Shows
DevSecOopsEpisode 9 - Rapid Fire JudgementIn this episode, Tom and Scotti take listeners behind the curtain at Cordant, revealing how the team collaboratively approaches designing IT solutions—from infrastructure to cybersecurity. Framed around a hypothetical greenfield deployment, the discussion is a rapid-fire breakdown of their go-to tools, platforms, and philosophies—covering everything from hypervisors and SIEM solutions to code repositories and discovery tools.
Key Topics Covered:
Discovery & Strategy Process: The Cordant methodology: discovery, internal collaboration, and experience-based solution building.
VMware & Broadcom Fallout: Tom discusses why VMware remains the on-prem hypervisor of choice, despite Broadcom's pricing and licensing challenges. Alternatives are...2025-06-301h 03
The Dark Dive16. Attack Surface Management 101This bumper episode of The Dark Dive features no fewer than four co-founders, as the CEO and CTO of Searchlight Cyber (Ben Jones and Gareth Owenson) are joined by their counterparts from the Attack Surface Management company Assetnote (Michael Gianarakis and Shubham Shah).Together, we discuss the background of Assetnote and origins of its founders in the offensive security and bug bounty world, the rationale behind the Searchlight Cyber's recent acquisition of Assetnote, and the fundamentals of Attack Surface Management (ASM).We take a deep dive into the tenets of Attack Surface Management, including viewing...2025-04-0348 min
IT SPARC CastAI Hallucinations in Court, Quantum Computing Breakthroughs, and a Major Palo Alto Firewall VulnerabilityIn this episode of IT SPARC Cast, John and Lou dive into AI’s legal pitfalls, discussing how AI hallucinations in court documents are causing trouble for lawyers. They also explore the quantum computing leap with Microsoft’s Majorana 1 chip, and dissect the draconian reorganization at Lloyds Bank. In the CVE of the Week, they break down the Palo Alto Networks firewall vulnerability and why patching your firewall should be your top priority.Show Notes:Morgan & Morgan law firm sent an urgent email to over 1,000 lawyers warning about AI-generated fake case law.•A...2025-02-2134 min
Cyber BriefingDecember 23, 2024 - Cyber Briefing👉 What's happening in cybersecurity today?
🚨 #CyberAlerts
FlowerStorm Sees Surge in Activity Following Rockstar2FA Service Disruption
Source: Sean Gallagher and Mark Parsons via Sophos
Python NodeStealer Malware Targets Facebook Business Accounts and Financial Data
Source: Aira Marcelo, Bren Matthew Ebriega and Abdul Rahim via Trend Micro
Critical Craft Content Management System Flaw Allows Remote Code Execution
Source: Assetnote
WPA3 Network Security Bypassed Using Man in The Middle Attack
Source: arXiv
Hail Cock Botnet Exploit...2024-12-2309 min
Critical Thinking - Bug Bounty PodcastEpisode 99: Back to the Basics - Web Fundamental to 100k a Year in Bug Bounty Episode 99: In this episode of Critical Thinking - Bug Bounty Podcast Justin and Roni dissect an old thread of Justin's talking about how best to start bug bounty with the goal of making $100k in the first year.Follow us on twitter at: @ctbbpodcastWe're new to this podcasting thing, so feel free to send us any feedback here: info@criticalthinkingpodcast.ioShoutout to YTCracker for the awesome intro music!------ Links ------Follow your hosts Rhynorater & Teknogeek on twitter:https://twitter.com/0xteknogeekhttps...2024-11-281h 42Critical Thinking - Bug Bounty PodcastEpisode 98: Team 82 Sharon Brizinov - The Live Hacking PolymathEpisode 98: In this episode of Critical Thinking - Bug Bounty Podcast Justin Gardner sits down with Sharon,to discuss his journey from early iOS development to leading a research team at Claroty. They address the differences between HackerOne and Pwn2Own, and talk through some intricacies of IoT security, and some less common IoT attack surfaces.Follow us on twitter at: @ctbbpodcastWe're new to this podcasting thing, so feel free to send us any feedback here: info@criticalthinkingpodcast.ioShoutout to YTCracker for the awesome intro music!------ Links ------2024-11-211h 43Critical Thinking - Bug Bounty PodcastEpisode 97: Bcrypt Hash Input Truncation & Mobile Device Threat ModelingEpisode 97: In this episode of Critical Thinking - Bug Bounty Podcast Justin and Joel jump into some cool news items, including a recent Okta Bcrypt vulnerability, insights into crypto bugs, and some intricacies of Android and Chrome security. They also explore the latest research from Portswigger on payload concealment techniques, and the introduction of the Lightyear tool for PHP exploits.Follow us on twitter at: @ctbbpodcastWe're new to this podcasting thing, so feel free to send us any feedback here: info@criticalthinkingpodcast.ioShoutout to YTCracker for the awesome intro music!2024-11-1453 min
Bug Bounty JP PodcastBBJP_Podcast #9Speaker
morioka12 (@scgajge12)
mokusou (@Mokusou4)
RyotaK (@ryotkak)
Summary (Link)
[大テーマ] 最近の取り組みについて
[小テーマ]
バグバウンティにおける気持ち/メンタルの問題について
[中テーマ] トレンドの出来事や脆弱性についてなど
Pwn2Own
https://x.com/thezdi/status/1849381296771891372
CSP Bypass Search
https://x.com/renniepak/status/1841495174729314352
Concealing payloads in URL credentials
https://portswigger.net/research/concealing-payloads-in-url-credentials
Insecurity through Censorship: Vulnerabilities Caused by The Great Firewall
https://www.assetnote.io/resources/research/insecurity-through-censorship-vulnerabilities-caused-by-the-great-firewall
Bypassing Filters: SSRF Exploitation via DNS Rebinding with Just 1 in 30 Successful Requests
https://mokhansec.medium.com/bypassing-filters-ssrf-exploitation-via-dns-rebinding-with-just-1-in-30-successful-requests-2fdc3a9cfd7d
HTTP Parameter Pollution in 2024 !
