FreshRSS

🔒
❌ Secure Planet Training Courses Updated For 2019 - Click Here
There are new available articles, click to refresh the page.
☐ ☆ ✇ The Hacker News

Kinsing Hackers Exploit Apache ActiveMQ Vulnerability to Deploy Linux Rootkits

By: Newsroom — November 21st 2023 at 10:00
The Kinsing threat actors are actively exploiting a critical security flaw in vulnerable Apache ActiveMQ servers to infect Linux systems with cryptocurrency miners and rootkits. "Once Kinsing infects a system, it deploys a cryptocurrency mining script that exploits the host's resources to mine cryptocurrencies like Bitcoin, resulting in significant damage to the infrastructure and a negative
☐ ☆ ✇ The Hacker News

Why Defenders Should Embrace a Hacker Mindset

By: The Hacker News — November 20th 2023 at 11:02
Today’s security leaders must manage a constantly evolving attack surface and a dynamic threat environment due to interconnected devices, cloud services, IoT technologies, and hybrid work environments. Adversaries are constantly introducing new attack techniques, and not all companies have internal Red Teams or unlimited security resources to stay on top of the latest threats. On top of that,
☐ ☆ ✇ The Hacker News

Russian Cyber Espionage Group Deploys LitterDrifter USB Worm in Targeted Attacks

By: Newsroom — November 18th 2023 at 06:32
Russian cyber espionage actors affiliated with the Federal Security Service (FSB) have been observed using a USB propagating worm called LitterDrifter in attacks targeting Ukrainian entities. Check Point, which detailed Gamaredon's (aka Aqua Blizzard, Iron Tilden, Primitive Bear, Shuckworm, and Winterflounder) latest tactics, branded the group as engaging in large-scale campaigns that are
☐ ☆ ✇ The Hacker News

Discover 2023's Cloud Security Strategies in Our Upcoming Webinar - Secure Your Spot

By: The Hacker News — November 17th 2023 at 10:30
In 2023, the cloud isn't just a technology—it's a battleground. Zenbleed, Kubernetes attacks, and sophisticated APTs are just the tip of the iceberg in the cloud security warzone. In collaboration with the esteemed experts from Lacework Labs, The Hacker News proudly presents an exclusive webinar: 'Navigating the Cloud Attack Landscape: 2023 Trends, Techniques, and Tactics.' Join us for an
☐ ☆ ✇ The Hacker News

CISA Adds Three Security Flaws with Active Exploitation to KEV Catalog

By: Newsroom — November 17th 2023 at 05:57
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday added three security flaws to its Known Exploited Vulnerabilities (KEV) catalog based on evidence of active exploitation in the wild. The vulnerabilities are as follows - CVE-2023-36584 (CVSS score: 5.4) - Microsoft Windows Mark-of-the-Web (MotW) Security Feature Bypass Vulnerability CVE-2023-1671 (CVSS score: 9.8) -
☐ ☆ ✇ The Hacker News

Zero-Day Flaw in Zimbra Email Software Exploited by Four Hacker Groups

By: Newsroom — November 16th 2023 at 16:09
A zero-day flaw in the Zimbra Collaboration email software was exploited by four different groups in real-world attacks to pilfer email data, user credentials, and authentication tokens. "Most of this activity occurred after the initial fix became public on GitHub," Google Threat Analysis Group (TAG) said in a report shared with The Hacker News. The flaw, tracked as CVE-2023-37580 (CVSS score:
☐ ☆ ✇ The Hacker News

Experts Uncover DarkCasino: New Emerging APT Threat Exploiting WinRAR Flaw

By: Newsroom — November 16th 2023 at 13:51
A hacking group that leveraged a recently disclosed security flaw in the WinRAR software as a zero-day has now been categorized as an entirely new advanced persistent threat (APT). Cybersecurity company NSFOCUS has described DarkCasino as an "economically motivated" actor that first came to light in 2021. "DarkCasino is an APT threat actor with strong technical and learning ability, who is good
☐ ☆ ✇ The Hacker News

Russian Hackers Linked to 'Largest Ever Cyber Attack' on Danish Critical Infrastructure

By: Newsroom — November 16th 2023 at 06:06
Russian threat actors have been possibly linked to what's been described as the "largest cyber attack against Danish critical infrastructure," in which 22 companies associated with the operation of the country's energy sector were targeted in May 2023.  "22 simultaneous, successful cyberattacks against Danish critical infrastructure are not commonplace," Denmark's SektorCERT said [PDF]. "The
☐ ☆ ✇ The Hacker News

New PoC Exploit for Apache ActiveMQ Flaw Could Let Attackers Fly Under the Radar

By: Newsroom — November 15th 2023 at 13:49
Cybersecurity researchers have demonstrated a new technique that exploits a critical security flaw in Apache ActiveMQ to achieve arbitrary code execution in memory. Tracked as CVE-2023-46604 (CVSS score: 10.0), the vulnerability is a remote code execution bug that could permit a threat actor to run arbitrary shell commands. It was patched by Apache in ActiveMQ versions 5.15.16, 5.16.7, 5.17.6,
☐ ☆ ✇ The Hacker News

Reptar: New Intel CPU Vulnerability Impacts Multi-Tenant Virtualized Environments

