Forwarded from UNDERCODE NEWS (Copyright & Fact Checker)
π‘οΈ A Unified Security Platform: The Key to a Stronger Cyber Defense
https://undercodenews.com/a-unified-security-platform-the-key-to-a-stronger-cyber-defense/
@Undercode_News
https://undercodenews.com/a-unified-security-platform-the-key-to-a-stronger-cyber-defense/
@Undercode_News
UNDERCODE NEWS
A Unified Security Platform: The Key to a Stronger Cyber Defense - UNDERCODE NEWS
Undercode News was founded in order to provide the most useful information in the world of hacking and technology. Staffed 24/24 hours, seven days a week by a dedicated team in undercode around the world, so it can provide an environment of information andβ¦
Forwarded from UNDERCODE NEWS (Copyright & Fact Checker)
π± Build Go Apps in Minutes with Project IDX
https://undercodenews.com/build-go-apps-in-minutes-with-project-idx/
@Undercode_News
https://undercodenews.com/build-go-apps-in-minutes-with-project-idx/
@Undercode_News
UNDERCODE NEWS
Build Go Apps in Minutes with Project IDX - UNDERCODE NEWS
Undercode News was founded in order to provide the most useful information in the world of hacking and technology. Staffed 24/24 hours, seven days a week by a dedicated team in undercode around the world, so it can provide an environment of information andβ¦
Forwarded from Exploiting Crew (Pr1vAt3)
π¦Top Password Reset Functionality Bugs
π‘οΈ
Testing password reset flows is critical to ensuring account security. Hereβs a checklist of common vulnerabilities to watch out for:
No rate limiting
Token leakage
Email manipulation
Self-XSS risks
Brute force reset attempts
Each of these bugs can lead to serious account takeovers (critical vulnerability) if overlooked. What other password reset vulnerabilities have you come across in your tests?
Ref: Amit Kumar
@UndercodeCommunity
β β β Uππ»βΊπ«Δπ¬πβ β β β
π‘οΈ
Testing password reset flows is critical to ensuring account security. Hereβs a checklist of common vulnerabilities to watch out for:
No rate limiting
Token leakage
Email manipulation
Self-XSS risks
Brute force reset attempts
Each of these bugs can lead to serious account takeovers (critical vulnerability) if overlooked. What other password reset vulnerabilities have you come across in your tests?
Ref: Amit Kumar
@UndercodeCommunity
β β β Uππ»βΊπ«Δπ¬πβ β β β
Forwarded from UNDERCODE NEWS (Copyright & Fact Checker)
π E-Commerce Giant Shifts Gears: #Amazon Reaches Major Milestone with 20,000 Rivian Electric Delivery Vans
https://undercodenews.com/e-commerce-giant-shifts-gears-amazon-reaches-major-milestone-with-20000-rivian-electric-delivery-vans/
@Undercode_News
https://undercodenews.com/e-commerce-giant-shifts-gears-amazon-reaches-major-milestone-with-20000-rivian-electric-delivery-vans/
@Undercode_News
UNDERCODE NEWS
E-Commerce Giant Shifts Gears: Amazon Reaches Major Milestone with 20,000 Rivian Electric Delivery Vans - UNDERCODE NEWS
Undercode News was founded in order to provide the most useful information in the world of hacking and technology. Staffed 24/24 hours, seven days a week by a dedicated team in undercode around the world, so it can provide an environment of information andβ¦
Forwarded from UNDERCODE TESTING
π¦This one command is enough to knock down your entire wifi.
-S : Send syn packets
--flood : Sent packets as fast as possible
Simple DOS attack, works really well on non-enterprise networks. Implement firewall/filter rules in your router to avoid these attacks.
However in some cases it can increase resources usage on router that could still lead to crashes.
Ref: Steven Lim
@UndercodeCommunity
β β β Uππ»βΊπ«Δπ¬πβ β β β
-S : Send syn packets
--flood : Sent packets as fast as possible
Simple DOS attack, works really well on non-enterprise networks. Implement firewall/filter rules in your router to avoid these attacks.
However in some cases it can increase resources usage on router that could still lead to crashes.
