Observed Exploitation of Critical WS_FTP Vulnerabilities https://www.reddit.com/r/msp/comments/16y3962/observed_exploitation_of_critical_ws_ftp/?utm_source=share&utm_medium=web3x&utm_name=web3xcss&utm_term=1&utm_content=share_button&rdt=51516
Reddit
From the msp community on Reddit
Explore this post and more from the msp community
❤2
Let’s Go into the rabbit hole (part 1) — the challenges of dynamically hooking Golang programs https://blog.quarkslab.com/lets-go-into-the-rabbit-hole-part-1-the-challenges-of-dynamically-hooking-golang-program.html
Quarkslab
Let’s Go into the rabbit hole (part 1) — the challenges of dynamically hooking Golang programs - Quarkslab's blog
Golang is the most used programming language for developing cloud technologies. Tools such as Kubernetes, Docker, Containerd and gVisor are written in Go. Despite the fact that the code of these programs is open source, there is no way to analyze and extend…
TorchServe Pre-Auth Remote Code Execution https://github.com/advisories/GHSA-4mqg-h5jf-j9m7
GitHub
GHSA-4mqg-h5jf-j9m7 - GitHub Advisory Database
TorchServe Pre-Auth Remote Code Execution
Missing Manuals - io_uring worker pool https://blog.cloudflare.com/missing-manuals-io_uring-worker-pool/
The Cloudflare Blog
Missing Manuals - io_uring worker pool
Chances are you might have heard of io_uring. It first appeared in Linux 5.1, back in 2019, and was advertised as the new API for asynchronous I/O. Its goal was to be an alternative to the deemed-to-be-broken-beyond-repair AIO, the “old” asynchronous I/O…
KubeHound: Identifying attack paths in Kubernetes clusters https://securitylabs.datadoghq.com/articles/kubehound-identify-kubernetes-attack-paths/
Datadoghq
KubeHound: Identifying attack paths in Kubernetes clusters
KubeHound is a new open-source tool to identify attack paths in Kubernetes clusters.
Exploiting the Looney Tunables vulnerability on HTB (CVE-2023-4911) https://www.hackthebox.com/blog/exploiting-the-looney-tunables-vulnerability-cve-2023-4911
Hack The Box
Exploiting the Looney Tunables vulnerability on HTB (CVE-2023-491)
A quick overview of the recently discovered vulnerability. Learn how you can practice exploiting (and defending against) the local privilege escalation attack on the HTB platform!
Linux Vulnerability Exposes Millions of Systems to Attack https://www.hackread.com/linux-vulnerability-exposes-systems-to-attack/
Hackread - Latest Cybersecurity News, Press Releases & Technology Today
Looney Tunables - Linux Vulnerability Exposes Millions of Systems to Attack
Follow us on Twitter @Hackread - Facebook @ /Hackread
👍1
X.Org Hit By New Security Vulnerabilities - Two Date Back To 1988 With X11R2 https://www.phoronix.com/news/XOrg-Vulnerabilities-Since-1988
Phoronix
X.Org Hit By New Security Vulnerabilities - Two Date Back To 1988 With X11R2
It was a decade ago that a security researcher commented on X.Org Server security being even 'worse than it looks' and that the GLX code for example was '80,000 lines of sheer terror' and hundreds of bugs being uncovered throughout the codebase
Reversing 'France Identité': the new French digital ID https://www.reversemode.com/2023/10/reversing-france-identite-new-french.html
Reversemode
Reversing 'France Identité': the new French digital ID.
-------------- Update from 06/10/2023 : following my publication, I’ve been in contact with France Identité CISO and they could provide mo...
Hundreds of malicious Python packages found stealing sensitive data https://www.bleepingcomputer.com/news/security/hundreds-of-malicious-python-packages-found-stealing-sensitive-data/
BleepingComputer
Hundreds of malicious Python packages found stealing sensitive data
A malicious campaign that researchers observed growing more complex over the past half year, has been planting on open-source platforms hundreds of info-stealing packages that counted about 75,000 downloads.
Introducing cmloot.py - New tooling for attacking Configuration Manager https://www.shelltrail.com/research/cmloot/
Shelltrail - Swedish offensive security experts
Introducing cmloot.py - New tooling for attacking Configuration Manager | Shelltrail - Swedish offensive security experts
cmloot.py introduces new angles to exploit Configuration Manager, which has become the new black in internal security assessments of Active Directory environments.
Predator Files: Technical deep-dive into Intellexa Alliance’s surveillance products https://securitylab.amnesty.org/latest/2023/10/technical-deep-dive-into-intellexa-alliance-surveillance-products/
Amnesty International Security Lab
Predator Files: Technical deep-dive into Intellexa Alliance's surveillance products - Amnesty International Security Lab
An expose the Intellexa Alliance's surveillance capabilities including advanced spyware, mass surveillance platforms, and tactical systems for targeting and intercepting nearby devices.
CVE-2023-22515-Scan: Scanner for CVE-2023-22515 - Broken Access Control Vulnerability in Atlassian Confluence https://github.com/ErikWynter/CVE-2023-22515-Scan
GitHub
GitHub - ErikWynter/CVE-2023-22515-Scan: Scanner for CVE-2023-22515 - Broken Access Control Vulnerability in Atlassian Confluence
Scanner for CVE-2023-22515 - Broken Access Control Vulnerability in Atlassian Confluence - ErikWynter/CVE-2023-22515-Scan
Hacking GTA V RP Servers Using Web Exploitation Techniques https://www.nullpt.rs/hacking-gta-servers-using-web-exploitation
nullpt.rs
nullpt.rs • Hacking GTA V RP Servers Using Web Exploitation Techniques
FiveM provides a powerful framework to create game experiences not otherwise possible in Grand Theft Auto. However, this power can be abused by attackers through the use of XSS in vulnerable NUI resources.
Coordinated Disclosure: 1-Click RCE on GNOME (CVE-2023-43641) https://github.blog/2023-10-09-coordinated-disclosure-1-click-rce-on-gnome-cve-2023-43641/
The GitHub Blog
Coordinated Disclosure: 1-Click RCE on GNOME (CVE-2023-43641)
CVE-2023-43641 is a vulnerability in libcue, which can lead to code execution by downloading a file on GNOME.
EP25: How Apple/Google Pay handle card info. Also... https://blog.bytebytego.com/p/ep25-how-applegoogle-pay-handle-card
Bytebytego
EP25: How Apple/Google Pay handle card info. Also...
In this newsletter, we’ll cover the following topics:
Apple Pay vs. Google Wallet https://www.investopedia.com/articles/personal-finance/010215/apple-pay-vs-google-wallet-how-they-work.asp
Investopedia
Apple Pay vs Google Wallet: How They Work
Apple Pay and Google Wallet are mostly identical offerings. Apple may be to be easier to use, but Google has a more features.
A universal EDR bypass built in Windows 10 https://www.riskinsight-wavestone.com/en/2023/10/a-universal-edr-bypass-built-in-windows-10/
RiskInsight
A universal EDR bypass built in Windows 10 - RiskInsight
A security design failure in Windows 10 allows a malware to disable some telemetry used by EDR, thus to perform actions without raising alerts