By: Newsroom — November 15th 2023 at 07:52
Intel has released fixes to close out a high-severity flaw codenamed Reptar that impacts its desktop, mobile, and server CPUs. Tracked as CVE-2023-23583 (CVSS score: 8.8), the issue has the potential to "allow escalation of privilege and/or information disclosure and/or denial of service via local access." Successful exploitation of the vulnerability could also permit a bypass of the CPU's
☐ ☆ ✇ The Hacker News

Urgent: VMware Warns of Unpatched Critical Cloud Director Vulnerability

By: Newsroom — November 15th 2023 at 04:18
VMware is warning of a critical and unpatched security flaw in Cloud Director that could be exploited by a malicious actor to get around authentication protections. Tracked as CVE-2023-34060 (CVSS score: 9.8), the vulnerability impacts instances that have been upgraded to version 10.5 from an older version. "On an upgraded version of VMware Cloud Director Appliance 10.5, a malicious actor with
☐ ☆ ✇ The Hacker News

The Importance of Continuous Security Monitoring for a Robust Cybersecurity Strategy

By: The Hacker News — November 14th 2023 at 11:56
In 2023, the global average cost of a data breach reached $4.45 million. Beyond the immediate financial loss, there are long-term consequences like diminished customer trust, weakened brand value, and derailed business operations. In a world where the frequency and cost of data breaches are skyrocketing, organizations are coming face-to-face with a harsh reality: traditional cybersecurity
☐ ☆ ✇ The Hacker News

CISA Sets a Deadline - Patch Juniper Junos OS Flaws Before November 17

By: Newsroom — November 14th 2023 at 06:03
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has given a November 17, 2023, deadline for federal agencies and organizations to apply mitigations to secure against a number of security flaws in Juniper Junos OS that came to light in August. The agency on Monday added five vulnerabilities to the Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active
☐ ☆ ✇ The Hacker News

Chinese Hackers Launch Covert Espionage Attacks on 24 Cambodian Organizations

By: Newsroom — November 13th 2023 at 05:58
Cybersecurity researchers have discovered what they say is malicious cyber activity orchestrated by two prominent Chinese nation-state hacking groups targeting 24 Cambodian government organizations. "This activity is believed to be part of a long-term espionage campaign," Palo Alto Networks Unit 42 researchers said in a report last week. "The observed activity aligns with geopolitical goals of
☐ ☆ ✇ The Hacker News

Zero-Day Alert: Lace Tempest Exploits SysAid IT Support Software Vulnerability

By: Newsroom — November 9th 2023 at 16:54
The threat actor known as Lace Tempest has been linked to the exploitation of a zero-day flaw in SysAid IT support software in limited attacks, according to new findings from Microsoft. Lace Tempest, which is known for distributing the Cl0p ransomware, has in the past leveraged zero-day flaws in MOVEit Transfer and PaperCut servers. The issue, tracked as CVE-2023-47246, concerns a path traversal
☐ ☆ ✇ The Hacker News

CISA Alerts: High-Severity SLP Vulnerability Now Under Active Exploitation

By: Newsroom — November 9th 2023 at 05:33
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Wednesday added a high-severity flaw in the Service Location Protocol (SLP) to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation. Tracked as CVE-2023-29552 (CVSS score: 7.5), the issue relates to a denial-of-service (DoS) vulnerability that could be weaponized to launch massive DoS
☐ ☆ ✇ The Hacker News

SideCopy Exploiting WinRAR Flaw in Attacks Targeting Indian Government Entities

By: Newsroom — November 7th 2023 at 08:59
The Pakistan-linked threat actor known as SideCopy has been observed leveraging the recent WinRAR security vulnerability in its attacks targeting Indian government entities to deliver various remote access trojans such as AllaKore RAT, Ares RAT, and DRat. Enterprise security firm SEQRITE described the campaign as multi-platform, with the attacks also designed to infiltrate Linux systems with a
☐ ☆ ✇ The Hacker News

Critical Flaws Discovered in Veeam ONE IT Monitoring Software – Patch Now

By: Newsroom — November 7th 2023 at 05:08
Veeam has released security updates to address four flaws in its ONE IT monitoring and analytics platform, two of which are rated critical in severity. The list of vulnerabilities is as follows - CVE-2023-38547 (CVSS score: 9.9) - An unspecified flaw that can be leveraged by an unauthenticated user to gain information about the SQL server connection Veeam ONE uses to access its configuration
☐ ☆ ✇ The Hacker News

QNAP Releases Patch for 2 Critical Flaws Threatening Your NAS Devices

By: Newsroom — November 6th 2023 at 16:55
QNAP has released security updates to address two critical security flaws impacting its operating system that could result in arbitrary code execution. Tracked as CVE-2023-23368 (CVSS score: 9.8), the vulnerability is described as a command injection bug affecting QTS, QuTS hero, and QuTScloud. "If exploited, the vulnerability could allow remote attackers to execute commands via a network," the
☐ ☆ ✇ KitPloit - PenTest Tools!

WebSecProbe - Web Security Assessment Tool, Bypass 403

By: Zion3R — November 6th 2023 at 11:30


A cutting-edge utility designed exclusively for web security aficionados, penetration testers, and system administrators. WebSecProbe is your advanced toolkit for conducting intricate web security assessments with precision and depth. This robust tool streamlines the intricate process of scrutinizing web servers and applications, allowing you to delve into the technical nuances of web security and fortify your digital assets effectively.


