meow.md (49)

🐈
!noid

Atlas VPN zero-day vulnerability leaks users' real IP address
https://hatenablog-parts.com/embed?url=https://www.bleepingcomputer.com/news/security/atlas-vpn-zero-day-vulnerability-leaks-users-real-ip-address/</a>" frameborder="0">https://www.bleepingcomputer.com/news/security/atlas-vpn-zero-day-vulnerability-leaks-users-real-ip-address/

This PoC creates a hidden form that is automatically submitted by JavaScript to connect to the https://hatenablog-parts.com/embed?url=http://127.0.0.1:8076/connection/stop</a>" frameborder="0">http://127.0.0.1:8076/connection/stop API endpoint URL.

When this API endpoint is accessed, it automatically terminates any active Atlas VPN sessions that hide a user's IP address.

Once the VPN connection is disconnected, the PoC will connect to the api.ipify.org URL to log the visitor's actual IP address.

CORS Bypassも

Partridge further explained that the PoC bypasses existing CORS (Cross-Origin Resource Sharing) protections on web browsers because the requests are sent to the Atlas VPN API as form submissions.

"Form submissions are exempt from CORS for legacy/compatibility reasons, they're considered a "simple request" by the CORS spec," Partridge told BleepingComputer.

Normally, CORS would block requests made by scripts in web pages to different domains than the origin domain. In the case of this exploit, it would be requests made by any website to a visitor's localhost at "https://hatenablog-parts.com/embed?url=http://127.0.0.1:8076/connection/stop.&quot</a>" frameborder="0">http://127.0.0.1:8076/connection/stop."

However, Partridge explained to BleepingComputer that using a form submission to "bypass" CORS would not allow a website to see any response from the form submission.

>>2
https://hatenablog-parts.com/embed?url=https://www.reddit.com/r/cybersecurity/comments/167f16e/atlasvpn_linux_client_103_remote_disconnect/</a>" frameborder="0">https://www.reddit.com/r/cybersecurity/comments/167f16e/atlasvpn_linux_client_103_remote_disconnect/

https://hatenablog-parts.com/embed?url=https://github.com/projectdiscovery/naabu</a>" frameborder="0">https://github.com/projectdiscovery/naabu

To run the naabu on a ASN, AS input can be used. It takes the IP address available for given ASN and runs the enumeration on them.

Testing 10 GbE throughput on Windows - iperf3 is outdated
https://hatenablog-parts.com/embed?url=https://www.jeffgeerling.com/blog/2023/testing-10-gbe-throughput-on-windows-iperf3-outdated</a>" frameborder="0">https://www.jeffgeerling.com/blog/2023/testing-10-gbe-throughput-on-windows-iperf3-outdated

>>6
WindowsってネットワークI/Oが終わっててInterruptに落ちるってイメージだったけど改善されたんかな🤔

10GbE時代のネットワークI/O高速化
https://hatenablog-parts.com/embed?url=https://www.slideshare.net/syuu1228/10-gbeio</a>" frameborder="0">https://www.slideshare.net/syuu1228/10-gbeio

https://hatenablog-parts.com/embed?url=https://2ch.hk/</a>" frameborder="0">https://2ch.hk/

Два.ч - это система форумов, где можно общаться быстро и свободно, где любая точка зрения имеет право на жизнь. Здесь нет регистрации и подписываться не нужно, хотя это не избавляет вас от необходимости соблюдать правила. Все форумы (кроме /Б/реда), а их список находится снизу, имеют собственную чётко ограниченную тематику. Словом, всё, что не запрещено правилами отдельно взятого форума и относится к его тематике, на этом форуме разрешено.

ASUS routers vulnerable to critical remote code execution flaws
https://hatenablog-parts.com/embed?url=https://www.bleepingcomputer.com/news/security/asus-routers-vulnerable-to-critical-remote-code-execution-flaws/</a>" frameborder="0">https://www.bleepingcomputer.com/news/security/asus-routers-vulnerable-to-critical-remote-code-execution-flaws/

1. CVE-2023-39238: Lack of proper verification of the input format string on the iperf-related API module ‘ser_iperf3_svr.cgi’.

