Podcasts about xss

In this episode of the JavaScript Master Podcast, we explore HTMX, a powerful tool that simplifies frontend development by reducing the need for complex JavaScript frameworks. Our guest, Damian Płaza, Senior Software Engineer, Application Architect, and Product Development Leader at Volue, shares his insights on how HTMX can enhance modern web applications.What's inside?✅ What is HTMX? A deep dive into its purpose and core concepts✅ How HTMX compares to modern JavaScript frameworks like React, Vue, and Angular✅ Hypermedia-driven applications – what does that mean in practice?✅ Performance benefits – does HTMX make web apps faster?✅ Reducing JavaScript complexity – how much JavaScript can you eliminate?✅ Common use cases – when is HTMX the best choice?✅ Limitations of HTMX – when might it not be the right tool?✅ HTMX & server-side technologies – how it integrates with PHP, Python, and Node.js✅ Handling dynamic data & DOM updates – does HTMX replace JavaScript completely?✅ Security considerations – how does HTMX handle XSS and CSRF protection?✅ HTMX event model – how it differs from traditional JavaScript event handling✅ How HTMX fits into modern web development – should you use it in your next project?✅ Real-world examples & success stories – companies and projects using HTMX today✅ The future of HTMX – what's on the roadmap?If you're curious about hypermedia-driven applications and looking for ways to simplify frontend development, this episode is packed with valuable insights!

This video is an interview with René de Sain, known as renniepak. We talk about XSS, CSP bypasses, privilege escalation, speeding up the workflow with tricks like JS bookmarks and we discuss if there's such thing as bug bounty methodology.

Just three months into 2025 and we already have several hundred CVEs for XSS and SQL injection. Appsec has known about these vulns since the late 90s. Common defenses have been known since the early 2000s. Jack Cable talks about CISA's Secure by Design principles and how they're trying to refocus businesses on addressing vuln classes and prioritizing software quality -- with security one of those important dimensions of quality. Segment Resources: https://www.cisa.gov/securebydesign https://www.cisa.gov/securebydesign/pledge https://www.cisa.gov/resources-tools/resources/product-security-bad-practices https://www.lawfaremedia.org/projects-series/reviews-essays/security-by-design https://corridor.dev Skype hangs up for good, over a million cheap Android devices may be backdoored, parallels between jailbreak research and XSS, impersonating AirTags, network reconnaissance via a memory disclosure vuln in the GFW, and more! Visit https://www.securityweekly.com/asw for all the latest episodes! Show Notes: https://securityweekly.com/asw-321

Just three months into 2025 and we already have several hundred CVEs for XSS and SQL injection. Appsec has known about these vulns since the late 90s. Common defenses have been known since the early 2000s. Jack Cable talks about CISA's Secure by Design principles and how they're trying to refocus businesses on addressing vuln classes and prioritizing software quality -- with security one of those important dimensions of quality. Segment Resources: https://www.cisa.gov/securebydesign https://www.cisa.gov/securebydesign/pledge https://www.cisa.gov/resources-tools/resources/product-security-bad-practices https://www.lawfaremedia.org/projects-series/reviews-essays/security-by-design https://corridor.dev Show Notes: https://securityweekly.com/asw-321

Skype hangs up for good, over a million cheap Android devices may be backdoored, parallels between jailbreak research and XSS, impersonating AirTags, network reconnaissance via a memory disclosure vuln in the GFW, and more! Show Notes: https://securityweekly.com/asw-321

Just three months into 2025 and we already have several hundred CVEs for XSS and SQL injection. Appsec has known about these vulns since the late 90s. Common defenses have been known since the early 2000s. Jack Cable talks about CISA's Secure by Design principles and how they're trying to refocus businesses on addressing vuln classes and prioritizing software quality -- with security one of those important dimensions of quality. Segment Resources: https://www.cisa.gov/securebydesign https://www.cisa.gov/securebydesign/pledge https://www.cisa.gov/resources-tools/resources/product-security-bad-practices https://www.lawfaremedia.org/projects-series/reviews-essays/security-by-design https://corridor.dev Skype hangs up for good, over a million cheap Android devices may be backdoored, parallels between jailbreak research and XSS, impersonating AirTags, network reconnaissance via a memory disclosure vuln in the GFW, and more! Visit https://www.securityweekly.com/asw for all the latest episodes! Show Notes: https://securityweekly.com/asw-321

Just three months into 2025 and we already have several hundred CVEs for XSS and SQL injection. Appsec has known about these vulns since the late 90s. Common defenses have been known since the early 2000s. Jack Cable talks about CISA's Secure by Design principles and how they're trying to refocus businesses on addressing vuln classes and prioritizing software quality -- with security one of those important dimensions of quality. Segment Resources: https://www.cisa.gov/securebydesign https://www.cisa.gov/securebydesign/pledge https://www.cisa.gov/resources-tools/resources/product-security-bad-practices https://www.lawfaremedia.org/projects-series/reviews-essays/security-by-design https://corridor.dev Show Notes: https://securityweekly.com/asw-321

Skype hangs up for good, over a million cheap Android devices may be backdoored, parallels between jailbreak research and XSS, impersonating AirTags, network reconnaissance via a memory disclosure vuln in the GFW, and more! Show Notes: https://securityweekly.com/asw-321

Njrat Compaign Using Microsoft dev Tunnels: A recent version of the Njrat remote admin tool is taking advantage of Microsoft's developer tunnels (devtunnels.ms) as a command and control channel. https://isc.sans.edu/diary/Njrat%20Campaign%20Using%20Microsoft%20Dev%20Tunnels/31724 NrootTag Apple FindMy Abuse Malware could use a weakness in the keys used for Apple FindMy to abuse it to track victims. Updates were released with iOS 18.2, but to solve the issue the vast majority of Apple users must update. https://nroottag.github.io/ 360XSS: Mass Website Exploitation via Virtual Tour Framework The Krpano VR library which is often used to implement 3D virtual tours on real estate websites, is currently being abused to inject spam messages. The XSS vulnerabilty could allow attackers to inject even more malicious JavaScript. https://olegzay.com/360xss/ SANS.edu Research: Proof is in the Pudding: EDR Configuration Versus Ransomware. Benjamin Powell https://www.sans.edu/cyber-research/proof-pudding-edr-configuration-versus-ransomware/

We're getting close to two full decades of celebrating web hacking techniques. James Kettle shares which was his favorite, why the list is important to the web hacking community, and what inspires the kind of research that makes it onto the list. We discuss why we keep seeing eternal flaws like XSS and SQL injection making these lists year after year and how clever research is still finding new attack surfaces in old technologies. But there's a lot of new web technology still to be examined, from HTTP/2 and HTTP/3 to WebAssembly. Segment Resources: Top 10, 2024: https://portswigger.net/research/top-10-web-hacking-techniques-of-2024 Full nomination list: https://portswigger.net/research/top-10-web-hacking-techniques-of-2024-nominations-open Project overview: https://portswigger.net/research/top-10-web-hacking-techniques Visit https://www.securityweekly.com/asw for all the latest episodes! Show Notes: https://securityweekly.com/asw-318

We're getting close to two full decades of celebrating web hacking techniques. James Kettle shares which was his favorite, why the list is important to the web hacking community, and what inspires the kind of research that makes it onto the list. We discuss why we keep seeing eternal flaws like XSS and SQL injection making these lists year after year and how clever research is still finding new attack surfaces in old technologies. But there's a lot of new web technology still to be examined, from HTTP/2 and HTTP/3 to WebAssembly. Segment Resources: Top 10, 2024: https://portswigger.net/research/top-10-web-hacking-techniques-of-2024 Full nomination list: https://portswigger.net/research/top-10-web-hacking-techniques-of-2024-nominations-open Project overview: https://portswigger.net/research/top-10-web-hacking-techniques Show Notes: https://securityweekly.com/asw-318

We're getting close to two full decades of celebrating web hacking techniques. James Kettle shares which was his favorite, why the list is important to the web hacking community, and what inspires the kind of research that makes it onto the list. We discuss why we keep seeing eternal flaws like XSS and SQL injection making these lists year after year and how clever research is still finding new attack surfaces in old technologies. But there's a lot of new web technology still to be examined, from HTTP/2 and HTTP/3 to WebAssembly. Segment Resources: Top 10, 2024: https://portswigger.net/research/top-10-web-hacking-techniques-of-2024 Full nomination list: https://portswigger.net/research/top-10-web-hacking-techniques-of-2024-nominations-open Project overview: https://portswigger.net/research/top-10-web-hacking-techniques Visit https://www.securityweekly.com/asw for all the latest episodes! Show Notes: https://securityweekly.com/asw-318

We're getting close to two full decades of celebrating web hacking techniques. James Kettle shares which was his favorite, why the list is important to the web hacking community, and what inspires the kind of research that makes it onto the list. We discuss why we keep seeing eternal flaws like XSS and SQL injection making these lists year after year and how clever research is still finding new attack surfaces in old technologies. But there's a lot of new web technology still to be examined, from HTTP/2 and HTTP/3 to WebAssembly. Segment Resources: Top 10, 2024: https://portswigger.net/research/top-10-web-hacking-techniques-of-2024 Full nomination list: https://portswigger.net/research/top-10-web-hacking-techniques-of-2024-nominations-open Project overview: https://portswigger.net/research/top-10-web-hacking-techniques Show Notes: https://securityweekly.com/asw-318

