POPULARITY
SANS Internet Stormcenter Daily Network/Cyber Security and Information Security Stormcast
vBulletin Exploits CVE-2025-48827, CVE-2025-48828 We do see exploit attempts for the vBulletin flaw disclosed about a week ago. The flaw is only exploitable if vBulltin is run on PHP 8.1, and was patched over a year ago. However, vBulltin never disclosed the type of vulnerability that was patched. https://isc.sans.edu/diary/vBulletin%20Exploits%20%28CVE-2025-48827%2C%20CVE-2025-48828%29/32006 Google Chrome 0-Day Patched Google released a security update for Google Chrome patching three flaws. One of these is already being exploited. https://chromereleases.googleblog.com/ Roundcube Update Roundcube patched a vulnerability that allows any authenticated user to execute arbitrary code. https://roundcube.net/news/2025/06/01/security-updates-1.6.11-and-1.5.10 HP Vulnerabilities in StoreOnce HP patched multiple vulnerabilities in StoreOnce. These issues could lead to remote code execution https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbst04847en_us&docLocale=en_US
Episode 123: In this episode of Critical Thinking - Bug Bounty Podcast we're back with part 2 of Rez0's miniseries. Today we talk about mastering Prompt Injection, taxonomy of impact, and both triggering traditional Vulns and exploiting AI-specific features.Follow us on twitter at: https://x.com/ctbbpodcastGot any ideas and suggestions? Feel free to send us any feedback here: info@criticalthinkingpodcast.ioShoutout to YTCracker for the awesome intro music!====== Links ======Follow your hosts Rhynorater and Rez0 on Twitter:https://x.com/Rhynoraterhttps://x.com/rez0__====== Ways to Support CTBBPodcast ======Hop on the CTBB Discord at https://ctbb.show/discord!We also do Discord subs at $25, $10, and $5 - premium subscribers get access to private masterclasses, exploits, tools, scripts, un-redacted bug reports, etc.You can also find some hacker swag at https://ctbb.show/merch!Today's Sponsor - ThreatLocker User Storehttps://www.criticalthinkingpodcast.io/tl-userstore====== This Week in Bug Bounty ======Earning a HackerOne 2025 Live Hacking Invitehttps://www.hackerone.com/blog/earning-hackerone-2025-live-hacking-inviteHTTP header hacks: basic and advanced exploit techniques exploredhttps://www.yeswehack.com/learn-bug-bounty/http-header-exploitation====== Resources ======Grep.apphttps://vercel.com/blog/migrating-grep-from-create-react-app-to-next-jsGemini 2.5 Pro prompt leakhttps://x.com/elder_plinius/status/1913734789544214841Pliny's CL4R1T4Shttps://github.com/elder-plinius/CL4R1T4SO3https://x.com/pdstat/status/1913701997141803329====== Timestamps ======(00:00:00) Introduction(00:05:25) Grep.app, O3, and Gemini 2.5 Pro prompt leak(00:11:09) Delivery and impactful action(00:20:44) Mastering Prompt Injection(00:30:36) Traditional vulns in Tool Calls, and AI Apps(00:37:32) Exploiting AI specific features
Sans 13 will be releasing after 12, and we're now all caught up.Welcome to Sans, episode 13. This">https://view.email.sans.org/?qs=6dc4120f1b77a95c7cf4ce4cd833f7454db9893d83c0674e789006dd8cd6812ed7fca17eaacce81bdd8dd2995972b696348c261f745add4e84cbc846682d8a7ee877e6dced0706bf45e756ebdaaf3091">This is the link you'll use to go to the newsletter. If you use windows, look for the story dealing with remote desktop and their use and acceptance of old passwords that may have been changed. Apple has an RCE dealing with airplay, more breaches and two more British companies hit with a cyberattack.