2. CVE-2023-39239: Lack of proper verification of the input format string in the API of the general setting function.

3. CVE-2023-39240: Lack of proper verification of the input format string on the iperf-related API module ‘ser_iperf3_cli.cgi’.

U.K. ABANDONS, FOR NOW, LEGISLATION THAT WOULD HAVE BANNED END-TO-END ENCRYPTION
https://hatenablog-parts.com/embed?url=https://daringfireball.net/linked/2023/09/06/uk-encryption-win</a>" frameborder="0">https://daringfireball.net/linked/2023/09/06/uk-encryption-win

CDW Data Breach: LockBit Ransomware Threatens Corporation, Sets Deadline
https://hatenablog-parts.com/embed?url=https://thecyberexpress.com/cdw-data-breach-lockbit-ransomware/amp/</a>" frameborder="0">https://thecyberexpress.com/cdw-data-breach-lockbit-ransomware/amp/

Headless Chrome with a GPU instance is fast!
https://hatenablog-parts.com/embed?url=https://www.browserless.io/blog/2023/08/31/browserless-gpu-instances/</a>" frameborder="0">https://www.browserless.io/blog/2023/08/31/browserless-gpu-instances/

gov😴

Insomnia Coach
https://hatenablog-parts.com/embed?url=https://mobile.va.gov/app/insomnia-coach</a>" frameborder="0">https://mobile.va.gov/app/insomnia-coach

The Insomnia Coach app was created for everyone, including Veterans and Service members, to help manage insomnia. The app is based on Cognitive Behavioral Therapy for Insomnia (CBT-I).

From sex life to politics: car driver data grab presents ‘privacy nightmare’, says study
https://hatenablog-parts.com/embed?url=https://www.theguardian.com/business/2023/sep/06/cars-collect-extensive-personal-data-on-drivers-study-warns</a>" frameborder="0">https://www.theguardian.com/business/2023/sep/06/cars-collect-extensive-personal-data-on-drivers-study-warns

>>14
そりゃそうだって話だしCANのセキュリティの弱さなんとかしようよ

Blockchain Privacy and Regulatory Compliance: Towards a Practical Equilibrium
https://hatenablog-parts.com/embed?url=https://papers.ssrn.com/sol3/papers.cfm?abstract_id=4563364</a>" frameborder="0">https://papers.ssrn.com/sol3/papers.cfm?abstract_id=4563364

Now it's PostgreSQL's turn to have a bogus CVE
https://hatenablog-parts.com/embed?url=https://opensourcewatch.beehiiv.com/p/now-postgresqls-turn-bogus-cve</a>" frameborder="0">https://opensourcewatch.beehiiv.com/p/now-postgresqls-turn-bogus-cve

Recently, the popular open-source command line copy tool, cURL for transferring data via URLs, was given a jaw-dropping 9.8 Common Vulnerability Scoring System (CVSS) critical security violation mark. There was only one little problem with this National Vulnerability Database (NVD) CVE-2020-19909 report: It was bogus. There's nothing wrong with cURL. Now, the same kind of crap security report has shown up for the open-source SQL database, PostgreSQL.

pCloudみたいな売り方するのかな？
100GBまで無料みたいです

Zero Knowledge end-to-end encrypted cloud storage
https://hatenablog-parts.com/embed?url=https://info.scramble.cloud/</a>" frameborder="0">https://info.scramble.cloud/

iPhone users spend seven times more on apps than Android users
https://hatenablog-parts.com/embed?url=https://9to5mac.com/2023/09/06/iphone-users-spend-apps/</a>" frameborder="0">https://9to5mac.com/2023/09/06/iphone-users-spend-apps/

UK air traffic meltdown 'one in 15 million' event
https://hatenablog-parts.com/embed?url=https://www.reuters.com/world/uk/uk-aviation-regulator-review-air-traffic-control-failure-2023-09-06/</a>" frameborder="0">https://www.reuters.com/world/uk/uk-aviation-regulator-review-air-traffic-control-failure-2023-09-06/

>>14
If You’ve Got a New Car, It’s a Data Privacy Nightmare

Bad news: your car is a spy. Every major car brand's new internet-connected models flunked privacy and security tests conducted by Mozilla.