Ref: Steven Lim
@UndercodeCommunity
β β β Uππ»βΊπ«Δπ¬πβ β β β
Forwarded from UNDERCODE NEWS (Copyright & Fact Checker)
#Ransomware Group funksec Targets robertfinaleeditions
https://undercodenews.com/ransomware-group-funksec-targets-robertfinaleeditions/
@Undercode_News
https://undercodenews.com/ransomware-group-funksec-targets-robertfinaleeditions/
@Undercode_News
UNDERCODE NEWS
Ransomware Group funksec Targets robertfinaleeditions - UNDERCODE NEWS
Undercode News was founded in order to provide the most useful information in the world of hacking and technology. Staffed 24/24 hours, seven days a week by a dedicated team in undercode around the world, so it can provide an environment of information andβ¦
Forwarded from UNDERCODE NEWS (Copyright & Fact Checker)
π Nathan American Academy Falls Victim to funksec #Ransomware Attack
https://undercodenews.com/nathan-american-academy-falls-victim-to-funksec-ransomware-attack/
@Undercode_News
https://undercodenews.com/nathan-american-academy-falls-victim-to-funksec-ransomware-attack/
@Undercode_News
UNDERCODE NEWS
Nathan American Academy Falls Victim to funksec Ransomware Attack - UNDERCODE NEWS
Undercode News was founded in order to provide the most useful information in the world of hacking and technology. Staffed 24/24 hours, seven days a week by a dedicated team in undercode around the world, so it can provide an environment of information andβ¦
Forwarded from UNDERCODE NEWS (Copyright & Fact Checker)
β‘οΈ New #Ransomware Attack: FunkSec Targets Sea Isle Realty
https://undercodenews.com/new-ransomware-attack-funksec-targets-sea-isle-realty/
@Undercode_News
https://undercodenews.com/new-ransomware-attack-funksec-targets-sea-isle-realty/
@Undercode_News
UNDERCODE NEWS
New Ransomware Attack: FunkSec Targets Sea Isle Realty - UNDERCODE NEWS
Undercode News was founded in order to provide the most useful information in the world of hacking and technology. Staffed 24/24 hours, seven days a week by a dedicated team in undercode around the world, so it can provide an environment of information andβ¦
Forwarded from UNDERCODE NEWS (Copyright & Fact Checker)
Killsec #Ransomware Targets Verosa LLC
https://undercodenews.com/killsec-ransomware-targets-verosa-llc/
@Undercode_News
https://undercodenews.com/killsec-ransomware-targets-verosa-llc/
@Undercode_News
UNDERCODE NEWS
Killsec Ransomware Targets Verosa LLC - UNDERCODE NEWS
Undercode News was founded in order to provide the most useful information in the world of hacking and technology. Staffed 24/24 hours, seven days a week by a dedicated team in undercode around the world, so it can provide an environment of information andβ¦
Forwarded from UNDERCODE NEWS (Copyright & Fact Checker)
π Grammarly Acquires Coda to Power the Future of Productivity
https://undercodenews.com/grammarly-acquires-coda-to-power-the-future-of-productivity/
@Undercode_News
https://undercodenews.com/grammarly-acquires-coda-to-power-the-future-of-productivity/
@Undercode_News
UNDERCODE NEWS
Grammarly Acquires Coda to Power the Future of Productivity - UNDERCODE NEWS
Undercode News was founded in order to provide the most useful information in the world of hacking and technology. Staffed 24/24 hours, seven days a week by a dedicated team in undercode around the world, so it can provide an environment of information andβ¦
Forwarded from Exploiting Crew (Pr1vAt3)
π¦Top Shodan Dorks for Finding Sensitive IoT Data π
Are you testing IoT devices and systems for vulnerabilities? Shodan, the search engine for internet-connected devices, can reveal critical data with the right queries.
This cheat sheet contains useful Shodan dorks to identify exposed services, misconfigurations, and unsecured devices, such as: β Open ports: 23 (Telnet), 21 (FTP), 3306 (MySQL)
β Exposed services: PostgreSQL, MongoDB, Apache, Jenkins, MikroTik
β Sensitive information: "MongoDB Server Information," "200 OK" responses, and certificate details
Some highlights include:
Finding unprotected remote desktops (port:3389)
Identifying insecure databases (port:27017, MongoDB authentication disabled)
Locating industrial devices and firmware (port:5006,5007 Mitsubishi)
Why does this matter?
IoT devices are often overlooked and can serve as easy targets for attackers if not properly secured. By searching for exposed ports and services, security researchers can help organizations address these risks proactively.
π’ A friendly reminder: Use this knowledge responsibly. Only test systems you have permission to access!
Ref: AMIT KUMARAMIT KUMAR
@UndercodeCommunity
β β β Uππ»βΊπ«Δπ¬πβ β β β
Are you testing IoT devices and systems for vulnerabilities? Shodan, the search engine for internet-connected devices, can reveal critical data with the right queries.
This cheat sheet contains useful Shodan dorks to identify exposed services, misconfigurations, and unsecured devices, such as: β Open ports: 23 (Telnet), 21 (FTP), 3306 (MySQL)
β Exposed services: PostgreSQL, MongoDB, Apache, Jenkins, MikroTik
β Sensitive information: "MongoDB Server Information," "200 OK" responses, and certificate details
Some highlights include:
Finding unprotected remote desktops (port:3389)
Identifying insecure databases (port:27017, MongoDB authentication disabled)
Locating industrial devices and firmware (port:5006,5007 Mitsubishi)
Why does this matter?
IoT devices are often overlooked and can serve as easy targets for attackers if not properly secured. By searching for exposed ports and services, security researchers can help organizations address these risks proactively.
π’ A friendly reminder: Use this knowledge responsibly. Only test systems you have permission to access!
