# Latest Podcast
Description
A new fuzzing tool CLZero tests for HTTP/1.1 CL.0 Request Smuggling vulnerabilities, while Porch Pirate serves as an OSINT framework for Postman. Skrapa speeds up memory scanning, and a Default Credentials Cheat Sheet helps find devices with default passwords. Make sure to rigorously check template inputs in MyBB after an RCE vulnerability alert, and apply patches.Tradecraft
[#]
CLZero is a fuzzing tool created by Moopinger for testing HTTP/1.1 CL.0 Request Smuggling vulnerabilities, offering various features such as multiple target scanning, customizable payloads from config files, and options to improve scan efficiency such as skipping response reads.
[#]
Porch Pirate is a reconnaissance and OSINT framework for Postman that allows users to enumerate sensitive data from publicly accessible entities and supports various search, extract, and data dump functionalities.
[#]
The Python library "Skrapa" from Fox-IT streamlines memory scanning by focusing on specific memory attributes, speeding up pattern searches and offering features like regex support, custom callbacks, and easy API integration for various use cases.
[#]
The Default Credentials Cheat Sheet on GitHub is a compilation of default login information for various products to aid penetration testers and security teams in identifying devices with default passwords and aiding in security assessments.
[#]
A remote code execution exploit for the Triton Inference Server has been revealed and the code is available at the provided GitHub repository link.
[#]
An authenticated Remote Code Execution vulnerability in MyBB's admin panel was identified due to improper checking of template input that can bypass regex protection, with a solution being rigorous checking of return values from PHP's PCRE functions and applying a patch released by MyBB.
[#]
The article outlines the exploitation process for the CVE-2023-36802 vulnerability within the Microsoft Streaming Agent, including obtaining kernel handles and manipulating memory to gain elevated privileges.
[#]
Antisquat is a tool utilizing AI, including NLP and ChatGPT, to detect and analyze domains involved in typosquatting and phishing, requiring Git, Python, and API keys from OpenAI and optionally GoDaddy for operation.
[#]
Implementing Merkle's cryptographic hashing algorithms strengthens data integrity by ensuring that any alteration of the input would result in a different hash, thereby alerting to potential tampering.
[#]
Promptmap is a Python-based tool created by Utku Sen that automatically tests for potential prompt injection vulnerabilities within ChatGPT instances, by analyzing set rules and crafting targeted prompts to evaluate the system's security.
[#]
Handly is a tool that exploits leaked token handles for privilege escalation, using an ASPX webshell for IIS and a Python script with C# assemblies for MSSQL.
[#]
The repository named "firewall-bypass" on GitHub provides a method for downloading data from the internet by injecting shellcode into a process that has an internet connection, effectively circumventing various firewalls.
[#]
Automated Emulation is an open-source project on GitHub that utilizes Terraform to create a customizable and scalable AWS-hosted Breach and Attack Simulation lab, with pre-configured cybersecurity tools for both attack and defense simulations, offering easy deployment and configuration without third-party tools.
News
[#]
Amazon Ring has updated its policy so US police must now secure a warrant to access doorbell camera footage, reversing their previous practice of allowing warrantless video requests through their Neighbors app.
[#]
Russian national Vladimir Dunaev has been sentenced to 64 months in prison for his involvement in developing and distributing Trickbot malware, which collected sensitive data and funds from infected computers, despite attempts to take down the operation and exposes that revealed its links to the Conti cybercrime group, which has since disbanded into smaller factions.
[#]
Jenkins, an automation server, has patched a critical vulnerability (CVE-2024-23897) that allowed file reading and potential remote code execution, with users advised to upgrade or disable CLI access as an interim solution.
[#]
A critical flaw, CVE-2023-6933, in the Better Search Replace WordPress plugin enables PHP Object Injection attacks, and administrators should update to the recently released patched version 1.4.5 immediately.
[#]
Security expert Mikko Hypponen's key insight highlights the continuous evolution and sophistication of cyber threats, necessitating a proactive approach to cyber defense that includes regular system updates, vigilant network monitoring, and user education to mitigate risks effectively.