https://hatenablog-parts.com/embed?url=https://gizmodo.com/mozilla-new-cars-data-privacy-report-1850805416</a>" frameborder="0">https://gizmodo.com/mozilla-new-cars-data-privacy-report-1850805416

🤣

Microsoft calls time on ancient TLS in Windows, breaking own stuff in the process
https://hatenablog-parts.com/embed?url=https://www.theregister.com/2023/09/04/tls_windows_deprecation/</a>" frameborder="0">https://www.theregister.com/2023/09/04/tls_windows_deprecation/

While home users of Windows are unlikely to notice many issues, Microsoft warned that choppy waters could lie ahead for enterprise administrators. It published a non-exhaustive list of applications that it said were "expected to be broken."

Top of the list is SQL Server. The 2014 and 2016 editions, both of which remain in support, could require updates. SQL Server 2012, which is currently in Extended Security Updates, is also on the list.

>>22
パッチ当ててないとSQLサーバとのコネクション失敗する🤣

TLS 1.0 and TLS 1.1 soon to be disabled in Windows
https://hatenablog-parts.com/embed?url=https://techcommunity.microsoft.com/t5/windows-it-pro-blog/tls-1-0-and-tls-1-1-soon-to-be-disabled-in-windows/ba-p/3887947</a>" frameborder="0">https://techcommunity.microsoft.com/t5/windows-it-pro-blog/tls-1-0-and-tls-1-1-soon-to-be-disabled-in-windows/ba-p/3887947

SQL Server - 2012, 2014, 2016 (see KB3135244 - TLS 1.2 support for Microsoft SQL Server - Microsoft Support for how to upgrade to TLS 1.2 support)

なんだこのスレは…

謎定期

わかる人にしかわからないスレ定期

Alert: Apache Superset Vulnerabilities Expose Servers to Remote Code Execution Attacks
https://hatenablog-parts.com/embed?url=https://thehackernews.com/2023/09/alert-apache-superset-vulnerabilities.html</a>" frameborder="0">https://thehackernews.com/2023/09/alert-apache-superset-vulnerabilities.html

>>27
CVE-2023-27524: Insecure Default Configuration in Apache Superset Leads to Remote Code Execution
https://hatenablog-parts.com/embed?url=https://www.horizon3.ai/cve-2023-27524-insecure-default-configuration-in-apache-superset-leads-to-remote-code-execution/</a>" frameborder="0">https://www.horizon3.ai/cve-2023-27524-insecure-default-configuration-in-apache-superset-leads-to-remote-code-execution/

Back in October 2021, when we first started researching Superset, we noticed that the SECRET_KEY is defaulted to the value \x02\x01thisismyscretkey\x01\x02\\e\\y\\y\\h at install time. It’s the end user’s responsibility to modify the application configuration to set the SECRET_KEY to a cryptographically secure random string.
This is documented in the Superset configuration guide. But we were curious what percentage of users actually read the documentation.
So, using Shodan, we did a basic search for Superset servers on the Internet.
Simply requesting the Superset login page (without attempting to login) returns a session cookie that we then passed through flask-unsign to determine if it was signed with the default SECRET_KEY.
To our surprise, we found that 918/1288 (> 70%) of all servers were using the default SECRET_KEY!

CVE-2023-26258 – Remote Code Execution in ArcServe UDP Backup
https://hatenablog-parts.com/embed?url=https://www.mdsec.co.uk/2023/06/cve-2023-26258-remote-code-execution-in-arcserve-udp-backup/</a>" frameborder="0">https://www.mdsec.co.uk/2023/06/cve-2023-26258-remote-code-execution-in-arcserve-udp-backup/

CVE-2023-25690 Proof of concept
mod_proxy vulnerable configuration on Apache HTTP Server versions 2.4.0 - 2.4.55 leads to HTTP Request Smuggling vulnerability.
https://hatenablog-parts.com/embed?url=https://github.com/dhmosfunk/CVE-2023-25690-POC</a>" frameborder="0">https://github.com/dhmosfunk/CVE-2023-25690-POC

OpenTF??、TerraformのフォークをGitHubで公開
https://hatenablog-parts.com/embed?url=https://gihyo.jp/article/2023/09/opentf-fork</a>" frameborder="0">https://gihyo.jp/article/2023/09/opentf-fork

Code Vulnerabilities Put Proton Mails at Risk
https://hatenablog-parts.com/embed?url=https://www.sonarsource.com/blog/code-vulnerabilities-leak-emails-in-proton-mail/</a>" frameborder="0">https://www.sonarsource.com/blog/code-vulnerabilities-leak-emails-in-proton-mail/

The Sonar Research team discovered a Cross-Site Scripting vulnerability in the open-source code of Proton Mail. This issue allowed attackers to steal decrypted emails and impersonate their victims, bypassing the end-to-end encryption.