What is "surveillance pricing" and how does it affect me? Surveillance pricing is a practice where online retailers adjust prices based on your personal data, such as location, browsing history, and demographics. Companies collect data like mouse movements and items left in your shopping cart to determine what you're likely willing to pay. This can lead to different individuals being offered varying prices for the same product. To mitigate this, consider using VPNs, browser extensions that block tracking, regularly clearing browser cookies, and being cautious about the personal information you share online. What car vulnerabilities were recently discovered, and how can I protect myself? Security researchers recently found vulnerabilities in Subaru's web portal, allowing remote control of vehicles, including unlocking doors, starting the engine, and tracking location. Millions of Subaru vehicles with Starlink digital features were potentially affected. While Subaru has patched the identified flaws, it's crucial for all car owners to ensure their software is up-to-date. This is part of a larger trend of security issues in the automotive industry, so vigilance is essential. How is Meta using my data with its new AI, and can I opt out? Meta's new AI chatbot will use personal data from your Facebook and Instagram accounts to personalize its responses. This includes information from previous conversations, dietary preferences, and interests. Unfortunately, there is no option to opt out of this data-sharing feature. What was the recent ruling about the FBI's access to Americans' private communications? A federal court ruled that backdoor searches of Americans' private communications collected under Section 702 of FISA are unconstitutional without a warrant. This ruling found that even if the government can lawfully collect communications between foreigners and Americans, it can't search those communications without a warrant when those searches involve US persons. This stems from a case where the FBI searched emails of a US resident, collected under the premise of foreign intelligence, without a warrant. The court found this to be a Fourth Amendment violation. What are the dangers of North Korean IT workers, and how can we protect our companies? The FBI has warned that North Korean IT workers are abusing their access to steal source code and extort U.S. companies. They often copy company code repositories, harvest credentials, and initiate work sessions from non-company devices. To mitigate these risks, companies should apply the principle of least privilege, limit permissions for remote desktop applications, and monitor for unusual network traffic. Additionally, it is important to recognize that these workers may log in from different IPs over a short period. What is the new threat to the European power grid, and what makes it so concerning? Researchers have discovered that renewable energy facilities across Central Europe use unencrypted radio signals to control how much power is sent into the grid. By reverse-engineering the signals, they found they could potentially manipulate the system to cause widespread disruptions, including a grid-wide outage. The lack of encryption on these systems and the ability to control large amounts of energy poses a significant risk, especially considering current geopolitical tensions. What is the significance of DeepSeek's R1 model and how does it compare to models like OpenAI's? DeepSeek's R1 model is an open-source large language model (LLM) that offers open weights, allowing users to run it on their own servers or locally. It challenges OpenAI's proprietary model by providing a more cost-effective and accessible AI solution. DeepSeek uses a technique called distillation, where existing LLMs train new, smaller models. The emergence of R1 suggests a shift towards more commoditized AI and potentially increased accessibility and customization. What are some common types of cyber attacks and how can I defend against them? The sources list 21 common cyber attacks including: malware, phishing, ransomware, drive-by downloads, cross-site scripting (XSS), SQL injection, man-in-the-middle (MitM) attacks, DDoS attacks, password attacks, insider threats, credential stuffing, zero-day exploits, social engineering, session hijacking, eavesdropping, watering hole attacks, DNS spoofing, IoT attacks, supply chain attacks, brute force attacks, and spyware. Preventative measures involve using antivirus software, updating systems, avoiding untrusted downloads, verifying emails, using spam filters, performing regular backups, having strong firewalls, enabling MFA, monitoring activities, restricting access to risky sites, securing cookies, and training employees to recognize suspicious activity. The best way to stay protected is to stay informed. Keep listening

In today's episode, learn how an attacker attempted to exploit webmail XSS vulnerablities against us. Sonicwall released a critical patch fixing an already exploited vulnerability in its SMA 1000 appliance. Cisco fixed vulnerabilities in ClamAV and its Meeting Manager REST API. Learn from SANS.edu student Anthony Russo how to take advantage of AI for SOAR. XSS Attempts via E-Mail https://isc.sans.edu/diary/XSS%20Attempts%20via%20E-Mail/31620 An analysis of a recent surge in email-based XSS attack attempts targeting users and organizations. Learn the implications and mitigation techniques. SonicWall PSIRT Advisory: CVE-2025-23006 https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2025-0002 CVE-2025-23006 Details of a critical vulnerability in SonicWall appliances (SNWLID-2025-0002) and what you need to do to secure your systems. Cisco ClamAV Advisory: OLE2 Parsing Vulnerability https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-clamav-ole2-H549rphA A DoS vulnerability in the popular open source anti virus engine ClamAV Cisco CMM Privilege Escalation Vulnerability https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cmm-privesc-uy2Vf8pc A patch of a privilege escalation flaw in Cisco s CMM module.

What's in store for appsec in 2025? Sure, there'll be some XSS and SQL injection, but what about trends that might influence how appsec teams plan? Cody Scott shares five cybersecurity and privacy predictions and we take a deep dive into three of them. We talk about finding value to appsec from AI, why IoT and OT need both programmatic and technical changes, and what the implications of the next XZ Utils attack might be. Segment resources: https://www.forrester.com/blogs/predictions-2025-cybersecurity-risk-privacy/ Visit https://www.securityweekly.com/asw for all the latest episodes! Show Notes: https://securityweekly.com/asw-314

What's in store for appsec in 2025? Sure, there'll be some XSS and SQL injection, but what about trends that might influence how appsec teams plan? Cody Scott shares five cybersecurity and privacy predictions and we take a deep dive into three of them. We talk about finding value to appsec from AI, why IoT and OT need both programmatic and technical changes, and what the implications of the next XZ Utils attack might be. Segment resources: https://www.forrester.com/blogs/predictions-2025-cybersecurity-risk-privacy/ Show Notes: https://securityweekly.com/asw-314

What's in store for appsec in 2025? Sure, there'll be some XSS and SQL injection, but what about trends that might influence how appsec teams plan? Cody Scott shares five cybersecurity and privacy predictions and we take a deep dive into three of them. We talk about finding value to appsec from AI, why IoT and OT need both programmatic and technical changes, and what the implications of the next XZ Utils attack might be. Segment resources: https://www.forrester.com/blogs/predictions-2025-cybersecurity-risk-privacy/ Visit https://www.securityweekly.com/asw for all the latest episodes! Show Notes: https://securityweekly.com/asw-314

What's in store for appsec in 2025? Sure, there'll be some XSS and SQL injection, but what about trends that might influence how appsec teams plan? Cody Scott shares five cybersecurity and privacy predictions and we take a deep dive into three of them. We talk about finding value to appsec from AI, why IoT and OT need both programmatic and technical changes, and what the implications of the next XZ Utils attack might be. Segment resources: https://www.forrester.com/blogs/predictions-2025-cybersecurity-risk-privacy/ Show Notes: https://securityweekly.com/asw-314

Today, Microsoft Patch Tuesday headlines our news with Microsoft patching 209 vulnerabilities, some of which have already been exploited. Fortinet suspects a so far unpatched Node.js authentication bypass to be behind some recent exploits of FortiOS and FortiProxy devices. Microsoft January 2025 Patch Tuesday This month's Microsoft patch update addresses a total of 209 vulnerabilities, including 12 classified as critical. Among these, 3 vulnerabilities have been actively exploited in the wild, and 5 have been disclosed prior to the patch release, marking them as zero-days. https://isc.sans.edu/diary/rss/31590 Fortinet Security Advisory FG-IR-24-535 CVE-2024-55591 An Authentication Bypass Using an Alternate Path or Channel vulnerability [CWE-288] affecting FortiOS and FortiProxy may allow a remote attacker to gain super-admin privileges via crafted requests to Node.js websocket module. https://fortiguard.fortinet.com/psirt/FG-IR-24-535 PRTG Network Monitor Update: Update for an already exploited XSS vulnerability in Paesler PRTG Network Monitor CVE-2024-12833 https://www.paessler.com/prtg/history/stable

XSS is the number one threat?, fix your bugs faster, hacking VoIP systems, AI and how it may help fuzzing, hacker gift guides, new DMA attacks, hacking InTune, Rhode Island gets hacked, OpenWrt supply chain issues, we are being spied on, Germans take down botnet, Bill and Larry are speaking at Shmoocon!, and TP-Link bans. Show Notes: https://securityweekly.com/psw-855

XSS is the number one threat?, fix your bugs faster, hacking VoIP systems, AI and how it may help fuzzing, hacker gift guides, new DMA attacks, hacking InTune, Rhode Island gets hacked, OpenWrt supply chain issues, we are being spied on, Germans take down botnet, Bill and Larry are speaking at Shmoocon!, and TP-Link bans. Show Notes: https://securityweekly.com/psw-855

