Kamerka: una herramienta de reconocimiento para dispositivos IoT e infraestructuras críticas | WeLiveSecurity
https://www.welivesecurity.com/la-es/2020/09/21/kamerka-herramienta-reconocimiento-dispositivos-iot-infraestructuras-criticas/
https://www.welivesecurity.com/la-es/2020/09/21/kamerka-herramienta-reconocimiento-dispositivos-iot-infraestructuras-criticas/
WeLiveSecurity
Kamerka: una herramienta de reconocimiento para dispositivos IoT e infraestructuras críticas
Kamerka es una herramienta de escaneo que permite descubrir dispositivos IoT, sistemas de control industrial y dispositivos de salud vulnerables a partir de recolectar información de varias fuentes.
Kerberos attacks cheatsheet
https://gist.github.com/TarlogicSecurity/2f221924fef8c14a1d8e29f3cb5c5c4a
+ Active Directory Attacks
https://github.com/swisskyrepo/PayloadsAllTheThings/blob/master/Methodology%20and%20Resources/Active%20Directory%20Attack.md
https://gist.github.com/TarlogicSecurity/2f221924fef8c14a1d8e29f3cb5c5c4a
+ Active Directory Attacks
https://github.com/swisskyrepo/PayloadsAllTheThings/blob/master/Methodology%20and%20Resources/Active%20Directory%20Attack.md
Gist
A cheatsheet with commands that can be used to perform kerberos attacks
A cheatsheet with commands that can be used to perform kerberos attacks - kerberos_attacks_cheatsheet.md
Dropbox Escalation of Privileges to SYSTEM on Windows
https://dreamlab.net/en/blog/post/dropbox-escalation-of-privileges-to-system-on-windows/
https://dreamlab.net/en/blog/post/dropbox-escalation-of-privileges-to-system-on-windows/
CVE-2020-0968:
IE 9, 11 - Scripting Engine Memory Corruption Vulnerability/Operation Domino (PoC)
https://ti.dbappsecurity.com.cn/blog/index.php/2020/09/18/cve-2020-0968/
Attack overview:
https://ti.dbappsecurity.com.cn/blog/index.php/2020/09/18/operation-domino/
IE 9, 11 - Scripting Engine Memory Corruption Vulnerability/Operation Domino (PoC)
https://ti.dbappsecurity.com.cn/blog/index.php/2020/09/18/cve-2020-0968/
Attack overview:
https://ti.dbappsecurity.com.cn/blog/index.php/2020/09/18/operation-domino/
Alien: el nuevo malware bancario para Android
https://unaaldia.hispasec.com/2020/09/alien-el-nuevo-malware-bancario-para-android.html
https://unaaldia.hispasec.com/2020/09/alien-el-nuevo-malware-bancario-para-android.html
Una al Día
Alien: el nuevo malware bancario para Android
Se ha descubierto una nueva familia de malware que afecta a la plataforma móvil Android. Las grandes similitudes con el ya conocido Cerberus hacen sospechar que este nuevo malware no haya sido desarrollado desde cero. Alien, que así ha sido bautizado por…
National Vulnerability Database
CVE-2020-4607
IBM Security Secret Server (IBM Security Verify Privilege Vault Remote 1.2 ) could allow a local user to bypass security restrictions due to improper input validation. IBM X-Force ID: 184884.
CVE-2020-4607
IBM Security Secret Server (IBM Security Verify Privilege Vault Remote 1.2 ) could allow a local user to bypass security restrictions due to improper input validation. IBM X-Force ID: 184884.
Obtener conversaciones de Whatsapp desde la nube
https://blog.segu-info.com.ar/2020/09/obtener-conversaciones-de-whatsapp.html
https://blog.segu-info.com.ar/2020/09/obtener-conversaciones-de-whatsapp.html
Threat Research:
Taking down the SSO, Account Takeover in the Websites
of Kolesa due to Insecure JSONP Call (PoC)
https://medium.com/bugbountywriteup/taking-down-the-sso-account-takeover-in-3-websites-of-kolesa-due-to-insecure-jsonp-call-facd79732e45
Taking down the SSO, Account Takeover in the Websites
of Kolesa due to Insecure JSONP Call (PoC)
https://medium.com/bugbountywriteup/taking-down-the-sso-account-takeover-in-3-websites-of-kolesa-due-to-insecure-jsonp-call-facd79732e45
Medium
Taking down the SSO, Account Takeover in 3 websites of Kolesa due to Insecure JSONP Call
Hello, this post is about how I could take-over any account of Kolesa’s websites using Single Sign-On. There was an insecure JSONP call…
National Vulnerability Database
CVE-2020-9491
In Apache NiFi 1.2.0 to 1.11.4, the NiFi UI and API were protected by mandating TLS v1.2, as well as listening connections established by processors like ListenHTTP, HandleHttpRequest, etc. However intracluster communication such as cluster request replication, Site-to-Site, and load balanced queues continued to support TLS v1.0 or v1.1.
CVE-2020-9491
In Apache NiFi 1.2.0 to 1.11.4, the NiFi UI and API were protected by mandating TLS v1.2, as well as listening connections established by processors like ListenHTTP, HandleHttpRequest, etc. However intracluster communication such as cluster request replication, Site-to-Site, and load balanced queues continued to support TLS v1.0 or v1.1.
Pentesting Mobile 101: Controlando de manera remota un Dispositivo Android con Scrcpy
http://feedproxy.google.com/~r/snifer/~3/B5gK-mc0sT4/srcpy-screen-mirroring-android-sin-root.html
http://feedproxy.google.com/~r/snifer/~3/B5gK-mc0sT4/srcpy-screen-mirroring-android-sin-root.html
Fortinet's Fortigate VPN solution running default settings leave over 200,000 businesses vulnerable to man-in-the-middle (MitM) attacks.