WebSecProbe is designed to perform a series of HTTP requests to a target URL with various payloads in order to test for potential security vulnerabilities or misconfigurations. Here's a brief overview of what the code does:

  • It takes user input for the target URL and the path.
  • It defines a list of payloads that represent different HTTP request variations, such as URL-encoded characters, special headers, and different HTTP methods.
  • It iterates through each payload and constructs a full URL by appending the payload to the target URL.
  • For each constructed URL, it sends an HTTP GET request using the requests library, and it captures the response status code and content length.
  • It prints the constructed URL, status code, and content length for each request, effectively showing the results of each variation's response from the target server.
  • After testing all payloads, it queries the Wayback Machine (a web archive) to check if there are any archived snapshots of the target URL/path. If available, it prints the closest archived snapshot's information.

Does This Tool Bypass 403 ?

It doesn't directly attempt to bypass a 403 Forbidden status code. The code's purpose is more about testing the behavior of the server when different requests are made, including requests with various payloads, headers, and URL variations. While some of the payloads and headers in the code might be used in certain scenarios to test for potential security misconfigurations or weaknesses, it doesn't guarantee that it will bypass a 403 Forbidden status code.

In summary, this code is a tool for exploring and analyzing a web server's responses to different requests, but whether or not it can bypass a 403 Forbidden status code depends on the specific configuration and security measures implemented by the target server.

 

pip install WebSecProbe

WebSecProbe <URL> <Path>

Example:

WebSecProbe https://example.com admin-login

from WebSecProbe.main import WebSecProbe

if __name__ == "__main__":
url = 'https://example.com' # Replace with your target URL
path = 'admin-login' # Replace with your desired path

probe = WebSecProbe(url, path)
probe.run()



☐ ☆ ✇ The Hacker News

FIRST Announces CVSS 4.0 - New Vulnerability Scoring System

By: Newsroom — November 2nd 2023 at 05:19
The Forum of Incident Response and Security Teams (FIRST) has officially announced CVSS v4.0, the next generation of the Common Vulnerability Scoring System standard, more than eight years after the release of CVSS v3.0 in June 2015. "This latest version of CVSS 4.0 seeks to provide the highest fidelity of vulnerability assessment for both industry and the public," FIRST said in a statement.
☐ ☆ ✇ The Hacker News

HelloKitty Ransomware Group Exploiting Apache ActiveMQ Vulnerability

By: Newsroom — November 2nd 2023 at 04:27
Cybersecurity researchers are warning of suspected exploitation of a recently disclosed critical security flaw in the Apache ActiveMQ open-source message broker service that could result in remote code execution. "In both instances, the adversary attempted to deploy ransomware binaries on target systems in an effort to ransom the victim organizations," cybersecurity firm Rapid7 disclosed in a
☐ ☆ ✇ The Hacker News

Alert: F5 Warns of Active Attacks Exploiting BIG-IP Vulnerability

By: Newsroom — November 1st 2023 at 04:53
F5 is warning of active abuse of a critical security flaw in BIG-IP less than a week after its public disclosure, resulting in the execution of arbitrary system commands as part of an exploit chain. Tracked as CVE-2023-46747 (CVSS score: 9.8), the vulnerability allows an unauthenticated attacker with network access to the BIG-IP system through the management port to achieve code execution. A
☐ ☆ ✇ The Hacker News

PentestPad: Platform for Pentest Teams

By: The Hacker News — October 31st 2023 at 11:21
In the ever-evolving cybersecurity landscape, the game-changers are those who adapt and innovate swiftly. Pen test solutions not only supercharge productivity but also provide a crucial layer of objectivity, ensuring efficiency and exceptional accuracy. The synergy between a skilled penetration tester and the precision of pen testing solutions are crucial for staying on top of today’s high
☐ ☆ ✇ The Hacker News

Atlassian Warns of New Critical Confluence Vulnerability Threatening Data Loss

By: Newsroom — October 31st 2023 at 11:16
Atlassian has warned of a critical security flaw in Confluence Data Center and Server that could result in "significant data loss if exploited by an unauthenticated attacker." Tracked as CVE-2023-22518, the vulnerability is rated 9.1 out of a maximum of 10 on the CVSS scoring system. It has been described as an instance of "improper authorization vulnerability." All versions of Confluence Data
☐ ☆ ✇ The Hacker News

Urgent: New Security Flaws Discovered in NGINX Ingress Controller for Kubernetes

By: Newsroom — October 30th 2023 at 06:46
Three unpatched high-severity security flaws have been disclosed in the NGINX Ingress controller for Kubernetes that could be weaponized by a threat actor to steal secret credentials from the cluster. The vulnerabilities are as follows -  CVE-2022-4886 (CVSS score: 8.8) - Ingress-nginx path sanitization can be bypassed to obtain the credentials of the ingress-nginx controller CVE-2023-5043 (
☐ ☆ ✇ KitPloit - PenTest Tools!

LooneyPwner - Exploit Tool For CVE-2023-4911, Targeting The 'Looney Tunables' Glibc Vulnerability In Various Linux Distributions

By: Zion3R — October 27th 2023 at 11:30


Exploit tool for CVE-2023-4911, targeting the 'Looney Tunables' glibc vulnerability in various Linux distributions.

LooneyPwner is a proof-of-concept (PoC) exploit tool targeting the critical buffer overflow vulnerability, nicknamed "Looney Tunables," found in the GNU C Library (glibc). This flaw, officially tracked as CVE-2023-4911, is present in various Linux distributions, posing significant risks, including unauthorized data access and system alterations.