International law enforcement takes down the MATRIX messaging platform. SailPoint discloses a critical vulnerability in its IdentityIQ platform. A Solana library has been backdoored. SolarWinds discloses a critical vulnerability in its Platform product. Researchers identify 16 zero-day vulnerabilities in Fuji Electric's remote monitoring software. Cisco urges users to patch a decade-old vulnerability. CISA warns of active exploitation of Zyxel firewall devices. A critical XSS vulnerability has been identified in MobSF. Google's December 2024 Android security update addresses 14 high-severity vulnerabilities. The Federal Trade Commission settles with data brokers over alleged consent violations. On today's CertByte segment, Chris Hare and Dan Neville break down a question targeting the A+ Core (220-1101) Exam 1 certification. A vodka company gets iced by ransomware. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CertByte Segment Welcome to CertByte! On this bi-weekly segment hosted by Chris Hare, a content developer and project management specialist at N2K, we share practice questions from N2K's suite of industry-leading certification resources, and a study tip to help you achieve the professional certifications you need to fast-track your career growth in IT, cyber security, or project management. This week, Chris is joined by Dan Neville breaking down a question targeting the A+ Core (220-1101) Exam 1 certification. Today's question comes from N2K's CompTIA® A+ Core Exam 1 Practice Test (Core Exam 2 Practice Test is also available on our site). Have a question that you'd like to see covered? Email us at certbyte@n2k.com. Check out N2K's full exam prep library of certification practice tests, practice labs, and training courses by visiting our website at n2k.com/certify. Please note: The questions and answers provided here and on our site are not actual current or prior questions and answers from these certification publishers or providers. Additional sources: www.comptia.org Selected Reading International Operation Dismantles MATRIX: A Sophisticated Encrypted Messaging Service (SOCRadar) German Police Shutter Country's Largest Dark Web Market (Infosecurity Magazine) 10/10 directory traversal bug hits SailPoint's IdentityIQ (The Register) Solana Web3.js Library Backdoored in Supply Chain Attack (SecurityWeek) SolarWinds Platform XSS Vulnerability Let Attackers Inject Malicious Code (Cyber Security News) 16 Zero-Days Uncovered in Fuji Electric Monitoring Software (GovInfo Security) Cisco Urges Immediate Patch for Decade-Old WebVPN Vulnerability (Hackread) VulnerabilitiesCISA Warns of Zyxel Firewall Vulnerability Exploited in Attacks (SecurityWeek) U.S. CISA adds ProjectSend, North Grid Proself, and Zyxel firewalls bugs to its Known Exploited Vulnerabilities catalog (SecurityAffairs) MobSF XSS Vulnerability Let Attackers Inject Malicious Scripts (GB Hacker) Android's December 2024 Security Update Patches 14 Vulnerabilities (SecurityWeek) FTC accuses data brokers of improperly selling location info (The Register) Vodka Giant Stoli Files for Bankruptcy After Ransomware Attack (Infosecurity Magazine) Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.  Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here's our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

Video Episode: https://youtu.be/2YiTiU75inA In today’s episode, we discuss Microsoft’s innovative approach to fighting phishing attacks using fake Azure tenants as honeypots to gather intelligence on cybercriminals, as highlighted by Ross Bevington at BSides Exeter. We also cover Cisco’s DevHub portal being taken offline following the leak of non-public data by a hacker, while examining recent exploitation of the Roundcube webmail XSS vulnerability for credential theft. Finally, we delve into critical flaws identified in several end-to-end encrypted cloud storage platforms, including Sync and pCloud, raising concerns over user data security. Articles referenced: 1. https://www.bleepingcomputer.com/news/security/microsoft-creates-fake-azure-tenants-to-pull-phishers-into-honeypots/ 2. https://www.bleepingcomputer.com/news/security/cisco-takes-devhub-portal-offline-after-hacker-publishes-stolen-data/ 3. https://thehackernews.com/2024/10/hackers-exploit-roundcube-webmail-xss.html 4. https://www.bleepingcomputer.com/news/security/severe-flaws-in-e2ee-cloud-storage-platforms-used-by-millions/ Timestamps 00:00 – Introduction 00:52 – Microsoft Phishing Honeypots 02:51 – Webmail Roundcube XSS 03:54 – CSP Vulns 05:08 – Cisco’s DevHub portal taken offline 1. What are today’s top cybersecurity news stories? 2. How is Microsoft using honeypots to combat phishing? 3. What happened with Cisco’s DevHub after a data leak? 4. What vulnerabilities have been discovered in Roundcube webmail? 5. What are the security issues found in E2EE cloud storage platforms? 6. How does Microsoft’s Deception Network gather threat intelligence? 7. What data was allegedly leaked from Cisco’s platform? 8. What is the significance of the Roundcube webmail XSS vulnerability? 9. Which platforms were found to have severe flaws in end-to-end encryption? 10. How does Microsoft's approach to phishing differ from traditional methods? Azure, phishers, honeypot, cybercriminals, Cisco, DevHub, cyber, data leak, Roundcube, phishing, JavaScript, vulnerability, security, encryption, Sync, vulnerabilities,

Episode 90: In this episode of Critical Thinking - Bug Bounty Podcast Joel and Justin recap some of their recent hacking ups and downs and have a lively chat about Cursor.Then they cover some some research about SQL Injections, Clikjacking in Google Docs, and how to steal your Telegram account in 10 seconds.Follow us on twitter at: @ctbbpodcastWe're new to this podcasting thing, so feel free to send us any feedback here: info@criticalthinkingpodcast.ioShoutout to YTCracker for the awesome intro music!------ Links ------Find the Hackernotes: https://blog.criticalthinkingpodcast.io/Follow your hosts Rhynorater & Teknogeek on twitter:https://twitter.com/0xteknogeekhttps://twitter.com/rhynorater------ Ways to Support CTBBPodcast ------Hop on the CTBB Discord at https://ctbb.show/discord!We also do Discord subs at $25, $10, and $5 - premium subscribers get access to private masterclasses, exploits, tools, scripts, un-redacted bug reports, etc.Shop our new swag store at ctbb.show/swagToday's Sponsor: Project Discovery - tldfinder: https://www.criticalthinkingpodcast.io/tldfinderResources:Breaking Down Barriers: Exploiting Pre-Auth SQL Injection in WhatsUp GoldContent-Type that can be used for XSSClikjacking Bug in Google DocsJustin's Gadget Linkhttps://www.youtube.com/signin?next=https%3A%2F%2Faccounts.youtube.com%2Faccounts%2FSetSID%3Fcontinue%3Dhttps%3A%2F%2Fwww.google.com%252Famp%252fpoc.rhynorater.comStealing your Telegram account in 10 seconds flatTimestamps(00:00:00) Introduction(00:08:28) Recent Hacks and Dupes (00:14:00) Cursor(00:25:02) Exploiting Pre-Auth SQL Injection in WhatsUp Gold(00:34:17) Content-Type that can be used for XSS(00:40:25) Caido updates(00:43:14) Clikjacking in Google Docs, and Stealing Telegram account

