| |
| 🔗 Stories, Tutorials & Articles |
| |
|
| |
| Hunting for Nginx Alias Traversals in the wild ✅ |
| |
| |
| Nginx, a dominant web server since 2004, is widely used across websites and Docker containers. This article explores Nginx's intricacies, including the location and alias directives, potential vulnerabilities arising from misconfigurations, and real-world case studies showcasing the risk of data exposure. |
|
| |
|
| |
|
| |
| How to get rid of AWS access keys – Reducing Privileges |
| |
| |
| Reduce privilege and tighten IAM policy by identifying and removing unnecessary access keys, using IAM access advisor for service level adjustments, and considering alternative authentication solutions to minimize risk associated with AWS access keys. |
|
| |
|
| |
|
| |
| Hacking Auto-GPT and escaping its docker container |
| |
| |
| Auto-GPT arbitrary code execution and docker escape: Researchers discovered a vulnerability in Auto-GPT that allowed attackers to execute arbitrary code by injecting prompts and manipulating the user approval process. They also found a method to escape the Auto-GPT docker image and gain access to the host system. These vulnerabilities were addressed in version 0.4.3. |
|
| |
|
|
| |
|
| |
| ServiceNow Insecure Access Control To Full Admin Takeover |
| |
| |
| A vulnerability in ServiceNow allows a low-privilege user to gain unauthorized full administrative access to the platform. By exploiting certain vulnerabilities, such as insecure access control and session token manipulation, an attacker can escalate their privileges from a standard user to an administrator on the ServiceNow instance. |
|
| |
|
| |
|
| |
| What is Packet Duplication & How to Identify It ✅ |
| |
| |
| Unleash your inner network admin and conquer the mystery of packet duplication in the digital landscape of modern business. Learn how to identify and mitigate packet duplication to maintain data integrity and optimize network performance. |
|
| |
|
|
| |
|
| |
| Use Confidential Virtual Machines and Enclaves to improve your cluster security ✅ |
| |
| |
| Confidential computing, using hardware-enforced trusted execution environments (TEEs) like secure enclaves, improves cluster security in the cloud-native ecosystem, particularly in Kubernetes. TEEs provide a secure and trusted execution environment for critical cryptographic operations and protect sensitive data, while technologies like AMD SEV, Intel SGX, and Intel TDX offer TEE capabilities that are closely integrated with the userspace, providing low overhead and specific use case optimizations. |
|
| |
|
| |
|
| |
| Supply chain security for Go: Compromised dependencies |
| |
| |
| The rise in supply chain attacks on software has made it crucial for open-source developers using Go to monitor and assess the risks of their dependencies. Go provides built-in protections to help trust the integrity of packages, including the ability to detect and prevent malicious versions or withdrawals of dependencies. |
|
| |
|
| |
|
| |
| AWS WAF Clients Left Vulnerable to SQL Injection Due to Unorthodox MSSQL Design Choice |
| |
| |
| The Microsoft SQL Server has an undocumented design choice that allows it to bypass web application firewalls (WAFs) due to a lax attitude towards SQL parsers. This unorthodox design choice can potentially be exploited by hackers to bypass security protections provided by WAFs. |
|
| |
|
| |
|
| |
| MOVEit zero-day exploit: Ongoing updates and what's next |
| |
| |
| Late in May, a SQL injection vulnerability was discovered in the file sharing application Moveit Transfer, leading to a potential breach of high-profile customer data. The Clop ransomware gang is believed to be behind the attack, using the exploit to target multiple organizations. |
|
| |
|
| |
|
| |
| NSA and CISA's Cybersecurity Information Sheet for DevSecOps ✅ |
| |
| |
| This CSI explains how to integrate security best practices into typical software development and operations (DevOps) Continuous Integration/Continuous Delivery (CI/CD) environments, without regard for the specific tools being adapted, and leverages several forms of government guidance to collect and present proper security and privacy controls to harden CI/CD cloud deployments. As evidenced by increasing compromises over time, software supply chains and CI/CD environments are attractive targets for malicious cyber actors (MCAs). |
|
| |
|
|
| |