https://medium.com/@0xAwali/http-parameter-pollution-in-2024-32ec1b810f89
Hacking 700 Million Electronic Arts Accounts
https://battleda.sh/blog/ea-account-takeover
Sam Curryのコメントについて
https://x.com/samwcyo/status/1848196974006186384
[Q&A] 脆弱性についてより深く学ぶには、記事を読んだり用意された攻撃環境で遊ぶだけでなく、CVEの再現や自分で脆弱なアプリを実装する等「開発寄りの勉強」も重要だと思うのですが、皆さんはそのようなの勉強方法が、バグバウンティのスキルの向上にどんな影響を与えると思いますか?
Web Page
https://bugbountyjppodcast.notion.s2024-10-311h 12Critical Thinking - Bug Bounty PodcastEpisode 95: Attacking Chrome Extensions with MatanBer - Big Impact on the Client-SideEpisode 95: In this episode of Critical Thinking - Bug Bounty Podcast In this episode, Justin is joined by MatanBer to delve into the intricacies of browser extensions. We talk about the structure and threat models, and cover things like service workers, extension pages, and isolated worlds.Follow us on twitter at: @ctbbpodcastWe're new to this podcasting thing, so feel free to send us any feedback here: info@criticalthinkingpodcast.ioShoutout to YTCracker for the awesome intro music!------ Links ------Follow your hosts Rhynorater & Teknogeek on twitter:2024-10-311h 56Critical Thinking - Bug Bounty PodcastEpisode 94: Zendesk Fiasco & the CTBB Naughty ListEpisode 94: In this episode of Critical Thinking - Bug Bounty Podcast Justin and Joel give their perspectives on the recent Zendesk fiasco and the ethical considerations surrounding it. They also highlight the launch of AuthzAI and some research from Ophion SecurityFollow us on twitter at: @ctbbpodcastWe're new to this podcasting thing, so feel free to send us any feedback here: info@criticalthinkingpodcast.ioShoutout to YTCracker for the awesome intro music!------ Links ------Follow your hosts Rhynorater & Teknogeek on twitter:https://twitter.com/0xteknogeek2024-10-2449 min
Surfacing SecurityMaximizing Security Outcomes: The Role of ASM in Bug Bounty ProgramsRunning an effective bug bounty program requires balancing an attractive scope and payout to hunters with an attack surface that challenges hunters to do more than automated scans. Program managers want to pay for skillful findings, not automated ones. In this episode, we talk about how ASM helps optimize your bug bounty program.2024-10-1137 min
Surfacing SecurityInternet-Wide Recon: Moving Past IP-Centric ApproachesIn this episode, we discuss the blindspots of IP-centric approaches to asset discovery and the importance of understanding the full attack surface of an organization.We unpack the challenges posed by modern cloud architectures, load balancers, and WAFs, and how these can create blind spots in reconnaissance efforts. We also highlight the significance of subdomain data and passive DNS in uncovering hidden attack surfaces that traditional scanning methods might miss.We talk about:- The limitations of Internet Wide Scanning- The importance of breadth and depth in attack surface mapping...2024-10-0227 min
SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)ISC StormCast for Monday, September 30th, 2024CUPS Vulnerability
https://isc.sans.edu/diary/Patch%20for%20Critical%20CUPS%20vulnerability%3A%20Don%27t%20Panic/31302
PHP Updates
https://www.php.net/ChangeLog-8.php#8.1.30
DNS And Big Chinese Firewall
https://www.assetnote.io/resources/research/insecurity-through-censorship-vulnerabilities-caused-by-the-great-firewall
https://isc.sans.edu/diary/Are+You+Piratebay+thepiratebayorg+Resolving+to+Various+Hosts/19175
HPE Aruba Networking Vulnerabilities
https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbnw04712en_us&docLocale=en_US2024-09-3007 min
SANS Stormcast: Daily Cyber Security NewsISC StormCast for Monday, September 30th, 2024CUPS Vulnerabilityhttps://isc.sans.edu/diary/Patch%20for%20Critical%20CUPS%20vulnerability%3A%20Don%27t%20Panic/31302 PHP Updateshttps://www.php.net/ChangeLog-8.php#8.1.30 DNS And Big Chinese Firewallhttps://www.assetnote.io/resources/research/insecurity-through-censorship-vulnerabilities-caused-by-the-great-firewallhttps://isc.sans.edu/diary/Are+You+Piratebay+thepiratebayorg+Resolving+to+Various+Hosts/19175 HPE Aruba Networking Vulnerabilitieshttps://support.hpe.com/hpesc/public/docDisplay?docId=hpesbnw04712en_us&docLocale=en_US2024-09-3007 min
SANS Internet Storm Center's Daily Network Security News PodcastNetwork Security News Summary for Monday September 30th, 2024CUPS Vulnerability Update; PHP Updates; Chinese Firewall and DNS; HPE Aruba Patches CUPS Vulnerability https://isc.sans.edu/diary/Patch%20for%20Critical%20CUPS%20vulnerability%3A%20Don%27t%20Panic/31302 PHP Updates https://www.php.net/ChangeLog-8.php#8.1.30 DNS And Big Chinese Firewall https://www.assetnote.io/resources/research/insecurity-through-censorship-vulnerabilities-caused-by-the-great-firewall https://isc.sans.edu/diary/Are+You+Piratebay+thepiratebayorg+Resolving+to+Various+Hosts/19175 HPE Aruba Networking Vulnerabilities https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbnw04712en_us&docLocale=en_US keywords: hpe; aruba; dns; firewall; php; updates; cups; vulnerability2024-09-3007 minSurfacing