https://www.cisco.com/c/en/us/support/docs/csa/cisco-sa-asaftd-xss-multiple-FCB3vPZe.html
https://www.tenable.com/blog/cve-2020-3580-proof-of-concept-published-for-cisco-asa-flaw-patched-in-october
https://www.tenable.com/blog/cve-2020-3580-proof-of-concept-published-for-cisco-asa-flaw-patched-in-october
Cisco
Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Web Services Interface Cross-Site Scripting Vulnerabilities
Update June 28, 2021: Cisco has become aware that public exploit code exists for CVE-2020-3580, and this vulnerability is being actively exploited.
Multiple vulnerabilities in the web services interface of Cisco Adaptive Security Appliance (ASA) Software…
Multiple vulnerabilities in the web services interface of Cisco Adaptive Security Appliance (ASA) Software…
1)Microsoft on Friday said it's investigating an incident wherein a driver signed by the company turned out to be a malicious Windows rootkit that was observed communicating with command-and-control (C2) servers located in China.
https://thehackernews.com/2021/06/hackers-trick-microsoft-into-signing.html
https://www.virustotal.com/gui/file/63d61549030fcf46ff1dc138122580b4364f0fe99e6b068bc6a3d6903656aff0/detection
https://msrc-blog.microsoft.com/2021/06/25/investigating-and-mitigating-malicious-drivers/
2)Social Engineering with Spam result will be ransomware entire network
https://thehackernews.com/2021/06/dmarc-first-line-of-defense-against.html
مهندسی اجتماعی چیست و روش های آن :
https://blog.peneter.com/clubhouse-general-social-engineering-1/
https://blog.peneter.com/clubhouse-general-social-engineering-2-phishing/
https://blog.peneter.com/clubhouse-general-social-engineering-3-malware/
برای بررسی اینکه Domain در بلک لیست قرار دارد یا نه
https://powerdmarc.com/analyzer/
https://mxtoolbox.com/
3)SolarWinds Hackers Breach Microsoft Customer Support to Target its Customers
APT های این چند وقت اخیر
It's tracked by the wider cybersecurity community under the monikers APT29, UNC2452 (FireEye), SolarStorm (Unit 42), StellarParticle (Crowdstrike), Dark Halo (Volexity), and Iron Ritual (Secureworks).
https://thehackernews.com/2021/06/solarwinds-hackers-breach-microsoft.html
🌐 Peneter BLog
🔊 Clubhouse
🔊 Telegram Channel
https://thehackernews.com/2021/06/hackers-trick-microsoft-into-signing.html
https://www.virustotal.com/gui/file/63d61549030fcf46ff1dc138122580b4364f0fe99e6b068bc6a3d6903656aff0/detection
https://msrc-blog.microsoft.com/2021/06/25/investigating-and-mitigating-malicious-drivers/
2)Social Engineering with Spam result will be ransomware entire network
https://thehackernews.com/2021/06/dmarc-first-line-of-defense-against.html
مهندسی اجتماعی چیست و روش های آن :
https://blog.peneter.com/clubhouse-general-social-engineering-1/
https://blog.peneter.com/clubhouse-general-social-engineering-2-phishing/
https://blog.peneter.com/clubhouse-general-social-engineering-3-malware/
برای بررسی اینکه Domain در بلک لیست قرار دارد یا نه
https://powerdmarc.com/analyzer/
https://mxtoolbox.com/
3)SolarWinds Hackers Breach Microsoft Customer Support to Target its Customers
APT های این چند وقت اخیر
It's tracked by the wider cybersecurity community under the monikers APT29, UNC2452 (FireEye), SolarStorm (Unit 42), StellarParticle (Crowdstrike), Dark Halo (Volexity), and Iron Ritual (Secureworks).
https://thehackernews.com/2021/06/solarwinds-hackers-breach-microsoft.html
🌐 Peneter BLog
🔊 Clubhouse
🔊 Telegram Channel
The Hacker News
Hackers Trick Microsoft Into Signing Netfilter Driver Loaded With Rootkit Malware
Hackers tricked Microsoft into digitally signing a malicious "Netfilter" driver linked to a Windows rootkit malware.
universal cross-site scripting (UXSS) issue that's triggered when automatically translating web pages using the browser's built-in feature via Microsoft Translator.
اگر از Edge استفاده میکنید حتما اپدیتش کنید چون خیلی ها کار صرافی می کنند با VPS از Edge استفاده می کنند !