On this week's show Patrick Gray and Adam Boileau discuss the week's cybersecurity news: British retail stalwart Marks & Spencer gets cybered South Korean telco sets out to replace all its subscriber SIMs after (we assume) it lost the keymat It's a good exploit week! Bugs in Apple Airplay, SAP webservers, Erlang SSH and CommVault backups Juice jacking! No, really! Some researchers actually did it (so still not in the wild, then) Anti-DOGE whistleblower sure sounds like he has a point This week's episode is sponsored by Knocknoc, who let you glue your firewalls to your single sign on. Knocknoc's CEO Adam Pointon talks about the joy that having end-to-end IPv6 would bring for zero-trust access control. He also touches on people using Knocknoc inside their network to isolate critical systems. Editors Note : Pat also gives Adam (Boileau) stick in the sponsor interview about the Risky Biz webserver not having IPv6 enabled, which fact-checking during the edit says is FAKE NEWS. Just uh, don't look at how fresh that AAAA record in the DNS is, friends
WhatsApp vulnerability could facilitate remote code execution Spyware targeting Chinese diaspora Microsoft Patches 125 Windows Vulns, Including Exploited CLFS Zero-Day Thanks to our episode sponsor, Nudge Security Nudge Security provides advanced security posture management for Okta, Microsoft 365, Google Workspace, and other critical apps. With Nudge, you'll be alerted of risks like weak or missing MFA, inactive admin accounts, and risky integrations, plus you can automate remediation tasks and on-going identity governance. Start a free 14-day trial today
In April 2025's edition of Patch [FIX] Tuesday, the crew dives into April 2025's patch highlights. Ryan kicks things off with a critical RDP Gateway vulnerability that requires no user interaction—just network access and bad intentions. Seth breaks down a kernel-level CLFS exploit that's already been seen in the wild, while Henry shifts gears to Apple's massive 130+ CVE patch dump for macOS Sequoia. From use-after-free bugs to sneaky audio file attacks, this episode covers the month's biggest risks.TL;DR: Patch your systems, secure your gateways, and maybe don't trust that sketchy MP3.
SANS Internet Stormcenter Daily Network/Cyber Security and Information Security Stormcast
Tool Update: Sigs.py Jim updates sigs.py. The tool verifies hashes for files and automatically recognizes what hash is used. https://isc.sans.edu/diary/Tool%20update%3A%20sigs.py%20-%20added%20check%20mode/31706 Google Announcing Quantum Safe Digital Signatures in Cloud KMS Google announced the option to use quantum safe digital signatures for its cloud key management system. https://cloud.google.com/blog/products/identity-security/announcing-quantum-safe-digital-signatures-in-cloud-kms Windows 11 Patch issues The February Patch Tuesday appears to have caused issues with a number of Windows 11 systems. In particular the usability of the file manager appears to be affected. https://www.windowslatest.com/2025/02/16/windows-11-kb5051987-breaks-file-explorer-install-fails-on-windows-11-24h2/ LTE/5G Vulnerabilities Researchers at the university of Florida have identified a large number of vulnerabilities in 5G and LTE networks. https://nathanielbennett.com/publications/ransacked.pdf
Identifying and eradicating unforgivable vulns, an unforgivable flaw (and a few others) in DeepSeek's iOS app, academics and industry looking to standardize principles and practices for memory safety, and more! Show Notes: https://securityweekly.com/asw-317
Identifying and eradicating unforgivable vulns, an unforgivable flaw (and a few others) in DeepSeek's iOS app, academics and industry looking to standardize principles and practices for memory safety, and more! Show Notes: https://securityweekly.com/asw-317
This week in the enterprise security weekly news, we discuss funding and acquisitions Understanding the Semgrep license drama Ridiculous vulnerabilities everywhere: vulns to take down your entire city's cell service vulns to mess with your Subarus vulns in Microsoft 365 authentication cybersecurity regulations are worthless Facebook is banning people for mentioning Linux Vigilantes on Github Mastercard DNS error Qubes OS Turning a "No" into a conversation All that and more, on this episode of Enterprise Security Weekly! Show Notes: https://securityweekly.com/esw-392
This week in the enterprise security weekly news, we discuss funding and acquisitions Understanding the Semgrep license drama Ridiculous vulnerabilities everywhere: vulns to take down your entire city's cell service vulns to mess with your Subarus vulns in Microsoft 365 authentication cybersecurity regulations are worthless Facebook is banning people for mentioning Linux Vigilantes on Github Mastercard DNS error Qubes OS Turning a "No" into a conversation All that and more, on this episode of Enterprise Security Weekly! Show Notes: https://securityweekly.com/esw-392
Curl and Python (and others) deal with bad vuln reports generated by LLMs, supply chain attack on Solana, comparing 5 genAI mistakes to OWASP's Top Ten for LLM Applications, a Rust survey, and more! Show Notes: https://securityweekly.com/asw-310
Curl and Python (and others) deal with bad vuln reports generated by LLMs, supply chain attack on Solana, comparing 5 genAI mistakes to OWASP's Top Ten for LLM Applications, a Rust survey, and more! Show Notes: https://securityweekly.com/asw-310