Attackers have to send two emails, both of which have to be viewed by the victim. In some scenarios, the attack would succeed if the victim only viewed the emails. However, most scenarios require the victim to click on a link in the second email.

>>32
ProtonMailやtutanotaと並んでskiffがあるのがなんか笑う

CVE-2023-3959, CVE-2023-4249 - Multiple critical vulnerabilities in Zavio IP cameras
https://hatenablog-parts.com/embed?url=https://bugprove.com/knowledge-hub/cve-2023-3959-cve-2023-4249-multiple-critical-vulnerabilities-in-zavio-ip-cameras/</a>" frameborder="0">https://bugprove.com/knowledge-hub/cve-2023-3959-cve-2023-4249-multiple-critical-vulnerabilities-in-zavio-ip-cameras/

Starlink星链破解那些事
https://hatenablog-parts.com/embed?url=https://radioactive.blog/2023/06/23/starlink_hacking/</a>" frameborder="0">https://radioactive.blog/2023/06/23/starlink_hacking/

離島にスターリンクのアンテナついてるでしょ
あれ盗んで分解したら面白そうだよね

🤭

Toyota says filled disk storage halted Japan-based factories
https://hatenablog-parts.com/embed?url=https://www.bleepingcomputer.com/news/security/toyota-says-filled-disk-storage-halted-japan-based-factories/</a>" frameborder="0">https://www.bleepingcomputer.com/news/security/toyota-says-filled-disk-storage-halted-japan-based-factories/

Toyota says a recent disruption of operations in Japan-based production plants was caused by its database servers running out of storage space.

On August 29th, it was reported that Toyota had to halt operations on 12 of its 14 Japan-based car assembly plants due to an undefined system malfunction.

Flipper Zero人気あるね～

Flipper Zero can be used to launch iOS Bluetooth spam attacks
https://hatenablog-parts.com/embed?url=https://www.bleepingcomputer.com/news/security/flipper-zero-can-be-used-to-launch-ios-bluetooth-spam-attacks/</a>" frameborder="0">https://www.bleepingcomputer.com/news/security/flipper-zero-can-be-used-to-launch-ios-bluetooth-spam-attacks/

Techryptic has created and shared code for generating the following notifications:

AirTag connection request
Apple Keyboard connection request
Transfer number notification
"Set up new iPhone" notification
"Join this Apple TV" notification
Flipper Zero users who want to experiment with this attack may copy the code generated on Techryptic's site for each notification choice to the 'gap.c' and patch their firmware, so minor tweaking is required.

Microsoft Edge Forensics: Screenshot History

https://hatenablog-parts.com/embed?url=https://medium.com/@DCSO_CyTec/microsoft-edge-forensics-screenshot-history-703b9b8392f8</a>" frameborder="0">https://medium.com/@DCSO_CyTec/microsoft-edge-forensics-screenshot-history-703b9b8392f8

Micropatches Released For Windows Search Remote Code Execution (CVE-2023-36884)
https://hatenablog-parts.com/embed?url=https://blog.0patch.com/2023/09/micropatches-released-for-windows.html</a>" frameborder="0">https://blog.0patch.com/2023/09/micropatches-released-for-windows.html

Alongside July 2023 Windows Updates, Microsoft revealed the existence of a 0day that was detected in the wild and assigned it CVE-2023-36884. Without issuing a patch, they titled their original advisory "Office and Windows HTML RCE vulnerability" as exploitation was performed using malicious Word documents, and provided workarounds that could block exploitation.