روش آپدیت
edge://settings/help
رو تو آدرس بار بزنید آخرین ورژن نبود بزنین آپدیت بشه
https://thehackernews.com/2021/06/microsoft-edge-bug-couldve-let-hackers.html
🌐 Peneter BLog
🔊 Clubhouse
🔊 Telegram Channel
اگر از Edge استفاده میکنید حتما اپدیتش کنید چون خیلی ها کار صرافی می کنند با VPS از Edge استفاده می کنند !
روش آپدیت
edge://settings/help
رو تو آدرس بار بزنید آخرین ورژن نبود بزنین آپدیت بشه
https://thehackernews.com/2021/06/microsoft-edge-bug-couldve-let-hackers.html
🌐 Peneter BLog
🔊 Clubhouse
🔊 Telegram Channel
The Hacker News
Microsoft Edge Bug Could've Let Hackers Steal Your Secrets for Any Site
Hackers could have stolen your secrets for any site through a Microsoft Edge bug
SoheilSec
Pentest Steps.xmind
نسخه فارسی Penetration Testing Mind
Credit : Hamid Kashfi
Credit : Hamid Kashfi
My old Template 2016 (information Gathering).xmind
4.4 MB
Information Gathering Xmind
Credit : Soheil Hashemi
Good for Penetration Testing Report
Credit : Soheil Hashemi
Good for Penetration Testing Report
project-Vul Assessment mind-94.0.0.xmind
4.1 MB
Vulnerability Assessments Part
Credit : soheil Hashemi
Credit : soheil Hashemi
Data for 700M #LinkedIn Users Posted for Sale in #Raidforums
https://threatpost.com/data-700m-linkedin-users-cyber-underground/167362/?utm_source=dlvr.it&utm_medium=linkedin
https://raidforums.com/Thread-SELLING-New-Linkedin-2021-700Million-records?highlight=linkedin
https://threatpost.com/data-700m-linkedin-users-cyber-underground/167362/?utm_source=dlvr.it&utm_medium=linkedin
https://raidforums.com/Thread-SELLING-New-Linkedin-2021-700Million-records?highlight=linkedin
Threat Post
Data for 700M LinkedIn Users Posted for Sale in Cyber-Underground
After 500 million LinkedIn enthusiasts were affected in a data-scraping incident in April, it's happened again - with big security ramifications.
Disclosure of a bug in Adobe’s content-management solution – used by Mastercard, LinkedIn and PlayStation – were released.
https://threatpost.com/rce-bug-in-adobe-revealed/167382/
#adobe
#0day
https://threatpost.com/rce-bug-in-adobe-revealed/167382/
#adobe
#0day
Threat Post
Details of RCE Bug in Adobe Experience Manager Revealed
Disclosure of a bug in Adobe’s content-management solution - used by Mastercard, LinkedIn and PlayStation – were released.
CVE-2021-35523: Local Privilege Escalation in Securepoint SSL VPN Client 2.0.30
https://bogner.sh/2021/06/local-privilege-escalation-in-securepoint-ssl-vpn-client-2-0-30/
https://bogner.sh/2021/06/local-privilege-escalation-in-securepoint-ssl-vpn-client-2-0-30/
Google Compute Engine (GCE) VM takeover via DHCP flood - gain root access by getting SSH keys added by google_guest_agent
https://github.com/irsl/gcp-dhcp-takeover-code-exec
#googlecloud
#takeover
https://github.com/irsl/gcp-dhcp-takeover-code-exec
#googlecloud
#takeover
GitHub
GitHub - irsl/gcp-dhcp-takeover-code-exec: Google Compute Engine (GCE) VM takeover via DHCP flood - gain root access by getting…
Google Compute Engine (GCE) VM takeover via DHCP flood - gain root access by getting SSH keys added by google_guest_agent - irsl/gcp-dhcp-takeover-code-exec
CVE-2020-1170 - Microsoft Windows Defender Elevation of Privilege Vulnerability
CVE-2020-1170, an elevation of privilege bug in Windows Defender
https://itm4n.github.io/cve-2020-1170-windows-defender-eop/
CVE-2020-1170, an elevation of privilege bug in Windows Defender
https://itm4n.github.io/cve-2020-1170-windows-defender-eop/
itm4n’s blog
CVE-2020-1170 - Microsoft Windows Defender Elevation of Privilege Vulnerability
Here is my writeup about CVE-2020-1170, an elevation of privilege bug in Windows Defender. Finding a vulnerability in a security-oriented product is quite satisfying. Though, there was nothing groundbreaking. It’s quite the opposite actually and I’m surprised…
Top 10 Vulnerabilities: Internal Infrastructure Pentest
https://www.infosecmatter.com/top-10-vulnerabilities-internal-infrastructure-pentest/
https://www.infosecmatter.com/top-10-vulnerabilities-internal-infrastructure-pentest/
InfosecMatter
Top 10 Vulnerabilities: Internal Infrastructure Pentest - InfosecMatter
Top #10 vulnerabilities found during internal infrastructure penetration tests. Weak and default passwords, outdated software, insufficient network segregation..