Video Episode: https://youtu.be/yDNIBS8OBoE In today’s episode, we delve into the alarming rise of cybercrime as a 26-year-old Canadian, Alexander Moucka, is arrested for allegedly extorting over 160 companies using the Snowflake cloud data service. We also discuss the emergence of the Android banking malware “ToxicPanda,” designed to bypass security measures for fraudulent transactions, and Google’s urgent patching of two vulnerabilities threatening millions of Android users. Furthermore, we highlight Synology’s critical zero-click vulnerability impacting NAS devices, emphasizing the ongoing threats to data security. Sources: 1. https://krebsonsecurity.com/2024/11/canadian-man-arrested-in-snowflake-data-extortions/ 2. https://thehackernews.com/2024/11/new-android-banking-malware-toxicpanda.html 3. https://www.helpnetsecurity.com/2024/11/05/cve-2024-43093/ 4. https://thehackernews.com/2024/11/synology-urges-patch-for-critical-zero.html Timestamps 00:00 – Introduction 01:06 – Snowflake Canadian Arrested 02:41 – Android ToxicPanda Banking Malware 04:24 – Android Patches 05:30 – Synology NAS Zero-Click 1. What are today’s top cybersecurity news stories? 2. Who was arrested in connection with the Snowflake data extortions? 3. What is the ToxicPanda malware and how does it work? 4. What vulnerabilities were recently patched in Android by Google? 5. How are hackers exploiting vulnerabilities in Synology NAS devices? 6. What were the implications of the Snowflake data breach on major companies? 7. How does the Android banking malware ToxicPanda conduct fraud? 8. What security measures should companies implement to prevent data extortion? 9. What are the latest updates on the UNC5537 hacking group? 10. How do recent Android vulnerabilities affect user security? data theft, Snowflake, cybercrime, Alexander ‘Connor’ Moucka, ToxicPanda, malware, banking, android, Google, vulnerabilities, Qualcomm, spyware, RISK:STATION, Synology, vulnerability, Pwn2Own, # Intro A Canadian man has been arrested in a massive data theft operation, allegedly extorting over 160 companies using Snowflake’s cloud service and linking to notorious cybercriminal Alexander ‘Connor’ Moucka. With ties to extremist groups and millions made from ransom attempts, Moucka’s arrest unveils the destructive potential of cybercrime fueled by misconfigured security settings. How did hackers manage to compromise so many companies using Snowflake’s data service, and what role did lax security measures play in their success? ToxicPanda, a sinister new Android banking malware, has already compromised over 1,500 devices by bypassing advanced security measures to conduct fraudulent money transfers. Masquerading as popular apps and exploiting accessibility services, this threat marks a rare attack by Chinese cybercriminals on European and Latin American banking users, leaving a trail of financial havoc. How does ToxicPanda manage to bypass advanced banking security measures while targeting international users? In a crucial security update, Google has patched actively exploited vulnerabilities that could allow hackers to target Android users, with one flaw affecting Qualcomm chipsets and another in the Google Play framework potentially being used for cyber espionage. Join us as we uncover how these vulnerabilities could be leveraged in campaigns against journalists and activists around the globe. What kind of specialized spyware exploits are these vulnerabilities likely implicated in? Millions of Synology NAS devices are at risk due to a critical zero-click vulnerability, dubbed RISK:STATION, that allows attackers root-level access without user interaction, prompting an urgent patch release. Exploited during the Pwn2Own 2024 contest, this flaw underscores the critical need for users to update their devices to prevent potential data breaches and malware attacks. How does the zero-click nature of the RISK:STATION vulnerability provide such a significant threat to Synology NAS devices?
Video Episode: https://youtu.be/-fHd8wOJGHg In today’s episode, we discuss the recent surge in cyber threats, starting with the improved LightSpy spyware targeting iPhones, which enables heightened surveillance through 28 new plugins and destructive capabilities like device freezing. We also cover a critical vulnerability (CVE-2024-50550) in the LiteSpeed Cache WordPress plugin, allowing hackers to gain unauthorized admin access to over six million sites. Additionally, we examine the Phish n’ Ships campaign, which has affected over a thousand online stores, and the EmeraldWhale operation that has stolen more than 15,000 cloud credentials from exposed Git repositories, highlighting the ongoing challenges in mobile security, WordPress vulnerabilities, and credential theft. References: 1. https://thehackernews.com/2024/10/new-lightspy-spyware-version-targets.html 2. https://www.bleepingcomputer.com/news/security/litespeed-cache-wordpress-plugin-bug-lets-hackers-get-admin-access/ 3. https://www.bleepingcomputer.com/news/security/over-a-thousand-online-shops-hacked-to-show-fake-product-listings/ 4. https://www.bleepingcomputer.com/news/security/hackers-steal-15-000-cloud-credentials-from-exposed-git-config-files/ 1. What are today’s top cybersecurity news stories? 2. How does the new version of LightSpy spyware target iPhones? 3. What vulnerabilities exist in the LiteSpeed Cache WordPress plugin? 4. What is the Phish n’ Ships phishing campaign about? 5. How did hackers steal 15,000 cloud credentials from Git config files? 6. What measures can be taken to secure iPhones against spyware? 7. What are the implications of the LiteSpeed Cache privilege elevation flaw? 8. What steps should consumers take to avoid falling for phishing scams? 9. How are hackers exploiting Git configuration files for data theft? 10. What are the latest trends in mobile cybersecurity threats? LightSpy, spyware, iOS, malware, LiteSpeed Cache, vulnerability, WordPress, exploitation, Satori, phishing, vulnerabilities, counterfeit, EmeraldWhale, Git, credentials, Sysdig,