SecurityBeyond Shadow IT: Understanding the True Attack Surface of Your SoftwareThis week's episode dives deep into the concept of shadow exposure and how it relates to third-party software, often overlooked in discussions about shadow IT. We explore the historical context of shadow IT, its evolution, and the real risks associated with widely deployed enterprise software that organizations may not fully understand.Join us as we discuss:The origins and implications of shadow ITThe challenges of visibility and transparency with third-party vendorsReal-world examples of vulnerabilities in critical software, including ServiceNow and IBM's ASPR FastbackThe limitations of security questionnaires and self-attestation processesThe importance of proactive security measures and...2024-09-2545 minSurfacing SecurityASM and DNS Resolution: Dealing with DNS Poisoning at ScaleIn this more technical episode, we dive deep into the complexities of DNS and DNS resolution in the context of Attack Surface Management (ASM). Join us as we explore the unseen challenges that arise when scaling asset discovery, particularly when dealing with DNS wildcards and their implications for security scanning solutions.Our hosts, Michael and Shubs, share their extensive experiences in managing DNS resolution at scale, discussing the importance of accurate asset discovery and the pitfalls of relying solely on IP-centric approaches. They highlight the significance of DNS data in understanding attack surfaces and the need for...2024-09-2039 minSurfacing SecurityThe Art of Recon: Strategies for Modern Asset DiscoveryToday, we explore the world of asset discovery and reconnaissance, particularly how these practices have evolved over time. Historically, discussions around reconnaissance have been overly simplistic and tool-centric, often focusing solely on the latest tools rather than the underlying principles and methodologies.Join us as we break down our approach to reconnaissance into five key elements: breadth, depth, context, amplification, and focus. We discuss the importance of understanding the attack surface holistically and how to effectively map it out in a modern context.Learn why breadth is crucial for discovering all assets related to an...2024-09-1148 minSurfacing SecurityThe Unknown Complexities of DNS ResolutionIn this episode, we dive into the technical complexities of DNS resolution in the context of ASM asset discovery. Join us as we discuss the challenges, implications, and solutions we have encountered while dealing with DNS resolution at scale. From DNS wildcards to security scanning considerations, we explore the importance of DNS data and its role in comprehensive reconnaissance.Our hosts, Michael and Shubs, share their experiences and insights gained from years of perfecting DNS resolution for asset discovery. Discover how DNS records play a crucial role in security scanning, including the detection of DNS misconfigurations and...2024-09-0437 minSurfacing SecurityConfusion in the ASM MarketThere's a lot of confusion in the ASM (Attack Surface Management) market. Today we discuss the core principles of ASM, the challenges of building and maintaining an effective ASM system, and the importance of safety and accuracy in external attack surface scanning.We share insights on the differences between asset discovery and exposure management, the pitfalls of relying on off-the-shelf tools for ASM, and the critical role of curated checks in ensuring the quality and safety of scanning results.We go behind the scenes regarding the work that goes into creating a reliable ASM system...2024-08-2847 minSurfacing SecurityUncovering Critical Vulnerabilities in Magento: A Deep DiveToday, co-hosts Michael and Shubs reflect on the six-year milestone of Assetnote and do a deep dive into a critical Magento bug. They explore the importance of proactive and reactive security research, the limitations of traditional vulnerability scoring systems like CVSS and EPSS, and the significance of understanding exploitability in assessing vulnerabilities. Learn about the need for deeper insights into security risks and the value of in-depth research for security teams.To learn more about Assetnote, visit https://www.assetnote.io/.2024-08-2141 minSurfacing SecurityWhat is "True" Attack Surface Management (ASM)?Today we look at Attack Surface Management (ASM) with a focus on what true ASM entails. Join us as we discuss the core principles of ASM, the importance of understanding real exposure on your attack surface, and the role of security research in identifying vulnerabilities beyond known CVEs. Discover how our team at Assetnote pioneers a new approach to security research, uncovering hidden exposures and providing actionable insights for our customers. Tune in for a deep dive into the core principles of ASM and the critical role of proactive mitigation strategies in enhancing security posture.To learn...2024-08-1352 minSurfacing SecurityThe Untold Story of Assetnote: Origins and EvolutionIn this podcast