0xor0ne@infosec.exchange - Beginners introduction to stack buffer overflows by Stefano Lanaro

https://steflan-security.com/complete-guide-to-stack-buffer-overflow-oscp/

#infosec #cybersecurity #beginners #learning #BufferOverflow

6 Best Secure Messaging Alternatives to WhatsApp | Avoid the Hack – https://avoidthehack.com/best-secure-messengers

The content of your messages and the metadata associated with them should be secure and private. Unfortunately many messengers out there fail to do this.

Telegram operates in the cloud, and while this does have good portability across multiple devices and device types, the service provider (or anyone with access to the cloud server) could theoretically read them at any time with relative ease; Telegram stores messages on the third-party cloud provider's server.
According to Telegram’s privacy policy, the service itself logs IP addresses and phone numbers.

#Infosec #Session #SimpleXchat #Briar #Threema
#Element #Telegram #privacy

KeePassXC Vulnerability CVE-2023-35866 allows attackers to change the master password and second-factor authentication settings
BY DO SON · JUNE 19, 2023

KeePassXC, a modern and secure password manager, is the bulwark of choice for many who demand the utmost security in managing their personal data. However, every fortress has its weakness. A recent vulnerability was discovered in KeePassXC: CVE-2023-35866.

mttaggart@infosec.exchange - Right so, in KeePassXC, if you have an unlocked session, the change password flow does not require you to enter the current database password.

That means someone who accesses the machine locally (Or via RDP? Maybe?) would be able to change those settings. But then, they'd also be able to just read the passwords so ¯\_(ツ)_/¯

#CVE202335866 #ThreatIntel #InfoSec #CyberSecurity


#KeepassXC

0xor0ne@infosec.exchange - Very cool series about persistence in Linux environments

Persistence map: https://pberba.github.io/assets/posts/common/20220201-linux-persistence.pdf

Auditd, Sysmon, Osquery: https://pberba.github.io/security/2021/11/22/linux-threat-hunting-for-persistence-sysmon-auditd-webshell/

Account Creation and Manipulation: https://pberba.github.io/security/2021/11/23/linux-threat-hunting-for-persistence-account-creation-manipulation/

Systemd, Timers, and Cron: https://pberba.github.io/security/2022/01/30/linux-threat-hunting-for-persistence-systemd-timers-cron/

Initialization Scripts and Shell Configuration: https://pberba.github.io/security/2022/02/06/linux-threat-hunting-for-persistence-initialization-scripts-and-shell-configuration/

Systemd Generators: https://pberba.github.io/security/2022/02/07/linux-threat-hunting-for-persistence-systemd-generators/

#Linux #kernel #malware #cybersecurity #infosec

Over 130,000 solar energy monitoring systems exposed online

Cyble’s threat analysts scanned the web for internet-exposed PV utilities and found 134,634 products from various vendors, which include Solar-Log, Danfoss Solar Web Server, SolarView Contec, SMA Sunny Webbox, SMA Cluster Controller, SMA Power Reducer Box, Kaco New Energy & Web, Fronis Datamanager, Saj Solar Inverter, and ABB Solar Inverter Web GUI.

It is important to note that the exposed assets are not necessarily vulnerable or misconfigured in a way that allows attackers to interact with them.

However, Cyble’s research shows that unauthenticated visitors can glean information, including settings, that could be used to mount an attack

#infosec #solar

arstechnica@mastodon.social -

Mastodon fixes critical “TootRoot” vulnerability allowing node hijacking

Most critical of the bugs allowed attackers to root federated instances.

The maintainers of the open source software that powers the Mastodon social network published a security update on Thursday that patches a critical vulnerability making it possible for hackers to backdoor the servers that push content to individual users.

#Mastodon #backdoors #vulenerability #infosec #TootRoot

CISA warns govt agencies to patch actively exploited Android driver –

#Infosec

How a cloud flaw gave Chinese spies a key to Microsoft’s kingdom

For most IT professionals, the move to the cloud has been a godsend. Instead of protecting your data yourself, let the security experts at Google or Microsoft protect it instead. But when a single stolen key can let hackers access cloud data from dozens of organizations, that trade-off starts to sound far more risky.

