September 23, 2022

The Botnet Crypto-mining Conquest

During our daily threat hunting activities in our 4000+ customer base, we have gained an intimate understanding of the adversaries behind the threats. This unique insight has been organized by our hunters and security researchers to create threat activity clusters. By clustering these adversaries, we know how to better mitigate the threat they present. Activity clusters …

The Botnet Crypto-mining Conquest Read More »

SWN #241 – Credential Stuffing, Bionic Cockroaches, ICS, Magento, & SIM Swap Mobsters – Wrap Up

Paul’s Security Weekly Fri, 13 Jan 2023 19:59:00 +0000 Fri, 13 Jan 2023 22:52:52 +0000 Libsyn WebEngine 2.0 http://securityweekly.com/ en http://securityweekly.com/ sw_production@cyberriskalliance.com (sw_production@cyberriskalliance.com) https://ssl-static.libsyn.com/p/assets/2/3/1/7/231716b9da792464/PSW_1400x1400.png Paul’s Security Weekly Security Weekly hacking,security false sw_production@cyberriskalliance.com episodic no SWN #241 – Credential Stuffing, Bionic Cockroaches, ICS, Magento, & SIM Swap Mobsters – Wrap Up Fri, 23 Sep 2022 18:07:38 …

SWN #241 – Credential Stuffing, Bionic Cockroaches, ICS, Magento, & SIM Swap Mobsters – Wrap Up Read More »

SWN #241 – Credential Stuffing, Bionic Cockroaches, ICS, Magento, & SIM Swap Mobsters – Wrap Up

Paul’s Security Weekly Fri, 13 Jan 2023 19:59:00 +0000 Fri, 13 Jan 2023 22:52:52 +0000 Libsyn WebEngine 2.0 http://securityweekly.com/ en http://securityweekly.com/ sw_production@cyberriskalliance.com (sw_production@cyberriskalliance.com) https://ssl-static.libsyn.com/p/assets/2/3/1/7/231716b9da792464/PSW_1400x1400.png Paul’s Security Weekly Security Weekly hacking,security false sw_production@cyberriskalliance.com episodic no SWN #241 – Credential Stuffing, Bionic Cockroaches, ICS, Magento, & SIM Swap Mobsters – Wrap Up Fri, 23 Sep 2022 18:07:38 …

SWN #241 – Credential Stuffing, Bionic Cockroaches, ICS, Magento, & SIM Swap Mobsters – Wrap Up Read More »

SWN #241 – Credential Stuffing, Bionic Cockroaches, ICS, Magento, & SIM Swap Mobsters – Wrap Up

Paul’s Security Weekly Fri, 13 Jan 2023 19:59:00 +0000 Fri, 13 Jan 2023 22:52:52 +0000 Libsyn WebEngine 2.0 http://securityweekly.com/ en http://securityweekly.com/ sw_production@cyberriskalliance.com (sw_production@cyberriskalliance.com) https://ssl-static.libsyn.com/p/assets/2/3/1/7/231716b9da792464/PSW_1400x1400.png Paul’s Security Weekly Security Weekly hacking,security false sw_production@cyberriskalliance.com episodic no SWN #241 – Credential Stuffing, Bionic Cockroaches, ICS, Magento, & SIM Swap Mobsters – Wrap Up Fri, 23 Sep 2022 18:07:38 …

SWN #241 – Credential Stuffing, Bionic Cockroaches, ICS, Magento, & SIM Swap Mobsters – Wrap Up Read More »

ESW #289 – Jonathan Roizin

Paul’s Security Weekly Fri, 13 Jan 2023 19:59:00 +0000 Fri, 13 Jan 2023 22:52:50 +0000 Libsyn WebEngine 2.0 http://securityweekly.com/ en http://securityweekly.com/ sw_production@cyberriskalliance.com (sw_production@cyberriskalliance.com) https://ssl-static.libsyn.com/p/assets/2/3/1/7/231716b9da792464/PSW_1400x1400.png Paul’s Security Weekly Security Weekly hacking,security false sw_production@cyberriskalliance.com episodic no ESW #289 – Jonathan Roizin Fri, 23 Sep 2022 17:55:50 +0000 02:17:46 false Podcast full Read more

