Attackers could distribute malicious software through the FCC.gov site

Vulnerability on the site of the Federal Communications Commission allowed attackers to download malicious software to the server.
A 20-year-old student from the US accidentally discovered a vulnerability on the site of the Federal Communications Commission (FCC). The error allowed any user to attach a file with an arbitrary extension and publish a link to it as a public comment on the agency's website.
According to the researcher, the vulnerability allowed to upload arbitrary files to the FCC server up to 25 MB. Thus, attackers could easily distribute malware through the official website of the Federal Communications Commission. Vulnerability is supposed to be present for about 5 months.
The problem was the lack of checking the types of files being uploaded in the public API. Access to the API was provided using a key sent at the user's request to his email.
The FCC is currently investigating the incident.

🕴🏼 @Phantasm_Lab

http://www.securitylab.ru/news/488206.php

[+] Russian;
Загрузить Gifs сайт vk.com

[+] Portuguese;
Download de Gifs, site vk.com

[+] Espanish;
dowload gifs de paredes, sitio vk.com

https://youtu.be/anKt8gsmQLM

🕴🏼 @Phantasm_Lab

GNUroot debian - Arabic and Persian.

https://www.youtube.com/channel/UCt3kSNGDj8AiD6xBlVAwXUg/feed

🕴🏼 @Phantasm_Lab

http://www.techtudo.com.br/noticias/2017/08/o-que-e-replika-app-usa-inteligencia-artificial-para-criar-um-clone-seu.ghtml

🕴🏼 @Phantasm_Lab

Vídeo de apresentação do Replika

Replika presentation video

Olá!
Vi que você está no grupo do @sumobrasil, que tal nos ajudar? O SUMO precisa de *você*! Para manter-se informado participe conosco de nossa reunião quinzenal.
Segue abaixo todas as informações para a reunião, bem como os tópicos que serão tratados:
https://discourse.mozilla.org/t/reuniao-sumo-br-06-09-2017/18827

🕴🏽 @Phantasm_Lab

Para receber a notificação quando estivermos ao vivo basta inscrever-se no canal e clicar no 🛎"maroto" e habilitar a notificação!

LINK YOUTUBE - https://youtu.be/rHEPDnrHaM0

🕴🏽 @Phantasm_Lab

Free Templates for Penetration Testing Report!

https://www.peerlyst.com/posts/how-to-write-a-penetration-testing-report-magda-chelly-ph-d?lipi=urn%3Ali%3Apage%3Ad_flagship3_feed%3BpAeVqlOST9Or28C6V22UNw%3D%3D

🕴🏽 @Phantasm_Lab

https://n0where.net/credit-card-magstripe-spoofer-magspoof/

🕴🏽 @sid619
🕴🏽 @Phantasm_Lab

[+] Portuguese;

Um software básico para modificar o endereço Mac e modificar o IP interno, Limpando dados e informações da máquina.

[+] English;

A basic software to modify the mac address and modify the internal IP, Cleaning up machine data and information.

[+] Russian;

Основное программное обеспечение для изменения MAC-адреса и изменения внутреннего IP-адреса, очистки машинных данных и информации.

[+] Spanish;

Un software básico para modificar la dirección del mac y para modificar el IP interno, limpiando datos e información de la máquina.

[+] Persian;

یک نرم افزار اساسی برای تغییر مک آدرس و تغییر IP داخلی، تمیز کردن داده های ماشین و اطلاعات.

https://youtu.be/WqR05CIdbpc

🕴🏽 @Phantasm_Lab

молодой♡:
https://youtu.be/UVMhDZEINwE

🕴🏽 @Phantasm_Lab

Mastercard ignores a dangerous vulnerability in the system

Vendors using Mastercard (Mastercard Internet Gateway Service, MIGS) to process online payments must double check each transaction before sending the goods to customers: there is a serious vulnerability in the system verification protocol, and, apparently, Mastercard ignores it .

http://www.securitylab.ru/news/488287.php

🕴🏽 @Phantasm_Lab

http://tinyurl.com/y77wgqf8

🕴🏽 @J0K3R5
🕴🏽 @Phantasm_Lab

https://offensivepentest.com/2017/08/26/android-apk-reverse-engineering/

🕴🏽 @Phantasm_Lab