DNS Amplification Attack
Attackers are taking advantage of weaknesses in the DNS protocol in order to launch a high bandwidth sophisticated attack on their victim using amplification effects. Learn more about how to prevent DNS amplification attacks
https://youtu.be/xTKjHWkDwP0
Attackers are taking advantage of weaknesses in the DNS protocol in order to launch a high bandwidth sophisticated attack on their victim using amplification effects. Learn more about how to prevent DNS amplification attacks
https://youtu.be/xTKjHWkDwP0
YouTube
DNS Amplification Attack
Attackers are taking advantage of weaknesses in the DNS protocol in order to launch a high bandwidth sophisticated attack on their victim using amplification effects. Learn more about how to prevent DNS amplification attacks. http://www.radware.com/Solutions/Security/
Security+ Cert. Training - DNS Amplification Attack
In this video we will be going over a DNS attack what to look out for and how to prevent it.
https://youtu.be/31lP8thRS3w
In this video we will be going over a DNS attack what to look out for and how to prevent it.
https://youtu.be/31lP8thRS3w
YouTube
DNS Amplification Attack
In this video we will be going over a DNS attack what to look out for and how to prevent it.
Join us as we take the month of April 2020 to prepare you for the Security+ exam in these videos were going to break down everything you're going to need to know…
Join us as we take the month of April 2020 to prepare you for the Security+ exam in these videos were going to break down everything you're going to need to know…
Spootniks - Muitos países erraram na luta contra o coronavírus. Ninguém errou mais que o governo chinês.
Este documentário foi produzido com um único objetivo: seguir os primeiros passos da maior pandemia do século vinte e um. Para isso, construímos uma linha do tempo com literalmente centenas de informações fundamentais para entender como saímos de um surto de pneumonia supostamente inofensivo numa cidade do interior da China para o maior perigo à humanidade desde o fim da Segunda Guerra Mundial.
https://youtu.be/_V4r5ibOm5g
Este documentário foi produzido com um único objetivo: seguir os primeiros passos da maior pandemia do século vinte e um. Para isso, construímos uma linha do tempo com literalmente centenas de informações fundamentais para entender como saímos de um surto de pneumonia supostamente inofensivo numa cidade do interior da China para o maior perigo à humanidade desde o fim da Segunda Guerra Mundial.
https://youtu.be/_V4r5ibOm5g
YouTube
Como a China encobriu a pandemia de COVID-19
Este documentário foi produzido com um único objetivo: seguir os primeiros passos da maior pandemia do século vinte e um. Para isso, construímos uma linha do tempo com literalmente centenas de informações fundamentais para entender como saímos de um surto…
Forwarded from Security Talks (Jonhnathan Jonhnathan Jonhnathan)
Breach: From Recon to penetrating the perimeter, to actions on the target
https://youtu.be/e99iQC-dod8
@SecTalks
https://youtu.be/e99iQC-dod8
@SecTalks
YouTube
May 2019 Pwn School - TinkerSec "Breach"
Breach: From recon to penetrating the perimeter, to actions on target.
XXE on www.publish.engelvoelkers.com
A XML External Entities vulnerability has been found on www.publish.engelvoelkers.com:8443. Initially a GET request was made to /dp/services and that returned a 500 Error with some XML data. Changing the HTTP request method to POST with some XML data produced a different response, so it appeared to process XML data.
https://hackerone.com/reports/914801
A XML External Entities vulnerability has been found on www.publish.engelvoelkers.com:8443. Initially a GET request was made to /dp/services and that returned a 500 Error with some XML data. Changing the HTTP request method to POST with some XML data produced a different response, so it appeared to process XML data.
https://hackerone.com/reports/914801
HackerOne
Engel & Völkers Technology GmbH disclosed on HackerOne: XXE on...
## Summary:
A XML External Entities vulnerability has been found on **www.publish.engelvoelkers.com:8443**. Initially a GET request was made to /dp/services and that returned a 500 Error with some...
A XML External Entities vulnerability has been found on **www.publish.engelvoelkers.com:8443**. Initially a GET request was made to /dp/services and that returned a 500 Error with some...