The vulnerability in the GNU C Library (glibc) was disclosed last week, with notable security researchers and analysts releasing PoC exploits, indicating the potential for widespread attacks. The flaw, discovered by Qualys researchers, can grant attackers root privileges on various Linux distributions including Fedora, Ubuntu, and Debian.

Unauthorized root access provides attackers unrestricted authority, enabling them to:

  • Modify, delete, or steal sensitive data.
  • Install malicious software or backdoors.
  • Facilitate ongoing attacks that may remain undetected for extended periods.
  • Cause data breaches, accessing customer data, intellectual property, and financial records.
  • Disrupt critical system operations, potentially causing service outages and harming an organization's reputation.

LooneyPwner exploits the "Looney Tunables" flaw, targeting affected glibc versions. The tool:

  • Detects the installed glibc version.
  • Checks for vulnerability status.
  • Offers an option for exploitation if vulnerable.

chmod +x looneypwner.sh
./looneypwner.sh


This tool is intended for educational purposes and security research only. The user assumes all responsibility for any damages or misuse resulting from its use.

This exploit code is based on the work of leesh3288. A big thanks to him for the foundational work on the exploit.



☐ ☆ ✇ The Hacker News

How to Keep Your Business Running in a Contested Environment

By: The Hacker News — October 27th 2023 at 10:56
When organizations start incorporating cybersecurity regulations and cyber incident reporting requirements into their security protocols, it's essential for them to establish comprehensive plans for preparation, mitigation, and response to potential threats. At the heart of your business lies your operational technology and critical systems. This places them at the forefront of cybercriminal
☐ ☆ ✇ The Hacker News

Google Expands Its Bug Bounty Program to Tackle Artificial Intelligence Threats

By: Newsroom — October 27th 2023 at 10:54
Google has announced that it's expanding its Vulnerability Rewards Program (VRP) to compensate researchers for finding attack scenarios tailored to generative artificial intelligence (AI) systems in an effort to bolster AI safety and security. "Generative AI raises new and different concerns than traditional digital security, such as the potential for unfair bias, model manipulation or
☐ ☆ ✇ The Hacker News

F5 Issues Warning: BIG-IP Vulnerability Allows Remote Code Execution

By: Newsroom — October 27th 2023 at 04:23
F5 has alerted customers of a critical security vulnerability impacting BIG-IP that could result in unauthenticated remote code execution. The issue, rooted in the configuration utility component, has been assigned the CVE identifier CVE-2023-46747, and carries a CVSS score of 9.8 out of a maximum of 10. "This vulnerability may allow an unauthenticated attacker with network access to the BIG-IP
☐ ☆ ✇ KitPloit - PenTest Tools!

PathFinder - Tool That Provides Information About A Website

By: Zion3R — October 26th 2023 at 11:30


Web Path Finder is a Python program that provides information about a website. It retrieves various details such as page title, last updated date, DNS information, subdomains, firewall names, technologies used, certificate information, and more. 


  • Retrieve important information about a website
  • Gain insights into the technologies used by a website
  • Identify subdomains and DNS information
  • Check firewall names and certificate details
  • Perform bypass operations for captcha and JavaScript content

  1. Clone the repository:

    git clone https://github.com/HalilDeniz/PathFinder.git
  2. Install the required packages:

    pip install -r requirements.txt

This will install all the required modules and their respective versions.

Run the program using the following command:

┌──(root💀denizhalil)-[~/MyProjects/]
└─# python3 web-info-explorer.py --help
usage: wpathFinder.py [-h] url

Web Information Program

positional arguments:
url Enter the site URL

options:
-h, --help show this help message and exit

Replace <url> with the URL of the website you want to explore.

Here is an example output of running the program:

┌──(root💀denizhalil)-[~/MyProjects/]
└─# python3 pathFinder.py https://www.facebook.com/
Site Information:
Title: Facebook - Login or Register
Last Updated Date: None
First Creation Date: 1997-03-29 05:00:00
Dns Information: []
Sub Branches: ['157']
Firewall Names: []
Technologies Used: javascript, php, css, html, react
Certificate Information:
Certificate Issuer: US
Certificate Start Date: 2023-02-07 00:00:00
Certificate Expiration Date: 2023-05-08 23:59:59
Certificate Validity Period (Days): 90
Bypassed JavaScript content:
</ div>

Contributions are welcome! To contribute to PathFinder, follow these steps:

  1. Fork the repository.
  2. Create a new branch for your feature or bug fix.
  3. Make your changes and commit them.
  4. Push your changes to your forked repository.
  5. Open a pull request in the main repository.

  • Thank you my friend Varol

This project is licensed under the MIT License - see the LICENSE file for details.

