FBI Guidance to Victims of Cyber Incidents
- https://www.fbi.gov/investigate/cyber/fbi-guidance-to-victims-of-cyber-incidents-on-sec-reporting-requirements-fbi-policy-notice-summary
- https://www.fbi.gov/investigate/cyber/fbi-guidance-to-victims-of-cyber-incidents-on-sec-reporting-requirements-fbi-policy-notice-summary
Federal Bureau of Investigation
FBI Guidance to Victims of Cyber Incidents on SEC Reporting Requirements: FBI Policy Notice Summary | Federal Bureau of Investigation
This page contains a summary of the FBI’s Policy Notice regarding cyber victim requests to delay SEC-mandated public disclosures.
Forwarded from OpenBLD.net (Yevgeniy Goncharov)
In OpenBLD.net scoping activities, I created lite Go app - Awesome Servers Inventory Web App, which is a simple web app to manage your servers inventory. Ideal solution for small projects and infrastructures or IT ecosystems.
Features:
- Add new server
- Edit existing server
- Delete existing server
- Copy server IP details to clipboard
- Yaml config file
- Portable sqLite database
- One binary file to run the app
- https://github.com/m0zgen/serversAwesome
Please open Telegram to view this post
VIEW IN TELEGRAM
PoC. Apache Struts Remote Code Execution Vulnerability ( S2-066 CVE-2023-50164)
https://trganda.github.io/notes/security/vulnerabilities/apache-struts/Apache-Struts-Remote-Code-Execution-Vulnerability-(-S2-066-CVE-2023-50164)
https://trganda.github.io/notes/security/vulnerabilities/apache-struts/Apache-Struts-Remote-Code-Execution-Vulnerability-(-S2-066-CVE-2023-50164)
trganda.github.io
Apache Struts Remote Code Execution Vulnerability ( S2-066 CVE-2023-50164)
An attacker can manipulate file upload params to enable paths traversal and under some circumstances this can lead to uploading a malicious file which can be used to perform Remote Code Execution.
PoC Released for SharePoint Pre-Auth RCE Chain (CVE-2023-29357 & CVE-2023-24955)
https://securityonline.info/poc-released-for-sharepoint-pre-auth-rce-chain-cve-2023-29357-cve-2023-24955/
https://securityonline.info/poc-released-for-sharepoint-pre-auth-rce-chain-cve-2023-29357-cve-2023-24955/
Daily CyberSecurity
PoC Released for SharePoint Pre-Auth RCE Chain (CVE-2023-29357 & CVE-2023-24955)
A PoC exploit for SharePoint Pre-Auth Code Injection RCE chain has been released for two vulnerabilities (CVE-2023-29357 & CVE-2023-24955)
Behind the scenes: JaskaGO’s coordinated strike on macOS and Windows
https://cybersecurity.att.com/blogs/labs-research/behind-the-scenes-jaskagos-coordinated-strike-on-macos-and-windows
https://cybersecurity.att.com/blogs/labs-research/behind-the-scenes-jaskagos-coordinated-strike-on-macos-and-windows
LevelBlue
Behind the scenes: JaskaGO's coordinated strike on macOS and…
Executive summary In recent developments, a sophisticated malware stealer strain crafted in the Go programming language has been discovered by LevelBlue Labs, posing a severe threat to both Windows and macOS operating systems. As of the time of publishing…
Dshell
An extensible network forensic analysis framework. Enables rapid development of plugins to support the dissection of network packet captures:
https://github.com/USArmyResearchLab/Dshell
An extensible network forensic analysis framework. Enables rapid development of plugins to support the dissection of network packet captures:
https://github.com/USArmyResearchLab/Dshell
Agent Tesla’s Unique Approach: VBS and Steganography for Delivery and Intrusion
Good research:
https://www.mcafee.com/blogs/other-blogs/mcafee-labs/agent-teslas-unique-approach-vbs-and-steganography-for-delivery-and-intrusion/
Good research:
https://www.mcafee.com/blogs/other-blogs/mcafee-labs/agent-teslas-unique-approach-vbs-and-steganography-for-delivery-and-intrusion/
McAfee Blog
Agent Tesla's Unique Approach: VBS and Steganography for Delivery and Intrusion | McAfee Blog
Authored by Yashvi Shah Agent Tesla functions as a Remote Access Trojan (RAT) and an information stealer built on the .NET framework. It is capable of
Don't Believe Your Eyes - A WhatsApp Clickjacking Vulnerability
October dated research:
- Discovery Process
- Link Preview Mismatch
- Disguising Links
- Attack Scenario
- Mitigation
https://00xbyte.github.io/posts/Don%27t-Believe-Your-Eyes-A-WhatsApp-Clickjacking-Vulnerability/
P.S. Thx for the link dear subscriber✌️
October dated research:
- Discovery Process
- Link Preview Mismatch
- Disguising Links
- Attack Scenario
- Mitigation
https://00xbyte.github.io/posts/Don%27t-Believe-Your-Eyes-A-WhatsApp-Clickjacking-Vulnerability/
P.S. Thx for the link dear subscriber
Please open Telegram to view this post
VIEW IN TELEGRAM
Security Is Broken
Don’t Believe Your Eyes - A WhatsApp Phishing Vulnerability
Critical WhatsApp Flaw! Hackers can make ANY link look like Instagram, Facebook, or YOUR bank with this new phishing attack! Learn how to protect yourself NOW. Don’t be fooled by sneaky links on WhatsApp. This post reveals a serious security flaw and teaches…
CloakQuest3r is a powerful Python tool meticulously crafted to uncover the true IP address of websites safeguarded by Cloudflare and other alternatives..:
https://github.com/spyboy-productions/CloakQuest3r
https://github.com/spyboy-productions/CloakQuest3r
Forwarded from OpenBLD.net (Yevgeniy Goncharov)
This media is not supported in your browser
VIEW IN TELEGRAM
🚀 Glad to present the new release zDNS v0.1.3! 🎉
Following Zero Trust practices, I recently wrote and am slowly beginning to introduce new “blackhole” functionality into the OpenBLD.net DNS ecosystem
zDNS is a DNS server that puts security and control over DNS queries at the center. With new functionality, zDNS now supports regular expressions in hosts.txt files, allowing more flexibility in configuring allowed queries. Now you can use the power of regular expressions to precisely control permissions, including subdomains and patterns.