We leak new PlayStation 5 Pro details, Ryzen 5 7600X3D pricing, and discuss Intel Arrow Lake! [SPON: Use "brokensilicon“ at CDKeyOffer to get Win 11 Pro for $23: https://www.cdkeyoffer.com/cko/Moore11 ] [SPON: Get 10% off Tasty Vite Ramen with code BROKENSILICON: https://bit.ly/3wKx6v1 ] 0:00 Alien Movies & Horror Summer 2024 (Intro Banter) 5:02 AMD Acknowledges Issues, Zen 5 Investigations Continue 16:50 Should we expect AMD to keep underdelivering? 28:12 R5 7600X3D Pricing Leak, Zen 5 X3D Allegedly Delayed 37:52 Intel Arrow Lake-S Lineup Allegedly Revealed 45:59 RX 7800M 12GB, Strix Halo Expectations 55:22 RDNA 4 Leaked to Launch Q4 w/ AD103 Performance 1:09:39 PlayStation 5 Pro TDP Leak, PS VR2 Price Drop 1:14:55 RTX 4070 GDDR6, 1st Strix Handheld, Dedicated 8-Pin for RTX 5000 (Wrap-Up) 1:17:47 XBOX Raises Prices, XSS can't run AAA, MS Games come to PS5 1:23:02 Intel Legal Considerations, ARL Instability, Switching to Linux (Final RMs) https://videocardz.com/newz/nvidia-introduces-geforce-rtx-4070-with-gddr6-memory-offering-similar-performance-to-gddr6x-version https://www.techspot.com/news/104381-amd-b850-b840-chipsets-might-debut-early-2025.html https://videocardz.com/newz/gpd-pocket-4-officially-the-first-handheld-with-amd-ryzen-ai-9-hx-370-strix-point-launches-in-october https://www.tomshardware.com/pc-components/motherboards/msi-x870-x870e-motherboards-have-an-extra-8-pin-pcie-power-connector-for-next-gen-gpus-unofficially-aimed-at-geforce-rtx-50-series https://x.com/UploadVR/status/1827024095927583206?t=sSWBUyWGhGTMbThZt6ndrw&s=19 https://www.tweaktown.com/news/100123/microsoft-officially-responds-to-black-myth-wukong-releasing-on-xbox/index.html https://www.ign.com/articles/xbox-boss-phil-spencer-explains-decision-to-launch-indiana-jones-and-the-great-circle-on-ps5 https://www.microsoft.com/en-us/d/xbox-series-x-2tb-galaxy-black-special-edition/8smbrt7wmfp9?activetab=pivot:overviewtab https://youtu.be/yDzVWqncMFA?si=RC2csJJ-yKvxs1Bl https://community.amd.com/t5/gaming/ryzen-9000-series-community-update-gaming-performance/ba-p/704054 https://www.pcworld.com/article/2435929/amd-talks-ryzen-9000-controversy-we-were-as-puzzled-as-reviewers.html https://www.youtube.com/watch?v=0eY34dwpioQ https://x.com/9550pro/status/1826546009952211245 https://www.techpowerup.com/325881/amd-ryzen-9000x3d-processors-with-3d-v-cache-arrive-in-january-at-ces-2025 https://x.com/AnhPhuH/status/1825880628136644861 https://www.techpowerup.com/325706/intel-core-ultra-200-arrow-lake-s-lineup-and-clock-speeds-revealed https://www.techspot.com/news/104345-amd-radeon-rx-7800m-debuts-new-egpu-clears.html https://www.techpowerup.com/317284/amd-close-to-launching-radeon-rx-7800m-series-based-on-navi-32 https://youtu.be/XLX0FmeFVh8?si=4krEHgiz7OhzO5_g https://wccftech.com/ps5-pro-was-an-open-secret-at-gamescom-2024/ https://www.theshortcut.com/p/exclusive-psvr-2-sales-spike https://www.youtube.com/watch?v=Jl2ij0cwBq8

Hey friends, today we've got a security milkshake episode about Web app pentesting. Specifically we talk about: Burp Suite Enterprise Caido – a lightweight alternative to Burp wfuzz – Web fuzzer.  Using a proxy:wfuzz -c -z file,/usr/share/wfuzz/wordlist/Injections/XSS.txt –sc 200 “https://somedomain.com/shopping?&qty=%2FUZZ” -p 10.0.7.11:8080 KNOXSS – for XSS testing – pairs nicely with this wrapper: https://github.com/xnl-h4ck3r/knoxnl In the tangent dept, I moan about how I hate some things about Proxmox but am also starting to love it. In the tangent #2 department, I talk about tinnitus and acupuncture!

Episode 73: In this episode of Critical Thinking - Bug Bounty Podcast we give a brief recap of Nahamcon and then touch on some topics like WAF bypass tools, sandboxed iframes, and programs redacting your reports. Follow us on twitter at: @ctbbpodcastWe're new to this podcasting thing, so feel free to send us any feedback here: info@criticalthinkingpodcast.ioShoutout to YTCracker for the awesome intro music!------ Links ------Follow your hosts Rhynorater & Teknogeek on twitter:https://twitter.com/0xteknogeekhttps://twitter.com/rhynorater------ Ways to Support CTBBPodcast ------Hop on the CTBB Discord at https://ctbb.show/discord!We also do Discord subs at $25, $10, and $5 - premium subscribers get access to private masterclasses, exploits, tools, scripts, un-redacted bug reports, etc.Resources:?. Tweethttps://x.com/garethheyes/status/1786836956032176215 NoWafPlshttps://github.com/assetnote/nowafplsRedacted Reportshttps://x.com/deadvolvo/status/1790397012468199651Breaking CORShttps://x.com/MtnBer/status/1794657827115696181Sandbox-iframe XSS challenge solutionhttps://joaxcar.com/blog/2024/05/16/sandbox-iframe-xss-challenge-solution/iframe and window.open magichttps://blog.huli.tw/2022/04/07/en/iframe-and-window-open/#detecting-when-a-new-window-has-finished-loadingdomloggerpphttps://github.com/kevin-mizu/domloggerppTimestamps(00:00:00) Introduction(00:03:29) ?. Operator in JS and NoWafPls(00:07:22) Redacting our own reports(00:11:13) Breaking CORS(00:17:07) Sandbox-iframes(00:24:11) Dom hook plugins

This week's podcast dives into the latest tech updates, including the release of Lexical 0.6.0 with its impressive performance upgrades and new features for Phoenix controller completions. We'll also talk about building smarter Slack bots with Elixir, and the LiveView support enhancements that bolster security against spam connections. Plus, we celebrate the 5-year milestone of Saša Jurić's influential “Soul of Erlang and Elixir” talk. Of course we have to touch on the FTC's impactful ruling that bans non-compete employment clauses, a significant shift that will likely shake up the tech industry and innovation landscape. Stay tuned for this and more! Show Notes online - http://podcast.thinkingelixir.com/201 (http://podcast.thinkingelixir.com/201) Elixir Community News - https://github.com/lexical-lsp/lexical/releases/tag/v0.6.0 (https://github.com/lexical-lsp/lexical/releases/tag/v0.6.0?utm_source=thinkingelixir&utm_medium=shownotes) – Lexical 0.6.0 release includes document and workspace symbols, improved Phoenix controller completions, and enhanced indexing performance. - https://benreinhart.com/blog/verifying-slack-requests-elixir-phoenix/ (https://benreinhart.com/blog/verifying-slack-requests-elixir-phoenix/?utm_source=thinkingelixir&utm_medium=shownotes) – Ben Reinhart's blog post details the process for cryptographically verifying event notifications from Slack in Phoenix apps for Slack bots. - https://twitter.com/PJUllrich/status/1784707877157970387 (https://twitter.com/PJUllrich/status/1784707877157970387?utm_source=thinkingelixir&utm_medium=shownotes) – Peter Ulrich has launched a LiveView-oriented course on building forms as announced on his Twitter account. - https://indiecourses.com/catalog/building-forms-with-phoenix-liveview-2OPYIqaekkZwrpgLUZOyZV (https://indiecourses.com/catalog/building-forms-with-phoenix-liveview-2OPYIqaekkZwrpgLUZOyZV?utm_source=thinkingelixir&utm_medium=shownotes) – The course covers building forms with Phoenix LiveView including various types of schema and dynamic fields. - https://paraxial.io/blog/live-view-support (https://paraxial.io/blog/live-view-support?utm_source=thinkingelixir&utm_medium=shownotes) – Michael Lubas outlines security-focused support for LiveView on Paraxial.io, including protection against initial connection and websocket spam. - https://github.com/nccgroup/sobelow/pull/123 (https://github.com/nccgroup/sobelow/pull/123?utm_source=thinkingelixir&utm_medium=shownotes) – There was work on adding support for HEEx to Sobelow.XSS.Raw, as a part of Sobelow's security-focused static analysis for the Phoenix Framework. - https://twitter.com/sasajuric/status/1784958371998601526 (https://twitter.com/sasajuric/status/1784958371998601526?utm_source=thinkingelixir&utm_medium=shownotes) – It's the 5 Year Anniversary of Saša Jurić's “Soul of Erlang and Elixir” talk, recommended for its lasting relevance in the development community. - https://www.youtube.com/watch?v=JvBT4XBdoUE (https://www.youtube.com/watch?v=JvBT4XBdoUE?utm_source=thinkingelixir&utm_medium=shownotes) – Saša Jurić's influential “Soul of Erlang and Elixir” talk is still very relevant and worth watching, even five years later. - https://www.elixirconf.eu/ (https://www.elixirconf.eu/?utm_source=thinkingelixir&utm_medium=shownotes) – ElixirConf EU 2025 dates and location have been announced, with a waitlist available for those interested in attending. - https://www.ftc.gov/news-events/news/press-releases/2024/04/ftc-announces-rule-banning-noncompetes (https://www.ftc.gov/news-events/news/press-releases/2024/04/ftc-announces-rule-banning-noncompetes?utm_source=thinkingelixir&utm_medium=shownotes) – The FTC ruling banning non-compete clauses aims to increase wages, entrepreneurship, and overall economic dynamism in the US technology sector. - While bans on non-compete clauses for technology workers are in effect, trade secret laws and NDAs continue to provide employers with protection against information leaks. Do you have some Elixir news to share? Tell us at @ThinkingElixir (https://twitter.com/ThinkingElixir) or email at show@thinkingelixir.com (mailto:show@thinkingelixir.com) Find us online - Message the show - @ThinkingElixir (https://twitter.com/ThinkingElixir) - Message the show on Fediverse - @ThinkingElixir@genserver.social (https://genserver.social/ThinkingElixir) - Email the show - show@thinkingelixir.com (mailto:show@thinkingelixir.com) - Mark Ericksen - @brainlid (https://twitter.com/brainlid) - Mark Ericksen on Fediverse - @brainlid@genserver.social (https://genserver.social/brainlid) - David Bernheisel - @bernheisel (https://twitter.com/bernheisel) - David Bernheisel on Fediverse - @dbern@genserver.social (https://genserver.social/dbern)