episode, Michael and Shubs explore the background and evolution of Assetnote, a pioneering Attack Surface Management platform. They discuss the company's origins, the challenges faced in its early days, and the strategic decisions that established it in the market. They discuss the importance of speed and scale and the value of automation and security research and provide their unique approach to building a successful product.To learn more about Assetnote, visit https://www.assetnote.io/.2024-08-1357 minSurfacing SecurityA Deep Dive into Three ServiceNow Vulnerabilities (with Adam Kues)Over the last decade, ServiceNow has been deployed readily across enterprises. With its growing popularity, combined with the lack of visibility organizations have on its security posture, at Assetnote, we worked hard to discover vulnerabilities in the ServiceNow platform.Assetnote Security Researcher, Adam Kues, spent over a month finding an exploit chain and was credited with CVE-2024-4879, CVE-2024-5178, and CVE-2024-5217. At the time of discovery, these vulnerabilities affected an estimated 42,000+ ServiceNow instances globally.The exploit chain would allow attackers to do the following on any ServiceNow instance without authentication (versions Vancouver and...2024-08-0844 minSurfacing SecurityChaining Three Bugs to Access All Your ServiceNow Data (Live Q&A)On May 14th, 2024, we disclosed a chain of vulnerabilities to ServiceNow, resulting in 3 new CVEs. This series of security issues affected all Vancouver and Washington ServiceNow instances (around 42,000 globally), allowing an attacker to execute code on the instance.In this live Q&A, Assetnote security researcher Adam Kues explains his approach to how he found these vulnerabilities, highlighted in our recent research post. He is joined by hosts, Michael Gianarakis and Shubham Shah.Congratulations to Adam on being credited with CVE-2024-4879, CVE-2024-5178, and CVE-2024-5217!To learn more about Assetnote, visit...2024-08-0829 minCritical Thinking - Bug Bounty PodcastEpisode 82: Part-Time Bug BountyEpisode 82: In this episode of Critical Thinking - Bug Bounty Podcast Joel Margolis discusses strategies and tips for part-time bug bounty hunting. He covers things like finding (and enforcing) balance, picking programs and goals, and streamlining your process to optimize productivity.Follow us on twitter at: @ctbbpodcastWe're new to this podcasting thing, so feel free to send us any feedback here: info@criticalthinkingpodcast.ioShoutout to YTCracker for the awesome intro music!------ Links ------Follow your hosts Rhynorater & Teknogeek on twitter:https://twitter.com/0xteknogeek2024-08-0136 minCritical Thinking - Bug Bounty PodcastEpisode 73: Sandboxed IFrames and WAF BypassesEpisode 73: In this episode of Critical Thinking - Bug Bounty Podcast we give a brief recap of Nahamcon and then touch on some topics like WAF bypass tools, sandboxed iframes, and programs redacting your reports.Follow us on twitter at: @ctbbpodcastWe're new to this podcasting thing, so feel free to send us any feedback here: info@criticalthinkingpodcast.ioShoutout to YTCracker for the awesome intro music!------ Links ------Follow your hosts Rhynorater & Teknogeek on twitter:https://twitter.com/0xteknogeekhttps://twitter.com/rhynorater2024-05-3031 minCritical Thinking - Bug Bounty PodcastEpisode 72: Research TLDRs & Smuggling Payloads in Well Known Data TypesEpisode 72: In this episode of Critical Thinking - Bug Bounty Podcast Justin and Joel discuss some hot research from the past couple months. This includes ways to smuggle payloads in phone numbers and IPv6 Addresses, the NextJS SSRF, the PDF.JS PoC drop, and a GitHub Enterprise Indirect Method Information bug. Also, we have an attack vector featured from Monke!Follow us on twitter at: @ctbbpodcastShoutout to YTCracker for the awesome intro music!------ Links ------Follow your hosts Rhynorater & Teknogeek on twitter:------ Ways to Support CTBBPodcast...2024-05-2352 minCyber BriefingMay 13, 2024 - Cyber Briefing👉 What's happening in cybersecurity today?
🚨 #CyberAlerts
Malicious Python Package Conceals Sliver C2 in Fake Requests Logo
Source: Phylum
Critical Next.js Vulnerability Compromises Server Operations
Source: Assetnote
North Korean Hackers Deploy 'Durian' Golang Malware
Source: Kaspersky
Apache OFBiz RCE Flaw Enables Remote Code Execution
Source: Apache OFBiz
CISA Releases Advisory on Black Basta Ransomware
Source: Cybersecurity Infrastructure Security Agency
💥 #CyberIncidents
Europol Investiga...2024-05-1307 min
Bug Bounty JP PodcastBBJP_Podcast #1Speaker
morioka12 (@scgajge12)
mokusou (@Mokusou4)
RyotaK (@ryotkak) ←今回はチャットベース
Summary (link)
最近の取り組み
Full Time Bug Bounty について
Bug Bounty のメリットや面白い点
https://hackerone.com/epicgames
https://github.com/kevin-mizu/domloggerpp
https://github.com/caido/caido
https://portswigger.net/research/top-10-web-hacking-techniques-of-2023
https://twitter.com/assetnote
KeyTrap (CVE-2023-50387)
https://thehackernews.com/
[Q&A] バグバウンティの入門者を一緒に働けるレベルまで引き上げるなら、どのようなカリキュラムを考えますか?