ESW #289 – Jonathan Roizin

Paul’s Security Weekly Fri, 13 Jan 2023 19:59:00 +0000 Fri, 13 Jan 2023 22:52:50 +0000 Libsyn WebEngine 2.0 http://securityweekly.com/ en http://securityweekly.com/ sw_production@cyberriskalliance.com (sw_production@cyberriskalliance.com) https://ssl-static.libsyn.com/p/assets/2/3/1/7/231716b9da792464/PSW_1400x1400.png Paul’s Security Weekly Security Weekly hacking,security false sw_production@cyberriskalliance.com episodic no ESW #289 – Jonathan Roizin Fri, 23 Sep 2022 17:55:50 +0000 02:17:46 false Podcast full Read more

ESW #289 – Jonathan Roizin

Paul’s Security Weekly Fri, 13 Jan 2023 19:59:00 +0000 Fri, 13 Jan 2023 22:52:50 +0000 Libsyn WebEngine 2.0 http://securityweekly.com/ en http://securityweekly.com/ sw_production@cyberriskalliance.com (sw_production@cyberriskalliance.com) https://ssl-static.libsyn.com/p/assets/2/3/1/7/231716b9da792464/PSW_1400x1400.png Paul’s Security Weekly Security Weekly hacking,security false sw_production@cyberriskalliance.com episodic no ESW #289 – Jonathan Roizin Fri, 23 Sep 2022 17:55:50 +0000 02:17:46 false Podcast full Read more

Integrating Alert Logic with Amazon Web Services

As a leader in helping secure the cloud across common-use cases, Alert Logic delivers 24/7 monitoring and threat management, simplified visibility, configuration best practices, compliance, integrated threat intelligence, and automation via native integration delivered as a managed service. If you’re using Amazon Web Services, having Alert Logic’s Managed Detection and Response (MDR) help ensure your …

Integrating Alert Logic with Amazon Web Services Read More »

Common criteria

The Common Criteria (CC) is an international program in which accredited laboratories test IT products against cyber security specifications for technology classes. Under the Common Criteria Recognition Arrangement (CCRA), all member countries agree to recognize each other’s Common Criteria certificates, which allows developers to access the global marketplace regardless of where their product is certified. …

Common criteria Read More »

Common criteria

The Common Criteria (CC) is an international program in which accredited laboratories test IT products against cyber security specifications for technology classes. Under the Common Criteria Recognition Arrangement (CCRA), all member countries agree to recognize each other’s Common Criteria certificates, which allows developers to access the global marketplace regardless of where their product is certified. …

Common criteria Read More »

Steer Clear of the “Pay Yourself Scam” That’s Targeting Online Bank Accounts

An old banking scam has a new look. And it’s making the rounds again.  Recently Bank of America alerted its customers of the “Pay Yourself Scam,” where scammers use phony fraud alerts and trick their victims into giving them access to their online banking accounts. It’s a form of phishing attack, and according to Bank …

Steer Clear of the “Pay Yourself Scam” That’s Targeting Online Bank Accounts Read More »

[webapps] Feehi CMS 2.1.1 – Remote Code Execution (Authenticated)

# Exploit Title: Feehi CMS 2.1.1 – Remote Code Execution (RCE) (Authenticated) # Date: 22-08-2022 # Exploit Author: yuyudhn # Vendor Homepage: https://feehi.com/ # Software Link: https://github.com/liufee/cms # Version: 2.1.1 (REQUIRED) # Tested on: Linux, Docker # CVE : CVE-2022-34140 # Proof of Concept: 1. Login using admin account at http://feehi-cms.local/admin 2. Go to Ad …

[webapps] Feehi CMS 2.1.1 – Remote Code Execution (Authenticated) Read More »

[webapps] WordPress Plugin WP-UserOnline 2.88.0 – Stored Cross Site Scripting (XSS)