For any inquiries or further information, you can reach me through the following channels:



☐ ☆ ✇ The Hacker News

Critical Flaw in NextGen's Mirth Connect Could Expose Healthcare Data

By: Newsroom — October 26th 2023 at 05:23
Users of Mirth Connect, an open-source data integration platform from NextGen HealthCare, are being urged to update to the latest version following the discovery of an unauthenticated remote code execution vulnerability. Tracked as CVE-2023-43208, the vulnerability has been addressed in version 4.4.1 released on October 6, 2023. "This is an easily exploitable, unauthenticated remote code
☐ ☆ ✇ The Hacker News

YoroTrooper: Researchers Warn of Kazakhstan's Stealthy Cyber Espionage Group

By: Newsroom — October 26th 2023 at 04:25
A relatively new threat actor known as YoroTrooper is likely made up of operators originating from Kazakhstan. The assessment, which comes from Cisco Talos, is based on their fluency in Kazakh and Russian, use of Tenge to pay for operating infrastructure, and very limited targeting of Kazakhstani entities, barring the government's Anti-Corruption Agency. "YoroTrooper attempts to obfuscate the
☐ ☆ ✇ The Hacker News

Nation State Hackers Exploiting Zero-Day in Roundcube Webmail Software

By: Newsroom — October 25th 2023 at 13:20
The threat actor known as Winter Vivern has been observed exploiting a zero-day flaw in Roundcube webmail software on October 11, 2023, to harvest email messages from victims' accounts. "Winter Vivern has stepped up its operations by using a zero-day vulnerability in Roundcube," ESET security researcher Matthieu Faou said in a new report published today. Previously, it was using known
☐ ☆ ✇ The Hacker News

Act Now: VMware Releases Patch for Critical vCenter Server RCE Vulnerability

By: Newsroom — October 25th 2023 at 10:11
VMware has released security updates to address a critical flaw in the vCenter Server that could result in remote code execution on affected systems. The issue, tracked as CVE-2023-34048 (CVSS score: 9.8), has been described as an out-of-bounds write vulnerability in the implementation of the DCE/RPC protocol. "A malicious actor with network access to vCenter Server may trigger an out-of-bounds
☐ ☆ ✇ The Hacker News

Alert: PoC Exploits Released for Citrix and VMware Vulnerabilities

By: Newsroom — October 25th 2023 at 04:47
Virtualization services provider VMware has alerted customers to the existence of a proof-of-concept (PoC) exploit for a recently patched security flaw in Aria Operations for Logs. Tracked as CVE-2023-34051 (CVSS score: 8.1), the high-severity vulnerability relates to a case of authentication bypass that could lead to remote code execution. "An unauthenticated, malicious actor can inject files
☐ ☆ ✇ The Hacker News

Backdoor Implanted on Hacked Cisco Devices Modified to Evade Detection

By: Newsroom — October 24th 2023 at 06:33
The backdoor implanted on Cisco devices by exploiting a pair of zero-day flaws in IOS XE software has been modified by the threat actor so as to escape visibility via previous fingerprinting methods. "Investigated network traffic to a compromised device has shown that the threat actor has upgraded the implant to do an extra header check," NCC Group's Fox-IT team said. "Thus, for a lot of devices
☐ ☆ ✇ The Hacker News

Cisco Zero-Day Exploited to Implant Malicious Lua Backdoor on Thousands of Devices

By: Newsroom — October 21st 2023 at 03:46
Cisco has warned of a new zero-day flaw in IOS XE that has been actively exploited by an unknown threat actor to deploy a malicious Lua-based implant on susceptible devices. Tracked as CVE-2023-20273 (CVSS score: 7.2), the issue relates to a privilege escalation flaw in the web UI feature and is said to have been used alongside CVE-2023-20198 (CVSS score: 10.0) as part of an exploit chain. "The
☐ ☆ ✇ The Hacker News

Vulnerability Scanning: How Often Should I Scan?

By: The Hacker News — October 19th 2023 at 11:48
The time between a vulnerability being discovered and hackers exploiting it is narrower than ever – just 12 days. So it makes sense that organizations are starting to recognize the importance of not leaving long gaps between their scans, and the term "continuous vulnerability scanning" is becoming more popular. Hackers won’t wait for your next scan One-off scans can be a simple ‘one-and-done'
☐ ☆ ✇ The Hacker News

Microsoft Warns of North Korean Attacks Exploiting JetBrains TeamCity Flaw

By: Newsroom — October 19th 2023 at 07:11
North Korean threat actors are actively exploiting a critical security flaw in JetBrains TeamCity to opportunistically breach vulnerable servers, according to Microsoft. The attacks, which entail the exploitation of CVE-2023-42793 (CVSS score: 9.8), have been attributed to Diamond Sleet (aka Labyrinth Chollima) and Onyx Sleet (aka Andariel or Silent Chollima). It's worth noting that both the
☐ ☆ ✇ The Hacker News

Google TAG Detects State-Backed Threat Actors Exploiting WinRAR Flaw

By: Newsroom — October 19th 2023 at 04:02
A number of state-back threat actors from Russia and China have been observed exploiting a recent security flaw in the WinRAR archiver tool for Windows as part of their operations. The vulnerability in question is CVE-2023-38831 (CVSS score: 7.8), which allows attackers to execute arbitrary code when a user attempts to view a benign file within a ZIP archive. The shortcoming has been actively
☐ ☆ ✇ The Hacker News

Critical Citrix NetScaler Flaw Exploited to Target from Government, Tech Firms

By: Newsroom — October 18th 2023 at 12:27
Citrix is warning of exploitation of a recently disclosed critical security flaw in NetScaler ADC and Gateway appliances that could result in exposure of sensitive information. Tracked as CVE-2023-4966 (CVSS score: 9.4), the vulnerability impacts the following supported versions - NetScaler ADC and NetScaler Gateway 14.1 before 14.1-8.50 NetScaler ADC and NetScaler Gateway 13.1 before 13.1-
☐ ☆ ✇ The Hacker News

