to Read More
The post 19th September – Threat Intelligence Report appeared first on Check Point Research.
有关9月19日这一周网络研究的最新发现,请下载我们的威胁情报公报。优步遭受了一次数据泄露,据称是一名18岁的黑客利用社会工程策略获得了一名员工的访问权限。黑客声称可以进入 Uber 的内部... 点击阅读更多
9月19日之后的威胁情报报告首先出现在 Check Point Research 上。
2022年9月19日 21:09倾旋‘s blog
很久没有写一些关于工作的感悟了,近期想了一些事情,以此写一篇关于我三年的红队生涯总结。
2022年9月19日 20:39Github_POC
An issue was discovered on certain DrayTek Vigor routers before July 2022 such as the Vigor3910 before 4.3.1.1. /cgi-bin/wlogin.cgi has a buffer overflow via the username or password to the aa or ab field.
[GitHub]CVE-2022-32548-RCE-POC
在2022年7月之前,在某些 DrayTek Vigor 路由器上发现了一个问题,比如4.3.1.1之前的 Vigor3910。/cgi-bin/wlogin.cgi 通过 aa 或 ab 字段的用户名或密码有一个缓冲区溢出。
CVE-2022-32548-RCE-POC
2022年9月19日 18:08nccgroup
Modern organizations evolved and took the next step when they became digital. Organizations are using cloud and automation to build a dynamic infrastructure to support more frequent product release and faster innovation. This puts pressure on the IT department to do more and deliver faster. Automated cloud infrastructure also requires a new mindset, a change … Continue reading A Guide to Improving Security Through Infrastructure-as-Code →
现代组织不断发展,并在数字化时代迈出了下一步。组织正在使用云和自动化来构建一个动态的基础设施,以支持更频繁的产品发布和更快的创新。这给 IT 部门带来了压力,要求他们做得更多、交付得更快。自动化的云基础设施也需要一种新的思维方式,一种改变... ... 继续阅读《通过基础设施代码化提高安全性指南》→
2022年9月19日 17:39独立开发者灵感周刊
本周刊记录有趣好玩的独立产品设计开发相关内容,每周发布,往期内容同样精彩,感兴趣的伙伴可以点击订阅我的周刊。为 […]