[Q&A] 好きな脆弱性とその理由について
Web Page
https://bugbountyjppodcast.notion.site/Bug-Bounty-JP-Podcast-8bf1080383a54c4a8848f10bfeb874b3?pvs=4
Survery
https://forms.gle/wkr2jkc3m9o8NhPk7
BBJP_Podcast で話して欲しいテーマや聞きたいことなどを Google Form で募集しています。
感想も X(Twitter)でハッシュタグ「#BBJP_Podcast」や Google Formでいただけると嬉しいです。2024-02-221h 00Critical Thinking - Bug Bounty PodcastEpisode 52: Best Technical Content from Year 1 of CTBB PodcastEpisode 52: In this episode of Critical Thinking - Bug Bounty Podcast we're going back and highlighting some of the best technical moments from the past year! Hope you enjoy this best of 2023 Supercut!Follow us on twitter at: @ctbbpodcastWe're new to this podcasting thing, so feel free to send us any feedback here: info@criticalthinkingpodcast.ioShoutout to YTCracker for the awesome intro music!------ Links ------Follow your hosts Rhynorater & Teknogeek on twitter:https://twitter.com/0xteknogeekhttps://twitter.com/rhynorater...2024-01-043h 00Critical Thinking - Bug Bounty PodcastEpisode 50: Mathias "Fall in a well" Karlsson - Bug Bounty ProphetEpisode 50: In this episode of Critical Thinking - Bug Bounty Podcast, Justin catches up with hacking master Mathias Karlsson, and talks about burnout, collaboration, and the importance of specialization. Then we dive into the technical details of MXSS and XSLT, character encoding, and give some predictions of what Bug Bounty might look like in the future…Follow us on twitter at: @ctbbpodcastSend us any feedback here: info@criticalthinkingpodcast.ioShoutout to YTCracker for the awesome intro music!------ Links ------Follow your hosts Rhynorater & Teknogeek on twitter:...2023-12-212h 24
Cyber Morning CallCyber Morning Call - #419 - 25/10/2023[Referências do Episódio]
- Stealer for PIX payment system, new Lumar stealer and Rhysida ransomware - https://securelist.com/crimeware-report-gopix-lumar-rhysida/110871/
- VMware - VMSA-2023-0021 - https://www.vmware.com/security/advisories/VMSA-2023-0021.html
- VMware Aria Operations for Logs CVE-2023-34051 Technical Deep Dive and IOCs - https://www.horizon3.ai/vmware-aria-operations-for-logs-cve-2023-34051-technical-deep-dive-and-iocs/
- Citrix Bleed: Leaking Session Tokens with CVE-2023-4966 - https://www.assetnote.io/resources/research/citrix-bleed-leaking-session-tokens-with-cve-2023-4966
- Thread da Fox-IT sobre ataques contra dispositivos Cisco - https://twitter.com/fox...2023-10-2507 minSANS Stormcast: Daily Cyber Security NewsISC StormCast for Wednesday, October 25th, 2023Samsung Messages and Samsung Wallet briefly marked as 'harmful' by Googlehttps://9to5google.com/2023/10/23/samsung-messages-wallet-harmful-app-google/ OAuth Hijackinghttps://salt.security/blog/oh-auth-abusing-oauth-to-take-over-millions-of-accounts Microsoft Exchange Server CVe-2023-36745 PoChttps://n1k0la-t.github.io/2023/10/24/Microsoft-Exchange-Server-CVE-2023-36745/ Citrix Bleed PoC CVe-2023-4966https://www.assetnote.io/resources/research/citrix-bleed-leaking-session-tokens-with-cve-2023-4966 VMWare VRealize Exploit CVE-2023-34051 CVE0-2023-34052https://www.vmware.com/security/advisories/VMSA-2023-0021.html2023-10-2506 minSANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)ISC StormCast for Wednesday, October 25th, 2023Samsung Messages and Samsung Wallet briefly marked as 'harmful' by Google
https://9to5google.com/2023/10/23/samsung-messages-wallet-harmful-app-google/
OAuth Hijacking
https://salt.security/blog/oh-auth-abusing-oauth-to-take-over-millions-of-accounts
Microsoft Exchange Server CVe-2023-36745 PoC
https://n1k0la-t.github.io/2023/10/24/Microsoft-Exchange-Server-CVE-2023-36745/
Citrix Bleed PoC CVe-2023-4966
https://www.assetnote.io/resources/research/citrix-bleed-leaking-session-tokens-with-cve-2023-4966
VMWare VRealize Exploit CVE-2023-34051 CVE0-2023-34052
https://www.vmware.com/security/advisories/VMSA-2023-0021.html2023-10-2506 minSANS Stormcast: Daily Cyber Security NewsISC StormCast for Wednesday, October 25th, 2023Samsung Messages and Samsung Wallet briefly marked as 'harmful' by Googlehttps://9to5google.com/2023/10/23/samsung-messages-wallet-harmful-app-google/ OAuth Hijackinghttps://salt.security/blog/oh-auth-abusing-oauth-to-take-over-millions-of-accounts Microsoft Exchange Server CVe-2023-36745 PoChttps://n1k0la-t.github.io/2023/10/24/Microsoft-Exchange-Server-CVE-2023-36745/ Citrix Bleed PoC CVe-2023-4966https://www.assetnote.io/resources/research/citrix-bleed-leaking-session-tokens-with-cve-2023-4966 VMWare VRealize Exploit CVE-2023-34051 CVE0-2023-34052https://www.vmware.com/security/advisories/VMSA-2023-0021.html2023-10-2505 min