IBM Gifts Threat Hunting Tool to Open Cybersecurity Alliance
Kestrel Threat Hunting Language
https://github.com/opencybersecurityalliance/kestrel-lang
#threathunting #opensource
Kestrel Threat Hunting Language
https://github.com/opencybersecurityalliance/kestrel-lang
#threathunting #opensource
GitHub
GitHub - opencybersecurityalliance/kestrel-lang: Kestrel threat hunting language: building reusable, composable, and shareable…
Kestrel threat hunting language: building reusable, composable, and shareable huntflows across different data sources and threat intel. - opencybersecurityalliance/kestrel-lang
Pwning Cisco ISE: From Cross Site Scripting to Root Shell!
https://www.reddit.com/r/ReverseEngineering/comments/oasy1n/pwning_cisco_ise_from_cross_site_scripting_to/
https://www.reddit.com/r/ReverseEngineering/comments/oasy1n/pwning_cisco_ise_from_cross_site_scripting_to/
reddit
Pwning Cisco ISE: From Cross Site Scripting to Root Shell!
Posted in r/ReverseEngineering by u/ChoiceGrapefruit0 • 53 points and 5 comments
Operation Eagle Eye - RCE to Enterprise Man-In-The-Middle
https://www.securifera.com/blog/2021/06/24/operation-eagle-eye/
https://www.securifera.com/blog/2021/06/24/operation-eagle-eye/
Securifera
Operation Eagle Eye
This article is in no way affiliated, sponsored, or endorsed with/by Fidelis Cybersecurity. All graphics are being displayed under fair use for the purposes of this article.
Operation Eagle Eye
Who remembers that movie about 15 years ago called Eagle…
Operation Eagle Eye
Who remembers that movie about 15 years ago called Eagle…
IoT tools
#radereye
A tool made for specially scanning nearby devices[BLE, Bluetooth & Wifi] and execute our given command on our system when the target device comes in-between range.
https://github.com/souravbaghz/RadareEye
#canghost
Automated Script For Hacking Into CAN Bus - Car Hacking
https://github.com/souravbaghz/CANghost
#radereye
A tool made for specially scanning nearby devices[BLE, Bluetooth & Wifi] and execute our given command on our system when the target device comes in-between range.
https://github.com/souravbaghz/RadareEye
#canghost
Automated Script For Hacking Into CAN Bus - Car Hacking
https://github.com/souravbaghz/CANghost
GitHub
GitHub - souravbaghz/RadareEye: Tool for especially scanning nearby devices and execute a given command on its own system while…
Tool for especially scanning nearby devices and execute a given command on its own system while the target device comes in range. - souravbaghz/RadareEye
روند افزایش امنیت توییتر
سال 2018 2FA فعال کرد.
2019 برای جلوگیری از SIM-Swapping اجازه داد بدون شماره تلفن 2FA فعال کنند.
2020 اجازه استفاده اضافه کردن چند 2FA به کاربران داد.
و اکنون کلیدهای امنیتی رو به مکانیزم های امنیتی 2FA خودش اضافه کرده جالبی قضیه اینکه این مکانیزم بر پایه استانداردهای FIDO و WebAuthn هست که در صورت سواستفاده سایت های فیشینگ تشخیص میدند !
https://help.twitter.com/en/managing-your-account/two-factor-authentication
پ.ن امنیت بانک ها و بقیه زیرساخت های ما تو چه سطح هستند ؟
سال 2018 2FA فعال کرد.
2019 برای جلوگیری از SIM-Swapping اجازه داد بدون شماره تلفن 2FA فعال کنند.
2020 اجازه استفاده اضافه کردن چند 2FA به کاربران داد.
و اکنون کلیدهای امنیتی رو به مکانیزم های امنیتی 2FA خودش اضافه کرده جالبی قضیه اینکه این مکانیزم بر پایه استانداردهای FIDO و WebAuthn هست که در صورت سواستفاده سایت های فیشینگ تشخیص میدند !
https://help.twitter.com/en/managing-your-account/two-factor-authentication
پ.ن امنیت بانک ها و بقیه زیرساخت های ما تو چه سطح هستند ؟
X
How to use two-factor authentication (2FA) on X
Two-factor authentication is an extra layer of security for your X account. Get an overview of this feature, including how to enable it.
image_2021-07-01_17-17-39.png
17.8 KB
settings and privacy - > security and account Access - > Two Factor Authentication | additional password protection