Why CISA issued our first Emergency Directive
http://bit.ly/2FLhKMR
Submitted January 25, 2019 at 05:46AM by liotier
via reddit http://bit.ly/2B2XP8l
http://bit.ly/2FLhKMR
Submitted January 25, 2019 at 05:46AM by liotier
via reddit http://bit.ly/2B2XP8l
cyber.dhs.gov
cyber.dhs.gov - CISA blog
A site for cybersecurity directives and implementation guidance, from the Cybersecurity and Infrastructure Security Agency.
PrivExchange - Abusing Exchange: One API call away from Domain Admin
http://bit.ly/2DqEhMH
Submitted January 25, 2019 at 01:18PM by 2xyo
via reddit http://bit.ly/2sJBwQn
http://bit.ly/2DqEhMH
Submitted January 25, 2019 at 01:18PM by 2xyo
via reddit http://bit.ly/2sJBwQn
dirkjanm.io
Abusing Exchange: One API call away from Domain Admin
In most organisations using Active Directory and Exchange, Exchange servers have such high privileges that being an Administrator on an Exchange server is enough to escalate to Domain Admin. Recently I came across a blog from the ZDI, in which they detail…
mitaka: extract, refang and search/scan IoC!
http://bit.ly/2FNrs1i
Submitted January 25, 2019 at 12:42PM by ninoseki
via reddit http://bit.ly/2FXtECF
http://bit.ly/2FNrs1i
Submitted January 25, 2019 at 12:42PM by ninoseki
via reddit http://bit.ly/2FXtECF
HackMD
mitaka: extract, refang and search/scan IoC! - HackMD
# mitaka: extract, refang and search/scan IoC! ## TL;DR - [mitaka](https://github.com/ninoseki/mit
SSHtranger Things: OpenSSH scp arbitrary file write PoC (CVE-2019-6111)
Disclosure: https://sintonen.fi/advisories/scp-client-multiple-vulnerabilities.txtPoC Announcement: https://mobile.twitter.com/HyperionGray/status/1086011569417392129PoC Code: https://gist.github.com/mehaase/63e45c17bdbbd59e8e68d02ec58f4ca2Vulnerable versions of scp do not verify the filenames sent by the server, allowing a malicious server to overwrite unintended files. Scp also prints the server's stderr stream without any sanitization, allowing the server to send ANSI codes to cover up the transfer of the malicious file. This is unpatched in Ubuntu 18.04 LTS as well as other major distros. One user on Twitter says that it won't be fixed at all in RHEL 5/6.This demo shows a user requesting `file.txt` and the server sends `file.txt` followed by `exploit.txt`, then sends ANSI commands to move the cursor so that the transfer of `exploit.txt` is concealed.SSHtranger Things PoC DemoLet us know if you would be interested in a more detailed writeup!
Submitted January 23, 2019 at 11:37PM by hyperiongray
via reddit http://bit.ly/2FW0rrQ
Disclosure: https://sintonen.fi/advisories/scp-client-multiple-vulnerabilities.txtPoC Announcement: https://mobile.twitter.com/HyperionGray/status/1086011569417392129PoC Code: https://gist.github.com/mehaase/63e45c17bdbbd59e8e68d02ec58f4ca2Vulnerable versions of scp do not verify the filenames sent by the server, allowing a malicious server to overwrite unintended files. Scp also prints the server's stderr stream without any sanitization, allowing the server to send ANSI codes to cover up the transfer of the malicious file. This is unpatched in Ubuntu 18.04 LTS as well as other major distros. One user on Twitter says that it won't be fixed at all in RHEL 5/6.This demo shows a user requesting `file.txt` and the server sends `file.txt` followed by `exploit.txt`, then sends ANSI commands to move the cursor so that the transfer of `exploit.txt` is concealed.SSHtranger Things PoC DemoLet us know if you would be interested in a more detailed writeup!
