Day: November 22, 2021

BitSight collaborates with Marsh McLennan to help clients reduce the risk of cyber exposure

BitSight and Marsh McLennan announced a collaboration to help organizations better understand, measure, and manage their cyber risks. Marsh McLennan’s recently announced Cyber Risk Analytics Center will leverage BitSight Security Ratings, data, and analytics, enabling clients to better understand their cybersecurity performance and make more informed risk management decisions. With access to BitSight, clients can …

BitSight collaborates with Marsh McLennan to help clients reduce the risk of cyber exposure Read More »

Alkira partners with Exclusive Networks to expand its cloud market share

Alkira has appointed Exclusive Networks, a global trusted cybersecurity specialist for digital infrastructure, as a distributor for its cloud networking as-a-service platform (CNaaS). The deal makes Alkira’s CNaaS platform Cloud Services Exchange (CSX) available through Exclusive’s global partner ecosystem spanning 40 countries across five continents. It also underlines Exclusive’s commitment to growing its cloud portfolio …

Alkira partners with Exclusive Networks to expand its cloud market share Read More »

Manifest V3: Open Web Politics in Sheep's Clothing

When Google introduced Manifest V3 in 2019, web extension developers were alarmed at the amount of functionality that would be taken away for features they provide users. Especially features like blocking trackers and providing secure connections. This new iteration of Google Chrome’s web extensions interface still has flaws that might be addressed through thoughtful consensus …

Manifest V3: Open Web Politics in Sheep's Clothing Read More »

UK shoppers at risk of email fraud this Black Friday and Cyber Monday

81 percent of UK retailers are not actively blocking fraudulent emails from reaching customers Proofpoint, Inc., a leading cyber security and compliance company, today released research identifying that only 19 percent of UK retailers have implemented the recommended level of DMARC (Domain-based Message Authentication, Reporting & Conformance) protection, which protects them from cybercriminals spoofing their identity and …

UK shoppers at risk of email fraud this Black Friday and Cyber Monday Read More »

Critical vulnerability in Cisco ASA and Cisco FTD allows to shutdown the firewall & VPN. Patch immediately

Cybersecurity specialists from Positive Technologies report the detection of three critical vulnerabilities in the Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD) firewalls, developed by Cisco and whose exploitation would allow threat actors to deploy denial of service (DoS) attacks, among other risk scenarios. According to the report, the flaws received scores of 8.6/10 …

Critical vulnerability in Cisco ASA and Cisco FTD allows to shutdown the firewall & VPN. Patch immediately Read More »

Schwarz Group acquires XM Cyber to protect their networks from cyberattacks

Schwarz Group announced the acquisition of XM Cyber, preparing for future challenges regarding IT security. For XM Cyber, this presents myriad opportunities for continued growth and accelerated innovation. XM Cyber will continue to operate independently, offering its full suite of products under its current brand and support structure, and will remain committed to supporting its …

Schwarz Group acquires XM Cyber to protect their networks from cyberattacks Read More »

BazarLoader Adds Compromised Installers, ISO to Arrival and Delivery Vectors

Conclusion The number of arrival mechanism variations used in BazarLoader campaigns continue to increase as threat actors diversify their attack patterns to evade detection. However, both techniques are noteworthy and still work despite their lack of novelty due to singular detection technologies’ limitations. For instance, while the use of compromised installers has been observed with …

BazarLoader Adds Compromised Installers, ISO to Arrival and Delivery Vectors Read More »

A Complete Guide to Cloud-Native Application Security

However, these tools have downsides that may cause more challenges for DevOps teams: SAST has difficulties scanning and reporting on cloud-native applications because static tools only see the application source code it can follow. As more cloud-native apps are now developed with libraries and third-party components, this generates failures in the tool processing these links. …

A Complete Guide to Cloud-Native Application Security Read More »