# Exploit Title: WordPress Plugin WP-UserOnline 2.88.0 – Stored Cross Site Scripting (XSS) # Google Dork: inurl:/wp-content/plugins/wp-useronline/ # Date: 2022-08-24 # Exploit Author: UnD3sc0n0c1d0 # Vendor Homepage: https://github.com/lesterchan/wp-useronline # Software Link: https://downloads.wordpress.org/plugin/wp-useronline.2.88.0.zip # Category: Web Application # Version: 2.88.0 # Tested on: Debian / WordPress 6.0.1 # CVE : CVE-2022-2941 # Reference: https://github.com/lesterchan/wp-useronline/commit/59c76b20e4e27489f93dee4ef1254d6204e08b3c # 1. …

[webapps] WordPress Plugin WP-UserOnline 2.88.0 – Stored Cross Site Scripting (XSS) Read More »

[webapps] WordPress Plugin 3dady real-time web stats 1.0 – Stored Cross Site Scripting (XSS)

# Exploit Title: WordPress Plugin 3dady real-time web stats 1.0 – Stored Cross Site Scripting (XSS) # Google Dork: inurl:/wp-content/plugins/3dady-real-time-web-stats/ # Date: 2022-08-24 # Exploit Author: UnD3sc0n0c1d0 # Vendor Homepage: https://profiles.wordpress.org/3dady/ # Software Link: https://downloads.wordpress.org/plugin/3dady-real-time-web-stats.zip # Category: Web Application # Version: 1.0 # Tested on: Debian / WordPress 6.0.1 # CVE : N/A # 1. …

[webapps] WordPress Plugin 3dady real-time web stats 1.0 – Stored Cross Site Scripting (XSS) Read More »

[webapps] Aero CMS v0.0.1 – SQLi

# Title: Aero CMS v0.0.1 – SQLi # Author: nu11secur1ty # Date: 08.27.2022 # Vendor: https://github.com/MegaTKC # Software: https://github.com/MegaTKC/AeroCMS/releases/tag/v0.0.1 # Reference: https://github.com/nu11secur1ty/CVE-nu11secur1ty/tree/main/vendors/MegaTKC/2021/AeroCMS-v0.0.1-SQLi # Description: The `author` parameter from the AeroCMS-v0.0.1 CMS system appears to be vulnerable to SQL injection attacks. The malicious user can dump-steal the database, from this CMS system and he can use …

[webapps] Aero CMS v0.0.1 – SQLi Read More »

[webapps] Testa 3.5.1 Online Test Management System – Reflected Cross-Site Scripting (XSS)

# Exploit Title: Testa 3.5.1 Online Test Management System – Reflected Cross-Site Scripting (XSS) # Date: 28/08/2022 # Exploit Author: Ashkan Moghaddas # Vendor Homepage: https://testa.cc # Software Link: https://download.aftab.cc/products/testa/Testa_wos_2.0.1.zip # Version: 3.5.1 # Tested on: Windows/Linux # Proof of Concept: # 1- Install Testa 3.5.1 # 2- Go to https://localhost.com/login.php?redirect=XXXX # 3- Add payload …

[webapps] Testa 3.5.1 Online Test Management System – Reflected Cross-Site Scripting (XSS) Read More »

[webapps] TP-Link Tapo c200 1.1.15 – Remote Code Execution (RCE)

# Exploit Title: TP-Link Tapo c200 1.1.15 – Remote Code Execution (RCE) # Date: 02/11/2022 # Exploit Author: hacefresko # Vendor Homepage: https://www.tp-link.com/en/home-networking/cloud-camera/tapo-c200/ # Version: 1.1.15 and below # Tested on: 1.1.11, 1.1.14 and 1.1.15 # CVE : CVE-2021-4045 # Write up of the vulnerability: https://www.hacefresko.com/posts/tp-link-tapo-c200-unauthenticated-rce import requests, urllib3, sys, threading, os urllib3.disable_warnings(urllib3.exceptions.InsecureRequestWarning) PORT = …

[webapps] TP-Link Tapo c200 1.1.15 – Remote Code Execution (RCE) Read More »