■□□□□ Account Takeover via common misconfiguration in Facebook login.
https://ankitthku.medium.com/account-takeover-via-common-misconfiguration-in-facebook-login-a2ac8b479b3
https://ankitthku.medium.com/account-takeover-via-common-misconfiguration-in-facebook-login-a2ac8b479b3
Medium
Account Takeover via common misconfiguration in Facebook login
Hello folks,
■□□□□ New Lawsuit Takes Aim at Ring After Smart Doorbell Hijacking.
https://www.infosecurity-magazine.com:443/news/new-lawsuit-aim-ring-smart/
https://www.infosecurity-magazine.com:443/news/new-lawsuit-aim-ring-smart/
Infosecurity Magazine
New Lawsuit Takes Aim at Ring After Smart Doorbell Hijacking
Incidents led to murder and sexual assault threats for users
■□□□□ 📢 Ongoing DDoS attack impacting Netscaler ADCS.
https://www.bleepingcomputer.com/news/security/citrix-confirms-ongoing-ddos-attack-impacting-netscaler-adcs/
https://www.bleepingcomputer.com/news/security/citrix-confirms-ongoing-ddos-attack-impacting-netscaler-adcs/
BleepingComputer
Citrix confirms ongoing DDoS attack impacting NetScaler ADCs
Citrix has confirmed today that an ongoing 'DDoS attack pattern' using DTLS as an amplification vector is affecting Citrix Application Delivery Controller (ADC) networking appliances with EDT enabled.
■■□□□ #Zeroday / #0day: The LPE bug could allow an attacker to install programs; view, change, or delete data; or create new accounts with full user rights.
https://threatpost.com/windows-zero-day-circulating-faulty-fix/162610/
https://threatpost.com/windows-zero-day-circulating-faulty-fix/162610/
Threat Post
Windows Zero-Day Still Circulating After Faulty Fix
The LPE bug could allow an attacker to install programs; view, change, or delete data; or create new accounts with full user rights.
■■■□□ Censys-Python - An Easy-To-Use And Lightweight API Wrapper For The Censys Search Engine.
https://github.com/censys/censys-python
https://github.com/censys/censys-python
GitHub
GitHub - censys/censys-python: An easy-to-use and lightweight API wrapper for Censys APIs.
An easy-to-use and lightweight API wrapper for Censys APIs. - censys/censys-python
■■■■□ Vulmap - Web Vulnerability Scanning And Verification Tools.
https://github.com/zhzyker/vulmap
https://www.kitploit.com/2020/12/vulmap-web-vulnerability-scanning-and.html
https://github.com/zhzyker/vulmap
https://www.kitploit.com/2020/12/vulmap-web-vulnerability-scanning-and.html
GitHub
GitHub - zhzyker/vulmap: Vulmap 是一款 web 漏洞扫描和验证工具, 可对 webapps 进行漏洞扫描, 并且具备漏洞验证功能
Vulmap 是一款 web 漏洞扫描和验证工具, 可对 webapps 进行漏洞扫描, 并且具备漏洞验证功能 - zhzyker/vulmap
■■■□□ Microsoft Warns CrowdStrike of Hackers Targeting Azure Cloud Customers and alleged unsuccessful attempt to compromise CrowdStrike.
https://thehackernews.com/2020/12/microsoft-warns-crowdstrike-of-hackers.html
https://thehackernews.com/2020/12/microsoft-warns-crowdstrike-of-hackers.html
cKure
■□□□□ 📢 Ongoing DDoS attack impacting Netscaler ADCS. https://www.bleepingcomputer.com/news/security/citrix-confirms-ongoing-ddos-attack-impacting-netscaler-adcs/
■■□□□ Citrix confirmed that a DDoS attack is targeting Citrix Application Delivery Controller (ADC) networking equipment.
cKure
Screenshot_20201223-004909_Chrome.jpg
■■■■■ Update: Signal – the World’s Most Encrypted App – Was Not Hacked by Israeli 🇮🇱 firm Cellebrite. #Israel
https://www.haaretz.com/amp/israel-news/tech-news/.premium-no-signal-the-world-s-most-encrypted-app-was-not-hacked-by-israeli-firm-cellebr-1.9398118
https://www.haaretz.com/amp/israel-news/tech-news/.premium-no-signal-the-world-s-most-encrypted-app-was-not-hacked-by-israeli-firm-cellebr-1.9398118
Haaretz.com
No, Signal – the world’s most encrypted app – was not hacked by Israeli firm Cellebrite
***
■■□□□ Russian crypto-exchange Livecoin hacked after it lost control of its servers.
https://www.zdnet.com/article/russian-crypto-exchange-livecoin-hacked-after-it-lost-control-of-its-servers/
https://www.zdnet.com/article/russian-crypto-exchange-livecoin-hacked-after-it-lost-control-of-its-servers/
ZDNet
Russian crypto-exchange Livecoin hacked after it lost control of its servers
Hackers gained access to the Livecoin portal and modified exchange rates to 10-15 times their normal values.
