# Latest Podcast
# Description
The SSH-Private-Key-Looting-Wordlists aids in brute-forcing SSH configurations, while the "Appsanity" box exploitation uses JWT and SSRF for elevated access on HackTheBox. Puncia is an AI tool for subdomain hunting, Nomore403 automates bypassing HTTP 403 errors, and Invoke-ADEnum collects Active Directory data. APKDeepLens reviews Android APKs for vulnerabilities. Importance of input validation in security is underscored by experts like Dan Kaminsky. Tools like VK Paranoid provide anonymous tracking, and EML Analyzer handles email security. Halberd tests cloud service security, with FreeViewer managing email files. Strategies for cybersecurity emphasize penetration testing and XSS defenses for web application security.
The Fortinet FortiOS vulnerability CVE-2024-21762 threatens 150,000 devices, requiring updates for mitigation. Microsoft strengthens security after Russian hackers exploit an old account. Hacker Ebrietas in the USA earns rewards for exposing T-Mobile flaws. South Korea's National Police Agency creates a tool to detect deepfakes with 80% accuracy, enhancing election security. Security vulnerabilities identified in video doorbells, QNAP NAS systems, and Canon printers necessitate firmware updates. A new Google Chrome extension monitors extension ownership changes. The Have I Been Pwned API helps check for personal data breaches. NUKEMAP visualizes nuclear detonations' impacts. Magnet Goblin cybercrime group leverages malware in attacks.
The Fortinet FortiOS vulnerability CVE-2024-21762 threatens 150,000 devices, requiring updates for mitigation. Microsoft strengthens security after Russian hackers exploit an old account. Hacker Ebrietas in the USA earns rewards for exposing T-Mobile flaws. South Korea's National Police Agency creates a tool to detect deepfakes with 80% accuracy, enhancing election security. Security vulnerabilities identified in video doorbells, QNAP NAS systems, and Canon printers necessitate firmware updates. A new Google Chrome extension monitors extension ownership changes. The Have I Been Pwned API helps check for personal data breaches. NUKEMAP visualizes nuclear detonations' impacts. Magnet Goblin cybercrime group leverages malware in attacks.
# Tradecraft
[#]
SSH-Private-Key-Looting-Wordlists is a repository offering several wordlists designed to help in finding or brute-forcing file names of SSH private keys, thereby enhancing the penetration testing process for SSH configurations.
[#]
The text outlines a detailed process of exploiting the "Appsanity" box on HackTheBox, which includes gaining initial access using a JWT cookie vulnerability, escalating to a doctor's privileges, exploiting an SSRF to access an internal site, uploading an ASPX webshell, retrieving a .NET application's encrypted key from the registry, and using reverse engineering tools to trigger a DLL and obtain an administrator shell.
[#]
Puncia is an AI-powered tool designed for hunting subdomains and identifying exploits, refining its accuracy over time through its use of intelligent APIs.
[#]
Nomore403 is a tool designed to automate the bypassing of HTTP 403 and other 40X error codes during web security assessments through various techniques such as header manipulation and method tampering.
[#]
Invoke-ADEnum is a PowerShell tool for automating Active Directory data collection, providing detailed reports in HTML and exportable CSV and XLSX formats, with offline use available for environments with internet restrictions.
[#]
APKDeepLens is a Python-based security tool for scanning Android APK files for OWASP Top 10 mobile vulnerabilities, which supports in-depth analysis, extraction of sensitive information, intent filter exploits, local file vulnerability detection, and can generate detailed reports for use in CI/CD pipelines.
[#]
The VK Paranoid Tools is a software for VKontakte users that allows for tracking changes on user profiles, detecting friend activity, and downloading photos and music, claiming to provide these services anonymously and securely without installation.
[#]
The document provides a comprehensive array of tools and search strategies for conducting online investigations and personal information searches, integrating various sources for thorough digital background checks.
[#]
EML Analyzer is a tool that parses EML files to extract headers, bodies, and indicators of compromise, and it also examines attachments for potentially malicious OLE files, with installation options via Docker, Docker Compose, or Heroku, and configuration through environment variables.
[#]
The GitHub repository "IndicatorOfCanary" provides proof of concept scripts to detect canary tokens in various file formats, aiding users in identifying unauthorized data access and data leaks by analyzing and 'patching' canary indicators from document files.
[#]
Halberd is an open-source security testing tool developed by Vectra AI that allows users to execute a suite of attack techniques against various cloud services through a web interface to assess and improve defense strategies.