Main features:
🛑 Denies all DNS queries by default.
✅ Allows you to configure allowed requests through the hosts.txt file.
🔄 Uses balancing strategies to ensure reliable operation with DNS servers.
🛠Easily customizable via YAML configuration.
🔜 Prometheus metrics coming soon
Additional protection of your infrastructure or testing requests with zDNS is possible and may be useful to you! Download the latest version here and start using a DNS server with powerful customization options:
https://github.com/m0zgen/zdns/tree/dev
#zDNS #DNS #Security #Release #News
Following Zero Trust practices, I recently wrote and am slowly beginning to introduce new “blackhole” functionality into the OpenBLD.net DNS ecosystem
zDNS is a DNS server that puts security and control over DNS queries at the center. With new functionality, zDNS now supports regular expressions in hosts.txt files, allowing more flexibility in configuring allowed queries. Now you can use the power of regular expressions to precisely control permissions, including subdomains and patterns.
Main features:
🛑 Denies all DNS queries by default.
✅ Allows you to configure allowed requests through the hosts.txt file.
🔄 Uses balancing strategies to ensure reliable operation with DNS servers.
🛠Easily customizable via YAML configuration.
🔜 Prometheus metrics coming soon
Additional protection of your infrastructure or testing requests with zDNS is possible and may be useful to you! Download the latest version here and start using a DNS server with powerful customization options:
https://github.com/m0zgen/zdns/tree/dev
#zDNS #DNS #Security #Release #News
How 50% of telco Orange Spain’s traffic got hijacked — a weak password
Orange Spain had an outage, caused by what appeared to be a BGP hijack:
https://doublepulsar.com/how-50-of-telco-orange-spains-traffic-got-hijacked-a-weak-password-d7cde085b0c5
Orange Spain had an outage, caused by what appeared to be a BGP hijack:
https://doublepulsar.com/how-50-of-telco-orange-spains-traffic-got-hijacked-a-weak-password-d7cde085b0c5
Medium
How 50% of telco Orange Spain’s traffic got hijacked^H^H^H^H^H^Hnull routed — a weak password
ripeadmin
How Does PCI DSS 4.0 Affect Web Application Firewalls?
https://www.tripwire.com/state-of-security/how-does-pci-dss-40-affect-web-application-firewalls
https://www.tripwire.com/state-of-security/how-does-pci-dss-40-affect-web-application-firewalls
Tripwire
How Does PCI DSS 4.0 Affect Web Application Firewalls?
The payment industry is bracing for the transition to Payment Card Industry Data Security Standard (PCI DSS) 4.0, heralding significant changes in cybersecurity practices.
Pentration Testing, Beginners To Expert
Massive Web Application Penetration Testing Bug Bounty Notes:
https://github.com/xalgord/Massive-Web-Application-Penetration-Testing-Bug-Bounty-Notes
Massive Web Application Penetration Testing Bug Bounty Notes:
https://github.com/xalgord/Massive-Web-Application-Penetration-Testing-Bug-Bounty-Notes
GitHub
GitHub - xalgord/Massive-Web-Application-Penetration-Testing-Bug-Bounty-Notes: A comprehensive guide for web application penetration…
A comprehensive guide for web application penetration testing and bug bounty hunting, covering methodologies, tools, and resources for identifying and exploiting vulnerabilities. - xalgord/Massive-...
NIS2vsISO27001-2022vsCISv8.pdf
221.1 KB
NIS2 vs ISO 27001:2022 vs CIS v8
TCP will faster in Linux 6.6 🎉
https://lore.kernel.org/lkml/20240109162323.427562-1-pabeni@redhat.com/
https://lore.kernel.org/lkml/20240109162323.427562-1-pabeni@redhat.com/
/ SploitScan is a sophisticated cybersecurity utility designed to provide detailed information on vulnerabilities and associated proof-of-concept (PoC) exploits.
https://github.com/xaitax/SploitScan
https://github.com/xaitax/SploitScan
GitHub
GitHub - xaitax/SploitScan: SploitScan is a sophisticated cybersecurity utility designed to provide detailed information on vulnerabilities…
SploitScan is a sophisticated cybersecurity utility designed to provide detailed information on vulnerabilities and associated exploits. - xaitax/SploitScan