Forwarded from DailyCVE
π΅Red Hat Undertow input validation error vulnerability
(DC:257-2021)
https://dailycve.com/red-hat-undertow-input-validation-error-vulnerability
(DC:257-2021)
https://dailycve.com/red-hat-undertow-input-validation-error-vulnerability
Dailycve
Red Hat Undertow input validation error vulnerability | CVE
Details:
The Java-based Red Hat Undertow is a Red Hat (Red Hat) web server, the default Wildfly web server (Java application server). The security weakness of Red Hat Undertow. This vulnerability can be used by attackers to cause a fatal error by queryingβ¦
Forwarded from UNDERCODE TESTING
π΅Caret Editor input validation error vulnerability
(DC: 258-2021)
https://dailycve.com/caret-editor-input-validation-error-vulnerability
(DC: 258-2021)
https://dailycve.com/caret-editor-input-validation-error-vulnerability
Dailycve
Caret Editor input validation error vulnerability | CVE
Details:
Caret Editor is the Caret Company's Markdown file editor. The input validation error vulnerability of Caret Editor before 4.0.0-rc22. A specially created Markdown text that may cause malicious JavaScript code in the care editor is caused to causeβ¦
Forwarded from UNDERCODE NEWS
The job of the Red Hat team should not be determined by the board. Is that why no more updates for Centos projects ?
#Updates
#Updates
Forwarded from UNDERCODE NEWS
The vulnerabilities in Internet Explorer have appeared... Should I have to avoid using this browser?
#Vulnerabilities
#Vulnerabilities
Why old exploits are not importants ? & Types :
2019-2020- old exploits :
https://youtu.be/2VaPTIuRs4k
2019-2020- old exploits :
https://youtu.be/2VaPTIuRs4k
YouTube
Common Types Of Network Security Vulnerabilities In 2023 | PurpleSec
Network security vulnerabilities are constantly evolving as threat actors seek new and intuitive ways to gain access to a businessβs network. In this video, Iβm going to breakdown the most common types of network vulnerabilities that threaten the securityβ¦
Forwarded from DailyCVE
π΅MediaWiki cross-site request forgery vulnerability:
(DC: 259-2021)
https://dailycve.com/mediawiki-cross-site-request-forgery-vulnerability
(DC: 259-2021)
https://dailycve.com/mediawiki-cross-site-request-forgery-vulnerability
Forwarded from UNDERCODE NEWS
Forwarded from UNDERCODE NEWS
β β β Uππ»βΊπ«Δπ¬πβ β β β
Malware on your phone
Most people doubt that mobile devices can get infected with malware.
It's true?
That's 101% possible, well, maybe not in the standard traditional method, for iPhone and Apple devices.
But, technically, the same process applies.
Let's look at the problem more specifically.
Once the malware connects to your phone, it performs several operations.
Competing with your phone's resources and destroying many programs.
The classic signs of malware on your phone are:
- Apps take longer to load :
Your battery is draining faster than usual
Apps you haven't downloaded appear as available
How do I know if my phone is infected with a virus?
+ There are two ways to detect and remove malware from your phone.
-Auto
-Manual method on Android phone
Step one: turn off your phone
The moment you spot the classic signs of malware infiltration, the first thing you do, if you can't pinpoint where you entered, is to turn off your phone.
Turning off your phone will stop further damage and the spread of malicious software to other programs.
This is the safest first option.
Step two: activate safe mode
Activating Safe Mode on your Android device is as easy as
Hold the power button for a few seconds.
Then, while your phone is on, hold the power off button.
Click on the reboot option; Most Android phones have this option.
Then click "Restart in Safe Mode".
For devices that do not have this option, turn off the phone by long pressing the power button.
Then press and hold the volume down button, wait until the device turns on.
The Safe Mode option will appear in the lower left corner of your phone.
Step three, part A: phone settings
Some malware is so smart and cunning that when it invades your phone, it finds a way to protect itself.
They go to Phone Administrators settings and then change the configuration.