[#]
A Python-based Remote Access Tool (RAT) operates using Telegram for command and control (C2), enabling file system access, keylogging, and other system manipulations through Telegram commands.
[#]
The content outlines a variety of cybersecurity penetration testing strategies, including recon, web attacks, cloud vulnerabilities, and tool usage, designed for improving security posture and identifying system weaknesses.
[#]
The text covers various techniques to bypass Cross-Site Scripting (XSS) defenses, including defeating blacklist filters, evading keyword-based filters, and overcoming sanitization efforts, with the ultimate solution being the development of secure code and the use of proper HTTP security headers to prevent XSS vulnerabilities.
[#]
The guide outlines cyber security tools, techniques, and resources for web application pentesting, including vulnerability identification, exploitation, and bug bounty programs, complemented by resources to enhance skills and knowledge in the field.
# News
[#]
Fortinet FortiOS vulnerability CVE-2024-21762 affects approximately 150,000 internet-facing devices and can be mitigated by upgrading to the patched versions as indicated by the vendor.
[#]
Microsoft disclosed that Russian hackers known as Midnight Blizzard infiltrated some of its source code repositories and internal systems by exploiting a legacy account without multi-factor authentication, prompting Microsoft to contact affected customers and intensify security measures.
[#]
Hacker Ebrietas from the USA, with a perfect accuracy rate, has reported multiple high-priority security vulnerabilities to T-Mobile's bug bounty program, earning significant rewards.
[#]
South Korea's National Police Agency has developed a deepfake detection tool, using 5.2 million data pieces, to identify fake videos in election-related investigations with an 80% accuracy rate, amid a rise in deepfake incidents challenging the integrity of their elections.
[#]
Approximately 150,000 devices globally running Fortinet FortiOS and FortiProxy are vulnerable to a critical flaw (CVE-2024-21762) that could allow unauthenticated execution of code, with most affected devices located in the United States; users should run the provided Python script to check for vulnerability and apply necessary mitigations.
[#]
Security vulnerabilities in video doorbells have been revealed by Consumer Reports, showing that devices sold under various brands can be accessed without authorization, and to mitigate the risk consumers should purchase from reputable brands, use strong Wi-Fi security measures, manage app permissions wisely, keep device firmware updated, and monitor doorbell activity for unauthorized access.
[#]
A new cybercrime group named Magnet Goblin has been exploiting vulnerabilities in Ivanti products to deploy malware, targeting US sectors, and organizations must apply patches and check for indicators of compromise as advised by CISA.
[#]
An internal leak from Chinese hacking company I-Soon has exposed a profit-driven, connection-reliant hacking industry with deep ties to China's government, revealing practices of espionage, intellectual property theft, swaying officials with bribes and colluding on bids for state contracts, while suffering from internal issues like low employee pay and poor security protocols.
[#]
QNAP urges users to promptly upgrade their NAS systems due to critical vulnerabilities including an authentication bypass (CVE-2024-21899) and others, with updates available for QTS, QuTS hero, QuTScloud, and myQNAPcloud services to mitigate the risks.
[#]
Canon multifunction printers have a critical buffer overflow vulnerability CVE-2024-2184 with a CVSS score of 9.8, requiring network isolation and immediate firmware updates to prevent unauthorized access and potential damage to connected networks.
[#]
Google Chrome users can now use the "Under New Management" extension to receive alerts when ownership of an installed extension changes, potentially avoiding the risks of new owners inserting malicious or unwanted functionalities.
[#]
The content from the Android 台灣中文網 forum includes discussions on various Android-related topics such as game downloads, software discussions, hacking techniques, device reviews, and modded applications, alongside announcements and events related to the platform.
[#]
A large collection of various breaches loaded into Have I Been Pwned can be accessed programmatically via the HIBP API, providing information about compromised accounts from numerous sources and allowing individuals to check if their personal data has been involved in these incidents.
[#]
NUKEMAP by Alex Wellerstein is an interactive map tool that allows users to simulate the detonation of a nuclear bomb at any location in the world and visualize the potential blast radius, thermal radiation, fallout, and casualties based on the selected yield and conditions.
[#]
Magnet Goblin is an agile cybercriminal group focusing on exploiting known vulnerabilities in various software, notably Ivanti Connect Secure VPN and Magento, using malware like NerbianRAT and MiniNerbian for system infiltration and data exfiltration.