Submitted January 23, 2019 at 11:37PM by hyperiongray
via reddit http://bit.ly/2FW0rrQ
Twitter
Hyperion Gray
We wrote up a proof-of-concept for the SCP file write vulnerability CVE-2019-6111. We like to call it SSHtranger Things because it is soooooo old school 😀 Currently unpatched on Ubuntu 18.04.1 LTS and other major distros. #sshtrangerthings 1/2 https://t.co/cpuY1KPdhc
Bash post-exploitation tool for Linux
http://bit.ly/2SEuqI5
Submitted January 24, 2019 at 09:53PM by bellthief
via reddit http://bit.ly/2RKNubr
http://bit.ly/2SEuqI5
Submitted January 24, 2019 at 09:53PM by bellthief
via reddit http://bit.ly/2RKNubr
GitHub
zMarch/Orc
Orc is a post-exploitation framework for Linux written in Bash - zMarch/Orc
NZ 2019 Top 10 critical controls released
http://bit.ly/2Wg8QMp
Submitted January 25, 2019 at 11:17AM by svotso
via reddit http://bit.ly/2RfIrL0
http://bit.ly/2Wg8QMp
Submitted January 25, 2019 at 11:17AM by svotso
via reddit http://bit.ly/2RfIrL0
CERT NZ
CERT NZ's critical controls 2019 | CERT NZ
CERT NZ’s ten critical controls would mitigate, or better contain, the majority of attacks we’ve seen.
Top application security news of the week.
http://bit.ly/2SbDsPQ
Submitted January 25, 2019 at 03:34PM by KeyDutch
via reddit http://bit.ly/2CIRO0s
http://bit.ly/2SbDsPQ
Submitted January 25, 2019 at 03:34PM by KeyDutch
via reddit http://bit.ly/2CIRO0s
Htbridge
Application Security Weekly Review, Week 4 2019
Mysterious attack on PHP PEAR website, hack of popular WordPress plugin maker, and privacy risks of top free VPN Android apps.
How I abused 2FA to maintain persistence after a password change (Google, Microsoft, Instagram…
http://bit.ly/2MvBu7M
Submitted January 25, 2019 at 03:31PM by lukeberner
via reddit http://bit.ly/2RTpfrO
http://bit.ly/2MvBu7M
Submitted January 25, 2019 at 03:31PM by lukeberner
via reddit http://bit.ly/2RTpfrO
Medium
How I abused 2FA to maintain persistence after a password change (Google, Microsoft, Instagram, Cloudflare, etc)
TL;DR: Waiting in the 2FA page could allow you to log in without knowing the current password in many major websites.
Turbo Intruder: Embracing the billion-request attack
http://bit.ly/2DyPvyM
Submitted January 25, 2019 at 04:51PM by albinowax
via reddit http://bit.ly/2FVSxPf
http://bit.ly/2DyPvyM
Submitted January 25, 2019 at 04:51PM by albinowax
via reddit http://bit.ly/2FVSxPf
portswigger.net
Turbo Intruder: Embracing the billion-request attack | Blog
Automated web application attacks are terminally limited by the number of HTTP requests they can send. It's impossible to know how many hacks have gone off the rails because you didn't quite manage to
A tool to find subdomains and interesting things like secrets hidden inside, external Javanoscript files of page, and Github.
http://bit.ly/2V085Xf
Submitted January 25, 2019 at 06:54PM by nsonaniya2010
via reddit http://bit.ly/2S6Jj9c
http://bit.ly/2V085Xf
Submitted January 25, 2019 at 06:54PM by nsonaniya2010
via reddit http://bit.ly/2S6Jj9c
GitHub
nsonaniya2010/SubDomainizer
A tool to find subdomains and interesting things hidden inside, external Javanoscript files of page, and Github. - nsonaniya2010/SubDomainizer
From Evil Printers to Parent Domain Controllers
http://bit.ly/2B1T1jC
Submitted January 25, 2019 at 08:52PM by CaptMeelo
via reddit http://bit.ly/2TgQfxS
http://bit.ly/2B1T1jC
Submitted January 25, 2019 at 08:52PM by CaptMeelo
via reddit http://bit.ly/2TgQfxS
Checkmate
Intrusion Testing – From Evil Printers to Parent Domain Controllers
Intrusion testing Recently I was engaged in a project where I was supposed to breach an organization and exfiltrate data from within the perimeter of the organization without alerting their SOC. I …
Magento – RCE & Local File Read with low privilege admin rights
http://bit.ly/2RcFudY
Submitted January 25, 2019 at 07:58PM by cbolat
via reddit http://bit.ly/2MvHqO4
http://bit.ly/2RcFudY
Submitted January 25, 2019 at 07:58PM by cbolat
via reddit http://bit.ly/2MvHqO4
reddit
r/netsec - Magento – RCE & Local File Read with low privilege admin rights
1 vote and 0 comments so far on Reddit
South Korean Android delivery apps found to be leaking passwords and financial data
http://bit.ly/2MwRshY
Submitted January 25, 2019 at 09:10PM by xxdesmus
via reddit http://bit.ly/2FMUdLv
http://bit.ly/2MwRshY
Submitted January 25, 2019 at 09:10PM by xxdesmus
via reddit http://bit.ly/2FMUdLv
Rainbowtabl.es
South Korean Android Delivery Apps Found Leaking passwords and financial data
South Korea-based Zcall Delivery Android apps are leaking delivery information, plaintext passwords, and financial information.
