# Latest Podcast
# Description
A Proof of Concept for CVE-2024-3273 shows how to hack into D-Link NAS devices, GDBFuzz improves testing for gadgets and stuff, and Genzai helps find weak spots in IoT things by checking out their dashboards and passwords. The 'nexus' plugin for IP.Board had a bad security problem but got fixed, and now there's another tool to break into those D-Link NAS devices using the CVE-2024-3273 weakness. Looking at JumpServer, there's a couple of CVEs, CVE-2024-29201 and CVE-2024-29202, and you gotta update some things to stop hackers. ADOKit helps test Azure stuff, and DeWatermark.AI takes off watermarks from pics. DroneXtract is for checking out DJI drone data, while VolWeb makes it easier to look at memory for computer clues. Obsidian is a cool and safe app for jotting down cyber threat info, perfect-dll-proxy helps with messing with DLLs in Windows, and the OSTE-Web-Log-Analyzer looks for web attacks in server logs.
# Tradecraft
[#]
A Proof of Concept (PoC) for exploiting CVE-2024-3273 in D-Link NAS devices is available and outlines how to execute commands remotely, but should only be used for educational purposes or authorized testing.
[#]
GDBFuzz is a tool designed to improve fuzz testing for embedded systems by utilizing hardware breakpoints, and also provides a setup for evaluating and extending the fuzzing technique with its provided code and configuration guidelines.
[#]
Genzai is a security toolkit for discovering and assessing the vulnerabilities of Internet of Things devices by fingerprinting their dashboards, checking for default passwords, and scanning for known weaknesses using its database.
[#]
Invision Community's 'nexus' plugin for IP.Board had a significant security issue with a combination of a pre-authentication Remote Code Execution and a Blind SQL Injection vulnerability, but the vendor has patched these in the new release.
[#]
A new tool has been released to exploit the CVE-2024-3273 vulnerability in certain D-Link NAS devices, allowing for command execution and unauthorized device access.
[#]
An analysis of CVE-2024-29201 and CVE-2024-29202 vulnerabilities in the JumpServer platform reveals a remote code execution flaw that is executed through the use of crafted Playbook files, with the solution involving updates to the ansible-core and implementing the SuperPlaybookRunner class to differentiate job execution permissions.
[#]
ADOKit is a toolkit designed for Azure DevOps Services penetration testing that exploits the REST API to perform tasks like reconnaissance, privilege escalation, and creating persistence through personal access tokens and SSH keys.
[#]
DeWatermark.AI offers a tool that uses artificial intelligence to automatically detect and remove complex watermarks from images, with additional manual editing available for precision, providing the service free of charge.
[#]
DroneXtract is a digital forensics toolkit for DJI drones that provides data analysis, flight mapping, and the detection of suspicious activity, with usage details and contribution guidelines provided on its GitHub repository.
[#]
VolWeb is an open-source digital forensics platform that simplifies memory analysis using Volatility 3's automated processes for gathering evidence from Linux and Windows systems.
[#]
Obsidian is a versatile, secure, and free note-taking tool that can be adapted for managing cyber threat intelligence, allowing analysts to link data, visualize threats, and automate processes using various features and community plugins.
[#]
A tool called perfect-dll-proxy has been created for more efficient DLL hijacking by using absolute paths for export forwarding in Windows.
[#]
The OSTE-Web-Log-Analyzer is a Python tool for identifying web attacks like XSS and LFI by analyzing server logs, with future updates to include IP geolocation and real-time monitoring.
# News
[#]
Home Depot has experienced a data breach due to a third-party SaaS vendor exposing employee data, which could lead to targeted phishing attacks against their staff.
[#]
The U.S. Environmental Protection Agency has experienced a significant data breach with over 8.5 million user records leaked, which could lead to identity theft and hinder environmental regulations enforcement.
[#]
A security researcher found a serious vulnerability in several D-Link NAS devices that could allow attackers to execute commands remotely, and over 92,000 devices exposed online are at risk, with no vendor patches since they're end-of-life models.
[#]
A critical security flaw in Brocade Fabric OS versions v9.x to v9.2.0 allows remote attackers to execute code and take control, requiring immediate firmware update to protect enterprise data centers.
[#]
Open-source intelligence tools are critical in uncovering and combating sports corruption by analyzing data to expose illicit activities such as match-fixing and bribery.
[#]
Stellarium version 24.1 is a free open-source planetarium software that displays a realistic 3D sky with over 600,000 stars, deep-sky objects, constellations from different cultures, and features such as constellation art, atmospheric effects, planet simulations, and telescope control.
[#]
The Bundesamt für Sicherheit in der Informationstechnik (BSI) serves as Germany's federal cyber security authority, providing guidelines for the protection of critical infrastructures, issuing IT security certifications, and maintaining coordination with national and state-level entities to safeguard against cyber threats.
[#]
What2Log offers guidance and updates on efficient logging practices and the latest trends in cybersecurity.
[#]
ZoomEye offers different subscription plans for cyber security data access, with more search results and extra features like API access, historical data, and advanced filtering for higher-priced tiers.