SANS Internet Storm Center's Daily Network Security News PodcastNetwork Security News Summary for Wednesday October 25th, 2023Google Samsung False Positive; OAuth Hijacking Samsung Messages and Samsung Wallet briefly marked as 'harmful' by Google https://9to5google.com/2023/10/23/samsung-messages-wallet-harmful-app-google/ OAuth Hijacking https://salt.security/blog/oh-auth-abusing-oauth-to-take-over-millions-of-accounts Microsoft Exchange Server CVe-2023-36745 PoC https://n1k0la-t.github.io/2023/10/24/Microsoft-Exchange-Server-CVE-2023-36745/ Citrix Bleed PoC CVe-2023-4966 https://www.assetnote.io/resources/research/citrix-bleed-leaking-session-tokens-with-cve-2023-4966 VMWare VRealize Exploit CVE-2023-34051 CVE0-2023-34052 https://www.vmware.com/security/advisories/VMSA-2023-0021.html keywords: vmware; vrealize; exploit; poc; exchange; citrix; oauth; samsung; google; false positive2023-10-2506 minSANS Stormcast: Daily Cyber Security NewsISC StormCast for Monday, October 2nd, 2023Analyzing MIME Files: a Quick Tiphttps://isc.sans.edu/diary/Analyzing%20MIME%20Files%3A%20a%20Quick%20Tip/30266 Infostealers Looking for Password Fileshttps://isc.sans.edu/diary/Are+You+Still+Storing+Passwords+In+Plain+Text+Files/30262/ Simple Netcat Backdoorhttps://isc.sans.edu/diary/Simple+Netcat+Backdoor+in+Python+Script/30264/ EXIM Response to the ZDI Releasehttps://exim.org/static/doc/security/CVE-2023-zdi.txt Exploit for WS_FTP Vulnerabilityhttps://www.assetnote.io/resources/research/rce-in-progress-ws-ftp-ad-hoc-via-iis-http-modules-cve-2023-400442023-10-0205 minSANS Stormcast: Daily Cyber Security NewsISC StormCast for Monday, October 2nd, 2023Analyzing MIME Files: a Quick Tiphttps://isc.sans.edu/diary/Analyzing%20MIME%20Files%3A%20a%20Quick%20Tip/30266 Infostealers Looking for Password Fileshttps://isc.sans.edu/diary/Are+You+Still+Storing+Passwords+In+Plain+Text+Files/30262/ Simple Netcat Backdoorhttps://isc.sans.edu/diary/Simple+Netcat+Backdoor+in+Python+Script/30264/ EXIM Response to the ZDI Releasehttps://exim.org/static/doc/security/CVE-2023-zdi.txt Exploit for WS_FTP Vulnerabilityhttps://www.assetnote.io/resources/research/rce-in-progress-ws-ftp-ad-hoc-via-iis-http-modules-cve-2023-400442023-10-0205 minSANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)ISC StormCast for Monday, October 2nd, 2023Analyzing MIME Files: a Quick Tip
https://isc.sans.edu/diary/Analyzing%20MIME%20Files%3A%20a%20Quick%20Tip/30266
Infostealers Looking for Password Files
https://isc.sans.edu/diary/Are+You+Still+Storing+Passwords+In+Plain+Text+Files/30262/
Simple Netcat Backdoor
https://isc.sans.edu/diary/Simple+Netcat+Backdoor+in+Python+Script/30264/
EXIM Response to the ZDI Release
https://exim.org/static/doc/security/CVE-2023-zdi.txt
Exploit for WS_FTP Vulnerability
https://www.assetnote.io/resources/research/rce-in-progress-ws-ftp-ad-hoc-via-iis-http-modules-cve-2023-400442023-10-0205 min
SANS Internet Storm Center's Daily Network Security News PodcastNetwork Security News Summary for Tuesday October 3rd, 2023MIME File Analysis; Infostealer; MIME Files; EXIM Update; WS_FTP Exploit; Analyzing MIME Files: a Quick Tip https://isc.sans.edu/diary/Analyzing%20MIME%20Files%3A%20a%20Quick%20Tip/30266 Infostealers Looking for Password Files https://isc.sans.edu/diary/Are+You+Still+Storing+Passwords+In+Plain+Text+Files/30262/ Simple Netcat Backdoor https://isc.sans.edu/diary/Simple+Netcat+Backdoor+in+Python+Script/30264/ EXIM Response to the ZDI Release https://exim.org/static/doc/security/CVE-2023-zdi.txt Exploit for WS_FTP Vulnerability https://www.assetnote.io/resources/research/rce-in-progress-ws-ftp-ad-hoc-via-iis-http-modules-cve-2023-40044 keywords: ws_ftp; exploit; exim; vulnerability; mime; infostealer;2023-10-0205 minCritical Thinking - Bug Bounty PodcastEpisode 30: Recon Legend Shubs - From Burgers to BountiesEpisode 30: In this episode of Critical Thinking - Bug Bounty Podcast, we're thrilled to be joined by renowned bug bounty hunter Shubs. We kick off with him sharing his journey from burgers to bugs, and how his friendly rivalry with a fellow hacker fueled his passion for reconnaissance, as well as his love of collaboration. We then shift gears to talk about the art of debugging, ethics and economics of bug bounty hunting, the transition to Entrepreneur, and the evolution of Assetnote from a reconnaissance tool to enterprise security software suite. This one’s a banger, and we don’t wa...2023-08-031h 19Critical Thinking - Bug Bounty PodcastEpisode 29: Live Episode with Sean Yeoh - Assetnote EngineerEpisode 29: In this episode of Critical Thinking - Bug Bounty Podcast sit down with Assetnote Engineer Sean Yeoh, and pick his brain about what he's learned on his development journey. We talk about the place and importance of message brokers, and which ones we like best, as well as his engineering philosophy regarding bottleneck prevention and the importance of pursuing optimization. Don't miss this episode of terrific technical tips!Follow us on twitter at: @ctbbpodcastWe're new to this podcasting thing, so feel free to send us any feedback here: info@criticalthinkingpodcast.io...2023-07-2759 minCritical Thinking - Bug Bounty PodcastEpisode 27: Top 7 Esoteric Web VulnerabilitiesEpisode 27: In this episode of Critical Thinking - Bug Bounty Podcast, we've switched places and now Joel is home while Justin is on the move. We break down seven esoteric web vulnerabilities, and talk Cookies, Config File Injections, Client-side path traversals and more. We also briefly discuss appliance hacking, new tools, and shout out some new talent in the hacking space. Don't miss this episode full of cool vulns, and experience Justin's vocal decline in real time.Follow us on twitter at: @ctbbpodcastWe're new to this podcasting thing, so feel free to send us...2023-07-131h 20