Episode 68: In this episode of Critical Thinking - Bug Bounty Podcast Mathias is back with some fresh HTMX research, including CSP bypass using HTMX triggers, converting client-side response header injection to XSS, bypassing HTMX disable, and the challenges of using HTMX in larger applications and the potential performance trade-offs. We also talk about the results of his recent CTF Challenge, and explore some more facets of CDN-CGI functionality.Follow us on twitter at: @ctbbpodcastWe're new to this podcasting thing, so feel free to send us any feedback here: info@criticalthinkingpodcast.ioShoutout to YTCracker for the awesome intro music!------ Links ------Follow your hosts Rhynorater & Teknogeek on twitter:https://twitter.com/0xteknogeekhttps://twitter.com/rhynoraterProject Discovery Conference: https://nux.gg/hss24------ Ways to Support CTBBPodcast ------Hop on the CTBB Discord at https://ctbb.show/discord!We also do Discord subs at $25, $10, and $5 - premium subscribers get access to private masterclasses, exploits, tools, scripts, un-redacted bug reports, etc.Today's Guest:https://twitter.com/avlidienbrunnResources:Masato Kinugawa's research on Teamshttps://speakerdeck.com/masatokinugawa/how-i-hacked-microsoft-teams-and-got-150000-dollars-in-pwn2own?slide=33subdomain-only 307 open redirecthttps://avlidienbrunn.se/cdn-cgi/image/onerror=redirect/http://anything.avlidienbrunn.seTimestamps(00:00:00) Introduction(00:05:18) CSP Bypass using HTML(00:14:00) Converting client-side response header injection to XSS(00:23:10) Bypassing hx-disable(00:32:37) XSS-ing impossible elements(00:38:22) CTF challenge Recap and knowing there's a bug(00:51:53) hx-on (depreciated)(00:54:30) CDN-CGI Research discussion

Episode 64: In this episode of Critical Thinking - Bug Bounty Podcast we talk about Justin and Joel delve into .NET remoting and how it can be exploited, a recent bypass in the Dom Purify library and some interesting functionality in the Cloudflare CDN-CGI endpoint. They also touch on the importance of collaboration and knowledge sharing, JavaScript Deobfuscation, the value of impactful POCs, hiding XSS payloads with URL path updates.Follow us on twitter at: @ctbbpodcastsend us any feedback here: info@criticalthinkingpodcast.ioShoutout to YTCracker for the awesome intro music!------ Links ------Follow your hosts Rhynorater & Teknogeek on twitter:https://twitter.com/0xteknogeekhttps://twitter.com/rhynorater------ Ways to Support CTBBPodcast ------Hop on the CTBB Discord at https://ctbb.show/discord!We also do Discord subs at $25, $10, and $5 - premium subscribers get access to private masterclasses, exploits, tools, scripts, un-redacted bug reports, etc.Check out Project Discovery's nuclei 3.2 release blog at nux.gg/podcastResources:.NET Remotinghttps://code-white.com/blog/leaking-objrefs-to-exploit-http-dotnet-remoting/https://github.com/codewhitesec/HttpRemotingObjRefLeakDOM Purify BugCloudflare /cdn-cgi/https://developers.cloudflare.com/fundamentals/reference/cdn-cgi-endpoint/https://portswigger.net/research/when-security-features-collidehttps://twitter.com/kinugawamasato/status/893404078365069312https://twitter.com/m4ll0k/status/1770153059496108231XSSDoctor's writeup on Javascript deobfuscationrenniepak's tweetNaffy's tweetTimestamps:(00:00:00) Introduction(00:07:15) .Net Remoting(00:17:29) DOM Purify Bug(00:25:56) Cloudflare /cdn-cgi/(00:37:11) Javascript deobfuscation(00:47:26) renniepak's tweet(00:55:20) Naffy's tweet

In this week's bounty episode, an attack takes an XSS to RCE on Mailspring, a simple MFA bypass is covered, and a .NET CRLF injection is detailed in its FTP functionality. Links and vulnerability summaries for this episode are available at: https://dayzerosec.com/podcast/251.html [00:00:00] Introduction [00:00:20] Making Desync attacks easy with TRACE [00:16:01] Reply to calc: The Attack Chain to Compromise Mailspring [00:35:29] $600 Simple MFA Bypass with GraphQL [00:38:38] Microsoft .NET CRLF Injection Arbitrary File Write/Deletion Vulnerability [CVE-2023-36049] Podcast episodes are available on the usual podcast platforms: -- Apple Podcasts: https://podcasts.apple.com/us/podcast/id1484046063 -- Spotify: https://open.spotify.com/show/4NKCxk8aPEuEFuHsEQ9Tdt -- Google Podcasts: https://www.google.com/podcasts?feed=aHR0cHM6Ly9hbmNob3IuZm0vcy9hMTIxYTI0L3BvZGNhc3QvcnNz -- Other audio platforms can be found at https://anchor.fm/dayzerosec You can also join our discord: https://discord.gg/daTxTK9

