- VayFul®
- Posts
- VayFul Security Issue - June 21 2024
VayFul Security Issue - June 21 2024
VayFul Security - June 21 2024
Hi all!
Welcome back, here is your dose of VayFul Security, a list of what we are enjoying…
📰 SECURITY BYTES
SaaS Applications Targeted by Financially Motivated Group - UNC3944 - Google Cloud details UNC3944's evolving methods, including exploiting permissions within platforms like Okta and using cloud synchronization tools for data exfiltration. This highlights the need for heightened monitoring and stricter access controls within your SaaS applications. #SaaS #security
QR Code Phishing Attacks Target Citizens with Fake Weaponised Documents - These attacks exploit the increasing popularity of QR codes for payments and document access. Cybercriminals are creating fake official documents containing malicious QR codes that, when scanned, steal personal information or redirect users to phishing websites. #phishing #QRcode #pdf
SolarWinds Serv-U Now File Transfer Vulnerability Alert - A Vulnerability in SolarWinds Serv-U, a popular file transfer service, poses a security risk. Attackers could potentially exploit this flaw to gain unauthorized access to sensitive data. CVE-2024-28995 #exploit #solarwinds #directory-traversal
New Phishing-as-a-Service(PhaaS) allows attackers to bypass 2FA - PhaaS platform to create phishing campaigns using malicious QR codes embedded in PDF attachments. These emails often impersonate trusted sources, like HR departments, to lure victims into scanning the QR code, which then redirects them to a fake login page designed to steal credentials and bypass two-factor authentication (2FA). #phishing @2fa-bypass
Dark Web Update- IntelBroker has allegedly leaked Apple's Internal Tools- IntelBroker has released the internal source code to 3 of Apple's commonly used tools for their internal site, Exposed Project tools:AppleConnect-SSO, Apple-HWE-Confluence-Advanced, AppleMacroPlugin. #apple #source-code #leaked
🔥 INTERESTING WRITEUPS
Starlink Dishy is vulnerable to CSRF via DNS Rebinding - [7500$ Bounty]
[IDOR] Improper Access Control on Embedded Submission Form - [2500$ Bounty]
Arbitrary File Reading leads to RCE in the Pulse Secure SSL VPN - [2000$ Bounty]
📝 BLOGS & ARTICLES
New Prototype Pollution Flaw in MongoDB Could Lead to Remote Code Execution - Discovered vulnerability in the popular MongoDB database could allow attackers to execute malicious code on affected systems. This vulnerability, known as prototype pollution, exploits weaknesses in how objects are created within JavaScript. #prototype-pollution #mongodb #rce
Securing the Future: New Report Analyzes AI Model Security - A new research report from RAND Corporation, "Securing AI Model Weights: Preventing Theft and Misuse of Frontier Models" (RR-A2849-1), delves into the critical issue of artificial intelligence (AI) model security. #AI #security
A Tactical Guide to Hunt Down Threats Hiding in Your Snowflake Environments - This article from Mitiga provides a tactical guide to threat hunting in Snowflake. Learn how to identify suspicious activity, investigate potential breaches, and protect your sensitive data. The guide explores queries to uncover signs of unauthorized access, exfiltration attempts, and other malicious behavior within your Snowflake databases. #threat #hunting
Streamline Security! Write Your Detections as a Code with Elastic Security - Sick of manually creating security detections? The concept "Detections as Code" (DaC) with Elastic Security. DaC leverages coding best practices for managing security rules, bringing efficiency and consistency. #DaC #elastic #security
🛠️TOOLS
Vulnerability Lookup - Vulnerability Lookup - Fast vulnerability lookup correlation from different sources, independent vulnerability ID and easily manage coordinated vulnerability disclosure (CVD). #vulenrabillity #lookup
PoC Exploit for CVE-2024-0757 - A PoC Exploit for CVE-2024-0757 - Insert or Embed Articulate Content into WordPress Remote Code Execution (RCE). #PoC #code #wordpress #RCE
RedFlag - RedFlag uses AI to identify high-risk code changes. Run it in batch mode for release candidate testing or in CI pipelines to flag PRs and add reviewers. #AI #risk
🧠 TUTORIALS & SKILL-BUILDING
Dirty Dancing in OAuth Leads to Account Takeover - A new research report exposes a clever attack method dubbed "Dirty Dancing in OAuth." This technique exploits weaknesses in how websites handle the OAuth login process, potentially allowing attackers to hijack user accounts. #OAuth #exploits
Don't Let Your Secrets Leak! Exposed Prometheus Exploits Kubernetes Clusters - A new report from Sysdig reveals a critical security risk involving exposed Prometheus servers and Kubernetes clusters.Researchers discovered attackers can leverage information exposed by unconfigured Prometheus servers to gain a foothold in Kubernetes clusters. #kubernetes #security
Unveiling the Secrets of Codesys V3: ZeroDays, Forensic Artifacts and More - The workings of Codesys V3 SDK, focusing on different ICS devices and vendors that commonly utilize the Codesys framework, the methods to gather all artifacts for a comprehensive forensics analysis, and how to use them to build an open-source tool. #codesys #ICS #device #hacking #forensics
🎁 MISCELLANEOUS
Smart Wallets and Passkeys - Smart wallets & passkeys using ERC-4337 enhance security & UX in the crypto space. It emphasizes the need for a balance between user experience and robust security measures when implementing passkeys in smart wallets. #smart-wallets
ARM's Memory Tagging Security Feature bypass - ARM's Memory Tagging Extension (MTE) technology, designed to enhance memory protection. This vulnerability could potentially allow attackers to bypass MTE's security measures, raising concerns about the effectiveness of this safeguard.The exploit involves a technique called "speculative execution," which lets processors execute code before it's confirmed necessary. #arm #chipset #security
Lessons Learned: How 2000s Security Weaknesses Haunt Us Today - Author argues that the way businesses prioritized (or de-prioritized) security back then continues to impact cybersecurity today. The article highlights the importance of a proactive approach to security and the challenges companies face when balancing security with market pressures. #old #school #security #weakness
🎯 QUOTE OF THE DAY
“Courage is knowing what not to fear"
⭐ HOW DID WE DO?
Enjoyed this newsletter? Friends don’t keep good things to themselves - forward this to your friends and have them sign up here.
That’s a wrap!
Thank you for reading,
VayFul Team