Better TLS implementations with Rust, fuzzing, and managing certs, appsec lessons from the everlasting transition to IPv6, LLMs for finding vulns (and whether fuzzing is better), and more! Also check out this presentation from BSides Knoxville that we talked about briefly, https://youtu.be/DLn7Noex_fc?feature=shared Generative AI has been the talk of the technology industry for the past 18+ months. Companies are seeing its value, so generative AI budgets are growing. With more and more AI agents expected in the coming years, it's essential that we are securing how consumers interact with generative AI agents and how developers build AI agents into their apps. This is where identity comes in. Shiven Ramji, President of Customer Identity Cloud at Okta, will dive into the importance of protecting the identity of AI agents and Okta's new security tools revealed at Oktane that address some of the largest issues consumers and businesses have with generative AI right now. Segment Resources: https://www.okta.com/oktane/ https://www.okta.com/press-room/press-releases/okta-helps-builders-easily-implement-auth-for-genai-apps-secure-how/ Today, there isn't an identity security standard for enterprise applications that ensures interoperability across all SaaS and IDPs. There also isn't an easy way for an app, resource, workload, API or any other enterprise technology to make itself discoverable, governable, support SSO and SCIM and continuous authentication. This lack of standardization is one of the biggest barriers to cybersecurity today. Arnab Bose, Chief Product Officer, Workforce Identity Cloud at Okta, joins Security Weekly's Mandy Logan to discuss the need for a new, comprehensive identity security standard for enterprise applications, and the work Okta is doing alongside other industry players to institute a framework for SaaS companies to enhance the end-to-end security of their products across every touchpoint of their technology stack. Segment Resources: https://www.okta.com/oktane/ https://www.okta.com/press-room/press-releases/okta-openid-foundation-tech-firms-tackle-todays-biggest-cybersecurity/ https://www.okta.com/press-room/press-releases/okta-is-reducing-the-risk-of-unmanaged-identities-social-engineering/ This segment is sponsored by Oktane, to view all of the CyberRisk TV coverage from Oktane visit https://securityweekly.com/oktane. Visit https://www.securityweekly.com/asw for all the latest episodes! Show Notes: https://securityweekly.com/asw-305
Better TLS implementations with Rust, fuzzing, and managing certs, appsec lessons from the everlasting transition to IPv6, LLMs for finding vulns (and whether fuzzing is better), and more! Also check out this presentation from BSides Knoxville that we talked about briefly, https://youtu.be/DLn7Noex_fc?feature=shared Show Notes: https://securityweekly.com/asw-305
Better TLS implementations with Rust, fuzzing, and managing certs, appsec lessons from the everlasting transition to IPv6, LLMs for finding vulns (and whether fuzzing is better), and more! Also check out this presentation from BSides Knoxville that we talked about briefly, https://youtu.be/DLn7Noex_fc?feature=shared Generative AI has been the talk of the technology industry for the past 18+ months. Companies are seeing its value, so generative AI budgets are growing. With more and more AI agents expected in the coming years, it's essential that we are securing how consumers interact with generative AI agents and how developers build AI agents into their apps. This is where identity comes in. Shiven Ramji, President of Customer Identity Cloud at Okta, will dive into the importance of protecting the identity of AI agents and Okta's new security tools revealed at Oktane that address some of the largest issues consumers and businesses have with generative AI right now. Segment Resources: https://www.okta.com/oktane/ https://www.okta.com/press-room/press-releases/okta-helps-builders-easily-implement-auth-for-genai-apps-secure-how/ Today, there isn't an identity security standard for enterprise applications that ensures interoperability across all SaaS and IDPs. There also isn't an easy way for an app, resource, workload, API or any other enterprise technology to make itself discoverable, governable, support SSO and SCIM and continuous authentication. This lack of standardization is one of the biggest barriers to cybersecurity today. Arnab Bose, Chief Product Officer, Workforce Identity Cloud at Okta, joins Security Weekly's Mandy Logan to discuss the need for a new, comprehensive identity security standard for enterprise applications, and the work Okta is doing alongside other industry players to institute a framework for SaaS companies to enhance the end-to-end security of their products across every touchpoint of their technology stack. Segment Resources: https://www.okta.com/oktane/ https://www.okta.com/press-room/press-releases/okta-openid-foundation-tech-firms-tackle-todays-biggest-cybersecurity/ https://www.okta.com/press-room/press-releases/okta-is-reducing-the-risk-of-unmanaged-identities-social-engineering/ This segment is sponsored by Oktane, to view all of the CyberRisk TV coverage from Oktane visit https://securityweekly.com/oktane. Visit https://www.securityweekly.com/asw for all the latest episodes! Show Notes: https://securityweekly.com/asw-305
