2024-03-16 // An article ‘bout a bad spot in Palo Alto GlobalProtect for Windows lets users with no much power delete big-time files; gotta do links ’n stuff to fix it. Another says you gotta check off a list for AI security, with things like updates and knowing your AI stuff real good. There’s stuff on finding who’s legit in Active Directory with tools like SMB and such. To keep Apache OFBiz safe from a XXE problem, you should get it to a newer version, no outside DTDs, and check XML good. Pyradm’s a Python thing that lets you control your computer things from far using messages. Darkdump helps you look in the deep web right from your typing place with ways to not tell who ya are. ACHE’s a crawler that’s real good at finding the stuff you want on the web and is free to use. The text shows ya how to dig up Instagram info without even logging in. Last thing’s ‘bout new updates for keeping track of bugs in the Linux Kernel. If you’re itchin’ for more, head to haq.news for all the deeds. [more...]

2024-03-15 // The GitHub profile got lotsa cyber security tools like a TOTP client for secure logins and checking if someone’s got special access. ptracesecurity teaches people to find and use weak spots in software. You can change words to ASCII code online, then download it. shiro_attack lets people mess with Shiro’s weak spots to control systems and put in web shells. ShiroAttack2 also messes with Shiro550, doing things like command stuff and putting in shells without extra stuff needed. Awesome Operational Security has lotsa good tips and articles for keeping your online life private and safe. Llama 2 Uncensored is a smart AI that you gotta use right and follow the rules. FestIn searches for open Amazon S3 buckets online without needing special AWS stuff and has cool features. Faraday is free for finding security problems, sorting data, doing scans, and giving reports to help understand issues. There’s a way to listen in on devices talking to each other using serial communication. You can look at locked up data in Flutter mobile apps using Hive even if you ain’t got the source code. LTair tests attacks on LTE networks to check if telecom stuff is safe. Brackish Security is teaching how to test IoT devices with tools and gadgets. Microsoft Teams could be used for phishing if people ain’t careful. Passkeys might be better than passwords using WebAuthn, but some stuff like device support’s still got kinks to work out. Google-Dorks-Bug-Bounty is a list of Google searches to find web app bugs for security tests. Finally, there’s a guide for making a Ruby deserialization gadget chain to learn about and protect against attacks. [more...]

2024-03-14 // Today, Cofense report’s malware campaigns use SVG files to spread ransomware or keyloggers. Reverse engineering car key fobs via SDR highlights potential security concerns. RAGnarok utilises Nemesis to query private documents securely. DarkGPT aids OSINT with searches in leaked databases. CVE-2024-25153 allows RCE in Fortra FileCatalyst, which promptly released a patch. DoNex ransomware poses new threat with its Windows-based encryptor. LTair assesses telecom network security for LTE vulnerabilities. GhostRace proposes mitigation for speculative race conditions in OS. ChatGPT decodes obfuscated strings in malicious scripts. Security researcher David Colombo helps fix TeslaMate vulnerabilities. C++ shellcode droppers are enhanced for invisibility to EDRs. Guides offer insights on embedded system security, ROP chains for ARM, and exploits for Android libraries. Tech on exposing ADCS misconfigurations and Google Dorks for data leaks are explored. The CVE-2024-27198-RCE exploit code for JetBrains TeamCity is shared. OSINT resources, reverse image searching, and tools like Criminal IP and ActiveTK.jp are discussed for threat intelligence and dark web analysis. Geolocation methods and a reactive credit card component are demonstrated. Public key cryptography, Sherloq image forensic tool, Google Unlocked, and Copyleaks plagiarism checker are discussed as security measures. Search engines for breached data, GIS platforms, Mozilla Firefox privacy settings, and Firefox vs Mullvad Browser are compared. Personal OSINT databases, DetectDee’s social media search, and Snusbase breach checker are outlined. VGG Image Search Engine provides visual search capabilities and security teams leverage OSINT tools for protection. Twitter search operators and LinkedIn background checks are employed for OSINT and recruitment. The FOFA Search Engine assists in asset analysis, and hidden sensitive data in Docker images is revealed. [more...]

2024-03-13 // Today, iOS security and various vulnerabilities such as debugserver access, memory dumping, insufficient input sanitization, and improper handling of sensitive data. The mitigation strategies involve enforcing safe coding practices and proper encryption. Eclipse has emerged as an AI tool helping to detect sensitive information in documents to enhance privacy, though with limitations and specific system requirements. On a parallel note, Nebula is an AI ethical hacking assistant designed to identify and exploit vulnerabilities by translating natural language into commands, assisting both novices and experienced ethical hackers with features like autonomous exploitation and command suggestions. Meanwhile, Alessandro Bresciani offers insights into port scanning via his blog, particularly using Golang and gopacket, and compares different scanner types while explaining banner grabbing. Tackling advanced cyber threats on operational technology (OT), another piece details measures to secure industrial systems like HMIs, EWS, and PLCs from cyber attacks by suggesting defenses such as leveraging the MITRE ATTACK framework and implementing CIP Security. [more...]

2024-03-12 // Researchers at Horizon3.ai have disclosed a critical vulnerability (CVE-2024-1403) in Progress Software OpenEdge, advising users to upgrade to secure versions. Minder by Stacklok offers an open source software supply chain security platform with free services for open source repositories. Cloudtopolis facilitates password cracking for free using Google Cloud services. A technical guide on malware development for macOS is provided, delving into the Mach API and various attack techniques. The Frida toolkit helps identify DLL sideloading exploits in Windows, while the Windows Feature Hunter tool automates this. A GitHub repository, "process-injection," presents a proof-of-concept for process injection in Windows. The article discusses Android app vulnerabilities related to deep links and WebViews while proposing mitigation approaches. SharpCovertTube enables remote command execution on Windows via YouTube video QR codes. The repository WinHotchkiss/Hotchkiss_OSINT compiles various OSINT resources, while EmploLeaks is an OSINT tool focusing on employee credential leaks. "EliteServices" by ‘sethycake’ provides Python tools for network stress testing and information. The Human Intelligence Narrowing Tool Set (HINTS) aids in organizing OSINT research, and Bigbro is an OSINT utility designed to locate individuals through a clicked link. HackingEnVivo’s Doxing script streamlines the doxxing process, and H4X-Tools offers a toolkit for web scraping and OSINT activities. The OSINT resource compilation lists various tools for cybersecurity information gathering, including specialized software. "The_spy_job" by XDeadHackerX is yet another OSINT collection tool, and finally, Bython introduces a Python preprocessor enabling brace-based syntax. [more...]