Don't Believe Your Eyes - A WhatsApp Clickjacking Vulnerability
October dated research:
- Discovery Process
- Link Preview Mismatch
- Disguising Links
- Attack Scenario
- Mitigation
https://00xbyte.github.io/posts/Don%27t-Believe-Your-Eyes-A-WhatsApp-Clickjacking-Vulnerability/
P.S. Thx for the link dear subscriber✌️
October dated research:
- Discovery Process
- Link Preview Mismatch
- Disguising Links
- Attack Scenario
- Mitigation
https://00xbyte.github.io/posts/Don%27t-Believe-Your-Eyes-A-WhatsApp-Clickjacking-Vulnerability/
P.S. Thx for the link dear subscriber
Please open Telegram to view this post
VIEW IN TELEGRAM
Security Is Broken
Don’t Believe Your Eyes - A WhatsApp Phishing Vulnerability
Critical WhatsApp Flaw! Hackers can make ANY link look like Instagram, Facebook, or YOUR bank with this new phishing attack! Learn how to protect yourself NOW. Don’t be fooled by sneaky links on WhatsApp. This post reveals a serious security flaw and teaches…
CloakQuest3r is a powerful Python tool meticulously crafted to uncover the true IP address of websites safeguarded by Cloudflare and other alternatives..:
https://github.com/spyboy-productions/CloakQuest3r
https://github.com/spyboy-productions/CloakQuest3r
Forwarded from OpenBLD.net (Yevgeniy Goncharov)
This media is not supported in your browser
VIEW IN TELEGRAM
🚀 Glad to present the new release zDNS v0.1.3! 🎉
Following Zero Trust practices, I recently wrote and am slowly beginning to introduce new “blackhole” functionality into the OpenBLD.net DNS ecosystem
zDNS is a DNS server that puts security and control over DNS queries at the center. With new functionality, zDNS now supports regular expressions in hosts.txt files, allowing more flexibility in configuring allowed queries. Now you can use the power of regular expressions to precisely control permissions, including subdomains and patterns.
Main features:
🛑 Denies all DNS queries by default.
✅ Allows you to configure allowed requests through the hosts.txt file.
🔄 Uses balancing strategies to ensure reliable operation with DNS servers.
🛠Easily customizable via YAML configuration.
🔜 Prometheus metrics coming soon
Additional protection of your infrastructure or testing requests with zDNS is possible and may be useful to you! Download the latest version here and start using a DNS server with powerful customization options:
https://github.com/m0zgen/zdns/tree/dev
#zDNS #DNS #Security #Release #News
Following Zero Trust practices, I recently wrote and am slowly beginning to introduce new “blackhole” functionality into the OpenBLD.net DNS ecosystem
zDNS is a DNS server that puts security and control over DNS queries at the center. With new functionality, zDNS now supports regular expressions in hosts.txt files, allowing more flexibility in configuring allowed queries. Now you can use the power of regular expressions to precisely control permissions, including subdomains and patterns.
Main features:
🛑 Denies all DNS queries by default.
✅ Allows you to configure allowed requests through the hosts.txt file.
🔄 Uses balancing strategies to ensure reliable operation with DNS servers.
🛠Easily customizable via YAML configuration.
🔜 Prometheus metrics coming soon
Additional protection of your infrastructure or testing requests with zDNS is possible and may be useful to you! Download the latest version here and start using a DNS server with powerful customization options:
https://github.com/m0zgen/zdns/tree/dev
#zDNS #DNS #Security #Release #News
How 50% of telco Orange Spain’s traffic got hijacked — a weak password
Orange Spain had an outage, caused by what appeared to be a BGP hijack:
https://doublepulsar.com/how-50-of-telco-orange-spains-traffic-got-hijacked-a-weak-password-d7cde085b0c5
Orange Spain had an outage, caused by what appeared to be a BGP hijack:
https://doublepulsar.com/how-50-of-telco-orange-spains-traffic-got-hijacked-a-weak-password-d7cde085b0c5
Medium
How 50% of telco Orange Spain’s traffic got hijacked^H^H^H^H^H^Hnull routed — a weak password
ripeadmin
How Does PCI DSS 4.0 Affect Web Application Firewalls?
https://www.tripwire.com/state-of-security/how-does-pci-dss-40-affect-web-application-firewalls
https://www.tripwire.com/state-of-security/how-does-pci-dss-40-affect-web-application-firewalls
Tripwire
How Does PCI DSS 4.0 Affect Web Application Firewalls?
The payment industry is bracing for the transition to Payment Card Industry Data Security Standard (PCI DSS) 4.0, heralding significant changes in cybersecurity practices.
Pentration Testing, Beginners To Expert
Massive Web Application Penetration Testing Bug Bounty Notes:
https://github.com/xalgord/Massive-Web-Application-Penetration-Testing-Bug-Bounty-Notes
Massive Web Application Penetration Testing Bug Bounty Notes:
https://github.com/xalgord/Massive-Web-Application-Penetration-Testing-Bug-Bounty-Notes
GitHub
GitHub - xalgord/Massive-Web-Application-Penetration-Testing-Bug-Bounty-Notes: A comprehensive guide for web application penetration…
A comprehensive guide for web application penetration testing and bug bounty hunting, covering methodologies, tools, and resources for identifying and exploiting vulnerabilities. - xalgord/Massive-...