IDS / IPS - Conceitos Basicos
Vídeo da série Segurança em Redes de Computadores cujo assunto é IDS e IPS - Os Intrusion Detection Systems e os Intrusion Prevention Systems.
https://youtu.be/a_Vp0ca4G2g
Vídeo da série Segurança em Redes de Computadores cujo assunto é IDS e IPS - Os Intrusion Detection Systems e os Intrusion Prevention Systems.
https://youtu.be/a_Vp0ca4G2g
YouTube
IDS / IPS
Contribua com o canal, torne-se membro:
https://www.youtube.com/channel/UCz9M2hHURsenUWxXBk3TR8A/join
Conheça os Cursos da SegInfoBrasil
www.seginfobrasil.com.br/cursos
Vídeo da série Segurança em Redes de Computadores cujo assunto é IDS e IPS - Os Intrusion…
https://www.youtube.com/channel/UCz9M2hHURsenUWxXBk3TR8A/join
Conheça os Cursos da SegInfoBrasil
www.seginfobrasil.com.br/cursos
Vídeo da série Segurança em Redes de Computadores cujo assunto é IDS e IPS - Os Intrusion…
TikTok Careers Portal Account Takeover
The following (slightly modified) vulnerability report was sent to TikTok using Hackerone on 17th October 2020 and was resolved within 12 days.
https://security.lauritz-holtmann.de/advisories/tiktok-account-takeover/
The following (slightly modified) vulnerability report was sent to TikTok using Hackerone on 17th October 2020 and was resolved within 12 days.
https://security.lauritz-holtmann.de/advisories/tiktok-account-takeover/
(Web-)Insecurity Blog
TikTok Careers Portal Account Takeover
The following (slightly modified) vulnerability report was sent to TikTok using Hackerone on 17th October 2020 and was resolved within 12 days.
Starbucks - Unrestricted File Upload Leads to RCE on mobile.starbucks.com.sg
ko2sec discovered an .ashx endpoint on mobile.starbucks.com.sg intended for image files permitted unrestricted file type uploads which could lead to a potential RCE. ko2sec's thorough analysis provided additional endpoints on other out of scope domains that shared this vulnerability.
https://hackerone.com/reports/1027822
ko2sec discovered an .ashx endpoint on mobile.starbucks.com.sg intended for image files permitted unrestricted file type uploads which could lead to a potential RCE. ko2sec's thorough analysis provided additional endpoints on other out of scope domains that shared this vulnerability.
https://hackerone.com/reports/1027822
HackerOne
Starbucks disclosed on HackerOne: Unrestricted File Upload Leads to...
ko2sec discovered an .ashx endpoint on mobile.starbucks.com.sg intended for image files permitted unrestricted file type uploads which could lead to a potential RCE. ko2sec's thorough analysis...
Dumping S3 Buckets | Exploiting S3 Bucket Misconfigurations
In this video, we will take a look at how to perform reconnaissance on AWS S3 buckets and how to exploit S3 bucket permission configurations to list and dump the contents of a poorly configured S3 bucket.
https://youtu.be/ITSZ8743MUk
In this video, we will take a look at how to perform reconnaissance on AWS S3 buckets and how to exploit S3 bucket permission configurations to list and dump the contents of a poorly configured S3 bucket.
https://youtu.be/ITSZ8743MUk
YouTube
Dumping S3 Buckets | Exploiting S3 Bucket Misconfigurations
In this video, we will take a look at how to perform reconnaissance on AWS S3 buckets and how to exploit S3 bucket permission configurations to list and dump the contents of a poorly configured S3 bucket.
------------------------------------------------…
------------------------------------------------…
What is a Web Application Firewall (WAF)?
Traditional network firewalls (Layer 3-4) do a great job preventing outsiders from accessing internal networks. But, these firewalls offer little to no support in the protection of application layer traffic.
https://youtu.be/p8CQcF_9280
Traditional network firewalls (Layer 3-4) do a great job preventing outsiders from accessing internal networks. But, these firewalls offer little to no support in the protection of application layer traffic.
https://youtu.be/p8CQcF_9280
YouTube
What is a Web Application Firewall (WAF)?
Traditional network firewalls (Layer 3-4) do a great job preventing outsiders from accessing internal networks. But, these firewalls offer little to no support in the protection of application layer traffic. Today, threat vectors are being introduced at all…
TOP FIREWALL MISCONFIGURATIONS THAT LEAD TO EASY EXPLOITATIONS BY ATTACKERS
Network security should be a major focus for companies moving to the cloud. Cloud networks are exposed to the Internet and companies don’t have direct control of the hardware running them. When not configured correctly, networks in the cloud could be attacked and breached.
https://www.hackerone.com/blog/Top-Firewall-Misconfigurations-that-Lead-to-Easy-Exploitations
Network security should be a major focus for companies moving to the cloud. Cloud networks are exposed to the Internet and companies don’t have direct control of the hardware running them. When not configured correctly, networks in the cloud could be attacked and breached.
