Forwarded from DailyCVE
π΅ QOSch logback-core, Server-Side Request Forgery (SSRF), #CVE-2024-12801 (Low)
https://dailycve.com/qosch-logback-core-server-side-request-forgery-ssrf-cve-2024-12801-low/
@Daily_CVE
https://dailycve.com/qosch-logback-core-server-side-request-forgery-ssrf-cve-2024-12801-low/
@Daily_CVE
DailyCVE
QOSch logback-core, Server-Side Request Forgery (SSRF), CVE-2024-12801 (Low) - DailyCVE
2024-12-20 What Undercode Says: This blog post highlights a Server-Side Request Forgery (SSRF) vulnerability (CVE-2024-12801) identified in QOS.ch logback-core version [β¦]
Forwarded from UNDERCODE NEWS (Copyright & Fact Checker)
π§ Intelligence Potentiation: Evolving #AI Agents
https://undercodenews.com/intelligence-potentiation-evolving-ai-agents/
@Undercode_News
https://undercodenews.com/intelligence-potentiation-evolving-ai-agents/
@Undercode_News
UNDERCODE NEWS
Intelligence Potentiation: Evolving AI Agents - UNDERCODE NEWS
Undercode News was founded in order to provide the most useful information in the world of hacking and technology. Staffed 24/24 hours, seven days a week by a dedicated team in undercode around the world, so it can provide an environment of information andβ¦
Forwarded from UNDERCODE NEWS (Copyright & Fact Checker)
π‘οΈ A Significant Uptick in Cybersecurity Disclosures
https://undercodenews.com/a-significant-uptick-in-cybersecurity-disclosures/
@Undercode_News
https://undercodenews.com/a-significant-uptick-in-cybersecurity-disclosures/
@Undercode_News
UNDERCODE NEWS
A Significant Uptick in Cybersecurity Disclosures - UNDERCODE NEWS
Undercode News was founded in order to provide the most useful information in the world of hacking and technology. Staffed 24/24 hours, seven days a week by a dedicated team in undercode around the world, so it can provide an environment of information andβ¦
Forwarded from Exploiting Crew (Pr1vAt3)
π¦π€Ί Threat modeling GenAI Workloads: Don't Skip This β‘οΈ
Threat modeling is one of the oldest aspects of cybersecurity, as early as 1977 some form of threat models were leveraged to understand the risks against systems.
π€ However, threat modeling is not commonly practiced because it is manual and time-intensive. But is it worth the time, effort & resources? Hell YES. The value of threat modeling continually increases as our systems become more complex.
Yes, your GenAI workloads aren't exempted ! π
π GOOD NEWS -> There are abundant resources that help streamline threat modeling by automating several steps.
The Threat Composer tool from Amazon Web Services (AWS) is one of such tools.
π© A recent AWS blog post, provides a recommended approach for threat modeling GenAI workloads using Threat Composer. Adam Shostack's four question framework is used as a guide.
π Check out the blog post here - https://lnkd.in/g6i4zSpN
Here is a quick summary:
1οΈβ£ What are we working on?
Aims to get a detailed understanding of your business context & application architecture. Example outcomes are Data Flow Diagrams, assumptions, and key design decisions.
2οΈβ£ What can go wrong?
Identify possible threats to your application using the context & information gathered from the previous question. Leverage info sources e.g. OWASP Top 10 For Large Language Model Applications & Generative AI, MITRE ATLAS
3οΈβ£ What are we going to do about it?
Consider which controls would be appropriate to mitigate the risks associated with the threats identified in the previous question. Some info sources (per previous question) have sections for mitigations which could be super useful.
4οΈβ£ Did we do a good enough job?
Contrary to popular opinions, threat modeling exercises do not end after the actual activity ! Its important to verify the effectiveness of the implemented mitigations to determine if the identified risks have been addressed. Use penetration testing, adversary emulation etc to proactively evaluate the effectiveness of implemented mitigations.
Ref: Kennedy T
@UndercodeCommunity
β β β Uππ»βΊπ«Δπ¬πβ β β β
Threat modeling is one of the oldest aspects of cybersecurity, as early as 1977 some form of threat models were leveraged to understand the risks against systems.