[#]
HPE confirmed that Cozy Bear accessed and stole data from their cloud-based email system over several months, despite detection and initial remediation efforts, although they claim no significant impact to their operations or financial results.
[#]
Two malicious NPM packages, warbeast2000 and kodiak2k, were discovered to steal SSH keys and were promptly removed from the registry, highlighting the growing issue of malware in open-source repositories and necessitating heightened vigilance and security measures from developers.
[#]
Jenkins, an automation server, has a critical remote code execution vulnerability (CVE-2024-23897) with a 9.8 CVSS score, addressed in new patches 2.442 LTS and 2.426.3, and an interim remedy involves disabling CLI access.
[#]
Microsoft's lack of mandatory multi-factor authentication allowed Russian hackers APT29 to conduct a password spraying attack, with calls for re-evaluation of government use of Microsoft products amid broader corporate cybersecurity concerns.
[#]
In 2023, $1.7 billion was stolen from cryptocurrency platforms due to 231 hacks, with the incidents increasing but the total amount stolen decreasing from previous years, reflecting improved security measures and response by platforms which may lead to continued declines in funds lost to crypto hacks.
[#]
A security vulnerability present in the *nix libX11 library for 35 years has been detailed in part two of a post on the r/netsec subreddit, though it remains open as new comments cannot be posted.
[#]
Arctic Wolf Labs unveils CherryLoader, a sophisticated Go-based malware that disguises as CherryTree app, employing techniques like process ghosting and privilege escalation tools such as PrintSpoofer or JuicyPotatoNG to evade detection and persist on infected systems.
[#]
Cybersecurity researchers at Kroll have detailed the command-and-control mechanisms of SystemBC malware, which uses SOCKS5 proxies for persistent access and payload delivery, and have also highlighted a weakness in DarkGate RAT's custom Base64 algorithm that simplifies decoding of stolen data.
[#]
Security researchers from Northeastern University and KU Leuven have uncovered vulnerabilities in Wi-Fi access points that can be exploited using power-save features, enabling attackers to bypass encryption and intercept or manipulate data.
[#]
A newly discovered China-aligned hacker group, Blackwood, uses middleman attacks to install NSPX30 spyware via software updates, affecting targets in Chinese and Japanese companies and individuals in the UK.
[#]
Cisco has remedied a grave vulnerability (CVE-2024-20253, CVSS score 9.9) in several of its Unified Communications products, which could potentially allow unauthenticated attackers to execute arbitrary code with root access; users are urged to apply the provided patches to prevent exploitation.
[#]
Security researchers have identified a practice where iPhone apps collect data during notification interactions, which is a concern as it may circumvent user privacy despite contradicting Apple's anti-fingerprinting rules and user preferences to limit tracking.
[#]
Cybersecurity company Malwarebytes has identified a malvertising campaign targeting Chinese users with fake ads for banned messaging apps, which distribute Remote Administration Trojans (RATs) to control victims' machines and possibly gather data, prompting actions to report and shut down the malicious infrastructure.
[#]
A critical vulnerability identified as CVE-2023-43870 involves the insecure shipping of private keys by Paxton, reminiscent of a previous issue with Lenovo devices.
[#]
Zyxel modems have a new RCE vulnerability allowing hackers to remotely execute commands as the root user, but reports indicate it may no longer be exploitable with no CVE assigned.
[#]
Cybersecurity researchers have detected an upgrade to the fileless LODEINFO malware used by the Chinese hacking group APT10, which requires memory scanning security solutions to detect due to its evasion techniques and remote code execution capabilities.
[#]
Security researchers have detailed the evolution of LODEINFO malware, a fileless threat used by APT10 to target Japanese sectors that evades detection and requires memory scanning technologies for defense.
[#]
A U.S. court has denied NSO Group's request to dismiss Apple's lawsuit, which accuses NSO of infecting Apple devices with Pegasus spyware in violation of computer fraud laws, requiring NSO to respond to the suit by February 14th.
[#]
A sophisticated cybercrime campaign has targeted Mexican banks and cryptocurrency platforms using modified AllaKore RAT malware to steal banking credentials, leveraging malware-laden installers disguised as legitimate documents and requiring entities to enhance defenses against spear-phishing and RATs.