[webapps] FLEX 1085 Web 1.6.0 – HTML Injection

# Exploit Title: FLEX 1085 Web 1.6.0 – HTML Injection # Date: 2021-11-21 # Exploit Author: Mr Empy # Vendor Homepage: https://www.tem.ind.br/ # Software Link: https://www.tem.ind.br/?page=prod-detalhe&id=94 # Version: 1.6.0 # Tested on: Android Title: ================ FLEX 1085 Web – HTML Injection Summary: ================ The FLEX 1085 Web appliance is vulnerable to an HTML injection attack …

[webapps] FLEX 1085 Web 1.6.0 – HTML Injection Read More »

[webapps] Bus Pass Management System 1.0 – 'Search' SQL injection

# Exploit Title: Bus Pass Management System 1.0 – ‘Search’ SQL injection # Date: 23-11-2021 # Exploit Author: Abhijeet Singh # Vendor Homepage: https://phpgurukul.com/ # Software Link: https://phpgurukul.com/bus-pass-management-system-using-php-and-mysql/ # Version: v-1.0 (Default) # Tested on: macOS Monterey(Version 12.0.1) *SQL Injection:* SQL injection is a web security vulnerability that allows an attacker to alter the SQL …

[webapps] Bus Pass Management System 1.0 – 'Search' SQL injection Read More »

[webapps] Webrun 3.6.0.42 – 'P_0' SQL Injection

# Exploit Title: Webrun 3.6.0.42 – ‘P_0′ SQL Injection # Google Dork: intitle:”Webrun 3.6.0.42″ # Date: 23/11/2021 # Exploit Author: Vinicius Alves # Vendor Homepage: https://softwell.com.br/ # Version: 3.6.0.42 # Tested on: Kali Linux 2021.3 =-=-=-= Description =-=-=-= Webrun version 3.6.0.42 is vulnerable to SQL Injection, applied to the P_0 parameter used to set the …

[webapps] Webrun 3.6.0.42 – 'P_0' SQL Injection Read More »

[remote] GNU gdbserver 9.2 – Remote Command Execution (RCE)

# Exploit Title: GNU gdbserver 9.2 – Remote Command Execution (RCE) # Date: 2021-11-21 # Exploit Author: Roberto Gesteira Miñarro (7Rocky) # Vendor Homepage: https://www.gnu.org/software/gdb/ # Software Link: https://www.gnu.org/software/gdb/download/ # Version: GNU gdbserver (Ubuntu 9.2-0ubuntu1~20.04) 9.2 # Tested on: Ubuntu Linux (gdbserver debugging x64 and x86 binaries) #!/usr/bin/env python3 import binascii import socket import struct …

[remote] GNU gdbserver 9.2 – Remote Command Execution (RCE) Read More »

[local] Linux Kernel 5.1.x – 'PTRACE_TRACEME' pkexec Local Privilege Escalation (2)

# Exploit Title: Linux Kernel 5.1.x – ‘PTRACE_TRACEME’ pkexec Local Privilege Escalation (2) # Date: 11/22/21 # Exploit Author: Ujas Dhami # Version: 4.19 – 5.2.1 # Platform: Linux # Tested on: # ~ Ubuntu 19.04 kernel 5.0.0-15-generic # ~ Parrot OS 4.5.1 kernel 4.19.0-parrot1-13t-amd64 # ~ Kali Linux kernel 4.19.0-kali5-amd64 # CVE: CVE-2019-13272 // …

[local] Linux Kernel 5.1.x – 'PTRACE_TRACEME' pkexec Local Privilege Escalation (2) Read More »

[webapps] WordPress Plugin WP Guppy 1.1 – WP-JSON API Sensitive Information Disclosure

# Exploit Title: WordPress Plugin WP Guppy 1.1 – WP-JSON API Sensitive Information Disclosure # Exploit Author: Keyvan Hardani # Date: 22/11/2021 # Vendor Homepage: https://wp-guppy.com/ # Version: up to 1.1 # Tested on: Kali Linux – Windows 10 – WordPress 5.8.x and apache2 # Usage ./exploit.sh -h #!/bin/bash Help() { # Display Help echo …

[webapps] WordPress Plugin WP Guppy 1.1 – WP-JSON API Sensitive Information Disclosure Read More »