👀
The Kids Online Safety Act is Still A Huge Danger to Our Rights Online
https://hatenablog-parts.com/embed?url=https://www.eff.org/deeplinks/2023/05/kids-online-safety-act-still-huge-danger-our-rights-online</a>" frameborder="0">https://www.eff.org/deeplinks/2023/05/kids-online-safety-act-still-huge-danger-our-rights-online

Congress has resurrected the Kids Online Safety Act (KOSA), a bill that would increase surveillance and restrict access to information in the name of protecting children online.

Today’s version of KOSA would still require surveillance of anyone sixteen and under. It would put the tools of censorship in the hands of state attorneys general, and would greatly endanger the rights, and safety, of young people online. And KOSA’s burdens will affect adults, too, who will likely face hurdles to accessing legal content online as a result of the bill.

“The Fansly Whoami Exfil and Exfil Sysinfo OnlyFans”

Steal-It Campaign
An analysis of a new stealing campaign

https://hatenablog-parts.com/embed?url=https://www.zscaler.com/blogs/security-research/steal-it-campaign</a>" frameborder="0">https://www.zscaler.com/blogs/security-research/steal-it-campaign

Zscaler ThreatLabz recently discovered a new stealing campaign dubbed as the "Steal-It" campaign. In this campaign, the threat actors steal and exfiltrate NTLMv2 hashes using customized versions of Nishang's Start-CaptureServer PowerShell script, executing various system commands, and exfiltrating the retrieved data via Mockbin APIs.

Explicit Images as Lures: The Fansly Whoami Exfil and Exfil Sysinfo OnlyFans infection chain variations use explicit images of models to entice victims to execute the initial payload.

不正アクセス受けたBL特化SNS「ピクブラ」、9月21日にサービス再開へ　「考えうる対策を全て施した」
https://hatenablog-parts.com/embed?url=https://www.itmedia.co.jp/news/spv/2309/07/news187.html</a>" frameborder="0">https://www.itmedia.co.jp/news/spv/2309/07/news187.html

BLのプラットフォームはいいんだけどpictSQUAREが狙われてるんじゃないの🤔

ICMPWatch: ICMP Packet Sniffer
https://hatenablog-parts.com/embed?url=https://github.com/HalilDeniz/ICMPWatch</a>" frameborder="0">https://github.com/HalilDeniz/ICMPWatch

Group-IBのOpFukushimaの記事

#Nuclear27 is an eco #hacktivist group that emerged in August 2023. Since Aug 26, in their only campaign to date, they have been allegedly exploiting hardcoded credentials for the SkyBridge router web panel. Group-IB has found 62 confirmed victims located exclusively in #Japan

https://twitter.com/GroupIB_TI/status/1699753704705179931

QUIC to Mars
https://hatenablog-parts.com/embed?url=https://www.privateoctopus.com/2023/02/07/quic-to-mars.html</a>" frameborder="0">https://www.privateoctopus.com/2023/02/07/quic-to-mars.html

DTNでUDP使えるのか🧐

>>35
草

>>40
Child safety bills are reshaping the internet for everyone
Lawmakers across the country are trying to protect kids by age-gating parts of the internet.
https://hatenablog-parts.com/embed?url=https://www.theverge.com/2023/8/29/23849375/kosa-child-safety-free-speech-louisiana-utah-parental-consent</a>" frameborder="0">https://www.theverge.com/2023/8/29/23849375/kosa-child-safety-free-speech-louisiana-utah-parental-consent

Scientists develop an energy-efficient wireless power and information transfer system
https://hatenablog-parts.com/embed?url=https://techxplore.com/news/2023-09-scientists-energy-efficient-wireless-power.html</a>" frameborder="0">https://techxplore.com/news/2023-09-scientists-energy-efficient-wireless-power.html

WPTの近くで頭にアルミホイル巻いたら逆にヤバそう

Mullvad on Tailscale: Privately browse the web
https://hatenablog-parts.com/embed?url=https://tailscale.com/blog/mullvad-integration/</a>" frameborder="0">https://tailscale.com/blog/mullvad-integration/

Tailscale has partnered with Mullvad to make its global network of VPN servers available for our customers. You can now easily browse the web using any one of Mullvad’s available servers as a Tailscale exit node while maintaining the user privacy that’s synonymous with Mullvad.