■■■□□ #GoodReport
How We Found Another #XSS in #Google with #Acunetix
https://www.acunetix.com/blog/web-security-zone/xss-google-acunetix/
How We Found Another #XSS in #Google with #Acunetix
https://www.acunetix.com/blog/web-security-zone/xss-google-acunetix/
Acunetix
How We Found Another XSS in Google with Acunetix | Acunetix
Some time ago, we found an XSS in Google Cloud with the help of the Acunetix vulnerability scanner. Recently we found another XSS vulnerability. Here is how it happened.
■■□□□ #FaceBook #OUR | Open URL Redirect.
https://medium.com/@dwi.siswanto98/open-redirect-on-facebook-bypass-linkshim-4050f680d45c
https://medium.com/@dwi.siswanto98/open-redirect-on-facebook-bypass-linkshim-4050f680d45c
Medium
Open-redirect Vulnerability on Facebook
My Facebook personal account is blocked for up to a month because violating Facebook community standards for over-shitposting, LMAO.
■■■□□ Stored #XSS on Angular JS 1.4.9
https://medium.com/@vbharad/stored-xss-on-angular-js-1-4-9-b2f6121d8c59
https://medium.com/@vbharad/stored-xss-on-angular-js-1-4-9-b2f6121d8c59
Medium
Stored XSS on Angular JS 1.4.9
Introduction :
■■■■□ #ZeroDay | 0-day vulnerability (#backdoor) in firmware for #HiSilicon-based DVRs, NVRs and IP #cameras :
https://habr.com/en/post/486856/
https://habr.com/en/post/486856/
Habr
Full disclosure: 0day vulnerability (backdoor) in firmware for Xiaongmai-based DVRs, NVRs and IP cameras
This is a full disclosure of recent backdoor integrated into DVR/NVR devices built on top of HiSilicon SoC with Xiaongmai firmware. Described vulnerability...
■■■■□
From CSRF to RCE and WordPress-site takeover: CVE-2020-8417
https://blog.wpsec.com/csrf-to-rce-wordpress/
From CSRF to RCE and WordPress-site takeover: CVE-2020-8417
https://blog.wpsec.com/csrf-to-rce-wordpress/
WPSec
From CSRF to RCE and WordPress-site takeover: CVE-2020-8417 - WPSec
A high-severity Cross-Site Request Forgery (CSRF) vulnerability, tracked as CVE-2020–8417, exists in a popular WordPress plugin called Code Snippets, rendering over 200,000 websites vulnerable to site takeover. In this Blog-post, we will cover what caused…
■■■■□ #Samsung #ZeroDay being exploited by developers. Vulnerable version #SnapDragon processors leads to #root privileges and #SandboxEscape (#sbx) of #Knox.
https://www.xda-developers.com/samsung-galaxy-s9-galaxy-note-9-snapdragon-root/
https://www.xda-developers.com/samsung-galaxy-s9-galaxy-note-9-snapdragon-root/
XDA Developers
Developers have exploited the Samsung Galaxy S9 and Note 9 to get root access on the Snapdragon models
Developers have figured out how to root the Snapdragon models of the Samsung Galaxy S9 and Galaxy Note 9 thanks to an exploit, but there's a catch.
■■■■■ Internal #SSRF in #Microsoft's #Azure platform via template parameter upload. #Research by #CheckPoint's #CPR
https://cpr-zero.checkpoint.com/vulns/cprid-2140/
https://cpr-zero.checkpoint.com/vulns/cprid-2140/
CPR-Zero
CPR-Zero: CVE-2019-1234
Check Point Research Vulnerability Repository
■■■■□ #WashingtoPost Security vulnerability
State: Still un-patched
Severity: Medium / High
Details: https://blog.ckure.xyz/archives/51
Wild Exploitation: Most likely
Password: will be shared once the issue is fixed.
State: Still un-patched
Severity: Medium / High
Details: https://blog.ckure.xyz/archives/51
Wild Exploitation: Most likely
Password: will be shared once the issue is fixed.
■■■■■
Analyzing #iOS #WhatsApp Calls
Analysis of the network traffic + binary files + runtime behavior
https://link.medium.com/yi4uD2Q1P3
Analyzing #iOS #WhatsApp Calls
Analysis of the network traffic + binary files + runtime behavior
https://link.medium.com/yi4uD2Q1P3
Medium
Analyzing WhatsApp Calls
How I revealed parts of the VoIP protocol with Wireshark, radare2 and Frida.
