InfoSec Planet
A collection of diverse security content from a curated list of sources. This website also serves as a demo for "worker-planet", the software that powers it.
Crooks Bypassed Google’s Email Verification to Create Workspace Accounts, Access 3rd-Party Services
by BrianKrebs on 26/07/2024
Google says it recently fixed an authentication weakness that allowed crooks to circumvent the email verification required to create a Google Workspace account, and leverage that to impersonate a domain holder at third-party services that allow logins through Google’s “Sign in with Google” feature.
Last week, KrebsOnSecurity heard from a reader who said they received a notice th [...]
See full content
Friday Squid Blogging: Sunscreen from Squid Pigments
on 26/07/2024
They’re better for the environment.
Blog moderation policy.
[...]
See full content
Lessons from HackerOne’s First Recharge Week
by debbie@hackerone.com on 26/07/2024
See full content
Why You Shouldn't Be A Pentester
on 26/07/2024
See full content
Compromising the Secure Boot Process
on 26/07/2024
This isn’t good:
On Thursday, researchers from security firm Binarly revealed that Secure Boot is completely compromised on more than 200 device models sold by Acer, Dell, Gigabyte, Intel, and Supermicro. The cause: a cryptographic key underpinning Secure Boot on those models that was compromised in 2022. In a public GitHub repository committed in December of that year, someone working for m [...]
See full content
Open Akamai ARL XSS on http://master-config-
on 26/07/2024
U.S. Dept Of Defense disclosed a bug submitted by renzi: https://hackerone.com/reports/1315907 [...]
See full content
Open Akamai ARL XSS on http://media.
on 26/07/2024
U.S. Dept Of Defense disclosed a bug submitted by renzi: https://hackerone.com/reports/1315898 [...]
See full content
(Android): Vulnerable to Javascript Injection and Open redirect
on 26/07/2024
U.S. Dept Of Defense disclosed a bug submitted by cleanchain50: https://hackerone.com/reports/2555949 [...]
See full content
Subdomain takeover
on 26/07/2024
U.S. Dept Of Defense disclosed a bug submitted by martinvw: https://hackerone.com/reports/2552243 [...]
See full content
Do you need a physical device to test mobile apps? feat. Joel Margolis #bugbounty #bugbountytips #bu
on 26/07/2024
See full content
Master DOM Invader in 60 Seconds
on 25/07/2024
See full content
The CrowdStrike Outage and Market-Driven Brittleness
on 25/07/2024
Friday’s massive internet outage, caused by a mid-sized tech company called CrowdStrike, disrupted major airlines, hospitals, and banks. Nearly 7,000 flights were canceled. It took down 911 systems and factories, courthouses, and television stations. Tallying the total cost will take time. The outage affected more than 8.5 million Windows computers, and the cost will surely be in the billion [...]
See full content
Our crypto experts answer 10 key questions
by Trail of Bits on 25/07/2024
By Justin Jacob
Cryptography is a fundamental part of electronics and the internet that helps secure credit cards, cell phones, web browsing (fingers crossed you’re using TLS!), and even top-secret military data. Cryptography is just as essential in the blockchain space, with blockchains like Ethereum depending on hashes, Merkle trees, and ECDSA signatures, among other primitives, to function. Inn [...]
See full content
Subdomain takeover on one of the subdomains under mozaws.net
on 25/07/2024
Mozilla disclosed a bug submitted by d0xing: https://hackerone.com/reports/2545012 [...]
See full content
Subdomain takeover on one of the subdomains under mozaws.net
on 25/07/2024
Mozilla disclosed a bug submitted by d0xing: https://hackerone.com/reports/2398630 [...]
See full content
Data Wallets Using the Solid Protocol
on 25/07/2024
I am the Chief of Security Architecture at Inrupt, Inc., the company that is commercializing Tim Berners-Lee’s Solid open W3C standard for distributed data ownership. This week, we announced a digital wallet based on the Solid architecture.
Details are here, but basically a digital wallet is a repository for personal data and documents. Right now, there are hundreds of different wallets, but [...]
See full content
What mobile bugs can have a critical risk? feat. Joel Margolis #bugbounty #bugbountytips #bugbountyh
on 25/07/2024
See full content
Learn how to maintain compliance with HIPAA security standards through pentesting. [...]