Today, we explore how Magnet Goblin, a cyber threat actor, exploits 1-day vulnerabilities for financial gain, targeting systems like Ivanti Connect Secure VPN and Magento. Learn about the widespread WordPress plugin vulnerability that left over 3,300 sites compromised with malware. Plus, unravel the complexities of Stored XSS, a persistent cyber threat lurking in databases and forums. Original Articles: For Magnet Goblin's exploits: https://research.checkpoint.com/2024/magnet-goblin-targets-publicly-facing-servers-using-1-day-vulnerabilities/ WordPress plugin vulnerabilities: https://www.bleepingcomputer.com/news/security/hackers-exploit-wordpress-plugin-flaw-to-infect-3-300-sites-with-malware/ Microsoft's chilly hack: https://www.theverge.com/2024/3/8/24094287/microsoft-hack-russian-security-attack-stolen-source-code Swiss government's ransomware dilemma: https://therecord.media/play-ransomware-leaked-government-files-swiss Duvel Moortgat Brewery's production pause: https://www.vrt.be/vrtnws/en/2024/03/06/cyber-attack-brings-production-at-duvel-moortgat-breweries-to-a/ FINTRAC's cyber incident: https://globalnews.ca/news/10335818/fintrac-cyber-incident/ Hamilton's ransomware attack: https://www.cbc.ca/news/canada/hamilton/ransomware-attack-1.7133457 Music: https://www.jeredjones.com/ Logo Design: https://www.zackgraber.com/ Tags: Magnet Goblin, WordPress Vulnerabilities, Popup Builder Plugin, CVE-2023-6000, Cybersecurity, HGF, 1-Day Vulnerabilities, Cross-Site Scripting, XSS, Malware Infections, Cyber Threat Actors, Web Security, Sucuri, Plugin Security, Website Hacking, Stored XSS, Cyber Attacks, Data Breach Search Phrases: Magnet Goblin cyber attacks WordPress Popup Builder plugin vulnerability Handling 1-Day vulnerabilities in cybersecurity Cross-Site Scripting attacks and prevention Latest malware infections in WordPress sites Cyber threat actors exploiting web vulnerabilities Sucuri reports on WordPress security How to secure websites against XSS vulnerabilities Understanding Stored XSS and its impacts Data breaches involving HGF this week Cybersecurity updates on WordPress plugins Protecting against Popup Builder CVE-2023-6000 Recent cyber attacks on web platforms Transcript: Mar 11 [00:00:00] transition: Welcome to The Daily Decrypt, the go to podcast for all things cyber security. Get ready to decrypt the complexities of cyber safety and stay informed. Stand at the frontier of cyber security news, where every insight is a key to unlocking the mysteries of the digital domain. Your voyage through the cyber news vortex starts now. [00:00:29] offsetkeyz: Welcome back to the daily decrypt. Today we're joined by hot girl farmer. Who's going to. Help recap the breaches from the last week. your favorite segment who's been popped. Then we're going to be talking about the magnet goblins gobbling up one day vulnerabilities. And finally. The word, press pop-up plugin vulnerability persists popping approximately 3,300 sites. [00:00:54] transition: Thanks for [00:01:00] watching! [00:01:00] hgf: first up on our list is a chili tail from the tech giant Microsoft on March 9th. Microsoft announced that Russian hackers, chilly from their previous solar winds attack, decided to warm up by spying on some emails of Microsoft, senior leaders. The hack evolved into a frosty situation with some of Microsoft secure source code stolen. Switching over to Switzerland where things got a bit too neutral for their liking on March 8th, the Swiss government found itself in a knot tighter than a Swiss wristwatch. A ransomware attack leaked 65,000 government documents. It appears the hackers played their cards, right with the play ransomware gang, proving that sometimes neutrality attracts more than just peace. You know, what if only they had some witches watching those Swiss wristwatches, which, which would, which, where, which Swiss watch. There were three witches. And there were three Swiss wristwatches, which witch would watch which Swiss wristwatch. Absolutely not. [00:02:00] Now pour one out for the Duvel Moortgat brewery on March 9th found its production as stale as the beer in a forgotten glass. The brewery known for its spirited, Duvel faced a ransomware attack that halted it's hops. It's a sobering reminder that no industry is immune and perhaps it's time for cyber attackers to barley there. Brew up some better hobbies, maybe. They be brewing up something. Yikes. March six, brought a cold front to Canada's fin track freezing some of it systems or the cyber incident as crisp as the Canadian winter, while their intelligence system stayed snug and warm. It's a stark reminder that even those guarding the treasure need to watch their own chest. Lastly Hamilton, a Canadian city got a taste of digital disruption, but services paralyzed faster than a moose caught in headlights. The ransomware attack confirmed on March 5th has shown that even city services can get frozen over in the cyber blizzard. It's a digital reminder that in the game of cybersecurity, sometimes you go hockey stick and sometimes you're [00:03:00] the puck. Mm. Canadians love hockey. Us too. That's what I hear anyways. [00:03:06] transition: Thanks for watching! [00:03:12] offsetkeyz: All right. So the magnet goblins are gobbling up one day. Vulnerabilities. This. Is coming to you from checkpoint research. Published on March 8th, check the show notes for the URL. But if financially motivated cyber threat actor called magnet goblin. Is getting really good at exploiting one day vulnerabilities. And one day vulnerabilities are essentially vulnerabilities that are announced. And discovered already. But not yet patched. So the one day signifies about how much time attackers have to exploit these vulnerabilities before they get patched. And the magnet goblets have gotten really good at exploiting one day vulnerabilities.. The magnet goblins have targeted such systems as Ivanti connect, secure VPN, Magento ClixSense and. [00:04:00] Potentially Apache active MQ. And they use these vulnerabilities to deploy a variety of malware, including the novel Linux version of nerdy and rat, which is a remote access Trojan and warp wire, a JavaScript credential stealer. Magnet goblins, rapid adoption of one day. Vulnerabilities really just emphasizes the problem we have with patching. And the need for it. There. Operations have historically centered around financial gain. As opposed to some other motivations, like. Political or social or hacktivism. They're all about the money. And they usually use techniques. Revolving around data theft to include ransomware. Really whatever they can use to get their money. There isn't much news here other than the fact that the magnet goblins. Are out there and we really. Are behind. On our practices of updating as well as on our updates. . So as soon as a one day vulnerability comes out, make sure to check. The specifics of [00:05:00] that vulnerability and look for the indicators of compromise surrounding it. [00:05:15] offsetkeyz: Alright, and to wrap up today's stories, We're going to be talking about that. WordPress pop-up plugin. Vulnerability that was announced last November. Recently seen an uptick. In exploits. It's impacting. The plugin version is 4.2 0.3 and older. And involves a cross site, scripting vulnerability. And really highlights the reluctance of WordPress users to update their plugins. So if you're a WordPress administrater or consumer of WordPress websites, which most of us are one of those two things. If not, both. The WordPress plugin must be active and also creating popups on your site. So for example, this plugin is enabled by default. When you. Launch a new WordPress website, which we don't [00:06:00] love. But the good news is that even though it's enabled by default, It must be creating pop-ups in order for it to be. Exploited. My fear when reading this was that, yes, this is a default plugin. And since it's a default plugin, there are what 300,000 WordPress sites out there, all with this plugin, just chilling, probably on updated. And unutilized but luckily it must be utilized as well as enabled. And that's because the attackers inject PHP code into one of the events. That triggers the pop-up. And that PHP code is then stored on the server, alongside the WordPress site, making it a stored cross site, scripting vulnerability. Which means that anyone who accesses the site and sees the pop-up. Is vulnerable. To that malicious PHP code. And that code can do many things. It can try to hijack your session cookie, which. Is the ultimate goal, because then the attacker is you [00:07:00] without actually having to log in. Or it could redirect you to fishing sites or really anything that they want. So if you're a WordPress admin, obviously update or disable. I'm going to lean towards disabled because pop-ups are really annoying. Especially since they're now vulnerable. Go ahead and use a banner. Go ahead and open up a new tab somewhere, but don't. Pop up right. As I'm about to click something on your website, I'm immediately going to navigate away from your website. If there's a, pop-up sorry for the rant. If you're a consumer. Try grabbing a pop-up blocker from Google Chrome app store. I think Google Chrome even comes with a built in app. For blocking pop-ups. And whether or not it blocks the specific pop-up on the site that you're visiting. It will at least alert you that there is a pop-up. And allow you to confirm or deny pop-ups on that site. So better than nothing. But yeah. Totally against pop-ups as a practice, I'm really glad my WordPress site doesn't have any popups for this reason. . And [00:08:00] also for the reason to not annoy the crap out of the few website, visitors that I get. If you'd like to visit a website with no popups, no advertisements. Go ahead and check out. Daily decrypt.news. Just the words, daily decrypt.news, and you will find words and pictures and sounds. But no ads. And no pop-ups. All right. That's all we've got for you today. Quick episode. Huge. Thanks to hot girl farmer for coming on and delivering the hot breaches in who's been popped. We will talk to you some more tomorrow. [00:09:00]

Episode 59: In this episode of Critical Thinking - Bug Bounty Podcast Justin and Joel discuss the concept of gadgets and how they can be used to escalate the impact of vulnerabilities. We talk through things like HTML injection, image injection, CRLF injection, web cache deception, leaking window location, self-stored XSS, and much more.Follow us on twitter at: @ctbbpodcastWe're new to this podcasting thing, so feel free to send us any feedback here: info@criticalthinkingpodcast.ioShoutout to YTCracker for the awesome intro music!------ Links ------Follow your hosts Rhynorater & Teknogeek on twitter:------ Ways to Support CTBBPodcast ------Sign up for Caido using the referral code CTBBPODCAST for a 10% discount. Hop on the CTBB Discord at https://ctbb.show/discord!We also do Discord subs at $25, $10, $5 - premium subscribers get access to private masterclasses, exploits, tools, scripts, un-redacted bug reports, etc. Resources:Even BetterNahamSec's 5 Week ProgramNahamCon NewsCSS Injection ResearchTimestamps:(00:00:00) Introduction(00:03:31) Caido's New Features(00:15:20) Nahamcon News and 5 week Bootcamp and pentest opportunity(00:19:54) HTML Injection, CSS Injection, and Clickjacking(00:33:11) Image Injection(00:37:19) Open Redirects, Client-side path traversal, and Client-side Open Redirect(00:49:51) Leaking window.location.href(00:57:15) Cookie refresh gadget(01:01:40) Stored XXS(01:09:01) CRLF Injection(01:13:24) 'A Place To Stand' in GraphQL and ID Oracle(01:18:23) Auth gadgets, Web Cache Deception, & LocalStorage poisoning(01:27:46) Cookie Injection & Context Breaks

Scott and Wes are joined by security expert, Alex Sexton of Stripe to cover all things: client security, XSS, attack vectors, and CSP (content security policy). Show Notes 00:00 Welcome to Syntax! 00:31 Brought to you by Sentry.io. 00:57 Who is Alex Sexton? 04:44 Stripe dashboard is a work of art. 05:08 Tell us about the design system. React Aria 08:59 Who develops the iOS app? 09:50 Stripe's CSP (content security policy). 12:50 What even is a content security policy? Content Security Policy explanation 13:57 Douglas Crockford of Yahoo on security. Douglas on GitHub 15:13 Security philosophy. 16:59 What about inline styles and inline JavaScript? 19:41 How do we safely set inline styles from JS? 20:20 Setting up with meta tags. 22:52 What are common situations that require security exceptions? 26:24 Potential damage with inline style tags. 32:45 Looping vulnerabilities. 36:32 What about JavaScript injection? 37:09 Myspace Samy Worm. Myspace Samy Worm Wiki Sentry.io Security Policy Reporting 42:02 Does a CSP stop code from running in the console? 43:28 What are some general security best practices? 46:35 Strategies for rolling out a CSP. 51:49 Final tip, Strict Dynamic. Strict Dynamic 56:36 Where does the CSP live within Stripe? Original Black Friday story 59:35 One last story. 01:01:20 Sick Picks + Shameless Plugs Sick Picks + Shameless Plugs Alex: Wes Bos' Instagram Hit us up on Socials! Syntax: X Instagram Tiktok LinkedIn Threads Wes: X Instagram Tiktok LinkedIn Threads Scott:X Instagram Tiktok LinkedIn Threads Randy: X Instagram YouTube Threads