NIS2vsISO27001-2022vsCISv8.pdf
221.1 KB
NIS2 vs ISO 27001:2022 vs CIS v8
TCP will faster in Linux 6.6 🎉
https://lore.kernel.org/lkml/20240109162323.427562-1-pabeni@redhat.com/
https://lore.kernel.org/lkml/20240109162323.427562-1-pabeni@redhat.com/
/ SploitScan is a sophisticated cybersecurity utility designed to provide detailed information on vulnerabilities and associated proof-of-concept (PoC) exploits.
https://github.com/xaitax/SploitScan
https://github.com/xaitax/SploitScan
GitHub
GitHub - xaitax/SploitScan: SploitScan is a sophisticated cybersecurity utility designed to provide detailed information on vulnerabilities…
SploitScan is a sophisticated cybersecurity utility designed to provide detailed information on vulnerabilities and associated exploits. - xaitax/SploitScan
Forwarded from OpenBLD.net (Yevgeniy Goncharov)
New OpenBLD points of presence have been added in the world thanks to AlphaVPS!
AlphaVPS.com - Fast & Cheap VPS, Cloud Servers and few servers from AlphaVPS stay which located in Bulgaria and Germany joined in to OpenBLD.net ecosystem.
As you know one of the our prioritites - fast DoH/DoT responses and 1GBit/s from AlphaVPS it is good base for this requirements.
One server already available for users (see status of Ada-h4), second server will be available in the next few days. Enjoy it 🚀
P.S. Few times ago I posted OpenBLD.net IPv6 Pre-Release notice, in few near weeks I'll plan implement DoH/DoT IPv6 for users in Europe, I'll tell about this later 😎...
Please open Telegram to view this post
VIEW IN TELEGRAM
Talos IOC data
this page with the latest indicators of compromise (IOCs):
https://github.com/Cisco-Talos/IOCs/tree/main
this page with the latest indicators of compromise (IOCs):
https://github.com/Cisco-Talos/IOCs/tree/main
GitHub
GitHub - Cisco-Talos/IOCs: Indicators of Compromise
Indicators of Compromise. Contribute to Cisco-Talos/IOCs development by creating an account on GitHub.
Cobalt Strike Profiles for EDR Evasion
https://github.com/EvilGreys/Cobalt-Strike-Profiles-for-EDR-Evasion
https://github.com/EvilGreys/Cobalt-Strike-Profiles-for-EDR-Evasion
Cvemap from ProjectDiscovery
Infomation in cvemap based on:
- Known Exploited Vulnerabilities Catalog (KEV)
- Exploit Prediction Scoring System (EPSS)
- Proofs of Concept (POCs)
- HackerOne CVE Discovery
- Nuclei Templates
- and more..
https://blog.projectdiscovery.io/announcing-cvemap-from-projectdiscovery/
Infomation in cvemap based on:
- Known Exploited Vulnerabilities Catalog (KEV)
- Exploit Prediction Scoring System (EPSS)
- Proofs of Concept (POCs)
- HackerOne CVE Discovery
- Nuclei Templates
- and more..
https://blog.projectdiscovery.io/announcing-cvemap-from-projectdiscovery/
Forwarded from OpenBLD.net (Yevgeniy Goncharov)
Few month ago I stared develop from scratch zDNS service, now it's can:
- Restrict DNS queries by type like as A, AAAA, HTTPS, CNAME, MX, PTR..
- Balancing DNS traffic between upstream servers
- Providing Prometheus metrics
- DNS responses caching by custom TTL
- Has few working modes - Zero Trust, Allow/Blocking
- Has separated "Permanent" mode with additional custom upstream DNS servers
- Can load allow/block lists from local and remote through HTTP(S)
- Create/Delete custom users with different configs and hosts files
- and more...
New opportunities, features, looking forward, and info about of new OpenBLD.net Personal Usage Testing pre-relase see here:
https://openbld.net/blog/zdns-big-updates-and-features/
Please open Telegram to view this post
VIEW IN TELEGRAM
Forwarded from Sys-Admin InfoSec
/ Phishing Microsoft Teams for initial access
https://pushsecurity.com/blog/phishing-microsoft-teams-for-initial-access/
https://pushsecurity.com/blog/phishing-microsoft-teams-for-initial-access/
Push Security
Phishing Microsoft Teams for initial access
In this article, we will cover a number of spoofing and phishing strategies that can be employed by external attackers to target an organization using Teams.
Excessive Expansion: Uncovering Critical Security Vulnerabilities in Jenkins
https://www.sonarsource.com/blog/excessive-expansion-uncovering-critical-security-vulnerabilities-in-jenkins/
https://www.sonarsource.com/blog/excessive-expansion-uncovering-critical-security-vulnerabilities-in-jenkins/
Sonarsource
Excessive Expansion: Uncovering Critical Security Vulnerabilities in Jenkins
This blog uncovers two vulnerabilities, a Critical and High severity, recently discovered by our research team. Exploiting these vulnerabilities, attackers have the potential to gain Remote Code Execution on a Jenkins instance.
/ Buzzing on Christmas Eve: Trigona Ransomware in 3 Hours
https://thedfirreport.com/2024/01/29/buzzing-on-christmas-eve-trigona-ransomware-in-3-hours/
https://thedfirreport.com/2024/01/29/buzzing-on-christmas-eve-trigona-ransomware-in-3-hours/
The DFIR Report
Buzzing on Christmas Eve: Trigona Ransomware in 3 Hours
Key Takeaways In late December 2022, we observed threat actors exploiting a publicly exposed Remote Desktop Protocol (RDP) host, leading to data exfiltration and the deployment of Trigona ransomwar…