See full content
LIVE HackTheBox | Cyber Security | Pentesting | AppSec
on 24/07/2024
See full content
Hack My Career: Meet Naz Bozdemir
by Marina Briones on 24/07/2024
See full content
Robot Dog Internet Jammer
on 24/07/2024
Supposedly the DHS has these:
The robot, called “NEO,” is a modified version of the “Quadruped Unmanned Ground Vehicle” (Q-UGV) sold to law enforcement by a company called Ghost Robotics. Benjamine Huffman, the director of DHS’s Federal Law Enforcement Training Centers (FLETC), told police at the 2024 Border Security Expo in Texas that DHS is increasingly worried abou [...]
See full content
How Can Deliberately Flawed APIs Help In Mastering API Security?
by Nikhil Menon on 24/07/2024
In our recent webinar recent webinar title 'A CISO’s Checklist for Securing APIs and Applications', we delved into the concept of creating an API security playground tailored for both developer and security teams. The core idea revolves around utilizing intentionally vulnerable APIs as training tools. In this blog post, we'll present a curated list of such APIs, each with its own unique set [...]
See full content
Finding criticals in mobile apps - Joel Margolis (0xteknogeek) from @criticalthinkingpodcast
on 24/07/2024
See full content
Permission to Hack You: Illicit Consent Grant Attack
on 24/07/2024
See full content
CVE-2024-6197: freeing stack buffer in utf8asn1str
on 24/07/2024
curl disclosed a bug submitted by z2_: https://hackerone.com/reports/2559516 [...]
See full content
CVE-2024-6874: macidn punycode buffer overread
on 24/07/2024
curl disclosed a bug submitted by z2_: https://hackerone.com/reports/2604391 [...]
See full content
Custom Inbox Enhancements: Revolutionizing Vulnerability Management for Enterprises
by Morgan Pearson on 23/07/2024
HackerOne's Custom Inboxes Enhancements provide flexible report segmentation, reduce administrative overhead, and mitigate security risks. [...]
See full content
Phish-Friendly Domain Registry “.top” Put on Notice
by BrianKrebs on 23/07/2024
The Chinese company in charge of handing out domain names ending in “.top” has been given until mid-August 2024 to show that it has put in place systems for managing phishing reports and suspending abusive domains, or else forfeit its license to sell domains. The warning comes amid the release of new findings that .top was the most common suffix in phishing websites over the past year, [...]
See full content
View private repository NWO of deploy key via internal LFS API
on 23/07/2024
GitHub disclosed a bug submitted by ahacker1: https://hackerone.com/reports/2469713 - Bounty: $4000 [...]
See full content
Reflected Cross Site Scripting
on 23/07/2024
MercadoLibre disclosed a bug submitted by madara_: https://hackerone.com/reports/1093577 [...]
See full content
Payload delivery via Social Media urls on H1 profile
on 23/07/2024
HackerOne disclosed a bug submitted by tedix: https://hackerone.com/reports/2483422 [...]
See full content
Non Org Admin/Group Manager can create groups in an organization
on 23/07/2024
HackerOne disclosed a bug submitted by akashhamal0x01: https://hackerone.com/reports/2372018 [...]
See full content
2017 ODNI Memo on Kaspersky Labs
on 23/07/2024
It’s heavily redacted, but still interesting.
Many more ODNI documents here.
[...]
See full content
Minor security issue with Hackerone Invitations from sandbox program
on 22/07/2024
HackerOne disclosed a bug submitted by iam_srpk: https://hackerone.com/reports/2430179 [...]
See full content
The Best and Worst of Hack The Box
on 22/07/2024
See full content
Who Hacked Who? PsExec Forensic Artifacts
on 22/07/2024
See full content
This is The Fastest Hacking & Recon Tool
on 22/07/2024
See full content
Snake Mimics a Spider
on 22/07/2024
This is a fantastic video. It’s an Iranian spider-tailed horned viper (Pseudocerastes urarachnoides). Its tail looks like a spider, which the snake uses to fool passing birds looking for a meal.
[...]
See full content
Arbitrary code execution in TSEC Heavy Secure, return-oriented programming in TSEC Secure ROM, and recovery of TSEC-derived cryptographic secrets
on 22/07/2024
Nintendo disclosed a bug submitted by lnchan: https://hackerone.com/reports/924418 [...]
See full content
Exploitable live argument in onClick Function leads to Data Leakage of Inactive/Suspended Products
on 19/07/2024
TikTok disclosed a bug submitted by 696e746c6f6c: https://hackerone.com/reports/2295958 - Bounty: $1000 [...]