This way you can try whatever you want, but you won't be able to remove them.
β β β Uππ»βΊπ«Δπ¬πβ β β β
Malware on your phone
Most people doubt that mobile devices can get infected with malware.
It's true?
That's 101% possible, well, maybe not in the standard traditional method, for iPhone and Apple devices.
But, technically, the same process applies.
Let's look at the problem more specifically.
Once the malware connects to your phone, it performs several operations.
Competing with your phone's resources and destroying many programs.
The classic signs of malware on your phone are:
- Apps take longer to load :
Your battery is draining faster than usual
Apps you haven't downloaded appear as available
How do I know if my phone is infected with a virus?
+ There are two ways to detect and remove malware from your phone.
-Auto
-Manual method on Android phone
Step one: turn off your phone
The moment you spot the classic signs of malware infiltration, the first thing you do, if you can't pinpoint where you entered, is to turn off your phone.
Turning off your phone will stop further damage and the spread of malicious software to other programs.
This is the safest first option.
Step two: activate safe mode
Activating Safe Mode on your Android device is as easy as
Hold the power button for a few seconds.
Then, while your phone is on, hold the power off button.
Click on the reboot option; Most Android phones have this option.
Then click "Restart in Safe Mode".
For devices that do not have this option, turn off the phone by long pressing the power button.
Then press and hold the volume down button, wait until the device turns on.
The Safe Mode option will appear in the lower left corner of your phone.
Step three, part A: phone settings
Some malware is so smart and cunning that when it invades your phone, it finds a way to protect itself.
They go to Phone Administrators settings and then change the configuration.
This way you can try whatever you want, but you won't be able to remove them.
β β β Uππ»βΊπ«Δπ¬πβ β β β
Forwarded from UNDERCODE NEWS
Forwarded from DailyCVE
π΅IBM WebSphere AS security vulnerability:
(DC: 260-2021)
https://dailycve.com/ibm-websphere-security-vulnerability
(DC: 260-2021)
https://dailycve.com/ibm-websphere-security-vulnerability
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦DataWave is an ingest/query framework that leverages Apache Accumulo to provide fast, secure data access: (By NSA)
Data fusion across structured and unstructured datasets
Construction and analysis of distributed graphs
Multi-tenant data architectures, with tenants having distinct security requirements and data access patterns
Fine-grained control over data access, integrated easily with existing user-authorization services and PKI
> How to install ?
https://code.nsa.gov/datawave/docs/quickstart
2021 version
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦DataWave is an ingest/query framework that leverages Apache Accumulo to provide fast, secure data access: (By NSA)
Data fusion across structured and unstructured datasets
Construction and analysis of distributed graphs
Multi-tenant data architectures, with tenants having distinct security requirements and data access patterns
Fine-grained control over data access, integrated easily with existing user-authorization services and PKI
> How to install ?
https://code.nsa.gov/datawave/docs/quickstart
2021 version
β β β Uππ»βΊπ«Δπ¬πβ β β β
code.nsa.gov
DataWave Docs - Quickstart Installation
This quickstart provides a single-node standalone DataWave instance that you may use to follow along with theguided tour. It is also generally useful as a de...
Forwarded from DailyCVE
π΅ Apache Nutch injection vulnerability :
(DC: 261-2021)
https://dailycve.com/apache-nutch-injection-vulnerability
(DC: 261-2021)
https://dailycve.com/apache-nutch-injection-vulnerability
Forwarded from UNDERCODE NEWS
Forwarded from UNDERCODE NEWS
Microsoft released its second fiscal quarter financial report for the 2021 fiscal year ending.
#Analytiques
#Analytiques
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦The right way for a ddos :
How to check subnets ?
The first thing you need to check is the connections from the shared subnets (the most commonly used are / 16 or / 24 masks).