New Admin Takeover Vulnerability Exposed in Synology's DiskStation Manager

By: Newsroom — October 18th 2023 at 06:48
A medium-severity flaw has been discovered in Synology's DiskStation Manager (DSM) that could be exploited to decipher an administrator's password and remotely hijack the account. "Under some rare conditions, an attacker could leak enough information to restore the seed of the pseudorandom number generator (PRNG), reconstruct the admin password, and remotely take over the admin account,"
☐ ☆ ✇ The Hacker News

Critical Vulnerabilities Uncovered in Open Source CasaOS Cloud Software

By: Newsroom — October 17th 2023 at 14:37
Two critical security flaws discovered in the open-source CasaOS personal cloud software could be successfully exploited by attackers to achieve arbitrary code execution and take over susceptible systems. The vulnerabilities, tracked as CVE-2023-37265 and CVE-2023-37266, both carry a CVSS score of 9.8 out of a maximum of 10. Sonar security researcher Thomas Chauchefoin, who discovered the bugs, 
☐ ☆ ✇ The Hacker News

Warning: Unpatched Cisco Zero-Day Vulnerability Actively Targeted in the Wild

By: Newsroom — October 17th 2023 at 04:12
Cisco has warned of a critical, unpatched security flaw impacting IOS XE software that’s under active exploitation in the wild. Rooted in the web UI feature, the zero-day vulnerability is tracked as CVE-2023-20198 and has been assigned the maximum severity rating of 10.0 on the CVSS scoring system. It’s worth pointing out that the shortcoming only affects enterprise networking gear that have the
☐ ☆ ✇ The Hacker News

Pro-Russian Hackers Exploiting Recent WinRAR Vulnerability in New Campaign

By: Newsroom — October 16th 2023 at 13:55
Pro-Russian hacking groups have exploited a recently disclosed security vulnerability in the WinRAR archiving utility as part of a phishing campaign designed to harvest credentials from compromised systems. "The attack involves the use of malicious archive files that exploit the recently discovered vulnerability affecting the WinRAR compression software versions prior to 6.23 and traced as CVE-
☐ ☆ ✇ The Hacker News

Signal Debunks Zero-Day Vulnerability Reports, Finds No Evidence

By: Newsroom — October 16th 2023 at 09:31
Encrypted messaging app Signal has pushed back against "viral reports" of an alleged zero-day flaw in its software, stating it found no evidence to support the claim. "After responsible investigation *we have no evidence that suggests this vulnerability is real* nor has any additional info been shared via our official reporting channels," it said in a series of messages posted in X (formerly
☐ ☆ ✇ The Hacker News

Two High-Risk Security Flaws Discovered in Curl Library - New Patches Released

By: Newsroom — October 12th 2023 at 04:39
Image Source: JFrog Security Research Patches have been released for two security flaws impacting the Curl data transfer library, the most severe of which could potentially result in code execution. The list of vulnerabilities is as follows - CVE-2023-38545 (CVSS score: 7.5) - SOCKS5 heap-based buffer overflow vulnerability CVE-2023-38546 (CVSS score: 5.0) - Cookie injection with none file CVE-
☐ ☆ ✇ The Hacker News

Microsoft Releases October 2023 Patches for 103 Flaws, Including 2 Active Exploits

By: Newsroom — October 11th 2023 at 07:00
Microsoft has released its Patch Tuesday updates for October 2023, addressing a total of 103 flaws in its software, two of which have come under active exploitation in the wild. Of the 103 flaws, 13 are rated Critical and 90 are rated Important in severity. This is apart from 18 security vulnerabilities addressed in its Chromium-based Edge browser since the second Tuesday of September. The two
☐ ☆ ✇ The Hacker News

Microsoft Warns of Nation-State Hackers Exploiting Critical Atlassian Confluence Vulnerability

By: Newsroom — October 11th 2023 at 04:12
Microsoft has linked the exploitation of a recently disclosed critical flaw in Atlassian Confluence Data Center and Server to a nation-state actor it tracks as Storm-0062 (aka DarkShadow or Oro0lxy). The tech giant's threat intelligence team said it observed in-the-wild abuse of the vulnerability since September 14, 2023. "CVE-2023-22515 is a critical privilege escalation vulnerability in
☐ ☆ ✇ The Hacker News

HTTP/2 Rapid Reset Zero-Day Vulnerability Exploited to Launch Record DDoS Attacks

By: Newsroom — October 10th 2023 at 15:24
Amazon Web Services (AWS), Cloudflare, and Google on Tuesday said they took steps to mitigate record-breaking distributed denial-of-service (DDoS) attacks that relied on a novel technique called HTTP/2 Rapid Reset. The layer 7 attacks were detected in late August 2023, the companies said in a coordinated disclosure. The cumulative susceptibility to this attack is being tracked as CVE-2023-44487,
☐ ☆ ✇ KitPloit - PenTest Tools!

Sirius - First Truly Open-Source General Purpose Vulnerability Scanner

By: Zion3R — October 10th 2023 at 11:30


Sirius is the first truly open-source general purpose vulnerability scanner. Today, the information security community remains the best and most expedient source for cybersecurity intelligence. The community itself regularly outperforms commercial vendors. This is the primary advantage Sirius Scan intends to leverage.

The framework is built around four general vulnerability identification concepts: The vulnerability database, network vulnerability scanning, agent-based discovery, and custom assessor analysis. With these powers combined around an easy to use interface Sirius hopes to enable industry evolution.