π€ However, threat modeling is not commonly practiced because it is manual and time-intensive. But is it worth the time, effort & resources? Hell YES. The value of threat modeling continually increases as our systems become more complex.
Yes, your GenAI workloads aren't exempted ! π
π GOOD NEWS -> There are abundant resources that help streamline threat modeling by automating several steps.
The Threat Composer tool from Amazon Web Services (AWS) is one of such tools.
π© A recent AWS blog post, provides a recommended approach for threat modeling GenAI workloads using Threat Composer. Adam Shostack's four question framework is used as a guide.
π Check out the blog post here - https://lnkd.in/g6i4zSpN
Here is a quick summary:
1οΈβ£ What are we working on?
Aims to get a detailed understanding of your business context & application architecture. Example outcomes are Data Flow Diagrams, assumptions, and key design decisions.
2οΈβ£ What can go wrong?
Identify possible threats to your application using the context & information gathered from the previous question. Leverage info sources e.g. OWASP Top 10 For Large Language Model Applications & Generative AI, MITRE ATLAS
3οΈβ£ What are we going to do about it?
Consider which controls would be appropriate to mitigate the risks associated with the threats identified in the previous question. Some info sources (per previous question) have sections for mitigations which could be super useful.
4οΈβ£ Did we do a good enough job?
Contrary to popular opinions, threat modeling exercises do not end after the actual activity ! Its important to verify the effectiveness of the implemented mitigations to determine if the identified risks have been addressed. Use penetration testing, adversary emulation etc to proactively evaluate the effectiveness of implemented mitigations.
Ref: Kennedy T
@UndercodeCommunity
β β β Uππ»βΊπ«Δπ¬πβ β β β
lnkd.in
LinkedIn
This link will take you to a page thatβs not on LinkedIn
Forwarded from UNDERCODE NEWS (Copyright & Fact Checker)
π¨ Industrial Workstations Under Cyber Siege: A Growing Threat
https://undercodenews.com/industrial-workstations-under-cyber-siege-a-growing-threat/
@Undercode_News
https://undercodenews.com/industrial-workstations-under-cyber-siege-a-growing-threat/
@Undercode_News
UNDERCODE NEWS
Industrial Workstations Under Cyber Siege: A Growing Threat - UNDERCODE NEWS
Undercode News was founded in order to provide the most useful information in the world of hacking and technology. Staffed 24/24 hours, seven days a week by a dedicated team in undercode around the world, so it can provide an environment of information andβ¦
Forwarded from UNDERCODE NEWS (Copyright & Fact Checker)
β‘οΈ #WhatsApp Beta Gets a New Feature: Adjustable Video Playback Speed
https://undercodenews.com/whatsapp-beta-gets-a-new-feature-adjustable-video-playback-speed/
@Undercode_News
https://undercodenews.com/whatsapp-beta-gets-a-new-feature-adjustable-video-playback-speed/
@Undercode_News
UNDERCODE NEWS
WhatsApp Beta Gets a New Feature: Adjustable Video Playback Speed - UNDERCODE NEWS
Undercode News was founded in order to provide the most useful information in the world of hacking and technology. Staffed 24/24 hours, seven days a week by a dedicated team in undercode around the world, so it can provide an environment of information andβ¦
Forwarded from UNDERCODE TESTING
html injection.pdf
381.2 KB
π¦Understanding HTML Injection π
HTML injection is a type of attack where malicious HTML code is inserted into a website. This can lead to a variety of issues, from minor website defacement to serious data breaches. Unlike other web vulnerabilities, HTML injection targets the markup language that forms the backbone of most websites.
This attack differs from other web vulnerabilities that exploit server or database weaknesses because it focuses on manipulating the structure and content of a webpage
Ref: Mehedi Hasan Babu
@UndercodeCommunity
β β β Uππ»βΊπ«Δπ¬πβ β β β
HTML injection is a type of attack where malicious HTML code is inserted into a website. This can lead to a variety of issues, from minor website defacement to serious data breaches. Unlike other web vulnerabilities, HTML injection targets the markup language that forms the backbone of most websites.