Better TLS implementations with Rust, fuzzing, and managing certs, appsec lessons from the everlasting transition to IPv6, LLMs for finding vulns (and whether fuzzing is better), and more! Also check out this presentation from BSides Knoxville that we talked about briefly, https://youtu.be/DLn7Noex_fc?feature=shared Show Notes: https://securityweekly.com/asw-305
Video Episode: https://youtu.be/2YiTiU75inA In today’s episode, we discuss Microsoft’s innovative approach to fighting phishing attacks using fake Azure tenants as honeypots to gather intelligence on cybercriminals, as highlighted by Ross Bevington at BSides Exeter. We also cover Cisco’s DevHub portal being taken offline following the leak of non-public data by a hacker, while examining recent exploitation of the Roundcube webmail XSS vulnerability for credential theft. Finally, we delve into critical flaws identified in several end-to-end encrypted cloud storage platforms, including Sync and pCloud, raising concerns over user data security. Articles referenced: 1. https://www.bleepingcomputer.com/news/security/microsoft-creates-fake-azure-tenants-to-pull-phishers-into-honeypots/ 2. https://www.bleepingcomputer.com/news/security/cisco-takes-devhub-portal-offline-after-hacker-publishes-stolen-data/ 3. https://thehackernews.com/2024/10/hackers-exploit-roundcube-webmail-xss.html 4. https://www.bleepingcomputer.com/news/security/severe-flaws-in-e2ee-cloud-storage-platforms-used-by-millions/ Timestamps 00:00 – Introduction 00:52 – Microsoft Phishing Honeypots 02:51 – Webmail Roundcube XSS 03:54 – CSP Vulns 05:08 – Cisco’s DevHub portal taken offline 1. What are today’s top cybersecurity news stories? 2. How is Microsoft using honeypots to combat phishing? 3. What happened with Cisco’s DevHub after a data leak? 4. What vulnerabilities have been discovered in Roundcube webmail? 5. What are the security issues found in E2EE cloud storage platforms? 6. How does Microsoft’s Deception Network gather threat intelligence? 7. What data was allegedly leaked from Cisco’s platform? 8. What is the significance of the Roundcube webmail XSS vulnerability? 9. Which platforms were found to have severe flaws in end-to-end encryption? 10. How does Microsoft's approach to phishing differ from traditional methods? Azure, phishers, honeypot, cybercriminals, Cisco, DevHub, cyber, data leak, Roundcube, phishing, JavaScript, vulnerability, security, encryption, Sync, vulnerabilities,
Looking at vulnerable code in Ivanti (Perl) and Magento (PHP), fuzzing is perfect for parsers, handling tenant isolation when training LLMs, Microsoft's small steps towards secure design, and more! Visit https://www.securityweekly.com/asw for all the latest episodes! Show Notes: https://securityweekly.com/asw-303
Looking at vulnerable code in Ivanti (Perl) and Magento (PHP), fuzzing is perfect for parsers, handling tenant isolation when training LLMs, Microsoft's small steps towards secure design, and more! Show Notes: https://securityweekly.com/asw-303
Looking at vulnerable code in Ivanti (Perl) and Magento (PHP), fuzzing is perfect for parsers, handling tenant isolation when training LLMs, Microsoft's small steps towards secure design, and more! Show Notes: https://securityweekly.com/asw-303
More remote car control via web interfaces, an RCE in CUPS, Microsoft reduces attack surface, migrating to memory safety, dealing with dependency confusion, getting rid of password strength calculators, and more! Visit https://www.securityweekly.com/asw for all the latest episodes! Show Notes: https://securityweekly.com/asw-301
More remote car control via web interfaces, an RCE in CUPS, Microsoft reduces attack surface, migrating to memory safety, dealing with dependency confusion, getting rid of password strength calculators, and more! Visit https://www.securityweekly.com/asw for all the latest episodes! Show Notes: https://securityweekly.com/asw-301
More remote car control via web interfaces, an RCE in CUPS, Microsoft reduces attack surface, migrating to memory safety, dealing with dependency confusion, getting rid of password strength calculators, and more! Show Notes: https://securityweekly.com/asw-301
