CRLFuzz - A fast tool to scan CRLF vulnerability written in Go https://hakin9.org/crlfuzz-a-fast-tool-to-scan-crlf-vulnerability-written-in-go/
Hakin9 - IT Security Magazine
CRLFuzz - A fast tool to scan CRLF vulnerability written in Go
The installation is easy. You can download a prebuilt binary from the releases page, unpack and run! or with
Octo Tempest crosses boundaries to facilitate extortion, encryption, and destruction https://www.microsoft.com/en-us/security/blog/2023/10/25/octo-tempest-crosses-boundaries-to-facilitate-extortion-encryption-and-destruction/
Microsoft News
Octo Tempest crosses boundaries to facilitate extortion, encryption, and destruction
Financially motivated threat actor Octo Tempest's evolving campaigns represent growing concern for organizations across multiple industries.
Measuring the Potential Impact of PIPEDREAM Malware OPC UA Module, MOUSEHOLE https://www.dragos.com/blog/potential-impact-of-pipedream-malware-module-mousehole/
Dragos | Industrial (ICS/OT) Cyber Security
Measuring the Potential Impact of PIPEDREAM Malware OPC UA Module, MOUSEHOLE | Dragos
Discover our testing results on an experiment named MOUSELAB, a derivation of PIPEDREAM OPC UA Module, MOUSEHOLE, to assess the impacts of its capabilities.
Issue 1458911: Security: Libxslt arbitrary file reading using document() method and external entities https://bugs.chromium.org/p/chromium/issues/detail?id=1458911
Refresh: Compromising F5 BIG-IP With Request Smuggling | CVE-2023-46747 https://www.praetorian.com/blog/refresh-compromising-f5-big-ip-with-request-smuggling-cve-2023-46747/
Praetorian
Refresh: Compromising F5 BIG-IP With Request Smuggling | CVE-2023-46747
Overview In an effort to safeguard our customers, we perform proactive vulnerability research with the goal of identifying zero-day vulnerabilities that are likely to impact the security of leading organizations. We decided to focus on the F5 BIG-IP suite…
👍1
Threat Hunting: Detecting Browser Credential Stealing [T1555.003] https://fourcore.io/blogs/threat-hunting-browser-credential-stealing
FourCore
Threat Hunting: Detecting Browser Credential Stealing [T1555.003]
Adversaries can steal credentials, cookies and other private data from browsers using various techniques. We cover how you can simulate Credential Stealing From Browser s and detect it with your security tools. Sigma Rules Inside.
From Akamai to F5 to NTLM... with love https://blog.malicious.group/from-akamai-to-f5-to-ntlm/
Malicious Group
From Akamai to F5 to NTLM... with love.
In this paper I will expose critical flaws in Akamai's implementation that lead to NTLM credential exposure. I'll demonstrate how these vulnerabilities chain across F5 infrastructure, presenting attack techniques and essential mitigations for defenders.
Pentest-Report TOR Browser & OONI https://blog.torproject.org/security-audit-report-tor-browser-ooni/TTP-01-report.pdf
Ragnar Locker ransomware uses a clever trick to dodge detection https://tech.hindustantimes.com/tech/news/a-new-ransomware-uses-virtual-machine-to-dodge-security-71590409211492.html
HT Tech
A new ransomware uses virtual machine to dodge security
Ragnar Locker remains out of reach of the security software.
Turning a boring file move into a privilege escalation on Mac https://pwn.win/2023/10/28/file-move-privesc-mac.html
pwn.win
Turning a boring file move into a privilege escalation on Mac
While poking around Parallels Desktop I found a script which is invoked by a setuid-root binary, which has the following snippet: local prl_dir="${usr_home}/Library/Parallels" if [ -e "$prl_dir" -a ! -d "$prl_dir" ]; then log warning "'${prl_dir}' is not…
👍2
Our server has been under maintenance since last Friday (with continuous ups&down). We are sorry to inform that it will not be fully operational again until next January 2nd (with any luck). Stay tuned for more infosec news soon!
😢2👌2
Our entire team wishes you and yours a Happy New Year! ❤️
❤11
The Importance of Self-Custody Password Managers: A Deep Dive https://nomadscrolls.net/2023/10/29/the-importance-of-self-custody-password-managers-a-deep-dive/
NetSupport Intrusion Results in Domain Compromise https://thedfirreport.com/2023/10/30/netsupport-intrusion-results-in-domain-compromise/
The DFIR Report
NetSupport Intrusion Results in Domain Compromise
NetSupport Manager is one of the oldest third-party remote access tools still currently on the market with over 33 years of history. This is the first time we will report on a NetSupport RAT intrus…
$1000 Bug using simple Graphql Introspection query https://infosecwriteups.com/1000-bug-using-simple-graphql-introspection-query-b68da8260877
Medium
$1000 Bug using simple Graphql Introspection query
Welcome to my blog! In this post, I will be discussing my experience in the security testing of an application’s implementation of…
PoC released for Microsoft WordPad CVE-2023-36563 flaw exploited in attacks https://securityonline.info/poc-released-for-microsoft-wordpad-cve-2023-36563-flaw-exploited-in-attacks/
Cybersecurity News
PoC released for Microsoft WordPad CVE-2023-36563 flaw exploited in attacks
Not only does it address CVE-2023-36563, but it also patches up two more zero-day vulnerabilities that hackers have been exploiting
🔥1
Do you know Scapy? You can test it from your own browser https://scapy.net/?try=1