Learn how: https://thehackernews.com/2020/09/fortigate-vpn-security.html
Learn how: https://thehackernews.com/2020/09/fortigate-vpn-security.html
The Hacker News
Fortinet VPN with Default Settings Leave 200,000 Businesses Open to Hackers
Fortinet's Fortigate VPN solution running default settings leave over 200,000 businesses vulnerable to man-in-the-middle (MitM) attacks.
CVE-2020-15702:
Race Condition vulnerability in handling of PID by apport in Ubuntu (PoC)
https://flattsecurity.hatenablog.com/entry/2020/09/30/130844
Race Condition vulnerability in handling of PID by apport in Ubuntu (PoC)
https://flattsecurity.hatenablog.com/entry/2020/09/30/130844
Malware analysis:
1. Ttint: An IoT Remote Access Trojan spread through two Tenda router 0-day vulnerabilities
https://blog.netlab.360.com/ttint-an-iot-remote-control-trojan-spread-through-2-0-day-vulnerabilities/
2. Top Alexa Sites Infected With Malicious Coinminers
and Web Skimmer
https://unit42.paloaltonetworks.com/malicious-coinminers-web-skimmer/
1. Ttint: An IoT Remote Access Trojan spread through two Tenda router 0-day vulnerabilities
https://blog.netlab.360.com/ttint-an-iot-remote-control-trojan-spread-through-2-0-day-vulnerabilities/
2. Top Alexa Sites Infected With Malicious Coinminers
and Web Skimmer
https://unit42.paloaltonetworks.com/malicious-coinminers-web-skimmer/
360 Netlab Blog - Network Security Research Lab at 360
Ttint: An IoT Remote Access Trojan spread through 2 0-day vulnerabilities
Author: Lingming Tu, Yanlong Ma, Genshen Ye
Background introduction
Starting from November 2019, 360Netlab Anglerfish system have successively monitored attacker using two Tenda router 0-day vulnerabilities to spread a Remote Access Trojan (RAT) based…
Background introduction
Starting from November 2019, 360Netlab Anglerfish system have successively monitored attacker using two Tenda router 0-day vulnerabilities to spread a Remote Access Trojan (RAT) based…
National Vulnerability Database
CVE-2020-5989
NVIDIA Virtual GPU Manager contains a vulnerability in the vGPU plugin, in which it can dereference a NULL pointer, which may lead to denial of service. This affects vGPU version 8.x (prior to 8.5), version 10.x (prior to 10.4) and version 11.0.
CVE-2020-5989
NVIDIA Virtual GPU Manager contains a vulnerability in the vGPU plugin, in which it can dereference a NULL pointer, which may lead to denial of service. This affects vGPU version 8.x (prior to 8.5), version 10.x (prior to 10.4) and version 11.0.
Tus chats de WhatsApp no son seguros: un nuevo «fallo» permite espiarlos
https://www.adslzone.net/noticias/whatsapp/chats-espiar-cifrado-copia-seguridad-nube/
#Whatsapp #Privacidad #Ciberseguridad
https://www.adslzone.net/noticias/whatsapp/chats-espiar-cifrado-copia-seguridad-nube/
#Whatsapp #Privacidad #Ciberseguridad
ADSLZone
Tus chats de WhatsApp no son seguros: un nuevo «fallo» permite espiarlos
Un usuario ha descubierto cómo se consiguen espiar los mensajes de los chats de WhatsApp que tengamos almacenados en la nube.
Windows Hacking tutorials and tools :
1) Windows-Post-Exploitation:
https://github.com/emilyanncr/Windows-Post-Exploitation
2) Windows Post Exploitation Shells and File Transfer with Netcat for Windows:
https://medium.com/p/a2ddc3557403
3) Windows Privilege Escalation Fundamentals:
https://www.fuzzysecurity.com/tutorials/16.html
4) Windows Privilege Escalation Guide:
www.absolomb.com/2018-01-26-Windows-Privilege-Escalation-Guide/
5) https://github.com/LazoCoder/Windows-Hacks
6) https://github.com/D4Vinci/Dr0p1t-Framework
1) Windows-Post-Exploitation:
https://github.com/emilyanncr/Windows-Post-Exploitation
2) Windows Post Exploitation Shells and File Transfer with Netcat for Windows:
https://medium.com/p/a2ddc3557403
3) Windows Privilege Escalation Fundamentals:
https://www.fuzzysecurity.com/tutorials/16.html
4) Windows Privilege Escalation Guide:
www.absolomb.com/2018-01-26-Windows-Privilege-Escalation-Guide/
5) https://github.com/LazoCoder/Windows-Hacks
6) https://github.com/D4Vinci/Dr0p1t-Framework
GitHub
GitHub - emilyanncr/Windows-Post-Exploitation: Windows post-exploitation tools, resources, techniques and commands to use during…
Windows post-exploitation tools, resources, techniques and commands to use during post-exploitation phase of penetration test. Contributions are appreciated. Enjoy! - emilyanncr/Windows-Post-Expl...
Vídeo de demostración que enseña cómo un spyware roba los mensajes de WhatsApp de las notificaciones recibidas
https://www.instagram.com/reel/CFwz9wMAwuL/
https://www.instagram.com/reel/CFwz9wMAwuL/
Instagram
Android Security & Hacking
What happens if you "Allow notification" access to malicious app. Video demo how easy it is for such malicious spyware to steal WhatsApp messages from received notifications . . . . . #hackers #hacking #hacker #cybersecurity #ethicalhacking #hack #kalilinux…