Video Episode: https://youtu.be/LyKMiecH2Ms In today’s episode, we discuss critical vulnerabilities addressed by HPE Aruba Networking in its Access Points, which could allow remote code execution by unauthenticated attackers. We also cover alarming discoveries about Kia vehicles where hackers could take control using just license plates, and how Google’s shift to using memory-safe programming in Android has significantly reduced security vulnerabilities. Lastly, be informed about the ongoing clash between Automattic and WP Engine, leading to restricted access to vital WordPress resources for affected users. Links to articles mentioned: 1. https://www.bleepingcomputer.com/news/security/hpe-aruba-networking-fixes-three-critical-rce-flaws-impacting-its-access-points/ 2. https://thehackernews.com/2024/09/hackers-could-have-remotely-controlled.html 3. https://www.helpnetsecurity.com/2024/09/26/android-memory-safety-vulnerabilities/ 4. https://www.bleepingcomputer.com/news/security/automattic-blocks-wp-engines-access-to-wordpress-resources/ Timestamps 00:00 – Introduction 01:27 – Aruba AP Vulnerabilities Patched 02:36 – Kia Remote Access 03:55 – Android Memory Vulnerabilities Reduced 05:42 – WP Engine Blocked from WordPress updates Sign up for the best newsletter in cybersecurity at https://news.thedailydecrypt.com 1. What are today’s top cybersecurity news stories? 2. What critical vulnerabilities were fixed in HPE Aruba Networking Access Points? 3. How could hackers remotely control Kia cars using just license plates? 4. What impact did Google's use of Rust have on Android memory safety vulnerabilities? 5. Why did WordPress.org ban WP Engine from accessing its resources? 6. What are the recent cybersecurity fixes provided by HPE for their products? 7. What does the Kia vehicle vulnerability disclosure mean for car owners? 8. How has Android reduced its number of memory safety vulnerabilities in recent years? 9. What actions has Automattic taken against WP Engine in their ongoing conflict? 10. What are the potential risks for WP Engine customers following the WordPress.org decision? HPE, Aruba Access Points, vulnerabilities, remote code execution, hackers, Kia, vulnerabilities, security, Rust, Android, memory safety, vulnerabilities, Automattic, WP Engine, WordPress, security,
Fuzzing network traffic in OpenWRT, parsing problems lead to GitLab auth bypass, more fuzzing finds vulns in a JPEG parser, and more! Show Notes: https://securityweekly.com/asw-300
Fuzzing network traffic in OpenWRT, parsing problems lead to GitLab auth bypass, more fuzzing finds vulns in a JPEG parser, and more! Show Notes: https://securityweekly.com/asw-300
Don't tell the FCC there is a new Flipper firmware release, unpatchable?, argv[0] and sneaking past defenses, protect your registries, someone solved my UART RX problem, PKFail update, legal threats against security researchers documented, EDR bypass whack-a-mole continues, emulating PIs, VScode moonlights as a spy, Want to clone a YubiKey? All you need is $11,000, some fancy gear, and awkwardly close proximity to your victim, and Telegram's encryption: it's kinda like putting a 'Keep Out' sign but leaving the door unlocked. Show Notes: https://securityweekly.com/psw-842
Don't tell the FCC there is a new Flipper firmware release, unpatchable?, argv[0] and sneaking past defenses, protect your registries, someone solved my UART RX problem, PKFail update, legal threats against security researchers documented, EDR bypass whack-a-mole continues, emulating PIs, VScode moonlights as a spy, Want to clone a YubiKey? All you need is $11,000, some fancy gear, and awkwardly close proximity to your victim, and Telegram's encryption: it's kinda like putting a 'Keep Out' sign but leaving the door unlocked. Show Notes: https://securityweekly.com/psw-842
Video Episode: https://youtu.be/sUwjbJ_Uzm0 In today's episode, we explore the alarming rise of sophisticated cyber threats, starting with the exploitation of a 5-year-old zero-day vulnerability (CVE-2024-7029) affecting AVTECH IP cameras by the Corona Mirai-based malware botnet. We also analyze the tactics of the Russian APT29 group, which has been leveraging zero-day exploits against Mongolian government websites, using techniques akin to commercial spyware vendors. Finally, we explore how the Iranian hacking group Pioneer Kitten is collaborating with ransomware affiliates to extort various sectors in the U.S., highlighting the importance of proactive cybersecurity measures. Links to articles: https://www.bleepingcomputer.com/news/security/malware-exploits-5-year-old-zero-day-to-infect-end-of-life-ip-cameras/ https://www.bleepingcomputer.com/news/security/russian-apt29-hackers-use-ios-chrome-exploits-created-by-spyware-vendors/ https://www.bleepingcomputer.com/news/security/iranian-hackers-work-with-ransomware-gangs-to-extort-breached-orgs/ Sign up for digestible cyber news delivered to your inbox: https://news.thedailydecrypt.com Thanks to Jered Jones for providing the music for this episode. https://www.jeredjones.com/ Logo Design by https://www.zackgraber.com/ Akamai, Corona Mirai, vulnerability, AVTECH, APT29, exploits, cyberattacks, spyware, Pioneer Kitten, Ransomware, Infiltrate, Extort What are today's top cybersecurity news stories?, How can we defend against malware like Corona Mirai?, What vulnerabilities exist in AVTECH IP cameras?, Who are the Russian hackers known as APT29?, How do state-sponsored hackers exploit devices?, What measures can protect against iOS exploits?, How is ransomware being used by Pioneer Kitten?, What tactics are used in cyber extortion?, How can organizations defend against ransomware attacks?, What are the risks of outdated IP camera systems?
