tpx Security ⠠⠵

Buen Viernes !

1.19K views20:44

tpx Security ⠠⠵

https://www.eluniversal.com.mx/estados/hackean-twitter-de-fiscalia-de-jalisco-amenazan-amlo

El Universal

Hackean Twitter de Fiscalía de Jalisco; amenazan a AMLO

Entre los mensajes tuiteados destacan textos que aluden a actos de corrupción

1.14K views03:11

tpx Security ⠠⠵

Exfiltration through FTP using OOB XXE

Upload accepts .xlsx files --> Unzip sample .xlsx file -> add payload in workbook.xml/[Content_Types].xml after xml declaration --> DTD file send data via ftp://remote-ip/%data --> run ftp server using xxe-ftp-server.rb --> /etc/passwd

Via: https://twitter.com/_ayoubfathi_/status/1164536885244583941

1.14K views08:31

tpx Security ⠠⠵

CVE-2019-8646 is a vulnerability in iMessage that can allow memory to be leaked and files to be read remotely from a device.
Demo: https://youtu.be/br2xCvtVFn4
Research: https://googleprojectzero.blogspot.com/2019/08/the-many-possibilities-of-cve-2019-8646.html

YouTube

iPhone Remote File Read Demo

A demo of CVE-2019-8646, retrieving an image from a remote device's messages

2.26K views22:49

tpx Security ⠠⠵

jsonp is a Burp Extension which attempts to reveal JSONP functionality behind JSON endpoints. This could help reveal cross-site script inclusion vulnerabilities or aid in bypassing content security policies.
https://github.com/kapytein/jsonp

GitHub

GitHub - kapytein/jsonp: jsonp is a Burp Extension which attempts to reveal JSONP functionality behind JSON endpoints.

jsonp is a Burp Extension which attempts to reveal JSONP functionality behind JSON endpoints. - kapytein/jsonp

2.24K views10:57

tpx Security ⠠⠵

https://cyber-itl.org/2019/08/26/iot-data-writeup.html

Cyber Independent Testing Lab

Binary Hardening in IoT products

Last year, the team at CITL looked into the state of binary hardening features in IoT firmware. Since then we’ve added more vendors and refreshed our analytic techniques. This post will catch you up on the latest findings and developments.

1.15K views05:57

tpx Security ⠠⠵

#EnVivo Presentación del documento “Estado de la #ciberseguridad en el sistema financiero en México 🇲🇽 ”, a cargo de
@belisarioc, Gerente del Programa de Ciberseguridad, @OEA_Cyber
🎥 https://youtu.be/4eVuKnpi0IE

YouTube

Transmisión en directo de CNBVmx

1.03K views17:16

tpx Security ⠠⠵

Forwarded from Deleted Account

https://techcrunch.com/2019/08/30/someone-hacked-jack-dorseys-own-twitter-account/

TechCrunch

A hacker has compromised Jack Dorsey’s Twitter account

A hacker has compromised Jack Dorsey’s Twitter account. A stream of rogue tweets — including racial slurs — were posted to the Twitter chief executive’s own Twitter account just after 3:30pm ET. One of the tweets posted a Twitter handle for someone who purported…

1.15K views20:16

tpx Security ⠠⠵

Forwarded from The Bug Bounty Hunter

[ BUG BOUNTY ] Self XSS + ClickJacking = Good XSS | Tokopedia
https://medium.com/@danangtriatmaja/bug-bounty-self-xss-clickjacking-good-xss-tokopedia-8df7a65e0955

Medium

[ BUG BOUNTY ] Self XSS + ClickJacking = Good XSS | Tokopedia

Hi sobat, bagaimana kabarnya ? semoga senantiasa sehat selalu dan diberikan kelancaran dalam aktifitasnya. ^-^

15 views00:53

tpx Security ⠠⠵

https://azeria-labs.com/heap-exploit-development-part-1/

Azeria-Labs

Heap Exploit Development

1.02K views02:50

tpx Security ⠠⠵

https://www.forbes.com/sites/jessedamiani/2019/09/03/a-voice-deepfake-was-used-to-scam-a-ceo-out-of-243000/

Forbes

A Voice Deepfake Was Used To Scam A CEO Out Of $243,000

It’s the first noted instance of an AI-generated voice deepfake used in a scam.

1.05K views01:24

tpx Security ⠠⠵

https://hackerops.com/varenyky/

993 views16:45

tpx Security ⠠⠵

https://blog.rapid7.com/2019/09/06/initial-metasploit-exploit-module-for-bluekeep-cve-2019-0708/

995 views17:09

tpx Security ⠠⠵

https://www.malwaretech.com/2019/09/bluekeep-a-journey-from-dos-to-rce-cve-2019-0708.html

Malwaretech

BlueKeep: A Journey from DoS to RCE (CVE-2019-0708)

Due to the serious risk of a BlueKeep based worm, I’ve held back this write-up to avoid advancing the timeline. Now that a proof-of-concept for RCE (remote code execution) has been release as part of Metasploit, i feel it’s now safe for me to post this.
…

2.29K views16:48

tpx Security ⠠⠵

DragonJarCon - El lado excitante de IoT; Pentestig de sex toys 💦

1.21K views19:31

tpx Security ⠠⠵

1.04K views14:20

tpx Security ⠠⠵

1.25K views16:47

tpx Security ⠠⠵

Pssssst !! Ya Te perderás el 8.8 México ?

Cupo limitado !! :

🚨 No te quedes fuera :

https://www.eventbrite.com/e/88-nine-mexico-tickets-72099889711

Eventbrite

8.8 NINE Mexico

Este año realizaremos la 2da edición de 8.8 Computer Security Conference, que se ha convertido en una de las conferencias Hackers más importantes del continente.
8.8 no es una feria más con un objetivo comercial, al contrario, es un evento 100% técnico que…

1.27K views16:44

tpx Security ⠠⠵

https://thehackernews.com/2019/09/simjacker-mobile-hacking.html

1.37K views09:54

tpx Security ⠠⠵

Happy Birthday HACKERS

9/15/95

1.81K views15:34

tpx Security ⠠⠵

Adiós 👋🏼 RMS