See full content
Friday Squid Blogging: Peru Trying to Protect its Squid Fisheries
on 19/07/2024
Peru is trying to protect its territorial waters from Chinese squid-fishing boats.
Blog moderation policy.
[...]
See full content
CrowdStrike Outage Recovery with BitLocker
on 19/07/2024
See full content
Brett Solomon on Digital Rights
on 19/07/2024
Brett Solomon is retiring from AccessNow after fifteen years as its Executive Director. He’s written a blog post about what he’s learned and what comes next.
[...]
See full content
Exploit Failed. Now What?
on 19/07/2024
See full content
Authentication Bypass on https:///
on 19/07/2024
U.S. Dept Of Defense disclosed a bug submitted by bulldawg: https://hackerone.com/reports/2414707 [...]
See full content
IDOR leads to PII Leak
on 19/07/2024
U.S. Dept Of Defense disclosed a bug submitted by prakhar0x01: https://hackerone.com/reports/2586584 [...]
See full content
IDOR leads to view other user Biographical details (Possible PII LEAK)
on 19/07/2024
U.S. Dept Of Defense disclosed a bug submitted by prakhar0x01: https://hackerone.com/reports/2586641 [...]
See full content
IDOR : Modify other users demographic details
on 19/07/2024
U.S. Dept Of Defense disclosed a bug submitted by prakhar0x01: https://hackerone.com/reports/2586662 [...]
See full content
Automatic Admin Access
on 19/07/2024
U.S. Dept Of Defense disclosed a bug submitted by bulldawg: https://hackerone.com/reports/1991214 [...]
See full content
Endpoint Redirects to Admin Page and Provides Admin role
on 19/07/2024
U.S. Dept Of Defense disclosed a bug submitted by bulldawg: https://hackerone.com/reports/1991290 [...]
See full content
Local File Inclusion in download.php
on 19/07/2024
U.S. Dept Of Defense disclosed a bug submitted by tokyoenigma: https://hackerone.com/reports/1639364 [...]
See full content
XML External Entity (XXE) Injection
on 19/07/2024
U.S. Dept Of Defense disclosed a bug submitted by maskedpersian: https://hackerone.com/reports/2573567 [...]
See full content
Email Takeover leads to permanent account deletion
on 19/07/2024
U.S. Dept Of Defense disclosed a bug submitted by prakhar0x01: https://hackerone.com/reports/2587953 [...]
See full content
Restrict any user from Login to their account
on 19/07/2024
U.S. Dept Of Defense disclosed a bug submitted by prakhar0x01: https://hackerone.com/reports/2586616 [...]
See full content
Missing Access Control Allows for User Creation and Privilege Escalation
on 19/07/2024
U.S. Dept Of Defense disclosed a bug submitted by bulldawg: https://hackerone.com/reports/2442229 [...]
See full content
Unauthenticated arbitrary file upload on the https:/// (.mil)
on 19/07/2024
U.S. Dept Of Defense disclosed a bug submitted by sp1d3rs: https://hackerone.com/reports/698793 [...]
See full content
Unauthenticated access to internal API at..edu [HtUS]
on 19/07/2024
U.S. Dept Of Defense disclosed a bug submitted by matrixsoftsec: https://hackerone.com/reports/1627980 [...]
See full content
XXE with RCE potential on the https:// (CVE-2017-3548)
on 19/07/2024
U.S. Dept Of Defense disclosed a bug submitted by sp1d3rs: https://hackerone.com/reports/710654 [...]
See full content
Authentication bypass and potential RCE on the https:// due to exposed Cisco TelePresence SX80 with default credentials
on 19/07/2024
U.S. Dept Of Defense disclosed a bug submitted by sp1d3rs: https://hackerone.com/reports/684758 [...]
See full content
Unauth IDOR to mass account takeover without user interaction on the (https://.edu/)
on 19/07/2024
U.S. Dept Of Defense disclosed a bug submitted by sp1d3rs: https://hackerone.com/reports/685338 [...]
See full content
Self XSS
on 19/07/2024
U.S. Dept Of Defense disclosed a bug submitted by 0xtrav: https://hackerone.com/reports/2521186 [...]
See full content
[CVE-2018-0296] Cisco VPN path traversal on the https:// ()
on 19/07/2024
U.S. Dept Of Defense disclosed a bug submitted by sp1d3rs: https://hackerone.com/reports/695427 - Bounty: $750 [...]