This attack differs from other web vulnerabilities that exploit server or database weaknesses because it focuses on manipulating the structure and content of a webpage
Ref: Mehedi Hasan Babu
@UndercodeCommunity
β β β Uππ»βΊπ«Δπ¬πβ β β β
Forwarded from UNDERCODE NEWS (Copyright & Fact Checker)
π± Level Up Your Workflow: #ChatGPT Mac App Gets a Boost with Voice Commands and App Integration
https://undercodenews.com/level-up-your-workflow-chatgpt-mac-app-gets-a-boost-with-voice-commands-and-app-integration/
@Undercode_News
https://undercodenews.com/level-up-your-workflow-chatgpt-mac-app-gets-a-boost-with-voice-commands-and-app-integration/
@Undercode_News
UNDERCODE NEWS
Level Up Your Workflow: ChatGPT Mac App Gets a Boost with Voice Commands and App Integration - UNDERCODE NEWS
Undercode News was founded in order to provide the most useful information in the world of hacking and technology. Staffed 24/24 hours, seven days a week by a dedicated team in undercode around the world, so it can provide an environment of information andβ¦
Forwarded from UNDERCODE NEWS (Copyright & Fact Checker)
#AI-First India: A Skills Revolution
https://undercodenews.com/ai-first-india-a-skills-revolution/
@Undercode_News
https://undercodenews.com/ai-first-india-a-skills-revolution/
@Undercode_News
UNDERCODE NEWS
AI-First India: A Skills Revolution - UNDERCODE NEWS
Undercode News was founded in order to provide the most useful information in the world of hacking and technology. Staffed 24/24 hours, seven days a week by a dedicated team in undercode around the world, so it can provide an environment of information andβ¦
Forwarded from Exploiting Crew (Pr1vAt3)
π¦IAM vs. PAM: Understanding the Key Differences π
In todayβs rapidly evolving cybersecurity landscape, managing access and securing sensitive data is more critical than ever. Two foundational tools in this effort are Identity and Access Management (IAM) and Privileged Access Management (PAM). While both are essential, they serve distinct purposes:
π Identity and Access Management (IAM)
π» Focus: Managing identities and access rights for all users.
π» Scope: Broader, covering employees, contractors, partners, and even devices.
π» Key Functions: Authentication, Single Sign-On (SSO), user provisioning/de-provisioning, governance, and compliance reporting.
π» Goal: Streamlining access across the IT ecosystem while improving operational efficiency and ensuring compliance.
π Privileged Access Management (PAM)
π» Focus: Securing and controlling access to privileged accounts with elevated permissions.
π» Scope: Narrower, targeting administrators, IT staff, service accounts, and third-party vendors.
π» Key Functions: Credential vaulting, session monitoring, least privilege enforcement, and just-in-time access.
π» Goal: Protecting critical systems and sensitive data from breaches or abuse of high-risk accounts.
Implementing both IAM and PAM creates a layered security approach. IAM ensures proper access for all users, while PAM locks down high-risk areas, minimizing vulnerabilities and adhering to the Zero Trust framework.
π This visual summary (attached) simplifies the key differences and highlights how these tools work together to strengthen cybersecurity.
Ref: Fadi Kazdar
@UndercodeCommunity
β β β Uππ»βΊπ«Δπ¬πβ β β β
In todayβs rapidly evolving cybersecurity landscape, managing access and securing sensitive data is more critical than ever. Two foundational tools in this effort are Identity and Access Management (IAM) and Privileged Access Management (PAM). While both are essential, they serve distinct purposes:
π Identity and Access Management (IAM)
π» Focus: Managing identities and access rights for all users.
π» Scope: Broader, covering employees, contractors, partners, and even devices.
π» Key Functions: Authentication, Single Sign-On (SSO), user provisioning/de-provisioning, governance, and compliance reporting.
π» Goal: Streamlining access across the IT ecosystem while improving operational efficiency and ensuring compliance.
π Privileged Access Management (PAM)
π» Focus: Securing and controlling access to privileged accounts with elevated permissions.
π» Scope: Narrower, targeting administrators, IT staff, service accounts, and third-party vendors.
π» Key Functions: Credential vaulting, session monitoring, least privilege enforcement, and just-in-time access.
