A vulnerability was discovered in CSS (!) that will crash your browser. Please don't do this at work.
https://cras.sh/
There is a new fuzzing list out there that I like a lot for searching for hidden files and directories.
https://github.com/Bo0oM/fuzz.txt
The security incident of the week: Marriott lost half a billion customer records, including passport numbers.
https://answers.kroll.com/
And that's the news!
A new open source project that generated an Android Studio project from an APK
https://maxkersten.nl/2018/11/21/androidprojectcreator-the-how-and-why/
Robert Graham has some thoughts on HTTP/3
https://blog.erratasec.com/2018/11/some-notes-about-http3.html?m=0
NEWS FLASH! There is a security hole in Adobe Flash.
https://www.theregister.co.uk/2018/11/20/adobe_flash_bug/
Remember when I said there would never be a reliable exploit for the Rowhammer vulnerability? I was wrong.
https://www.wired.com/story/rowhammer-ecc-memory-data-hack
Mr. Krebs was alerted to a vulnerability at USPS that an exasperated researcher had been trying to get them to fix for a year.
https://krebsonsecurity.com/2018/11/usps-site-exposed-data-on-60-million-users/
Late addition: PortSwigger posted the Top 10 Web Application Security research for the last couple of years.
https://portswigger.net/blog/top-10-web-hacking-techniques-of-2017
And that's the news!!
Here's a new set of training wheels for MetaSploit. It's a little bumpy, but it is pretty decent as an intro to using scripting tools for exploitative pentesting.
https://github.com/M4cs/BabySploit/blob/master/README.md
A really good analysis of some PHP malware. Beneficial reading for red and blue teams. As usual, please be careful playing with malware on your corporate network (or any other network).
https://blog.manchestergreyhats.co.uk/2018/11/07/php-malware-examination/
A new XSS detection tool with some nice hand-written parsers.
https://github.com/s0md3v/XSStrike
And that's the news!
Happy Veterans Day. Please make sure that this isn't the only day of the year that you take the time to do something for a veteran in your life.
The OWASP Top 10 project has added the Serverless Application Top 10 to the collection.
https://github.com/OWASP/Serverless-Top-10-Project/
Here's a good analysis of a live example of an Android banking trojan.
https://lukasstefanko.com/2018/11/video-analysis-of-android-banking-trojan-found-on-google-play.html
A malicious FaceTime caller can cause a kernal panic in some devices.
https://bugs.chromium.org/p/project-zero/issues/detail?id=1641
Squally is a purposefully vulnerable video game to teach hacking of games. Neat idea.
https://squallygame.com/
Struts has yet another RCE bug.
https://www.theregister.co.uk/2018/11/07/flaw_in_apache_struts/
There is a XSS bug in Evernote!
https://securityaffairs.co/wordpress/77789/hacking/evernote-xss-flaw.html
And that's the news.
A new-to-me file upload vulnerability scanner got an update recently - worth a look.
https://github.com/almandin/fuxploider
Not a very USEFUL vulnerability, but someone figured out how to bypass Chrome's security model for cookies.
https://mango.pdf.zone/stealing-chrome-cookies-without-a-password
Telerik (a developer tools company) has a good post on XSS and Content Security Policy.
https://www.telerik.com/blogs/on-cross-site-scripting-and-content-security-policy
And that's the news!
The "Man that was a hell of a flu bug" edition. Stay healthy, everyone.
SSH bypass by ... wait for it ... telling the server your request is granted. These are not the vulnerabilities you are looking for. They can go on their way.
https://www.libssh.org/security/advisories/CVE-2018-10933.txt
PHP 5.6 support is ending. That's a whole lot of websites.
https://www.zdnet.com/article/around-62-of-all-internet-sites-will-run-an-unsupported-php-version-in-10-weeks/
RCE in URL handling in Edge. Positive security model, people.
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8495
Oracle released 300 patches, most of them critical or high. Not sure if this is good or bad.
https://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html
jQuery File Upload has a serious bug that has been being exploited for three years. Go update those old applications.
https://www.zdnet.com/article/zero-day-in-popular-jquery-plugin-actively-exploited-for-at-least-three-years/
Here's a new SSL testing contender. I haven't tried it yet but I will tomorrow. Let me know what you think if you use it.
https://testssl.sh/
And that's the news.
The "Wow, it's been a busy month" edition.
Apple took "Adware Doctor" out of the store because it was stealing data. How did no one notice this?
https://www.infosecurity-magazine.com/news/apple-removes-security-tool/
There is a new search engine for researching exploits.
https://sploitus.com/
Google open sourced their file upload protection tool.
https://github.com/google/wuffs
A cheat sheet for Angular web security.
https://cheatsheets.pragmaticwebsecurity.com/angularowasptop10
SharpSploit: a C# post-exploitation library.
https://posts.specterops.io/introducing-sharpsploit-a-c-post-exploitation-library-5c7be5f16c51
MWR Labs describes use of HTTP Referer headers to execute DNS rebinding attacks on AWS-hosted analytics systems
https://labs.mwrinfosecurity.com/blog/from-http-referer-to-aws-security-credentials/
Malicious PowerShell Compiling C# Code on the Fly
https://isc.sans.edu/diary/rss/24072
Interesting bug in Chromium
https://bugs.chromium.org/p/chromium/issues/detail?id=881410
Holy crap there are a lot of Cisco security patches this month.
https://tools.cisco.com/security/center/publicationListing.x