Late Tuesday evening, Microsoft revealed that a China-based hacker group, dubbed Storm-0558, had done exactly that. The group, which is focused on espionage against Western European governments, had accessed the cloud-based Outlook email systems of 25 organizations, including multiple government agencies.

This latest attack uses a unique trick: Microsoft says hackers stole a cryptographic key that let them generate their own authentication “tokens”—strings of information meant to prove a user’s identity—giving them free rein across dozens of Microsoft customer accounts.

#Storm0558 #China #Infosec
#espionage

Hackers Target Reddit Alternative Lemmy via Zero-Day Vulnerability - SecurityWeek

Several instances of the Reddit alternative Lemmy were hacked in recent days by attackers who had apparently exploited a zero-day vulnerability.

Lemmy is an open source software designed for running self-hosted news aggregation and discussion forums. Each Lemmy instance is run by a different individual or organization, but they are interconnected, allowing users from one instance to interact with posts on other servers. Currently there are more than 1,100 instances with a total of nearly 850,000 users. 

A few days ago, someone started exploiting a cross-site scripting (XSS) vulnerability related to the rendering of custom emojis. 

The attacker leveraged the vulnerability to deface pages on some popular instances, including Lemmy.world, the most popular instance, which has over 100,000 users.

#Lemmy #RedditAlternative #ZeroDay #Infosec

Android Pentesting Methodology | Redfox Security – Part 1

In this blog, we’ll discuss Android architecture and the different layers of Android architecture. This blog is part 1 of the “Android Pentesting Methodology” series and forms a basis for our upcoming blog. 

Before we get into the nitty-gritty of the Android Pentesting Methodology, it’s crucial to understand the inner workings of the Android platform. 

Android Pentesting Methodology Part 2

We briefly discussed the Android architecture in part 1 of the "Android Pentesting Methodology" series. In part 2 of the same series, we will explore what APKs are, start reversing Android applications and discuss popular debugging tools.

#MobileSecurity #AndroidSecurity #Infosec

BleepingComputer@infosec.exchange -

A team of researchers from British universities has trained a deep learning model that can steal data from keyboard keystrokes recorded using a microphone with an accuracy of 95%.

#AI #Infosec

0xor0ne (@0xor0ne): "Nice short reading for anyone interested in starting with embedded/IoT devices analysis and reversing.

https://whiterose-infosec.super.site/mjsxj09cm-recovering-firmware-and-backdooring
#embedded #infosec

Bypassing the “run-as” debuggability check on Android via newline injection | Meta Red Team X –

An attacker with ADB access to an Android device can trick the “run-as” tool into believing any app is debuggable. By doing so, they can read and write private data and invoke system APIs as if they were most apps on the system—including many privileged apps, but not ones that run as the system user. Furthermore, they can achieve persistent code execution as Google Mobile Services (GMS) or as apps that use its SDKs by altering executable code that GMS caches in its data directory.

Google assigned the issue CVE-2024-0044 and fixed it in the March 2024 Android Security Bulletin, which becomes public today. Most device manufacturers received an advance copy of the Bulletin a month ago and have already prepared updates that include its fixes.

#Infosec #Vulnerabilities #CVE #Android #ADB

Attacking Android

"In this comprehensive guide, we delve into the world of Android security from an offensive perspective, shedding light on the various techniques and methodologies used by attackers to compromise Android devices and infiltrate their sensitive data. From exploiting common coding flaws to leveraging sophisticated social engineering tactics, we explore the full spectrum of attack surfaces present in Android environments."

#Android #Infosec #Vulnerabilities

Unpatchable vulnerability in Apple chip leaks secret encryption keys | Ars Technica –

A newly discovered vulnerability baked into Apple’s M-series of chips allows attackers to extract secret keys from Macs when they perform widely used cryptographic operations, academic researchers have revealed in a paper published Thursday

#Apple #Vulnerability #Infosec

Free Android VPN Security Flaws: 100 Apps Tested

I tested the 100 most popular free VPNs in the Google Play store and found significant security and privacy flaws affecting Android apps that have been installed over 2.5 billion times worldwide.

#Android #VPN #Infosec