// Jared Folkins

# Latest Podcast

# Description

A Proof of Concept for CVE-2024-3273 shows how to hack into D-Link NAS devices, GDBFuzz improves testing for gadgets and stuff, and Genzai helps find weak spots in IoT things by checking out their dashboards and passwords. The 'nexus' plugin for IP.Board had a bad security problem but got fixed, and now there's another tool to break into those D-Link NAS devices using the CVE-2024-3273 weakness. Looking at JumpServer, there's a couple of CVEs, CVE-2024-29201 and CVE-2024-29202, and you gotta update some things to stop hackers. ADOKit helps test Azure stuff, and DeWatermark.AI takes off watermarks from pics. DroneXtract is for checking out DJI drone data, while VolWeb makes it easier to look at memory for computer clues. Obsidian is a cool and safe app for jotting down cyber threat info, perfect-dll-proxy helps with messing with DLLs in Windows, and the OSTE-Web-Log-Analyzer looks for web attacks in server logs.

# Tradecraft

[#] A Proof of Concept (PoC) for exploiting CVE-2024-3273 in D-Link NAS devices is available and outlines how to execute commands remotely, but should only be used for educational purposes or authorized testing.
Read More @ github.com
[#] GDBFuzz is a tool designed to improve fuzz testing for embedded systems by utilizing hardware breakpoints, and also provides a setup for evaluating and extending the fuzzing technique with its provided code and configuration guidelines.
Read More @ kitploit.com
[#] Genzai is a security toolkit for discovering and assessing the vulnerabilities of Internet of Things devices by fingerprinting their dashboards, checking for default passwords, and scanning for known weaknesses using its database.
Read More @ securityonline.info
[#] Invision Community's 'nexus' plugin for IP.Board had a significant security issue with a combination of a pre-authentication Remote Code Execution and a Blind SQL Injection vulnerability, but the vendor has patched these in the new release.
Read More @ ssd-disclosure.com
[#] A new tool has been released to exploit the CVE-2024-3273 vulnerability in certain D-Link NAS devices, allowing for command execution and unauthorized device access.
Read More @ github.com
[#] An analysis of CVE-2024-29201 and CVE-2024-29202 vulnerabilities in the JumpServer platform reveals a remote code execution flaw that is executed through the use of crafted Playbook files, with the solution involving updates to the ansible-core and implementing the SuperPlaybookRunner class to differentiate job execution permissions.
Read More @ aliyun.com
[#] ADOKit is a toolkit designed for Azure DevOps Services penetration testing that exploits the REST API to perform tasks like reconnaissance, privilege escalation, and creating persistence through personal access tokens and SSH keys.
Read More @ kitploit.com
[#] DeWatermark.AI offers a tool that uses artificial intelligence to automatically detect and remove complex watermarks from images, with additional manual editing available for precision, providing the service free of charge.
Read More @ dewatermark.ai
[#] DroneXtract is a digital forensics toolkit for DJI drones that provides data analysis, flight mapping, and the detection of suspicious activity, with usage details and contribution guidelines provided on its GitHub repository.
Read More @ github.com
[#] VolWeb is an open-source digital forensics platform that simplifies memory analysis using Volatility 3's automated processes for gathering evidence from Linux and Windows systems.
Read More @ github.com
[#] Obsidian is a versatile, secure, and free note-taking tool that can be adapted for managing cyber threat intelligence, allowing analysts to link data, visualize threats, and automate processes using various features and community plugins.
Read More @ medium.com
[#] A tool called perfect-dll-proxy has been created for more efficient DLL hijacking by using absolute paths for export forwarding in Windows.
Read More @ github.com
[#] The OSTE-Web-Log-Analyzer is a Python tool for identifying web attacks like XSS and LFI by analyzing server logs, with future updates to include IP geolocation and real-time monitoring.
Read More @ github.com

# News

[#] Home Depot has experienced a data breach due to a third-party SaaS vendor exposing employee data, which could lead to targeted phishing attacks against their staff.
Read More @ bleepingcomputer.com
[#] The U.S. Environmental Protection Agency has experienced a significant data breach with over 8.5 million user records leaked, which could lead to identity theft and hinder environmental regulations enforcement.
Read More @ hackread.com
[#] A security researcher found a serious vulnerability in several D-Link NAS devices that could allow attackers to execute commands remotely, and over 92,000 devices exposed online are at risk, with no vendor patches since they're end-of-life models.
Read More @ securityaffairs.com
[#] A critical security flaw in Brocade Fabric OS versions v9.x to v9.2.0 allows remote attackers to execute code and take control, requiring immediate firmware update to protect enterprise data centers.
Read More @ securityonline.info
[#] Open-source intelligence tools are critical in uncovering and combating sports corruption by analyzing data to expose illicit activities such as match-fixing and bribery.
Read More @ skopenow.com
[#] Stellarium version 24.1 is a free open-source planetarium software that displays a realistic 3D sky with over 600,000 stars, deep-sky objects, constellations from different cultures, and features such as constellation art, atmospheric effects, planet simulations, and telescope control.
Read More @ stellarium.org
[#] The Bundesamt für Sicherheit in der Informationstechnik (BSI) serves as Germany's federal cyber security authority, providing guidelines for the protection of critical infrastructures, issuing IT security certifications, and maintaining coordination with national and state-level entities to safeguard against cyber threats.
Read More @ bund.de
[#] What2Log offers guidance and updates on efficient logging practices and the latest trends in cybersecurity.
Read More @ what2log.com
[#] ZoomEye offers different subscription plans for cyber security data access, with more search results and extra features like API access, historical data, and advanced filtering for higher-priced tiers.
Read More @ zoomeye.hk

# F.A.Q


Many websites are using AI/ML to create clickbait which actually doesn't have any valuable content.


I use AI to de-clickbait the clickbait by allowing AI to read my news for me. Then it creates a meaningful tldr; regarding the articles of interest which helps discern what I should read. It is saving me a ton of time.


FWIW HAQ.NEWS really started out as my personal news feed, enriched by Ai, and converted into something quick and easy to read. But then I started getting requests for features like rss, Gracie got involved, and with the super-power of Ai things have taken on a life of their own.


I currently post daily infosec news to x, linkedin, mastodon and rss.

I also post daily infosec podcasts and interviews to apple podcasts and spotify.


This isn't an Ad.

current friend of haq 2024-04-08

I want to encourage people and projects that impress me, by posting a banner linking their work, as it's my desire to help others. I do not take or make any money.

Jared Folkins