# Latest Podcast
# Description
Explore PETEP, a Java-based network traffic analysis and modification tool, and Deluder, a Python interception tool utilizing Frida for capturing traffic. Dive into Ken Shirriff's reverse engineering of the Intel 386 processor and learn about exploiting HackTheBox's RegistryTwo machine. Understand DMAC in PS2 development, enhance FPGA skills, bypass Windows UAC with a script, and test SpringBoot vulnerabilities using a GUI.
# Tradecraft
[#]
PETEP (PEnetration TEsting Proxy) is an open-source Java tool for analyzing and modifying network traffic using TCP/UDP proxies, supporting SSL/TLS, compatible with external HTTP proxies like Burp Suite or Zaproxy, and equipped with features for traffic management such as interceptors, taggers, and scripters.
[#]
Deluder is a Python-based interception tool leveraging Frida's dynamic instrumentation to capture traffic from networking libraries across various platforms, assisting in scenarios like penetration testing by integrating with tools like PETEP or functioning as a standalone component for traffic capturing.
[#]
The blog post details Ken Shirriff's reverse engineering process of the Intel 386 processor, focusing on how standard cell logic used in automatic place and route software contributed to the processor's ahead-of-schedule completion in 1985.
[#]
The blog post outlines a detailed walkthrough of exploiting the HackTheBox machine "RegistryTwo," focusing on Java application vulnerabilities and Docker container misconfigurations to gain system access.
[#]
An individual details their experience enhancing FPGA skills by utilizing Russell Merrick's book and development board, encountering and resolving challenges in implementing data encoding and decoding on floppy disks with Verilog and simulation tools.
[#]
The repository by x0xr00t provides a PowerShell script and accompanying DLL that automate the process of bypassing User Account Control (UAC) on multiple Windows operating systems, including various versions of Windows 10 and 11 as well as Windows Server 2019 and 2022, with instructions for compiling the DLL, setting up the script, and clearing event logs after execution.
[#]
The GitHub repository "SpringBoot-Scan-GUI" offers a graphical interface for the SpringBoot-Scan tool, which includes exploit code for various SpringBoot vulnerabilities and instructions for setting up a vulnerable environment using Docker and VulHub for testing purposes.
[#]
The blog post details a method for transferring files over ICMP using a set of tools called ICMP-TransferTools, consisting of Python and PowerShell scripts, to bypass restricted network environments where conventional protocols are blocked.
[#]
An article describes the process of using OSINT techniques and online tools to accurately geo-locate an old Italian postcard found in a holiday market, which involved image enhancement, neural network-based geolocation estimation, and careful comparison of geographical and architectural features.
# News
[#]
The Clorox Company estimates a $49 million economic impact from the August 2023 cyberattack, which includes disruptions and remediation costs, with continued effects on fiscal year 2024 results.
[#]
Apache ServiceComb Service-Center versions before 2.2.0 have a Server-Side Request Forgery (SSRF) vulnerability in the frontend component's contract testing feature, where an attacker could send malicious requests without proper verification of the 'instanceIP' parameter to obtain sensitive internal information, and it's advised to update to version 2.2.0 or higher to fix this issue.
[#]
Electronic Flight Bags in specific Airbus apps were vulnerable to remote data manipulation, but the issue has been addressed by Airbus within 19 months after discovery.
[#]
Schlix CMS version v2.2.8-1 is vulnerable to a remote code execution due to its acceptance of ".phtml" files, and users must enforce strict access controls and monitor file uploads, as no patch is currently available for CVE-2023-31505.
[#]
Datasport AG, a Swiss company handling sports event services, experienced a data breach in January exposing personal details of nearly 1 million Swiss citizens, which were subsequently sold online; affected individuals should enhance their vigilance against phishing.
[#]
Blackbaud, a cloud software provider, has reached a settlement with the FTC, committing to enhanced data security measures and deleting redundant sensitive customer data following a breach that exposed sensitive personal information.
[#]
Albania's Institute of Statistics (INSTAT) was targeted by a cyberattack claimed by the Iran-linked group Homeland Justice, which alleges to have stolen over 100 terabytes of census and GIS data; INSTAT asserts the recent census data remains secure, while investigations and recovery efforts continue with assistance from Albania's cyber agency AKCESK and state police.
[#]
Akamai Security Intelligence Group reveals a FritzFrog botnet variant exploiting Log4Shell and CVE-2021-4034 vulnerabilities to infect servers, recommending network segmentation and specific detection techniques for defense.
[#]
Guardio's report reveals that Telegram's ease of access has led to a proliferation of phishing kits on the platform, making it a hub for cybercriminals to trade hacking tools and stolen data, thereby compromising the security of users' devices and personal accounts.
[#]
Mastercard has developed a generative AI-based system named Decision Intelligence Pro, designed to bolster fraud detection capabilities by analyzing transactions in real-time with a claimed improvement rate up to 300%.
