tpx Security ⠠⠵ – Telegram

tpx Security ⠠⠵

2.4K subscribers

2.31K photos

103 videos

24 files

3.97K links

Hacking, ciberseguridad e Inteligencia.

Download Telegram

About

Blog

Apps

Platform

tpx Security ⠠⠵

2.4K subscribers

tpx Security ⠠⠵

https://www.eleconomista.com.mx/tecnologia/Eres-cliente-de-Libreria-Porrua-Tus-datos-pueden-estar-en-manos-de-un-hacker-20190801-0064.html

¿Eres cliente de Librería Porrúa? Tus datos pueden estar en manos de un hacker

Datos de 2.1 millones de registros de Librería Porrúa, que incluyen registros de compra, información de contacto y números de tarjetas de crédito, fueron expuestos y luego robados. Los hackers pidieron a Porrúa un rescate en bitcoins, asegura una investigación…

1.04K views18:56

tpx Security ⠠⠵

https://threatpost.com/90-enterprise-iphone-users-imessage-spy-attack/146899/

90% of Enterprise iPhone Users Open to iMessage Spy Attack

Vast majority of Apple iOS users haven't updated to iOS 12.4, leaving themselves wide open to a public exploit.

949 views03:22

tpx Security ⠠⠵

Single User DOS by Poisoning Cookie via Get Parameter
https://hackerone.com/reports/416966

Pornhub disclosed on HackerOne: Single User DOS by Poisoning Cookie...

The researcher was able to exploit a cookie poisoning attack against other users, by sending malicious links to the victims, as a result, the victims were no longer be able to access...

1.05K views18:22

tpx Security ⠠⠵

How I Found XSS By Searching In Shodan
https://medium.com/@justm0rph3u5/how-i-found-xss-by-searching-in-shodan-6943b799e648

How I Found XSS By Searching In Shodan

It is just another XSS blog.

989 views00:26

tpx Security ⠠⠵

Bypassing Cloudflare WAF with the origin server IP address
https://blog.detectify.com/2019/07/31/bypassing-cloudflare-waf-with-the-origin-server-ip-address/

Bypassing Cloudflare WAF with the origin server IP address

Crowdsource hacker Gwendal shares tutorial on how he bypassed Cloudflare WAF, commonly used by companies, with the origin server IP.

994 views18:14

tpx Security ⠠⠵

https://arstechnica.com/information-technology/2019/08/microsoft-catches-russian-state-hackers-using-iot-devices-to-breach-networks/

Microsoft catches Russian state hackers using IoT devices to breach networks

Fancy Bear servers are communicating with compromised devices inside corporate networks.

1.13K views06:58

tpx Security ⠠⠵

Wow !

940 views15:37

tpx Security ⠠⠵

Forwarded from The Bug Bounty Hunter

SQL Injection Extracts Starbucks Enterprise Accounting, Financial, Payroll Database
https://hackerone.com/reports/531051

Starbucks disclosed on HackerOne: SQL Injection Extracts Starbucks...

As described in the Hacker Summary, @spaceraccoon discovered a SQL Injection vulnerability in a web service backed by Microsoft Dynamics AX. @spaceraccoon demonstrated that the flaw was exploitable...

11 views15:37

tpx Security ⠠⠵

Forwarded from AnayaBit

https://www.lansweeper.com/vulnerability/swapgs-attack-cve-2019-1125-the-newest-spectre-for-intel-cpus/

Lansweeper | IT Discovery Software

SWAPGS Attack CVE-2019-1125 - The Newest Spectre for Intel CPUs

Run the SWAPGS Audit Report to Find Affected Machines

1.04K views19:29

tpx Security ⠠⠵

https://research.checkpoint.com/black-hat-2019-whatsapp-protocol-decryption-for-chat-manipulation-and-more/

Check Point Research

Black Hat 2019 – WhatsApp Protocol Decryption for Chat Manipulation and More - Check Point Research

Research By: Dikla Barda, Roman Zaikin and Oded Vanunu According to sources, WhatsApp, the Facebook-owned messaging application has over 1.5 billion users in over 180 countries. The average user checks WhatsApp more than 23 times per day. And, the number…

989 views19:45

tpx Security ⠠⠵

Forwarded from Israel Garcia

https://t.co/ty79uI1BLZ?amp=1

13-Year-Old Encryption Bugs Still Haunt Apps and IoT

RSA encryption has been around for decades. Unfortunately, so have bad implementations that leave it less secure.

1.01K views00:36

tpx Security ⠠⠵

Forwarded from Israel Garcia

https://nakedsecurity.sophos.com/2019/08/05/hackers-exploit-sms-gateways-to-text-millions-of-us-numbers/

Hackers exploit SMS gateways to text millions of US numbers

Receive any strange SMS text messages recently? If you live in the US, there’s a small chance you might have received an SMS with the following text in the last few days from someone called ‘j3ws3r…

1.12K views04:45

tpx Security ⠠⠵

https://blog.cloudsploit.com/a-technical-analysis-of-the-capital-one-hack-a9b43d7c8aea

A Technical Analysis of the Capital One Hack

The recent disclosure of yet another cloud security misconfiguration leading to the loss of sensitive personal information made the…

1.07K views22:57

tpx Security ⠠⠵

1.14K views01:29

tpx Security ⠠⠵

https://www.zdnet.com/article/a-cyber-espionage-group-has-been-stealing-files-from-the-venezuelan-military/

A cyber-espionage group has been stealing files from the Venezuelan military

It is unclear if the Machete group is state-sponsored, or a freelancer selling data to the highest bidder.

1.17K views07:13

tpx Security ⠠⠵

Recuerden no hay pretextos !! Aprender es fácil con internet a la mano </lol>

1.09K views19:53

tpx Security ⠠⠵

#Congreso #Hacking !! Colombia 🇨🇴

1.39K views21:03

tpx Security ⠠⠵

Buen Viernes !

1.19K views20:44

tpx Security ⠠⠵

https://www.eluniversal.com.mx/estados/hackean-twitter-de-fiscalia-de-jalisco-amenazan-amlo

Hackean Twitter de Fiscalía de Jalisco; amenazan a AMLO

Entre los mensajes tuiteados destacan textos que aluden a actos de corrupción

1.14K views03:11

tpx Security ⠠⠵

Exfiltration through FTP using OOB XXE

Upload accepts .xlsx files --> Unzip sample .xlsx file -> add payload in workbook.xml/[Content_Types].xml after xml declaration --> DTD file send data via ftp://remote-ip/%data --> run ftp server using xxe-ftp-server.rb --> /etc/passwd

Via: https://twitter.com/_ayoubfathi_/status/1164536885244583941

1.14K views08:31

tpx Security ⠠⠵

CVE-2019-8646 is a vulnerability in iMessage that can allow memory to be leaked and files to be read remotely from a device.
Demo: https://youtu.be/br2xCvtVFn4
Research: https://googleprojectzero.blogspot.com/2019/08/the-many-possibilities-of-cve-2019-8646.html

iPhone Remote File Read Demo

A demo of CVE-2019-8646, retrieving an image from a remote device's messages

2.26K views22:49