Update: cs-decrypt-metadata.py Version 0.0.3

Update: cs-decrypt-metadata.py Version 0.0.3 This is a bugfix version of cs-decrypt-metadata.py, my tool to decrypt Cobalt Strike metadata. cs-decrypt-metadata_V0_0_3.zip (https)MD5: BC42AF00F35FE8460E8AA23F2B54A84ASHA256: 13C62A515D49CF8DEF4A866B069AFC47885B13CAB3703AA529C214B88FF576D3 No comments yet.Read more

Police Aerial Surveillance Endangers Our Ability to Protest

The ACLU of Northern California has concluded a year-long Freedom of Information campaign by uncovering massive spying on Black Lives Matter protests from the air. The California Highway Patrol directed aerial surveillance, mostly done by helicopters, over protests in Berkeley, Oakland, Palo Alto, Placerville, Riverside, Sacramento, San Francisco, and San Luis Obispo. The footage, which …

Police Aerial Surveillance Endangers Our Ability to Protest Read More »

Indonesian Court Allows Internet Blocking During Unrest, Tightening Law Enforcement Control Over Users’ Communications and Data

Indonesia’s Constitutional Court dealt another blow to the free expression and online privacy rights of the country’s 191 million internet users, ruling that the government can lawfully block internet access during periods of social unrest. The October decision is the latest chapter in Indonesia’s  crackdown on tech platforms, and its continuing efforts to force compliance …

Indonesian Court Allows Internet Blocking During Unrest, Tightening Law Enforcement Control Over Users’ Communications and Data Read More »

Windows 11 KB5007262 Cumulative Update Preview Released

Microsoft has released the optional KB5007262 Preview cumulative update for Windows 11 with 70 fixes or improvements. This Windows 11 cumulative update is part of Microsoft’s November 2021 monthly “C” update, allowing users to test the upcoming updates and fixes in the December 2021 Patch Tuesday. Unlike cumulative updates released on Patch Tuesday, preview updates …

Windows 11 KB5007262 Cumulative Update Preview Released Read More »

GoDaddy hacked – Hackers access data of 1.2 million customers

GoDaddy detected unauthorized access to its systems where it hosts and manages its customers’ WordPress servers. The Scottsdale, Arizona-based web registrar and hosting firm GoDaddy has disclosed that it suffered a data breach in which the personal details plus login  of up to 1.2 million active and inactive customers were accessed by an “unauthorized third …

GoDaddy hacked – Hackers access data of 1.2 million customers Read More »

MITRE Expands Security Testing to Services, Deception Tools & More

MITRE is moving beyond its well-regarded endpoint security evaluations and will soon be testing other security services and products. MITRE recently issued a call for participation for ATT&CK Evaluations for Managed Services, designed to reveal how managed security service providers (MSSPs) and managed detection and response (MDR) respond to adversarial attacks. Except unlike its Enterprise …

MITRE Expands Security Testing to Services, Deception Tools & More Read More »

U.S. FTC recommended lawsuit against Amazon over privacy breaches at Ring – the Information

Reuters reports: The U.S. Federal Trade Commission (FTC) recommended filing a lawsuit against Amazon.com Inc  over privacy and data security breaches in the e-commerce giant’s home security unit, Ring, earlier this year, the Information reported on Monday. FTC Chair Lina Khan, however, moved to suspend the recommendation following settlement negotiations with Amazon, according to the report …

U.S. FTC recommended lawsuit against Amazon over privacy breaches at Ring – the Information Read More »

Researchers find 11 malicious Python packages in the PyPI repository that can steal access tokens, passwords and create backdoors

Security specialists from the firm JFrog report the discovery of 11 malicious Python packages in the Python Package Index (PyPI) repository, apparently designed for the theft of access tokens to platforms such as Discord, in addition to intercepting passwords and deploying dependency confusion attacks. The list of malicious packages detected in this research is shown …

Researchers find 11 malicious Python packages in the PyPI repository that can steal access tokens, passwords and create backdoors Read More »