Getting Started

To run Sirius clone this repository and invoke the containers with docker-compose. Note that both docker and docker-compose must be installed to do this.

git clone https://github.com/SiriusScan/Sirius.git
cd Sirius
docker-compose up

Logging in

The default username and password for Sirius is: admin/sirius

Services

The system is composed of the following services:

  • Mongo: a NoSQL database used to store data.
  • RabbitMQ: a message broker used to manage communication between services.
  • Sirius API: the API service which provides access to the data stored in Mongo.
  • Sirius Web: the web UI which allows users to view and manage their data pipelines.
  • Sirius Engine: the engine service which manages the execution of data pipelines.

Usage

To use Sirius, first start all of the services by running docker-compose up. Then, access the web UI at localhost:5173.

Remote Scanner

If you would like to setup Sirius Scan on a remote machine and access it you must modify the ./UI/config.json file to include your server details.

Good Luck! Have Fun! Happy Hacking!



☐ ☆ ✇ The Hacker News

libcue Library Flaw Opens GNOME Linux Systems Vulnerable to RCE Attacks

By: Newsroom — October 10th 2023 at 06:50
A new security flaw has been disclosed in the libcue library impacting GNOME Linux systems that could be exploited to achieve remote code execution (RCE) on affected hosts. Tracked as CVE-2023-43641 (CVSS score: 8.8), the issue is described as a case of memory corruption in libcue, a library designed for parsing cue sheet files. It impacts versions 2.2.1 and prior. libcue is incorporated into
☐ ☆ ✇ KitPloit - PenTest Tools!

DakshSCRA - Source Code Review Assist

By: Zion3R — October 9th 2023 at 11:30


Daksh SCRA (Source Code Review Assist) tool is built to enhance the efficiency of the source code review process, providing a well-structured and organized approach for code reviewers.

Rather than indiscriminately flagging everything as a potential issue, Daksh SCRA promotes thoughtful analysis, urging the investigation and confirmation of potential problems. This approach mitigates the scramble to tag every potential concern as a bug, cutting back on the confusion and wasted time spent on false positives.

What sets Daksh SCRA apart is its emphasis on avoiding unnecessary bug tagging. Unlike conventional methods, it advocates for thorough investigation and confirmation of potential issues before tagging them as bugs. This approach helps mitigate the issue of false positives, which often consume valuable time and resources, thereby fostering a more productive and efficient code review process.


Debut

Daksh SCRA was initially introduced during a source code review training session I conducted at Black Hat USA 2022 (August 6 - 9), where it was subtly presented to a specific audience. However, this introduction was carried out with a low-profile approach, avoiding any major announcements.

While this tool was quietly published on GitHub after the 2022 training, its official public debut took place at Black Hat USA 2023 in Las Vegas.

Features and Functionalities

Distinctive Features (Multiple World’s First)

  • Identifies Areas of Interest in Source Code: Encourage focused investigation and confirmation rather than indiscriminately labeling everything as a bug.

  • Identifies Areas of Interest in File Paths (World’s First): Recognises patterns in file paths to pinpoint relevant sections for review.

  • Software-Level Reconnaissance to Identify Technologies Utilised: Identifies project technologies, enabling code reviewers to conduct precise scans with appropriate rules.

  • Automated Scientific Effort Estimation for Code Review (World’s First): Providing a measurable approach for estimating efforts required for a code review process.

Although this tool has progressed beyond its early stages, it has reached a functional state that is quite usable and delivers on its promised capabilities. Nevertheless, active enhancements are currently underway, and there are multiple new features and improvements expected to be added in the upcoming months.

Additionally, the tool offers the following functionalities:

  • Options to use platform-specific rules specific for finding areas of interests
  • Options to extend or add new rules for any new or existing languages
  • Generates report in text, HTML and PDF format for inspection

Refer to the wiki for the tool setup and usage details - https://github.com/coffeeandsecurity/DakshSCRA/wiki

Feel free to contribute towards updating or adding new rules and future development.

If you find any bugs, report them to d3basis.m0hanty@gmail.com.

Tool Setup

Pre-requisites

Python3 and all the libraries listed in requirements.txt

Setting up environment to run this tool

1. Setup a virtual environment

$ pip install virtualenv

$ virtualenv -p python3 {name-of-virtual-env} // Create a virtualenv
Example: virtualenv -p python3 venv

$ source {name-of-virtual-env}/bin/activate // To activate virtual environment you just created
Example: source venv/bin/activate

After running the activate command you should see the name of your virtual env at the beginning of your terminal like this: (venv) $

2. Ensure all required libraries are installed within the virtual environment

You must run the below command after activating the virtual environment as mentioned in the previous steps.

pip install -r requirements.txt

Once the above step successfully installs all the required libraries, refer to the following tool usage commands to run the tool.