What the Fuzz
http://bit.ly/2FUVT56
Submitted January 25, 2019 at 09:05PM by CaptMeelo
via reddit http://bit.ly/2RPQ9R1
http://bit.ly/2FUVT56
Submitted January 25, 2019 at 09:05PM by CaptMeelo
via reddit http://bit.ly/2RPQ9R1
reddit
r/netsec - What the Fuzz
2 votes and 0 comments so far on Reddit
ThinkPHP Vulnerability Abused by Botnets Hakai and Yowai
http://bit.ly/2ROfcEb
Submitted January 25, 2019 at 09:35PM by EvanConover
via reddit http://bit.ly/2S6kf21
http://bit.ly/2ROfcEb
Submitted January 25, 2019 at 09:35PM by EvanConover
via reddit http://bit.ly/2S6kf21
Trendmicro
ThinkPHP Vulnerability Abused by Botnets Hakai and Yowai - TrendLabs Security Intelligence Blog
We found a new Mirai variant we’ve called Yowai and Gafgyt variant Hakai abusing a ThinkPHP flaw for propagation and DDoS attacks.
What the Fuzz - Introduction to Fuzzing
http://bit.ly/2FUVT56
Submitted January 24, 2019 at 06:51PM by flx1101
via reddit http://bit.ly/2CI6D3w
http://bit.ly/2FUVT56
Submitted January 24, 2019 at 06:51PM by flx1101
via reddit http://bit.ly/2CI6D3w
reddit
r/netsec - What the Fuzz - Introduction to Fuzzing
0 votes and 0 comments so far on Reddit
SnowAlert - SQL based SIEM solution running on Snowflake SaaS data warehouse
http://bit.ly/2sOVzgs
Submitted January 26, 2019 at 01:37AM by Aurum2
via reddit http://bit.ly/2sMCxqM
http://bit.ly/2sOVzgs
Submitted January 26, 2019 at 01:37AM by Aurum2
via reddit http://bit.ly/2sMCxqM
Medium
SnowAlert! Data Driven Security Analytics using Snowflake Cloud Data Warehouse
This is Worth Trying Out — An Open Source Project for Security Analytics with Snowflake
Steganography - A list of useful tools and resources
http://bit.ly/2Wk8Yuo
Submitted January 26, 2019 at 02:28AM by Ahm3d_H3sham
via reddit http://bit.ly/2RgtvvY
http://bit.ly/2Wk8Yuo
Submitted January 26, 2019 at 02:28AM by Ahm3d_H3sham
via reddit http://bit.ly/2RgtvvY
0xRick Owned Root !
Steganography - A list of useful tools and resources
Steganography Steganography is hiding a file or a message inside of another file , there are many fun steganography CTF challenges out there where the flag is hidden in an image , audio file or even other types of files. Here is a list of the most tools I…
Defeating Flask's Session Management
http://bit.ly/2S6SBCg
Submitted January 26, 2019 at 06:00PM by nauseate
via reddit http://bit.ly/2HvrU5R
http://bit.ly/2S6SBCg
Submitted January 26, 2019 at 06:00PM by nauseate
via reddit http://bit.ly/2HvrU5R
Paradoxis
Defeating Flask’s Session Management
A few weeks back, I and a friend of mine were discussing web frameworks and how he claimed to have made an ‘Impossible to Bypass’ login…
NIST Cybersecurity Framework in MOSP
http://bit.ly/2HAIaCI
Submitted January 27, 2019 at 05:59AM by b1rch_b0y
via reddit http://bit.ly/2B6xfv7
http://bit.ly/2HAIaCI
Submitted January 27, 2019 at 05:59AM by b1rch_b0y
via reddit http://bit.ly/2B6xfv7
objects.monarc.lu
MOSP
MOSP - Create, edit and share JSON objects
Game with content-disposition – Vahagn Vardanyan – Medium
http://bit.ly/2FXhV7e
Submitted January 27, 2019 at 11:53AM by 7histle
via reddit http://bit.ly/2FUvZz4
http://bit.ly/2FXhV7e
Submitted January 27, 2019 at 11:53AM by 7histle
via reddit http://bit.ly/2FUvZz4
Medium
Game with content-disposition
Using this a little article, you can find an interesting security thing in content-disposition in file download and upload time.