■■■■□ #BlueTeam ops #Statistic
https://securityaffairs.co/wordpress/97380/hacking/microsoft-web-shells-report.html
https://securityaffairs.co/wordpress/97380/hacking/microsoft-web-shells-report.html
Security Affairs
Microsoft detects 77,000 active web shells on a daily basis
Microsoft published an interesting report that investigates web shell attacks, the IT giant says it detects 77,000 active web shells daily.
■■■□□ #DataBreach
https://www.bleepingcomputer.com/news/security/medicaid-cco-vendor-breach-exposes-health-personal-info-of-654k/
https://www.bleepingcomputer.com/news/security/medicaid-cco-vendor-breach-exposes-health-personal-info-of-654k/
BleepingComputer
Medicaid CCO Vendor Breach Exposes Health, Personal Info of 654K
Medicaid coordinated care organization (CCO) Health Share of Oregon today disclosed a data breach exposing the health and personal info of 654,362 individuals following the theft of a laptop owned by its transportation vendor GridWorks IC.
■■■■■
Bluetooth Vulnerability in Android (CVE-2020-0022)
Bug allows an attacker to execute arbitrary code with the privileges of the Bluetooth daemon
https://insinuator.net/2020/02/critical-bluetooth-vulnerability-in-android-cve-2020-0022/
Bluetooth Vulnerability in Android (CVE-2020-0022)
Bug allows an attacker to execute arbitrary code with the privileges of the Bluetooth daemon
https://insinuator.net/2020/02/critical-bluetooth-vulnerability-in-android-cve-2020-0022/
Insinuator.net
Critical Bluetooth Vulnerability in Android (CVE-2020-0022) – BlueFrag
On November 3rd, 2019, we have reported a critical vulnerability affecting the Android Bluetooth subsystem. This vulnerability has been assigned CVE-2020-0022 and was now patched in the latest security patch from February 2020. The security impact is as follows:…
■■■■■ One of the best articles available on #DOM based #XSS.
https://portswigger.net/web-security/dom-based
https://portswigger.net/web-security/dom-based
portswigger.net
DOM-based vulnerabilities | Web Security Academy
In this section, we will describe what the DOM is, explain how insecure processing of DOM data can introduce vulnerabilities, and suggest how you can ...
■■■■■ #CDPwn | #Cisco's #CDP (Cisco Discover Protocol) vulnerable with 5 #ZeroDay vulnerabilities caused due to memory corruption.
#bof #0day
Briefing: https://youtu.be/nYtDJlzU-ao
Demo:
https://youtu.be/uIQJQ5equvU [Network Switch]
https://youtu.be/dJpgoLilZQY [VoIP phone]
Details: https://www.armis.com/cdpwn/
#bof #0day
Briefing: https://youtu.be/nYtDJlzU-ao
Demo:
https://youtu.be/uIQJQ5equvU [Network Switch]
https://youtu.be/dJpgoLilZQY [VoIP phone]
Details: https://www.armis.com/cdpwn/
YouTube
CDPwn Explained
Armis has discovered five critical, zero-day vulnerabilities in various implementations of the Cisco Discovery Protocol (CDP) that can allow remote attackers to completely take over devices without any user interaction. CDP is a Cisco proprietary Layer 2…
■■■□□ #Android: How to Bypass Root Check and Certificate Pinning
https://medium.com/@cintainfinita/android-how-to-bypass-root-check-and-certificate-pinning-36f74842d3be
https://medium.com/@cintainfinita/android-how-to-bypass-root-check-and-certificate-pinning-36f74842d3be
Medium
Android: How to Bypass Root Check and Certificate Pinning
Recently I needed to pentest an Android application. When I installed the app in my virtual device (Android Emulator), a pop up…
■■■□□ #iOS exploit development series:
Part 1: Heap Exploit Development:
https://azeria-labs.com/heap-exploit-development-part-1/
Part 2: Heap Overflows and the iOS Kernel Heap
https://azeria-labs.com/heap-overflows-and-the-ios-kernel-heap/
Part 3: Grooming the iOS Kernel Heap
https://azeria-labs.com/grooming-the-ios-kernel-heap/
Part 1: Heap Exploit Development:
https://azeria-labs.com/heap-exploit-development-part-1/
Part 2: Heap Overflows and the iOS Kernel Heap
https://azeria-labs.com/heap-overflows-and-the-ios-kernel-heap/
Part 3: Grooming the iOS Kernel Heap
https://azeria-labs.com/grooming-the-ios-kernel-heap/
Azeria-Labs
Heap Exploit Development