Tool Usage

$ python3 dakshscra.py -h // To view avaialble options and arguments

usage: dakshscra.py [-h] [-r RULE_FILE] [-f FILE_TYPES] [-v] [-t TARGET_DIR] [-l {R,RF}] [-recon] [-estimate]

options:
-h, --help show this help message and exit
-r RULE_FILE Specify platform specific rule name
-f FILE_TYPES Specify file types to scan
-v Specify verbosity level {'-v', '-vv', '-vvv'}
-t TARGET_DIR Specify target directory path
-l {R,RF}, --list {R,RF}
List rules [R] OR rules and filetypes [RF]
-recon Detects platform, framework and programming language used
-estimate Estimate efforts required for code review

Example Usage

$ python3 dakshscra.py // To view tool usage along with examples

Examples:
# '-f' is optional. If not specified, it will default to the corresponding filetypes of the selected rule.
dakshsca.py -r php -t /source_dir_path

# To override default settings, other filetypes can be specified with '-f' option.
dakshsca.py -r php -f dotnet -t /path_to_source_dir
dakshsca.py -r php -f custom -t /path_to_source_dir

# Perform reconnaissance and rule based scanning if '-recon' used with '-r' option.
dakshsca.py -recon -r php -t /path_to_source_dir

# Perform only reconnaissance if '-recon' used without the '-r' option.
dakshsca.py -recon -t /path_to_source_dir

# Verbosity: '-v' is default, '-vvv' will display all rules check within each rule category.
dakshsca.py -r php -vv -t /path_to_source_dir


Supported RULE_FILE: dotnet, java, php, javascript
Supported FILE_TY PES: dotnet, php, java, custom, allfiles

Reports

The tool generates reports in three formats: HTML, PDF, and TEXT. Although the HTML and PDF reports are still being improved, they are currently in a reasonably good state. With each subsequent iteration, these reports will continue to be refined and improved even further.

Scanning (Areas of Security Concerns) Report

HTML Report:
  • DakshSCRA/reports/html/report.html
PDF Report:
  • DakshSCRA/reports/html/report.pdf
RAW TEXT Based Reports:
  • Areas of Interest - Identified Patterns : DakshSCRA/reports/text/areas_of_interest.txt
  • Areas of Interest - Project Files: DakshSCRA/reports/text/filepaths_aoi.txt
  • Identified Project Files: DakshSCRA/runtime/filepaths.txt

Reconnaissance (Recon) Report

  • Reconnaissance Summary: /reports/text/recon.txt

Note: Currently, the reconnaissance report is created in a text format. However, in upcoming releases, the plan is to incorporate it into the vulnerability scanning report, which will be available in both HTML and PDF formats.

Code Review Effort Estimation Report

  • Effort estimation report: /reports/html/estimation.html

Note: At present, the effort estimation for the source code review is in its early stages. It is considered experimental and will be developed and refined through several iterations. Improvements will be made over multiple releases, as the formula and the concept are new and require time to be honed to achieve accuracy or reasonable estimation.

Currently, the report is generated in HTML format. However, in future releases, there are plans to also provide it in PDF format.



☐ ☆ ✇ The Hacker News

High-Severity Flaws in ConnectedIO's 3G/4G Routers Raise Concerns for IoT Security

By: Newsroom — October 9th 2023 at 10:49
Multiple high-severity security vulnerabilities have been disclosed in ConnectedIO's ER2000 edge routers and the cloud-based management platform that could be exploited by malicious actors to execute malicious code and access sensitive data. "An attacker could have leveraged these flaws to fully compromise the cloud infrastructure, remotely execute code, and leak all customer and device
☐ ☆ ✇ The Hacker News

Security Patch for Two New Flaws in Curl Library Arriving on October 11

By: Newsroom — October 9th 2023 at 10:32
The maintainers of the Curl library have released an advisory warning of two security vulnerabilities that are expected to be addressed as part of an forthcoming update set for release on October 11, 2023. This includes a high-severity and a low-severity flaw tracked under the identifiers CVE-2023-38545 and CVE-2023-38546, respectively. Additional details about the issues and the exact version
☐ ☆ ✇ The Hacker News

Cisco Releases Urgent Patch to Fix Critical Flaw in Emergency Responder Systems

By: Newsroom — October 5th 2023 at 12:02
Cisco has released updates to address a critical security flaw impacting Emergency Responder that allows unauthenticated, remote attackers to sign into susceptible systems using hard-coded credentials. The vulnerability, tracked as CVE-2023-20101 (CVSS score: 9.8), is due to the presence of static user credentials for the root account that the company said is usually reserved for use during
☐ ☆ ✇ The Hacker News

CISA Warns of Active Exploitation of JetBrains and Windows Vulnerabilities

By: Newsroom — October 5th 2023 at 09:30
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Wednesday added two security flaws to its Known Exploited Vulnerabilities (KEV) catalog due to active exploitation, while removing five bugs from the list due to lack of adequate evidence. The vulnerabilities newly added are below - CVE-2023-42793 (CVSS score: 9.8) - JetBrains TeamCity Authentication Bypass Vulnerability CVE-
☐ ☆ ✇ The Hacker News

Apple Rolls Out Security Patches for Actively Exploited iOS Zero-Day Flaw

By: Newsroom — October 5th 2023 at 03:42
Apple on Wednesday rolled out security patches to address a new zero-day flaw in iOS and iPadOS that it said has come under active exploitation in the wild. Tracked as CVE-2023-42824, the kernel vulnerability could be abused by a local attacker to elevate their privileges. The iPhone maker said it addressed the problem with improved checks. "Apple is aware of a report that this issue may have
☐ ☆ ✇ The Hacker News

Atlassian Confluence Hit by New Actively Exploited Zero-Day – Patch Now

By: Newsroom — October 5th 2023 at 03:28
Atlassian has released fixes to contain an actively exploited critical zero-day flaw impacting publicly accessible Confluence Data Center and Server instances. The vulnerability, tracked as CVE-2023-22515, is remotely exploitable and allows external attackers to create unauthorized Confluence administrator accounts and access Confluence servers. It does not impact Confluence versions prior to
❌