Research by Orange Tsai into Apache HTTPD's architecture reveals several vulns, NCC Group shows techniques for hacking IoT devices with Sonos speakers, finding use cases for WebAssembly, Slack's AI leaks data, DARPA wants a future of Rust, and more! Show Notes: https://securityweekly.com/asw-297
Research by Orange Tsai into Apache HTTPD's architecture reveals several vulns, NCC Group shows techniques for hacking IoT devices with Sonos speakers, finding use cases for WebAssembly, Slack's AI leaks data, DARPA wants a future of Rust, and more! Show Notes: https://securityweekly.com/asw-297
Forecast = Expect partly cloudy skies with a high chance of old vulnerabilities resurfacing - don't forget your patch umbrella (or lamp shade)! What's old is new, again, in this episode of Storm⚡️Watch, as we explore the "0.0.0.0 Day" vulnerability, a critical flaw affecting major web browsers like Chrome, Firefox, and Safari. This vulnerability allows malicious websites to bypass browser security mechanisms and potentially gain unauthorized access to local services. We break down the technical details, real-world implications, and the responses from browser developers to this threat. Next, we shed light on a 2017 vulnerability still affecting over 20,000 Ubiquiti devices, including cameras and routers. This issue exposes these devices to amplification attacks and privacy risks due to custom privileged processes on specific network ports. We discuss the discovery protocol, the types of information exposed, and provide practical mitigation strategies for users and administrators of Ubiquiti equipment. In our Cyber Spotlight segment, we cover the National Public Data (NPD) breach, a massive cybersecurity incident that has exposed sensitive personal information of millions of individuals. We take a look at the scope of the breach, the data that was leaked and put up for sale, and the analysis provided by cybersecurity expert Troy Hunt. The implications of this breach are far-reaching, highlighting ongoing concerns in the data broker industry and the potential for long-term impacts on affected individuals. We wrap up the episode with our regular segments, including a look at recent tags from the GreyNoise visualization tool and a roundup of the latest additions to CISA's Known Exploited Vulnerabilities catalog. As always, we encourage our listeners to stay informed and implement necessary security measures to protect themselves in this ever-evolving cyber landscape. Storm Watch Homepage >> Learn more about GreyNoise >>
Polyfill loses trust after CDN misuse, an OpenSSH flaw reappears, how to talk about secure design from some old CocoaPods vulns, using LLMs to find bugs, Burp Proxy gets more investment, and more! Show Notes: https://securityweekly.com/asw-290
Polyfill loses trust after CDN misuse, an OpenSSH flaw reappears, how to talk about secure design from some old CocoaPods vulns, using LLMs to find bugs, Burp Proxy gets more investment, and more! Show Notes: https://securityweekly.com/asw-290
Get the latest Patch Tuesday releases, mitigation tips, and learn about custom automations (aka Automox Worklets) that can help you with CVE remediations.
Misusing random numbers, protecting platforms for code repos and package repos, vulns that teach us about designs and defaults, and more! Show Notes: https://securityweekly.com/asw-283
Seth and Ken return with analysis of recent research that shows LLMs exploiting known CVEs. And no, it's not completely autonomous yet. This is followed by a breakdown of DataDog's State of DevSecOps article, backing up our gut feel of current industry needs and failures.
Ukraine's head of cybersecurity suspended and assigned to combat zone Over 90,000 LG Smart TVs exposed to remote attack Microsoft exposed internal passwords in security lapse Thanks to today's episode sponsor, Vanta The average security pro spends nearly a full workday every week just on compliance. With Vanta, you can automate compliance for in-demand frameworks like SOC 2, ISO 27001, and HIPAA. Even more, Vanta's market-leading Trust Management Platform enables you to unify security program management with a built-in risk register and reporting, and streamline security reviews with AI-powered security questionnaires. Over 7,000 fast-growing companies like Atlassian, Flo Health, and Quora use Vanta to manage risk and prove security in real time. Watch Vanta's on-demand demo at vanta.com/ciso. For the stories behind the headlines, visit CISOseries.com.
The PSW crew discusses some crypto topics, such as post-quantum and GoFetch, new Flipper Zero projects, RFID hacking and hotel locks, BlueDucky, side channel attacks and more! Show Notes: https://securityweekly.com/psw-822
In this Soap Box edition of the podcast Patrick Gray talks to Nucleus Security co-founder Scott Kuffer about whether or not cloud service vulnerabilities should get CVEs, what on earth is happening with NIST's National Vulnerability Database (NVD) and more.