DEF CON moves venues, the Canadian government moves to ban Flipper Zero, and some XSS issues affect Microsoft Whiteboard and Meta's Excalidraw. Links and vulnerability summaries for this episode are available at: https://dayzerosec.com/podcast/241.html [00:00:00] Introduction [00:00:33] DEF CON was canceled. [00:16:42] Federal action on combatting auto theft [00:39:03] Jenkins Arbitrary File Leak Vulnerability, CVE-2024-23897, Can Lead To RCE [00:43:27] Back to the (Clip)board with Microsoft Whiteboard and Excalidraw in Meta (CVE-2023-26140) [00:52:26] SSRF on a Headless Browser Becomes Critical! [00:59:04] ChatGPT Account Takeover - Wildcard Web Cache Deception [01:05:14] Differential testing and fuzzing of HTTP servers and proxies [01:10:14] Hunting for Vulnerabilities that are ignored by most of the Bug Bounty Hunters [01:19:38] Analyzing AI Application Threat Models The DAY[0] Podcast episodes are streamed live on Twitch twice a week: -- Mondays at 3:00pm Eastern (Boston) we focus on web and more bug bounty style vulnerabilities -- Tuesdays at 7:00pm Eastern (Boston) we focus on lower-level vulnerabilities and exploits. We are also available on the usual podcast platforms: -- Apple Podcasts: https://podcasts.apple.com/us/podcast/id1484046063 -- Spotify: https://open.spotify.com/show/4NKCxk8aPEuEFuHsEQ9Tdt -- Google Podcasts: https://www.google.com/podcasts?feed=aHR0cHM6Ly9hbmNob3IuZm0vcy9hMTIxYTI0L3BvZGNhc3QvcnNz -- Other audio platforms can be found at https://anchor.fm/dayzerosec You can also join our discord: https://discord.gg/daTxTK9

In today's podcast we cover four crucial cyber and technology topics, including:  1.        Courts, FTC uphold enforcement action against data broker 2.        Pennsylvania courts facing outages amidst DDoS attacks 3.        Individual faces 25 years in prison for supporting money laundering 4.        Researchers find “resumelooter” who have stolen data from 65 sites    I'd love feedback, feel free to send your comments and feedback to  | cyberandtechwithmike@gmail.com

A Gaming AI Dev joins to discuss what hardware you'll need to power next gen games! [SPON: Use ''brokensilicon30'' for $30 OFF $500+ Flexispot Orders: https://bit.ly/3RcyPla ] [SPON: “brokensilicon” at CDKeyOffer Black Friday: https://www.cdkeyoffer.com/cko/Moore10 ] [SPON: Get 10% off Tasty Vite Ramen with code BROKENSILICON: https://bit.ly/3wKx6v1 ] #blackfriday #windows11 0:00 Getting to know our guest, how to get into AI 5:15 What is Pygmalion building to change gaming? 11:31 The Next 2D - 3D Moment for Gaming could be Neural Engine AI 20:44 AMD Hawk Point and the Importance of TOPs in APUs 27:30 Intel Meteor Lake's NPU – Does it matter if it's weaker than AMD? 33:03 AMD vs Qualcomm Snapdragon Elite X 40:45 Intel's AVX-512 & NPU Adoption Problem with AI... 53:01 Predicting how soon we'll get Next Gen AI in Games 1:00:45 Can the PS5 run Next Gen AI? …what about the XSS? 1:16:26 How might the PlayStation 6 do AI? 1:27:19 AMD's Advancing AI Event & ROCm, Nvidia's AI Advantage 1:50:20 Intel AI – Are they behind? Will RDNA 4 be big for AI? 2:03:19 Will future APUs be as strong as H100? When will the AI bubble pop? 2:15:22 Will AI hurt Gaming long term? 2:33:14 AI Ethics and AI's impact on Artists $400 RX 6800: https://amzn.to/3uRsLqX Main Domain (pygmalion.ai is not them): https://pygmalion.chat/ Discord with Active Devs: https://discord.com/invite/pygmalionai AI engine github: https://github.com/PygmalionAI/aphrodite-engine Guest's github (very new): https://github.com/IsaiahGossner Main github for the project: https://github.com/PygmalionAI Their hugging face, where actual models are stored: https://huggingface.co/PygmalionAI https://www.amd.com/en/newsroom/press-releases/2023-12-6-amd-showcases-growing-momentum-for-amd-powered-ai-.html https://www.servethehome.com/wp-content/uploads/2023/12/AMD-Instinct-MI300-Launch_Page_50.jpg https://www.servethehome.com/wp-content/uploads/2023/12/AMD-Instinct-MI300-Launch_Page_49.jpg Bryan Heemskerk AI Episode: https://youtu.be/NDEka3tBE1g?si=pd6_xNPgMxo7Jltd https://www.youtube.com/watch?v=mCxHcvtpfAk&ab_channel=Moore%27sLawIsDead https://en.wikipedia.org/wiki/Von_Neumann_architecture https://www.trendhunter.com/trends/playstation-6-concept

Episode 42: In this episode of Critical Thinking - Bug Bounty Podcast, we're live from a hacking event in Portugal, and joined by the extremely talented René de Sain! He helps us cover a host of topics like NFT, XSS, LHE, and tips for success. We also talk about the correlation between creativity and hacking, shared workspaces, and last but certainly not least, hacker tattoos.Follow us on twitter at: @ctbbpodcastWe're new to this podcasting thing, so feel free to send us any feedback here: info@criticalthinkingpodcast.ioShoutout to YTCracker for the awesome intro music!------ Links ------Follow your hosts Rhynorater & Teknogeek on twitter:https://twitter.com/0xteknogeekhttps://twitter.com/rhynorater------ Ways to Support CTBBPodcast ------Sign up for Caido using the referral code CTBBPODCAST for a 10% discount.Today's Guest:https://twitter.com/renniepakhttps://www.linkedin.com/in/rene-de-sain/ https://app.intigriti.com/researcher/profile/renniepakHacker Hideouthttps://hackerhideout.xyzTimestamps:(00:00:00) Introduction(00:04:40) NFT Vulns and web3 hacking(00:08:15) Hacker Tattoos(00:12:30) Intigriti vs. other platforms, and LHE approaches.(00:20:10) Loneliness, budgeting, and the pros and cons of full-time hunting(00:28:36) Target approaches, XSS, and extension tools.(00:37:40) Fostering hacker intuition and relationships(00:47:15) Final thoughts on the Intigriti Event

Episode 39: In this episode of Critical Thinking - Bug Bounty Podcast, We're catching up on news, including new override updates from Chrome, GPT-4, SAML presentations, and even a shoutout from Live Overflow! Then we get busy laying the groundwork on a discussion of web architecture. better get started on this one, cause we're going to need a part two!Follow us on twitter at: @ctbbpodcastWe're new to this podcasting thing, so feel free to send us any feedback here: info@criticalthinkingpodcast.ioShoutout to YTCracker for the awesome intro music!------ Links ------Follow your hosts Rhynorater & Teknogeek on twitter:https://twitter.com/0xteknogeekhttps://twitter.com/rhynoraterCT shoutout from Live Overflowhttps://www.youtube.com/watch?v=3zShGLEqDn8Chrome Override updateshttps://developer.chrome.com/blog/new-in-devtools-117/#overridesGPT-4/AI Prompt Injectionhttps://x.com/rez0__/status/1706334160569213343?s=20 & https://x.com/evrnyalcin/status/1707298475216425400?s=20Caido Releases Pro free for studentshttps://twitter.com/CaidoIO/status/1707099640846250433Or, use code ctbbpodcast for 10% of the subscription priceAleksei Tiurin on SAML hackinghttps://twitter.com/antyurin/status/1704906212913951187Account Takeover on Teslahttps://medium.com/@evan.connelly/post-account-takeover-account-takeover-of-internal-tesla-accounts-bc720603e67dJosephhttps://portswigger.net/bappstore/82d6c60490b540369d6d5d01822bdf61Cookie Monsterhttps://github.com/iangcarroll/cookiemonsterHTMXhttps://htmx.org/Timestamps:(00:00:00) Introduction(00:04:40) Shoutout from Live Overflow(00:06:40) Chrome Overrides update(00:08:48) GPT-4V and AI Prompt Injection(00:14:35) Caido Promos (00:15:40) SAML Vulns(00:17:55) Account takeover on Tesla, and auth token from one context in a different context(00:24:30) Testing for vulnerabilities in JWT-based authentication(00:28:07) Web Architectures(00:32:49) Single page apps + a rest API(00:45:20) XSS vulnerabilities in single page apps(00:49:00) Direct endpoint architecture(00:55:50) Content Enumeration(01:02:23) gRPC & Protobuf(01:06:08) Microservices and Reverse Proxy(01:12:10) Request Smuggling/Parameter Injections

The majority of attacks are now automated, with a growing number of attacks targeting business logic via APIs, which is unique to every organization. This shift makes traditional signature-based defenses insufficient to stop targeted business logic attacks on their own. In this discussion, Karl Triebes shares how flaws in business logic design can leave applications and APIs open to attack and what tools organizations need to effectively mitigate these threats. This segment is sponsored by Imperva. Visit https://securityweekly.com/imperva to learn more about them! In the news segment, a slew of XSS in Azure's HDInsights, CNCF releases fuzzing and security audits on Kyverno and Dragonfly2, CISA shares a roadmap for security open source software, race conditions and repojacking in GitHub, and more! Visit https://securityweekly.com/asw for all the latest episodes! Follow us on Twitter: https://www.twitter.com/secweekly Like us on Facebook: https://www.facebook.com/secweekly Show Notes: https://securityweekly.com/asw-255