Ref: AMIT KUMARAMIT KUMAR
@UndercodeCommunity
β β β Uππ»βΊπ«Δπ¬πβ β β β
Forwarded from UNDERCODE NEWS (Copyright & Fact Checker)
β οΈ #Ransomware Alert: Lynx Targets Smith Tank & Steel
https://undercodenews.com/ransomware-alert-lynx-targets-smith-tank-steel/
@Undercode_News
https://undercodenews.com/ransomware-alert-lynx-targets-smith-tank-steel/
@Undercode_News
UNDERCODE NEWS
Ransomware Alert: Lynx Targets Smith Tank & Steel - UNDERCODE NEWS
Undercode News was founded in order to provide the most useful information in the world of hacking and technology. Staffed 24/24 hours, seven days a week by a dedicated team in undercode around the world, so it can provide an environment of information andβ¦
Forwarded from UNDERCODE NEWS (Copyright & Fact Checker)
π #Ransomware on the Rise: Moneymessage Targets National Atomic Energy Commission
https://undercodenews.com/ransomware-on-the-rise-moneymessage-targets-national-atomic-energy-commission/
@Undercode_News
https://undercodenews.com/ransomware-on-the-rise-moneymessage-targets-national-atomic-energy-commission/
@Undercode_News
UNDERCODE NEWS
Ransomware on the Rise: Moneymessage Targets National Atomic Energy Commission - UNDERCODE NEWS
Undercode News was founded in order to provide the most useful information in the world of hacking and technology. Staffed 24/24 hours, seven days a week by a dedicated team in undercode around the world, so it can provide an environment of information andβ¦
Forwarded from UNDERCODE NEWS (Copyright & Fact Checker)
β οΈ Filtering Secret Scanning Alerts: A New Level of Control
https://undercodenews.com/filtering-secret-scanning-alerts-a-new-level-of-control/
@Undercode_News
https://undercodenews.com/filtering-secret-scanning-alerts-a-new-level-of-control/
@Undercode_News
UNDERCODE NEWS
Filtering Secret Scanning Alerts: A New Level of Control - UNDERCODE NEWS
Undercode News was founded in order to provide the most useful information in the world of hacking and technology. Staffed 24/24 hours, seven days a week by a dedicated team in undercode around the world, so it can provide an environment of information andβ¦
Forwarded from DailyCVE
π΄ TShock Security Escalation Exploit (High Severity)
https://dailycve.com/tshock-security-escalation-exploit-high-severity/
@DailyCVE
https://dailycve.com/tshock-security-escalation-exploit-high-severity/
@DailyCVE
DailyCVE
TShock Security Escalation Exploit (High Severity) - DailyCVE
2024-12-18 : A critical vulnerability has been identified in TShock, a popular Terraria server mod. This vulnerability allows attackers to [β¦]
Forwarded from DailyCVE
π Age, Arbitrary Code Execution Vulnerability (#CVE-2024-49016) (Moderate)
https://dailycve.com/age-arbitrary-code-execution-vulnerability-cve-2024-49016-moderate/
@Daily_CVE
https://dailycve.com/age-arbitrary-code-execution-vulnerability-cve-2024-49016-moderate/
@Daily_CVE
DailyCVE
Age, Arbitrary Code Execution Vulnerability (CVE-2024-49016) (Moderate) - DailyCVE
2024-12-18 : A vulnerability in the age encryption tool allows for potential arbitrary code execution. This is due to a [β¦]
Forwarded from DailyCVE
π΅ Rage Vulnerable to Malicious Plugin Names
https://dailycve.com/rage-vulnerable-to-malicious-plugin-names/
@Daily_CVE
https://dailycve.com/rage-vulnerable-to-malicious-plugin-names/
@Daily_CVE
DailyCVE
Rage Vulnerable to Malicious Plugin Names - DailyCVE
2024-12-18 Rage, a popular command-line tool for encrypting and decrypting files, has been found to be vulnerable to a moderate-severity [β¦]
Forwarded from UNDERCODE NEWS (Copyright & Fact Checker)
π¨ VIPKeyLogger: A Stealthy Threat Targeting Sensitive Information
https://undercodenews.com/vipkeylogger-a-stealthy-threat-targeting-sensitive-information/
@Undercode_News
https://undercodenews.com/vipkeylogger-a-stealthy-threat-targeting-sensitive-information/
@Undercode_News
UNDERCODE NEWS
VIPKeyLogger: A Stealthy Threat Targeting Sensitive Information - UNDERCODE NEWS
Undercode News was founded in order to provide the most useful information in the world of hacking and technology. Staffed 24/24 hours, seven days a week by a dedicated team in undercode around the world, so it can provide an environment of information andβ¦
Forwarded from UNDERCODE NEWS (Copyright & Fact Checker)
The Rise of Collaborative #AI Agents: Building Your Own Brainiacs
https://undercodenews.com/the-rise-of-collaborative-ai-agents-building-your-own-brainiacs/
@Undercode_News
https://undercodenews.com/the-rise-of-collaborative-ai-agents-building-your-own-brainiacs/
@Undercode_News
UNDERCODE NEWS
The Rise of Collaborative AI Agents: Building Your Own Brainiacs - UNDERCODE NEWS
Undercode News was founded in order to provide the most useful information in the world of hacking and technology. Staffed 24/24 hours, seven days a week by a dedicated team in undercode around the world, so it can provide an environment of information andβ¦