Hacker Plants Computer 'Wiping' Commands in Amazon's AI Coding Agent

https://www.404media.co/hacker-plants-computer-wiping-commands-in-amazons-ai-coding-agent/

> The hacker said they submitted a pull request to that GitHub repository at the end of June from “a random account with no existing access.” They were given “admin credentials on a silver platter,” they said. On July 13 the hacker inserted their code, and on July 17 “they [Amazon] release it—completely oblivious,” they said.
#netsec #amazonWebServices #amazonQ #aiAiAi #nonBenificent marketing of so-called AI is a massive scam to manufacture consent to end the #labor & consumer economies; to pipeline the surveillance & collection of personal & private data; and to foster propaganda & devalue truthful information

Rogue IT worker gets seven months in prison after changing all of his company's passwords after getting suspended — causing over $200,000 in digital rampage.

New writeup: a vulnerability in PHP's extract() function allows attackers to trigger a double-free, which in turn allows arbitrary code execution (native code)

https://ssd-disclosure.com/ssd-advisory-extract-double-free5-x-use-after-free7-x-8-x/

Discussions: https://discu.eu/q/https://ssd-disclosure.com/ssd-advisory-extract-double-free5-x-use-after-free7-x-8-x/

I’ve got to know a lot of tech by sort of accreting knowledge over time, so I often don’t have a good answer to “how do I learn about XYZ?” type questions

To wit, a friend just asked me how to get started learning about IP #networking and basic #networkSecurity and… I’m not sure? Anyone have a good suggestion?

Class Pollution in Ruby: A Deep Dive into Exploiting Recursive Merges · Doyensec's Blog

https://blog.doyensec.com/2024/10/02/class-pollution-ruby.html

Discussions: https://discu.eu/q/https://blog.doyensec.com/2024/10/02/class-pollution-ruby.html

Beware with "mail" gem email parsing and encoding

https://portswigger.net/research/splitting-the-email-atom

Discussions: https://discu.eu/q/https://portswigger.net/research/splitting-the-email-atom

get a tattoo of a qr code for a rickroll on your ass. that way if anyone tries to take a pic of you naked they'll be watching rick astley instead #securitytip #netsec

Ronin 2.1.0 has finally been released! New database tables, new payloads, new recon engine, new local Web UI, and more.

https://ronin-rb.dev/blog/2024/07/22/ronin-2-1-0-finally-released.html

Discussions: https://discu.eu/q/https://ronin-rb.dev/blog/2024/07/22/ronin-2-1-0-finally-released.html

Version Fingerprinting Tricks: Automating Software Identification for Vulnerability Scanners.

Presentation done at FIRST conference 2024.

https://d4-project.org/2024/07/02/version-fingerprinting-tricks.html

#infosec #opensource #networkscanning
#netsec

@jtk @firstdotorg

My first blog post with me as the lead got published yesterday. It explores the huge burden of #DDoS. We attempted to pick metrics to underline the issue from different perspectives:

New #attacks emerging almost every other second; countless hours of attack duration; to whom terabit-scale attacks became a sad reality and some exploration on the abused infrastructure.

The Unbearable Asymmetry of DDoS

Now this is incompetence on a totally new level: https://www.troyhunt.com/how-spoutibles-leaky-api-spurted-out-a-deluge-of-personal-data/

tl;dr #Spoutible's (a social media website apparently) API returned everything about you to everyone, including your email, phone number, password hash, 2FA secret, password reset token, etc.

#NetSec

Bluetooth keystroke-injection in Android, Linux, macOS and iOS

https://github.com/skysafe/reblog/tree/main/cve-2023-45866

Discussions: https://discu.eu/q/https://github.com/skysafe/reblog/tree/main/cve-2023-45866

Oh no ​

Is there a vulnerability in WordPress that reveals the username of an administrator?

All In One WP Security and Firewall reports "Failed login attempt with a known username" on multiple WordPress instances I run.

Or maybe it's just a bug in AIOWPS?

Avoid the Hack: A Basic Guide to Router and Wireless Security for Regular People

Router and wireless #security are important for the home network, though a lot of guidance focuses on enterprise/business networks out there. SOHO routers tend to be limited, but they can still be "secured."

The checklist includes:

- Avoid using the #ISP router/equipment

- Change the #router admin password

- Turn off UPnP

- Use the router's #firewall

- Set a strong Wi-Fi password

- Keep router #firmware and your other devices updated

- BONUS: Use open-source router firmware

#cybersecurity #infosec #privacy #avoidthehack #netsec

https://avoidthehack.com/router-wireless-guide

CVE-2023-36325: Attackers can de-anonymize i2p hidden services with a message replay attack

https://xeiaso.net/blog/CVE-2023-36325

Hey @Vivaldi noticed that vivaldi.net is one of the all-greens on Hardenize.
I'd move my mails to vivaldi.net, but I have size worries, still use other providers, & own domain.
Do you have any plans to implement paid size plan, & features like automatic IMAP fetch, external sending SMTP, own domain management?

If you could see an update on any old conference talk, what would it be?

Here goes nothing! Signing up for Cobalt.io with the experience I've gained in the past few months... I used to work with them in a different capacity a year ago, but now I'm hoping to actually get deeper into doing pentesting on a daily basis!

Pre-Auth RCE in Aspera Faspex: Case Guide for Auditing Ruby on Rails

https://blog.assetnote.io/2023/02/02/pre-auth-rce-aspera-faspex/

Discussions: https://discu.eu/q/https://blog.assetnote.io/2023/02/02/pre-auth-rce-aspera-faspex/