π» Goal: Protecting critical systems and sensitive data from breaches or abuse of high-risk accounts.
Implementing both IAM and PAM creates a layered security approach. IAM ensures proper access for all users, while PAM locks down high-risk areas, minimizing vulnerabilities and adhering to the Zero Trust framework.
π This visual summary (attached) simplifies the key differences and highlights how these tools work together to strengthen cybersecurity.
Ref: Fadi Kazdar
@UndercodeCommunity
β β β Uππ»βΊπ«Δπ¬πβ β β β
Forwarded from UNDERCODE NEWS (Copyright & Fact Checker)
β‘οΈ Rida Nigeria Shakes Up Ride-Hailing with Unique Negotiation Feature and App Upgrade
https://undercodenews.com/rida-nigeria-shakes-up-ride-hailing-with-unique-negotiation-feature-and-app-upgrade/
@Undercode_News
https://undercodenews.com/rida-nigeria-shakes-up-ride-hailing-with-unique-negotiation-feature-and-app-upgrade/
@Undercode_News
UNDERCODE NEWS
Rida Nigeria Shakes Up Ride-Hailing with Unique Negotiation Feature and App Upgrade - UNDERCODE NEWS
Undercode News was founded in order to provide the most useful information in the world of hacking and technology. Staffed 24/24 hours, seven days a week by a dedicated team in undercode around the world, so it can provide an environment of information andβ¦
Forwarded from UNDERCODE NEWS (Copyright & Fact Checker)
π± NetApp's India Innovation Hub: Revolutionizing Data Storage and #AI
https://undercodenews.com/netapps-india-innovation-hub-revolutionizing-data-storage-and-ai/
@Undercode_News
https://undercodenews.com/netapps-india-innovation-hub-revolutionizing-data-storage-and-ai/
@Undercode_News
UNDERCODE NEWS
NetApp's India Innovation Hub: Revolutionizing Data Storage and AI - UNDERCODE NEWS
Undercode News was founded in order to provide the most useful information in the world of hacking and technology. Staffed 24/24 hours, seven days a week by a dedicated team in undercode around the world, so it can provide an environment of information andβ¦
Forwarded from UNDERCODE NEWS (Copyright & Fact Checker)
π Equal: Revolutionizing Data Sharing for a Better India
https://undercodenews.com/equal-revolutionizing-data-sharing-for-a-better-india/
@Undercode_News
https://undercodenews.com/equal-revolutionizing-data-sharing-for-a-better-india/
@Undercode_News
UNDERCODE NEWS
Equal: Revolutionizing Data Sharing for a Better India - UNDERCODE NEWS
Undercode News was founded in order to provide the most useful information in the world of hacking and technology. Staffed 24/24 hours, seven days a week by a dedicated team in undercode around the world, so it can provide an environment of information andβ¦
Forwarded from UNDERCODE NEWS (Copyright & Fact Checker)
β‘οΈ #AI: The New Frontier for Business and Innovation
https://undercodenews.com/ai-the-new-frontier-for-business-and-innovation/
@Undercode_News
https://undercodenews.com/ai-the-new-frontier-for-business-and-innovation/
@Undercode_News
UNDERCODE NEWS
AI: The New Frontier for Business and Innovation - UNDERCODE NEWS
Undercode News was founded in order to provide the most useful information in the world of hacking and technology. Staffed 24/24 hours, seven days a week by a dedicated team in undercode around the world, so it can provide an environment of information andβ¦
Forwarded from UNDERCODE NEWS (Copyright & Fact Checker)
π€ Dependabot and npm 6 End-of-Life
https://undercodenews.com/dependabot-and-npm-6-end-of-life/
@Undercode_News
https://undercodenews.com/dependabot-and-npm-6-end-of-life/
@Undercode_News
UNDERCODE NEWS
Dependabot and npm 6 End-of-Life - UNDERCODE NEWS
Undercode News was founded in order to provide the most useful information in the world of hacking and technology. Staffed 24/24 hours, seven days a week by a dedicated team in undercode around the world, so it can provide an environment of information andβ¦
Forwarded from UNDERCODE NEWS (Copyright & Fact Checker)
#Amazon Pushes Back Return-to-Office Mandate Due to Space Constraints
https://undercodenews.com/amazon-pushes-back-return-to-office-mandate-due-to-space-constraints/
@Undercode_News
https://undercodenews.com/amazon-pushes-back-return-to-office-mandate-due-to-space-constraints/
@Undercode_News
UNDERCODE NEWS
Amazon Pushes Back Return-to-Office Mandate Due to Space Constraints - UNDERCODE NEWS
Undercode News was founded in order to provide the most useful information in the world of hacking and technology. Staffed 24/24 hours, seven days a week by a dedicated team in undercode around the world, so it can provide an environment of information andβ¦
Forwarded from Exploiting Crew (Pr1vAt3)
π¦Understanding Modern Cybersecurity Tools: EDR, XDR, SOAR, SIEM, and Integrated Solutions π¨
Navigating the world of cybersecurity solutions can be complex. Each tool serves a unique purpose, but understanding their differences is crucial for building an effective security strategy. Here's a quick comparison:
β EDR (Endpoint Detection and Response): Focuses on endpoint security by detecting/responding to threats on devices like laptops and servers. Great for organizations with endpoint-centric threats.