A slew of XSS in Azure's HDInsights, CNCF releases fuzzing and security audits on Kyverno and Dragonfly2, CISA shares a roadmap for security open source software, race conditions and repojacking in GitHub, and more! Show Notes: https://securityweekly.com/asw-255

Episode 34: In this episode of Critical Thinking - Bug Bounty Podcast, Justin and Joel have both beaten COVID and now square off against each other in a mega-debate representing hackers and program managers respectively. Among the topics included are Disclosures, Dupes, Zero-Day Policy, payouts, budgets, Triage and Retesting. So, if you want blood-pumping, insult-hurling opinion-invalidating debate…then maybe look somewhere else. But if a thought-provoking discussion about bug bounty is more your style, then take a seat and get ready!Follow us on twitter at: @ctbbpodcastWe're new to this podcasting thing, so feel free to send us any feedback here: info@criticalthinkingpodcast.ioShoutout to YTCracker for the awesome intro music!------ Links ------Follow your hosts Rhynorater & Teknogeek on twitter:https://twitter.com/0xteknogeekhttps://twitter.com/rhynoraterPrompt Injection Primer for Engineershttps://twitter.com/rez0__/status/1695078576104833291 Portswigger on XSShttps://twitter.com/PortSwiggerRes/status/1691812241375424983Gunner Andrews talkhttps://www.youtube.com/watch?v=aaDe1ADh5KM Jhaddix live training Givawayhttps://tbhmlive.com/ctbb.show/giveawayNew Websitectbb.showFight music composed by Dayn Leonardsonhttps://www.daynleo.com/Timestamps:(00:00:00) Introduction(00:02:00) Joel's DEFCON Recap(00:04:45) Prompt Injection Primer for Engineers by Rez0(00:07:00) Portswigger Research and XSS(00:08:36) Gunnar Andrews' talk on serverless architecture(00:10:10) ‘Bug Hunter Methodology' Course GiveawayThe Debate(00:13:34) Zero-Day Policy and Payment for Vulnerabilities(00:25:40) Disclosure(00:33:52) Dupes (00:51:23) CVSS(01:02:25) Budgets and Payouts(01:15:00) Triage and Retesting(01:34:55) Withholding Reports(01:41:50) Root Cause Analysis(01:52:25) Interacting with hacker reports from a security standpoint.(01:58:50) Internal Activity on a Report(02:01:15) Cost of running Bug Bounty Programs and LHE's

From the intrusion kill chain model, a malicious code delivery technique that allows hackers to send code of their choosing to their victim's browser. XSS takes advantage of the fact that roughly 90% of web developers use the JavaScript scripting language to create dynamic content on their websites. Through various methods, hackers store their own malicious javascript code on unprotected websites. When the victim browses the site, the web server delivers that malicious code to the victim's computer and the victim's browser runs the code.

From the intrusion kill chain model, a malicious code delivery technique that allows hackers to send code of their choosing to their victim's browser. XSS takes advantage of the fact that roughly 90% of web developers use the JavaScript scripting language to create dynamic content on their websites. Through various methods, hackers store their own malicious javascript code on unprotected websites. When the victim browses the site, the web server delivers that malicious code to the victim's computer and the victim's browser runs the code. Learn more about your ad choices. Visit megaphone.fm/adchoices

Two featured interviews from this year's Black Hat. In the news, Discord.io ceases to be, Azure AD breach to get scrutiny from the CSRB, Zoom's AI stumbles show security concerns, model confusion attacks, a look at how far we have -- and haven't -- come with XSS flaws, an approachable article on AI, and more! Visit https://securityweekly.com/asw for all the latest episodes! Follow us on Twitter: https://www.twitter.com/secweekly Like us on Facebook: https://www.facebook.com/secweekly Show Notes: https://securityweekly.com/asw-252  

Episode 32: In this episode of Critical Thinking - Bug Bounty Podcast, Joel caught a nasty bug (no, not that kind) so Justin is flying solo, and catches us up to speed on what's been happening in hacking news.Follow us on twitter at: @ctbbpodcastWe're new to this podcasting thing, so feel free to send us any feedback here: info@criticalthinkingpodcast.ioShoutout to YTCracker for the awesome intro music!------ Links ------Follow your hosts Rhynorater & Teknogeek on twitter:https://twitter.com/0xteknogeekhttps://twitter.com/rhynoraterSmashing the State articlehttps://portswigger.net/research/smashing-the-state-machine?ps_source=portswiggerres&ps_medium=social&ps_campaign=race-conditionsNagles Algorithmhttps://en.wikipedia.org/wiki/Nagle%27s_algorithm HTTP/2 RFC https://httpwg.org/specs/rfc7540.html Tweet by Alex Chapmanhttps://twitter.com/ajxchapman/status/1691103677920968704?s=20Cookieless Duodrop IIS Auth Bypasshttps://soroush.me/blog/2023/08/cookieless-duodrop-iis-auth-bypass-app-pool-privesc-in-asp-net-framework-cve-2023-36899/ Xss and .Nethttps://blog.isec.pl/all-is-xss-that-comes-to-the-net/Shopify Account Takeoverhttps://ophionsecurity.com/blog/shopify-acount-takeoverShort Name Guesserhttps://github.com/projectmonke/shortnameguesserHacking Points.comhttps://samcurry.net/Points-com/Hacking Starbucks https://samcurry.net/hacking-starbucks/Bug Bounty Tag Requesthttps://twitter.com/ajxchapman/status/1688892093597470720Sandwich Attackhttps://www.landh.tech/blog/20230811-sandwich-attack Timestamps:(00:00:00) Introduction(00:01:25) Smashing the State(00:11:30) HTTP/2 RFC(00:17:30) Cookieless Duodrop IIS Auth Bypass(00:24:45) Takeovers and Tools(00:32:30) Sam Curry writeup(00:53:10) Community requests(00:55:10) Sandwich Attacks

In this episode of Critical Thinking - Bug Bounty Podcast, we're back with Joel, fresh (haha) off of back-to-back live hack events in London and Seoul. We start with his recap of the events, and the different vibes of each LHE, then we dive into the technical thick of it, and talk web browsers, XSS vectors, new tools, CVSS 4, and much more than we can fit in this character limit. Just trust us when we say you don't want to miss it!Follow us on twitter at: @ctbbpodcastWe're new to this podcasting thing, so feel free to send us any feedback here: info@criticalthinkingpodcast.ioShoutout to YTCracker for the awesome intro music!------ Links ------Follow your hosts Rhynorater & Teknogeek on twitter:https://twitter.com/0xteknogeekhttps://twitter.com/rhynorater______Episode 26 links:https://linke.to/Episode26Notes______Timestamps:(00:00:00) Introduction(00:04:10) LHE Vibes(00:07:45) "Hunting for NGINX alias traversals in the wild"(00:12:30) Various payouts in bug bounty programs(00:16:05) New XSS vectors and popovers(00:24:15) The "magical math element" in Firefox(00:27:15) LiveOverflow's research on HTML parsing quirks(00:32:10) Mr. Tux Racer, Woocommerce, and WordPress(00:40:00) Changes in the CVSS 4 draft spec(00:45:00) TomNomNom's new tool Jsluise(00:51:15) JavaScript's import function(00:55:30) Gareth Hayes' book "JavaScript for Hackers"(01:02:24) Injecting JavaScript variables(01:09:15) Prototype pollution(01:13:15) DOM clobbering(01:18:10) Exploiting HTML injection using meta and base tags(01:25:00) CSS Games(01:28:00) Base tags

Without visibility and continuous monitoring, dangerous threats expose our blind spots and create risk. Invicti, who brought together Acunetix and Netsparker, analyzes common web application vulns across thousands of assets yearly and releases the Invicti AppSec Indicator for a holistic view of vulnerability trends from automated scan results. In this talk, Invicti Director of Product Patrick Vandenberg shares a deep dive into the trends currently impacting AppSec programs and discusses some of the best practices that will help organizations achieve efficiencies in their programs. Segment Resources: - [AppSec Indicator Spring 2023 edition | Invicti](https://www.invicti.com/clp/appsec-indicator/?utm_medium=contentsyn&utm_source=sc_media&utm_campaign=i-syn_CRA-ASW-Jun2023&utm_content=230424-ga_spring-appsec-indicator&utm_term=brand) This segment is sponsored by Invicti. Visit [securityweekly.com/invicti](https://securityweekly.com/invicti) to learn more about them!  In the news, two XSS vulns via postMessage methods in Azure, how to choose (and move on from) a web research topic, OpenSSF finances a security developer-in-residence for Python, more infosec myths, free cybersecurity training resources. Visit [securityweekly.com/asw](https://securityweekly.com/asw) for all the latest episodes! Follow us on Twitter: [@SecWeekly](https://www.twitter.com/secweekly) Like us on Facebook: [facebook.com/secweekly](https://www.facebook.com/secweekly) Visit https://securityweekly.com/asw for all the latest episodes!  Show Notes: https://securityweekly.com/asw-245