See full content
[CVE-2018-0296] Cisco VPN path traversal on the https:/// (no hostname)
on 19/07/2024
U.S. Dept Of Defense disclosed a bug submitted by sp1d3rs: https://hackerone.com/reports/695780 - Bounty: $750 [...]
See full content
Global Microsoft Meltdown Tied to Bad Crowdstrike Update
by BrianKrebs on 19/07/2024
A faulty software update from cybersecurity vendor Crowdstrike crippled countless Microsoft Windows computers across the globe today, disrupting everything from airline travel and financial institutions to hospitals and businesses online. Crowdstrike said a fix has been deployed, but experts say the recovery from this outage could take some time, as Crowdstrike’s solution needs to be applied [...]
See full content
[CVE-2018-0296] Cisco VPN path traversal on the https:/// ()
on 19/07/2024
U.S. Dept Of Defense disclosed a bug submitted by sp1d3rs: https://hackerone.com/reports/695776 - Bounty: $750 [...]
See full content
[CVE-2018-0296] Cisco VPN path traversal on the https://1 (https://../)
on 19/07/2024
U.S. Dept Of Defense disclosed a bug submitted by sp1d3rs: https://hackerone.com/reports/694861 - Bounty: $750 [...]
See full content
HTML Injection into https://www..mil
on 19/07/2024
U.S. Dept Of Defense disclosed a bug submitted by thpless: https://hackerone.com/reports/2554003 [...]
See full content
CVE-2023-26347 in https://.mil/hax/..CFIDE/adminapi/administrator.cfc?method=getBuildNumber&_cfclient=true
on 19/07/2024
U.S. Dept Of Defense disclosed a bug submitted by traveler5260: https://hackerone.com/reports/2518407 [...]
See full content
Two of Wallarm’s Open-source Tools Have Been Accepted into Black Hat Arsenal 2024
by Nikhil Menon on 19/07/2024
We're gearing up with some seriously cool stuff for Black Hat! But first, a little sneak peek - not just one, but TWO of Wallarm's open-source tools will be featured in the Arsenal showcase at Black Hat USA this year.
Black Hat Arsenal unites researchers and the open-source community to display their newest open-source tools and products, allowing presenters to engage directly with attendees. [...]
See full content
CrowdStrike Blew Up The Internet
on 19/07/2024
See full content
How to Upgrade a Shell on Meterpreter
on 18/07/2024
See full content
Criminal Gang Physically Assaulting People for Their Cryptocurrency
on 18/07/2024
This is pretty horrific:
…a group of men behind a violent crime spree designed to compel victims to hand over access to their cryptocurrency savings. That announcement and the criminal complaint laying out charges against St. Felix focused largely on a single theft of cryptocurrency from an elderly North Carolina couple, whose home St. Felix and one of his accomplices broke into before physi [...]
See full content
LIVE Hacking with TryHackMe | Cyber Security | Pentesting | AppSec
on 17/07/2024
See full content
Security@: Connect, Network, Share Ideas, and Collaborate
on 17/07/2024
See full content
Retail Under Attack: HackerOne Customer Insights on Outsmarting Cybercriminals
on 17/07/2024
See full content
How HackerOne Organizes a Remote Hack Week
by debbie@hackerone.com on 17/07/2024
See full content
XSS in IBM InfoCenter
on 17/07/2024
IBM disclosed a bug submitted by redyetihacks: https://hackerone.com/reports/2343548 [...]
See full content
Multiple XSS and open HTTP redirection
on 16/07/2024
ExpressionEngine disclosed a bug submitted by maggick: https://hackerone.com/reports/2372332 [...]
See full content
He Sent Me Minecraft Malware (Java Deobfuscation)
on 16/07/2024
See full content
10 Years of the GitHub Security Bug Bounty Program
by HackerOne on 15/07/2024
Celebrating 10 years of GitHub's bug bounty program! Learn insights into bug bounty growth from a top program. [...]
See full content
AI is Taking Our Jobs
on 15/07/2024
See full content
Researchers: Weak Security Defaults Enabled Squarespace Domains Hijacks
by BrianKrebs on 15/07/2024
At least a dozen organizations with domain names at domain registrar Squarespace saw their websites hijacked last week. Squarespace bought all assets of Google Domains a year ago, but many customers still haven’t set up their new accounts. Experts say malicious hackers learned they could commandeer any migrated Squarespace accounts that hadn’t yet been registered, merely by supplying a [...]