β XDR (Extended Detection and Response): Expands visibility across endpoints, networks, and cloud environments, providing unified threat detection across domains.
β SOAR (Security Orchestration, Automation, and Response): Automates and streamlines incident response processes, saving time and improving efficiency.
β SIEM (Security Information and Event Management): Offers centralized log management and real-time monitoring for identifying and correlating security events.
β Integrated Solution (EDR + XDR + SOAR + SIEM): Combines the strengths of all these tools for holistic threat detection, response, and seamless integration.
Ref: Fadi Kazdar
@UndercodeCommunity
β β β Uππ»βΊπ«Δπ¬πβ β β β
Navigating the world of cybersecurity solutions can be complex. Each tool serves a unique purpose, but understanding their differences is crucial for building an effective security strategy. Here's a quick comparison:
β EDR (Endpoint Detection and Response): Focuses on endpoint security by detecting/responding to threats on devices like laptops and servers. Great for organizations with endpoint-centric threats.
β XDR (Extended Detection and Response): Expands visibility across endpoints, networks, and cloud environments, providing unified threat detection across domains.
β SOAR (Security Orchestration, Automation, and Response): Automates and streamlines incident response processes, saving time and improving efficiency.
β SIEM (Security Information and Event Management): Offers centralized log management and real-time monitoring for identifying and correlating security events.
β Integrated Solution (EDR + XDR + SOAR + SIEM): Combines the strengths of all these tools for holistic threat detection, response, and seamless integration.
Ref: Fadi Kazdar
@UndercodeCommunity
β β β Uππ»βΊπ«Δπ¬πβ β β β
Forwarded from Exploiting Crew (Pr1vAt3)
π¦πππ πππ Testing Method
While "DOM Invader" is not a new feature of Burp, I feel that alot of people don't use it enough (or are not aware of it)
It works by submiting a random string generated by Burp (named "canary") in existing input fields or URL parameters
Then "DOM Invader" will check how your input is processed, providing you with necessary context and sanitization details.
1. Start Burp Browser
2. Turn on the DOM Invader
3. Copy and Paste the canary in the target input field or URL parameter
4. Check the DOM Invader tab for "Interesting sinks"
5. Craft the payload or use the "Exploit" option to automate
Ref: Andrei Agape
@UndercodeCommunity
β β β Uππ»βΊπ«Δπ¬πβ β β β
While "DOM Invader" is not a new feature of Burp, I feel that alot of people don't use it enough (or are not aware of it)
It works by submiting a random string generated by Burp (named "canary") in existing input fields or URL parameters
Then "DOM Invader" will check how your input is processed, providing you with necessary context and sanitization details.
1. Start Burp Browser
2. Turn on the DOM Invader
3. Copy and Paste the canary in the target input field or URL parameter
4. Check the DOM Invader tab for "Interesting sinks"
5. Craft the payload or use the "Exploit" option to automate
Ref: Andrei Agape
@UndercodeCommunity
β β β Uππ»βΊπ«Δπ¬πβ β β β