In this Soap Box edition of the podcast Patrick Gray talks to Nucleus Security co-founder Scott Kuffer about whether or not cloud service vulnerabilities should get CVEs, what on earth is happening with NIST's National Vulnerability Database (NVD) and more.
Insecure defaults and insecure design in smart locks, FCC adopts Cyber Trust Mark labels for IoT devices, the ZAP project gets a new home, and more! Show Notes: https://securityweekly.com/asw-277
Qualys discloses syslog and qsort vulns in glibc, Apple's jailbroken iPhone for security researchers, moving away from OpenSSL, what an ancient vuln in image parsing can teach us today, and more! Show Notes: https://securityweekly.com/asw-272
Episode 56: Using Data Science to win Bug Bounty - Mayonaise (aka Jon Colston)Episode 56: In this episode of Critical Thinking - Bug Bounty Podcast, Justin sits down with Jon Colston to discuss how his background in digital marketing and data science has influenced his hunting methodology. We dive into subjects like data sources, automation, working backwards from vulnerabilities, applying conversion funnels to bug bounty, and the mayonaise signature 'Mother of All Bugs' Follow us on twitter at: @ctbbpodcastWe're new to this podcasting thing, so feel free to send us any feedback here: info@criticalthinkingpodcast.ioShoutout to YTCracker for the awesome intro music!------ Links ------Follow your hosts Rhynorater & Teknogeek on twitter:https://twitter.com/0xteknogeekhttps://twitter.com/rhynorater------ Ways to Support CTBBPodcast ------WordFence - Sign up as a researcher! https://ctbb.show/wfSign up for Caido using the referral code CTBBPODCAST for a 10% discount. Hop on the CTBB Discord at https://ctbb.show/discord!We also do Discord subs at $25, $10, $5 - premium subscribers get access to private masterclasses, exploits, tools, scripts, un-redacted bug reports, etc. Today's Guest:https://hackerone.com/mayonaise?type=userTimestamps:(00:00:00) Introduction(00:12:07) Evolving Hacking Methodologies & B2B Hacking(00:23:57) Data Science + Bug Bounty(00:34:37) 'Lead Generation for Vulns'(00:41:39) Ingredients and Recipes(00:49:45) Keyword Categorization(00:54:30) Manual Processes and Recap(01:07:08) Data Sources(01:19:59) Digital Marketing + Bug Bounty(01:32:22) M.O.A.B.s(01:41:02) Burnout Protection and Dupe Analysis
Vulns in Jenkins code and Cisco devices that make us think about secure designs, MiraclePtr pulls off a relatively quick miracle, code lasts while domains expire, an "Artificial Intelligence chip" from the 90s, and more! Show Notes: https://securityweekly.com/asw-271
Episode 50: In this episode of Critical Thinking - Bug Bounty Podcast, Justin catches up with hacking master Mathias Karlsson, and talks about burnout, collaboration, and the importance of specialization. Then we dive into the technical details of MXSS and XSLT, character encoding, and give some predictions of what Bug Bounty might look like in the future…Follow us on twitter at: @ctbbpodcastSend us any feedback here: info@criticalthinkingpodcast.ioShoutout to YTCracker for the awesome intro music!------ Links ------Follow your hosts Rhynorater & Teknogeek on twitter:------ Ways to Support CTBBPodcast ------Sign up for Caido using the referral code CTBBPODCAST for a 10% discount.Hop on the CTBB Discord!We also do Discord subs at $25, $10, $5 - premium subscribers get access to private masterclasses, exploits, tools, scripts, un-redacted bug reports, etc.Today's GuestEpisode ResourcesHow to Differentiate Yourself as a HunterMutateMethodshackaplanetenArticle About Unicode and Character SetsByte Order Mark:Character EncodingsShapeCatcherWAF BypassBountyDashEXPLOITING HTTP'S HIDDEN ATTACK-SURFACETimestamps:(00:00:00) Introduction(00:10:06) Automation Setup and Assetnote Origins(00:16:49) Sharing Tips, and Content Creation(00:22:27) Collaboration and Optimization(00:36:44) Working at Detectify(00:51:45) Bug Bounty Burnout(00:56:15) Early Days of Bug Bounty and Future Predictions(01:19:00) Nerdsnipeability(01:29:38) MXSS and XSLT(01:54:20) Learning through being wrong(02:00:15) Go-to Vulns
Our first impressions of two new hot bits of hardware – the Steam Deck OLED, and the Raspberry Pi 5. Plus great news for self-hosted webmail, a call to support open source AI/ML image processing, and a mini KDE Korner. News Open source email pioneer Roundcube joins the Nextcloud family Vulns expose ownCloud admin... Read More