Secured by Galah Cyber with Cole CornfordHacking the Game of Life: From Gaming Exploits to Cybersecurity Giant with Shubham Shah of AssetnoteShubham Shah is co-founder and CTO of Assetnote, a cybersecurity tool used by companies like Atlassian, Qantas, and Australia Post. Shubham’s career in cybersecurity had very humble beginnings: he first learned to hack computer games as a kid so he could beat his brother. Shubham chats with Cole Cornford about video game exploits and what they can teach us about appsec, bug bounty hunting, the challenges of founding a company, and plenty more.Secured by Galah Cyber with Cole Cornford website 2:30 - Benefits of shared workspace.5:30 - Shubham’s background.9:00 - Bu...2023-06-0754 minDayOne.FMHacking the Game of Life: From Gaming Exploits to Cybersecurity Giant with Shubham Shah of AssetnoteShubham Shah is co-founder and CTO of Assetnote, a cybersecurity tool used by companies like Atlassian, Qantas, and Australia Post. Shubham’s career in cybersecurity had very humble beginnings: he first learned to hack computer games as a kid so he could beat his brother. Shubham chats with Cole Cornford about video game exploits and what they can teach us about appsec, bug bounty hunting, the challenges of founding a company, and plenty more.Secured by Galah Cyber with Cole Cornford website 2:30 - Benefits of shared workspace.5:30 - Shubham’s background.9:00 - Bu...2023-06-0754 minCritical Thinking - Bug Bounty PodcastEpisode 19: Audit Code, Earn Bounties (Part 2) + Zip-Snip, Sitecore, and more!Episode 19: In this episode of Critical Thinking - Bug Bounty Podcast we further discuss some tips and tricks for finding vulns once you’ve got source code and some banger tweets/tools that popped up in our feed this week. Follow us on twitter at: @ctbbpodcastWe're new to this podcasting thing, so feel free to send us any feedback here: info@criticalthinkingpodcast.ioShoutout to YTCracker for the awesome intro music!------ Links ------Follow your hosts Rhynorater & Teknogeek on twitter:https://twitter.com/0xteknogeek...2023-05-1853 minCritical Thinking - Bug Bounty PodcastEpisode 12: JHaddix on Hacker->Hacker CISO, OG Hacking Techniques, and Crazy ReportsEpisode 12: In this episode of Critical Thinking - Bug Bounty Podcast we talk with Jason Haddix about his eclectic hacking techniques, Hacker -> Hacker CISO life, and some crazy vulns he found. This episode is chock full of awesome tips so give it a good listen!Follow us on twitter at: @ctbbpodcastWe're new to this podcasting thing, so feel free to send us any feedback here: info@criticalthinkingpodcast.ioShoutout to YTCracker for the awesome intro music!------ Links ------Follow your hosts Rhynorater...2023-03-231h 46
Cyber Morning CallCyber Morning Call - #70 - 05/05/2022[Referências do Episódio]
- CVE-2022-1388 No BIG-IP - https://support.f5.com/csp/article/K23605346
- Operation CuckooBees - https://www.cybereason.com/blog/operation-cuckoobees-a-winnti-malware-arsenal-deep-dive
- Outra campanha que abusava do CLFS - https://www.mandiant.com/resources/unknown-actor-using-clfs-log-files-for-stealth
- Relatório do FBI sobre BEC - https://www.ic3.gov/Media/Y2022/PSA220504
- CVE-2022-26352 no dotCMS - https://blog.assetnote.io/2022/05/03/hacking-a-bank-using-dotcms-rce/
- Shellcode escondido em registros de log - https://securelist.com/a-new-secret-stash-for-fileless-malware/106393/
[Ficha técnic...2022-05-0505 min
AWS Morning BriefSecurity Developer Experience and SecurityLinks:“Developer Experience is Security”: https://redmonk.com/rstephens/2022/02/17/devex-is-security/Cleansing their network of ransomware: https://www.espn.com/nfl/story/_/id/33283115/san-francisco-49ers-network-hit-gang-ransomware-attack-team-notifies-law-enforcement“Control access to Amazon Elastic Container Service resources by using ABAC policies”: https://aws.amazon.com/blogs/security/control-access-to-amazon-elastic-container-service-resources-by-using-abac-policies/“Introducing s2n-quic—‘sin-i-quick?’ ‘sin-two-quick?’ Yeah—a new open-source QUIC protocol implementation in Rust”: https://aws.amazon.com/blogs/security/introducing-s2n-quic-open-source-protocol-rust/“Top 2021 AWS Security service launches security professionals should review–Part 1”: https://aws.amazon.com/blogs/security/top-2021-aws-security-service-launches-part-1/Ghostbuster: https://blog.assetnote.io/2022/02/13/dangling-eips/TranscriptCorey: This is the AWS Morning Brief: Secu...2022-02-2405 min
