/ Abusing JSON-Based SQL to Bypass WAF

…Our bypass worked against WAFs sold by five leading vendors: Palo Alto Networks, Amazon Web Services, Cloudflare, F5, and Imperva. All five have been notified and have updated their products to support JSON syntax in their SQL injection inspection process…

https://claroty.com/team82/research/js-on-security-off-abusing-json-based-sql-to-bypass-waf

/ FortiOS - heap-based buffer overflow in sslvpnd

Impact Execute unauthorized code or commands:

https://www.fortiguard.com/psirt/FG-IR-22-398

/ A Custom Python Backdoor for VMWare ESXi Servers

https://blogs.juniper.net/en-us/threat-research/a-custom-python-backdoor-for-vmware-esxi-servers

/ Windows SmartScreen Security Feature Bypass Vulnerability

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-44698

Open BLD DNS has emergency maintenance mode for next ~10 min, don’t worry

up
Done ✅

/ Solemnly Swear My Driver Is Up to No Good: Hunting for Attestation Signed Malware

— The malicious drivers are signed directly by Microsoft and identifying the original software vendor requires inspecting the signature with code
— Several distinct malware families, associated with distinct threat actors, have been signed with this process
…

One: https://www.mandiant.com/resources/blog/hunting-attestation-signed-malware
Two: https://www.sentinelone.com/labs/driving-through-defenses-targeted-attacks-leverage-signed-malicious-microsoft-drivers/

/ HTML smugglers turn to SVG images

HTML smuggling is a technique attackers use to hide an encoded malicious noscript within an HTML email attachment or webpage..:

https://blog.talosintelligence.com/html-smugglers-turn-to-noscript-images/

Открытый практикум DevOps by Rebrain: Dockerfile

Программа:
• Создание простейшего Dockerfile в три строки
• Разбор оптимального алгоритма создания Dockerfile (в т.ч. multistage)
• Научимся создавать минимальный docker image

• 20 Декабря (Вторник) в 19:00 по МСК. Детали

/ Linux Kernel: UAF in Bluetooth L2CAP Handshake

https://www.openwall.com/lists/oss-security/2022/12/14/7

/ OpenVAS - based free online scanner

Yesterday I found helpful online tool - nmap, cve and etc online scanner, free for 10 time scans in month, this is can be enouth for personal/own ASV scans:

https://hostedscan.com/scans

/ How to Detect Malicious OAuth Device Code Phishing

Here’s a quick TL;DR of the attack – in short, an attacker generates a user code and sends it to a victim in a phishing email. The user is then tricked into inputting the code into a Microsoft owned verification link. Upon success, the attacker can fetch both the user’s refresh and access token. This allows the attacker access to the user account:

https://www.inversecos.com/2022/12/how-to-detect-malicious-oauth-device.html

/ MCCrash: Cross-platform DDoS botnet targets private Minecraft servers

Attackers update malware to target additional operating systems, ranging from PCs to IoT devices, growing their infrastructure rapidly..🤗

https://www.microsoft.com/en-us/security/blog/2022/12/15/mccrash-cross-platform-ddos-botnet-targets-private-minecraft-servers/

/ Leaked a secret? Check your GitHub alerts…for free

https://github.blog/2022-12-15-leaked-a-secret-check-your-github-alerts-for-free/

/ Veeam Backup & Replication allow executing malicious code remotely without authentication. This may lead to gaining control over the target system

https://www.veeam.com/kb4288

/ New Samba security release available

This is the latest stable release of the Samba 4.17 release series.
It also contains security changes in order to address the following defects:

https://www.samba.org/samba/history/samba-4.17.4.html

/ Updated Debian 11: 11.6 released

https://www.debian.org/News/2022/20221217

/ VMware ESXi, Workstation, and Fusion updates address a heap out-of-bounds write vulnerability (CVE-2022-31705)

https://www.vmware.com/security/advisories/VMSA-2022-0033.html

Open BLD DNS Service: December/End of the year 2022. Update News.
 
Open BLD DNS Service - it is a free DoH / DoT / DNS project for blocking trackers, telemetry, advertising, malware with support TLS v1.2/v1.3.

🌱 New Services Added
     ❇ Adaptive Open BLD Service - A-BLD
     ❇ A-BLD service can be convenient for most Open BLD users
     ❇ New donation service added

🧘 Infra Improvements/Updates/Fixes
     ❇ New BLD build released and deployed
     ❇ Updated HTTP header for BLD serves to: Open BLD Server
     ❇ Added HTTPS root redirect from BLD to LAB site
     ❇ Updated & Optimized BLD caching infrastructure mechanisms
     ❇ Optimized on-line stability & balancing
     ❇ Now in most maintenance cases it is not affect endpoint BLD service users
     ❇ Optimized automation deplyment routines
     ❇ Fixed Firefox OCSP STAPLE issue/Fixed caching break issues

🧩 New Open BLD Project micro-tools
     ❇ Check-reboot, Get-Log, Bld-agregator, Alertmanager installer, Timestamp converter
     ❇ Updated: https://github.com/m0zgen/dns-tester
     ❇ Updated: https://github.com/m0zgen/check-dns-servers

🤝 The Open BLD DoH service is mentioned
     ❇ Curl project (https://github.com/curl/curl/wiki/DNS-over-HTTPS) (thx for contribute ✌️)
     ❇ AlternativeTo (https://alternativeto.net/software/open-bld-dns/)

🏂 Setup/How to use Open BLD DNS
     ❇ How to setup Open BLD DNS in Browses, OSs and etc: https://lab.sys-adm.in
     ❇ Donation service: https://donorbox.org/open-bld-dns-donation
 

/ Gatekeeper’s Achilles heel: Unearthing a macOS vulnerability

https://www.microsoft.com/en-us/security/blog/2022/12/19/gatekeepers-achilles-heel-unearthing-a-macos-vulnerability/