See full content
Hacking Windows TrustedInstaller (GOD MODE)
on 15/07/2024
See full content
Permission model improperly processes UNC paths
on 15/07/2024
Node.js disclosed a bug submitted by tniessen: https://hackerone.com/reports/2079103 [...]
See full content
ID4ME does not validate signature or expiration
on 14/07/2024
Nextcloud disclosed a bug submitted by mikaelgundersen: https://hackerone.com/reports/1878391 - Bounty: $750 [...]
See full content
Re-emergence of Security Vulnerability in Nextcloud Version 28 Previously Fixed in 25.0.4
on 14/07/2024
Nextcloud disclosed a bug submitted by flood78: https://hackerone.com/reports/2290680 - Bounty: $500 [...]
See full content
Can reshare read&share only folder with more permissions
on 14/07/2024
Nextcloud disclosed a bug submitted by fernandoenzo: https://hackerone.com/reports/2289425 - Bounty: $750 [...]
See full content
Event create can create attachments that link to other websites
on 14/07/2024
Nextcloud disclosed a bug submitted by simcard: https://hackerone.com/reports/2457588 - Bounty: $250 [...]
See full content
Missing permission check when removing a photo from an album
on 14/07/2024
Nextcloud disclosed a bug submitted by juliushaertl: https://hackerone.com/reports/1946298 [...]
See full content
Ability to by-pass second factor
on 14/07/2024
Nextcloud disclosed a bug submitted by everysinglusernametaken: https://hackerone.com/reports/2419776 - Bounty: $1000 [...]
See full content
Fake AWS Packages Ship Command and Control Malware In JPEG Files
by Phylum Research Team on 14/07/2024
On July 13, 2024, the Phylum platform alerted us to a series of odd packages published to the npm package registry. At first glance, these packages appear entirely legitimate; however, as our system automatically noted, they contained sophisticated command and control functionality hidden in image files that would be executed during package installation.--cta--A Clone of Legitimate ProjectsHiding [...]
See full content
important: Apache HTTP Server weakness with encoded question marks in backreferences (CVE-2024-38474)
on 13/07/2024
Internet Bug Bounty disclosed a bug submitted by orange: https://hackerone.com/reports/2585381 - Bounty: $4920 [...]
See full content
important: Apache HTTP Server on WIndows UNC SSRF (CVE-2024-38472)
on 13/07/2024
Internet Bug Bounty disclosed a bug submitted by orange: https://hackerone.com/reports/2585385 - Bounty: $4920 [...]
See full content
important: Apache HTTP Server weakness in mod_rewrite when first segment of substitution matches filesystem path. (CVE-2024-38475)
on 13/07/2024
Internet Bug Bounty disclosed a bug submitted by orange: https://hackerone.com/reports/2585378 - Bounty: $4920 [...]
See full content
important: Apache HTTP Server may use exploitable/malicious backend application output to run local handlers via internal redirect (CVE-2024-38476)
on 13/07/2024
Internet Bug Bounty disclosed a bug submitted by orange: https://hackerone.com/reports/2585376 - Bounty: $4920 [...]
See full content
important: Apache HTTP Server: Crash resulting in Denial of Service in mod_proxy via a malicious request (CVE-2024-38477)
on 13/07/2024
Internet Bug Bounty disclosed a bug submitted by orange: https://hackerone.com/reports/2585375 - Bounty: $4920 [...]
See full content
moderate: Apache HTTP Server: HTTP response splitting (CVE-2023-38709)
on 13/07/2024
Internet Bug Bounty disclosed a bug submitted by orange: https://hackerone.com/reports/2585373 - Bounty: $2600 [...]
See full content
moderate: Apache HTTP Server proxy encoding problem (CVE-2024-38473)
on 13/07/2024
Internet Bug Bounty disclosed a bug submitted by orange: https://hackerone.com/reports/2585384 - Bounty: $2600 [...]
See full content
Account Takeover via Authentication Bypass in TikTok Account Recovery
on 13/07/2024
TikTok disclosed a bug submitted by xtt0k: https://hackerone.com/reports/2443228 - Bounty: $12000 [...]
See full content
CVE-2024-3416: MTU of 4096 or greater without fragmentation may cause NGINX worker processes to leak previously freed memory
on 12/07/2024
Internet Bug Bounty disclosed a bug submitted by noentry: https://hackerone.com/reports/2599391 - Bounty: $2600 [...]
See full content