Log in to your Linux server and enter the following command to see what connections are coming from the same subnet (/ 16):
netstat -ntu | awk '{print $ 5}' | cut -d: -f1 -s | cut -f1,2 -d '.' | sed 's / $ /. 0.0 /' | sort | uniq -c | sort -nk1 -r
If the netstat command is not found, you need to install it using the command:
sudo apt-get install net-tools -y
You should see a list of all connections from addresses that contain the same first two octets, for example 192.168.xx
To find connections from the / 24 subnet, use the following command:
netstat -ntu | awk '{print $ 5}' | cut -d: -f1 -s | cut -f1,2,3 -d '.' | sed 's / $ /. 0 /' | sort | uniq -c | sort -nk1 -r
as example
The above command will display all connections from the same subnet, but the first three octets (for example, 192.168.1.x).
If you find a large number of connections from any of these subnets, you've narrowed your search a bit.
Another netstat command will list all the IP addresses connected to the server.
This command:
netstat -anp | grep 'tcp \ | udp' | awk '{print $ 5}' | cut -d: -f1 | sort | uniq -c
You should see a list of all connected IP addresses and the number of their connections.
We then use netstat to count the number of connections each IP address has to your server.
This command:
sudo netstat -ntu | awk '{print $ 5}' | cut -d: -f1 | sort | uniq -c | sort -n
The above command will actually list the IP addresses from all subnets that are sending connection requests to your server.
At this point, you should have a good idea of ββwhere the connections are coming from and what IP addresses are associated with those connections.
You can have a large number of connections from one specific subnet.
If this subnet is not supposed to reach a server with this level of traffic, most likely, this is where the DDoS attack originates.
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦The right way for a ddos :
How to check subnets ?
The first thing you need to check is the connections from the shared subnets (the most commonly used are / 16 or / 24 masks).
Log in to your Linux server and enter the following command to see what connections are coming from the same subnet (/ 16):
netstat -ntu | awk '{print $ 5}' | cut -d: -f1 -s | cut -f1,2 -d '.' | sed 's / $ /. 0.0 /' | sort | uniq -c | sort -nk1 -r
If the netstat command is not found, you need to install it using the command:
sudo apt-get install net-tools -y
You should see a list of all connections from addresses that contain the same first two octets, for example 192.168.xx
To find connections from the / 24 subnet, use the following command:
netstat -ntu | awk '{print $ 5}' | cut -d: -f1 -s | cut -f1,2,3 -d '.' | sed 's / $ /. 0 /' | sort | uniq -c | sort -nk1 -r
as example
The above command will display all connections from the same subnet, but the first three octets (for example, 192.168.1.x).
If you find a large number of connections from any of these subnets, you've narrowed your search a bit.
Another netstat command will list all the IP addresses connected to the server.
This command:
netstat -anp | grep 'tcp \ | udp' | awk '{print $ 5}' | cut -d: -f1 | sort | uniq -c
You should see a list of all connected IP addresses and the number of their connections.
We then use netstat to count the number of connections each IP address has to your server.
This command:
sudo netstat -ntu | awk '{print $ 5}' | cut -d: -f1 | sort | uniq -c | sort -n
The above command will actually list the IP addresses from all subnets that are sending connection requests to your server.
At this point, you should have a good idea of ββwhere the connections are coming from and what IP addresses are associated with those connections.
You can have a large number of connections from one specific subnet.
If this subnet is not supposed to reach a server with this level of traffic, most likely, this is where the DDoS attack originates.
β β β Uππ»βΊπ«Δπ¬πβ β β β
Forwarded from DailyCVE
π΅ Tp-link TL-WR841N injection vulnerability :
(DC: 262-2021)
https://dailycve.com/tp-link-tl-wr841n-injection-vulnerability
(DC: 262-2021)
https://dailycve.com/tp-link-tl-wr841n-injection-vulnerability
Dailycve
Tp-link TL-WR841N injection vulnerability | CVE
Details:
The Tp-link TL-WR841N is a wireless router developed by Tp-link in China. The command injection flaw of TP-Link TL-WR841N enables remote, authenticated malicious users to execute arbitrary commands on the device. This vulnerability can be usedβ¦