OzCyber UnlockedCyber threat intelligence – a deep dive into why it mattersCyber threat intelligence is a hot topic in security right now. Over the past year, we have seen wide-spread geopolitical destabilisation, COVID-19, the rise of the remote workforce and most recently, significant ransomware attacks against critical infrastructure. Broadly, threat intelligence is about sharing information between industry, academia and government so Australians can work together to defend their networks from attack and start to form a collective defence.In episode twelve of ‘OzCyber Unlocked’, AustCyber’s CEO Michelle Price speaks to Glenn Maiden (Director of Threat Intelligence at Fortiguard Labs Australia and New Zealand, Fortinet), Brett William...2021-06-281h 02
Three Buddy ProblemShubs Shah on finding riches (and lessons) from bug bounty hackingShubham Shah is a brilliant hacker who quit his pen-testing job to hack for cash in bug-bounty programs. He quickly mastered the game of automating automating pre-breach reconnaissance and zero in on common webapp programming and configuration errors. Shubs, now co-founder at Assetnote, joined Ryan on the show to talk about the stressful life of a fulltime bug-bounty hunter, advancements in web app security defense, and how automation is completely rewriting the bug-discovery business.Links:AssetnoteShubs Shah: Hacking on Bug Bounties for Four YearsHigh frequency security: 120 days, 120 bugsh2c Smuggling: Request Smuggling Via HTTP/2 Cleartext (h2...2021-04-2052 min![Day[0]](https://d3t3ozftmdmh3i.cloudfront.net/production/podcast_uploaded_nologo/1589585/1589585-1553556841291-2e3a293ad9c2e.jpg)
Day[0]Google exposes an APT campaign, PHP owned, and Several Auth IssuesLong episode this week as we talk about Google's decision to thwart a western intelligence operation (by fixing vulns), multiple authorization and authentication issues, and of course some memory corruption.
[00:00:46] Google's unusual move to shut down an active counterterrorism operation being conducted by a Western democracy
https://www.technologyreview.com/2021/03/26/1021318/google-security-shut-down-counter-terrorist-us-ally/
[00:21:48] PHP Git Compromised
https://news-web.php.net/php.internals/113838https://github.com/php/php-src/commit/2b0f239b211c7544ebc7a4cd2c977a5b7a11ed8a
[00:32:24] [Google Chrome] File System Access API vulnerabilities
https...2021-03-312h 16
The Backend Engineering Show with Hussein NasserResearcher bypasses Azure, and Cloudflare Reverse Proxy Security - HTTP/2 Smuggling (h2c)6 months ago, Jake Miller released a blog article and python tool describing H2C smuggling, or http2 over cleartext smuggling. By using an obscure feature of http2, an attacker could bypass authorization controls on reverse proxies.
Sean managed to leverage Jack’s original research to bypass reverse proxy rules, lets discuss My original Video on Jack’s h2c smuggling https://youtu.be/B2VEQ3jFq6Q This article https://blog.assetnote.io/2021/03/18/h2c-smuggling/2021-03-2614 min
Hacking into Security - Career TalksHacking Into Security #23 - Finding vulnerabilities as a teenager, first job at 17, bug bounties and more, with Shubs - @infosec_au, @notnaffyIn this episode, we catch up with Shubs (Shubham Shah, @infosec_au, @notnaffy), CTO of Assetnote.A passion for hacking grew early in Shubs' life. He was demonstrating good skills in hacking but faced with a tough decision at an early age. Follow his parents wishes and attend university or his own path and get a job. We talk through Shubs's incredible journey which saw him land his first job in the industry at 17 years old, his success in bug bounties and going on to co-found the company Assetnote. Shubs also...2020-09-0440 min
Hacking into Security - Career TalksHacking Into Security #23 - Finding vulnerabilities as a teenager, first job at 17, bug bounties and more, with Shubs - @infosec_au, @notnafIn this episode, we catch up with Shubs (Shubham Shah, @infosec_au, @notnaffy), CTO of Assetnote.A passion for hacking grew early in Shubs' life. He was demonstrating good skills in hacking but faced with a tough decision at an early age. Follow his parents wishes and attend university or his own path and get a job. We talk through Shubs's incredible journey which saw him land his first job in the industry at 17 years old, his success in bug bounties and going on to co-found the company Assetnote. Shubs also shares some practical tips for aspiring hackers and bug...2020-09-0440 min
Hacking into Security - Career TalksHacking Into Security #23 - Finding vulnerabilities as a teenager, first job at 17, bug bounties and more, with Shubs - @infosec_au, @notnaffyIn this episode, we catch up with Shubs (Shubham Shah, @infosec_au, @notnaffy), CTO of Assetnote.A passion for hacking grew early in Shubs' life. He was demonstrating good skills in hacking but faced with a tough decision at an early age. Follow his parents wishes and attend university or his own path and get a job. We talk through Shubs's incredible journey which saw him land his first job in the industry at 17 years old, his success in bug bounties and going on to co-found the company Assetnote. Shubs also...2020-09-0440 min