■■□□□ Vulnerabilities in McAfee ePolicy Orchestrator.
https://swarm.ptsecurity.com/vulnerabilities-in-mcafee-epolicy-orchestrator/
https://swarm.ptsecurity.com/vulnerabilities-in-mcafee-epolicy-orchestrator/
PT SWARM
Vulnerabilities in McAfee ePolicy Orchestrator
This August, I discovered three vulnerabilities in McAfee ePolicy Orchestrator (ePO) version 5.10.0. McAfee ePO is software that helps IT administrators unify security management across endpoints, networks, data, and compliance solutions from McAfee and…
cKure
6dd04fe2-7d10-4632-89f1-eb8f932f6e94.pdf
■■■□□ Detailed technical analysis of SolarWinds Hack / SunBurst.
https://www.fireeye.com/blog/threat-research/2020/12/sunburst-additional-technical-details.html
https://www.fireeye.com/blog/threat-research/2020/12/sunburst-additional-technical-details.html
Google Cloud Blog
SUNBURST Additional Technical Details | Mandiant | Google Cloud Blog
■■□□□ #DataLeak: A misconfigured AWS ☁️ cloud storage bucket has exposed the personal details of hundreds of social media influencers, potentially putting them at risk of fraud and harassment, according to researchers.
A team at vpnMentor discovered the AWS S3 bucket wide open with no encryption or password protection, back in early November. Action has apparently yet to be taken by the company responsible, Barcelona-based “social commerce” company 21 Buttons.
https://www.infosecurity-magazine.com:443/news/misconfigured-bucket-exposes/
A team at vpnMentor discovered the AWS S3 bucket wide open with no encryption or password protection, back in early November. Action has apparently yet to be taken by the company responsible, Barcelona-based “social commerce” company 21 Buttons.
https://www.infosecurity-magazine.com:443/news/misconfigured-bucket-exposes/
Infosecurity Magazine
Misconfigured AWS Bucket Exposes Hundreds of Social Influencers
Victims could be targeted by stalkers and fraudsters
cKure
■■■□□ Microsoft Warns CrowdStrike of Hackers Targeting Azure Cloud Customers and alleged unsuccessful attempt to compromise CrowdStrike. https://thehackernews.com/2020/12/microsoft-warns-crowdstrike-of-hackers.html
■■■■□ SolarWinds / Solorigate: Suspected Russian hackers used Microsoft vendors to breach customers.
https://in.mobile.reuters.com/article/amp/idINKBN28Y1QF
https://in.mobile.reuters.com/article/amp/idINKBN28Y1QF
Reuters
Suspected Russian hackers used Microsoft vendors to breach customers
The suspected Russian hackers behind the worst U.S. cyber attack in years leveraged reseller access to Microsoft Corp services to penetrate targets that had no compromised network software from SolarWinds Corp, investigators said.
■■□□□ Apple sends hacker-friendly iPhones to researchers, expects quick fix for vulnerabilities. The phones allow attackers to bypass code signing and similar features that prohibit offensive tactics.
■■■□□ Police Arrest 21 WeLeakInfo Customers Who Bought Breached Personal Data.
https://thehackernews.com/2020/12/police-arrest-21-weleakinfo-customers.html
https://thehackernews.com/2020/12/police-arrest-21-weleakinfo-customers.html
■■□□□ Another technical writeup.
SolarWinds' SunBurst: the next level of stealth.
https://blog.reversinglabs.com/blog/sunburst-the-next-level-of-stealth
SolarWinds' SunBurst: the next level of stealth.
https://blog.reversinglabs.com/blog/sunburst-the-next-level-of-stealth
ReversingLabs
The attack on SolarWinds: Next-level stealth was key
The SunBurst supply chain attack, which was behind the SolarWinds compromise, took sophistication and patience.