https://www.hackerone.com/blog/Top-Firewall-Misconfigurations-that-Lead-to-Easy-Exploitations
HackerOne
Top Firewall Misconfigurations that Lead to Easy Exploitations by Attackers
Network security should be a major focus for companies moving to the cloud. Cloud networks are exposed to the Internet and companies don’t have direct control of the hardware running them. When not configured correctly, networks in the cloud could be attacked…
Forwarded from @Phantasm_Lab
NSA - Projeto X: Ataque Atômico (Documentário de Laura Poitras - Narrado por Rami Malek) [Legendado]
O misterioso edifício 33 Thomas Street, é capaz de resistir a uma bomba atômica nele há bilhões de e-mails e registros de metadados, espionando mais de 38 países. A NSA (Agência de Segurança Nacional) coletou estes dados.
https://youtu.be/JLrtmPAV8I4
O misterioso edifício 33 Thomas Street, é capaz de resistir a uma bomba atômica nele há bilhões de e-mails e registros de metadados, espionando mais de 38 países. A NSA (Agência de Segurança Nacional) coletou estes dados.
https://youtu.be/JLrtmPAV8I4
YouTube
PROJETO X: Documentário Narrado por Rami Malek [Legendado]
O misterioso edifício 33 Thomas Street, é capaz de resistir a uma bomba atômica nele há bilhões de e-mails e registros de metadados, espionando mais de 38 países. A NSA (Agência de Segurança Nacional) coletou estes dados.
Criado pela cineasta e jornalista…
Criado pela cineasta e jornalista…
[webapps] Online Voting System 1.0 - SQLi (Authentication Bypass) + Remote Code Execution (RCE)
Online Voting System 1.0 - SQLi (Authentication Bypass) + Remote Code Execution (RCE)
https://www.exploit-db.com/exploits/50088
Online Voting System 1.0 - SQLi (Authentication Bypass) + Remote Code Execution (RCE)
https://www.exploit-db.com/exploits/50088
Exploit Database
Online Voting System 1.0 - SQLi (Authentication Bypass) + Remote Code Execution (RCE)
Online Voting System 1.0 - SQLi (Authentication Bypass) + Remote Code Execution (RCE).. webapps exploit for PHP platform
Forwarded from @Phantasm_Lab ([L]uth1er)
[Vulnerability] - Cookie Stored injection - XSS at Heroic Third Service, call cookies!
the application calls an external service to create the cookies and they are sent back to the server!
https://youtu.be/maatBdt8TPY
Youtube: @Phatansm_Lab
the application calls an external service to create the cookies and they are sent back to the server!
https://youtu.be/maatBdt8TPY
Youtube: @Phatansm_Lab
Network Security Horror Stories: Firewall Misconfigurations
Here we are with our second installment of network security horror stories and having already discuss some of the firewall change control issues in this article we’re going to review some firewall misconfigurations I’ve seen at client sites. The firewall plays an important part in your security architecture and needs to be configured properly in order to gain the most from this layer of security. Here are a few stories of classic firewall misconfigurations:
https://www.algosec.com/blog/network-security-horror-stories-firewall-misconfigurations/
Here we are with our second installment of network security horror stories and having already discuss some of the firewall change control issues in this article we’re going to review some firewall misconfigurations I’ve seen at client sites. The firewall plays an important part in your security architecture and needs to be configured properly in order to gain the most from this layer of security. Here are a few stories of classic firewall misconfigurations:
https://www.algosec.com/blog/network-security-horror-stories-firewall-misconfigurations/
Forwarded from @Phantasm_Lab
NSA - Projeto X: Ataque Atômico (Documentário de Laura Poitras - Narrado por Rami Malek) [Legendado]
O misterioso edifício 33 Thomas Street, é capaz de resistir a uma bomba atômica nele há bilhões de e-mails e registros de metadados, espionando mais de 38 países. A NSA (Agência de Segurança Nacional) coletou estes dados.
https://youtu.be/JLrtmPAV8I4
O misterioso edifício 33 Thomas Street, é capaz de resistir a uma bomba atômica nele há bilhões de e-mails e registros de metadados, espionando mais de 38 países. A NSA (Agência de Segurança Nacional) coletou estes dados.
https://youtu.be/JLrtmPAV8I4
YouTube
PROJETO X: Documentário Narrado por Rami Malek [Legendado]
O misterioso edifício 33 Thomas Street, é capaz de resistir a uma bomba atômica nele há bilhões de e-mails e registros de metadados, espionando mais de 38 países. A NSA (Agência de Segurança Nacional) coletou estes dados.
Criado pela cineasta e jornalista…
Criado pela cineasta e jornalista…