Welcome to our

Cyber Security News Aggregator

.

Cyber Tzar

provide a

cyber security risk management

platform; including automated penetration tests and risk assesments culminating in a "cyber risk score" out of 1,000, just like a credit score.
Navigation
Return to Planet "Home"
Ordered/grouped:
Filter applied:
Current page:
Go to "Navigation Help" (page end)
Articles in this collection: 14

Feed: Pentura Labs's Blog

Articles recieved 09/11/2024
Article: Finding and Exploiting Same Origin Method Execution vulnerabilities - published almost 9 years ago.
Content: Recently it came to my attention that it was possible to abuse JSONP callbacks using a vulnerability known as SOME – Same Origin Method Execution which can be used by an attacker to widely abuse a user’s trust between the web application and the intended flow of execution. For example, using the SOME attack it is possible for an attacker to trick a user to v...
https://penturalabs.wordpress.com/2015/12/30/finding-and-exploiting-same-origin-method-execution-vulnerabilities/ 
🔥🔥
 
Published: 2015 12 30 23:37:46
Received: 2024 11 09 10:18:55
Feed: Pentura Labs's Blog
Source: Pentura Labs's Blog
Category: Cyber Security
Topic: Cyber Security
Article: SNMPPLUX - published over 8 years ago.
Content: Pentura continually develop new tools and scripts to improve the effectiveness of the team. One such tool called SNMPPLUX is an offshoot of a larger development project (ORR). SNMPPLUX is a USM compliant SNMPv1, SNMPv2c and SNMPv3 authentication scanner powered by pysnmp, re, sys, getopt, array, time and multiprocessing python modules. As well as providin...
https://penturalabs.wordpress.com/2016/04/01/snmpplux/ 
🔥🔥
 
Published: 2016 04 01 08:21:28
Received: 2024 11 09 10:18:55
Feed: Pentura Labs's Blog
Source: Pentura Labs's Blog
Category: Cyber Security
Topic: Cyber Security
10:18 Finding and Exploiting Same Origin Method Execution vulnerabilities
🔥🔥
10:18 SNMPPLUX
🔥🔥
Articles recieved 16/12/2023
Article: Finding and Exploiting Same Origin Method Execution vulnerabilities - published almost 9 years ago.
Content: Recently it came to my attention that it was possible to abuse JSONP callbacks using a vulnerability known as SOME – Same Origin Method Execution which can be used by an attacker to widely abuse a user’s trust between the web application and the intended flow of execution. For example, using the SOME attack it is possible for an attacker to trick a user to v...
https://penturalabs.wordpress.com/2015/12/30/finding-and-exploiting-same-origin-method-execution-vulnerabilities/ 
🔥🔥
 
Published: 2015 12 30 23:37:46
Received: 2023 12 16 16:00:53
Feed: Pentura Labs's Blog
Source: Pentura Labs's Blog
Category: Cyber Security
Topic: Cyber Security
Article: SNMPPLUX - published over 8 years ago.
Content: Pentura continually develop new tools and scripts to improve the effectiveness of the team. One such tool called SNMPPLUX is an offshoot of a larger development project (ORR). SNMPPLUX is a USM compliant SNMPv1, SNMPv2c and SNMPv3 authentication scanner powered by pysnmp, re, sys, getopt, array, time and multiprocessing python modules. As well as providin...
https://penturalabs.wordpress.com/2016/04/01/snmpplux/ 
🔥🔥
 
Published: 2016 04 01 08:21:28
Received: 2023 12 16 16:00:53
Feed: Pentura Labs's Blog
Source: Pentura Labs's Blog
Category: Cyber Security
Topic: Cyber Security
16:00 Finding and Exploiting Same Origin Method Execution vulnerabilities
🔥🔥
16:00 SNMPPLUX
🔥🔥
Articles recieved 06/06/2021
Article: Shell Shock Rapid 7 Threatsweeper - published about 10 years ago.
Content: By now, you may have heard about CVE-2014-6271, also known as the “bash bug“, or even “Shell Shock”, that may affect your organisation. It’s rated the maximum CVSS score of 10 for impact and ease of exploitability. The affected software, Bash (the Bourne Again SHell), is present on most Linux, BSD, and Unix-like systems, including Mac OS X. New packages were...
https://penturalabs.wordpress.com/2014/09/26/shell-shock-rapid-7-threatsweeper/ 
🔥🔥
 
Published: 2014 09 26 09:27:31
Received: 2021 06 06 09:04:46
Feed: Pentura Labs's Blog
Source: Pentura Labs's Blog
Category: Cyber Security
Topic: Cyber Security
Article: New security flaw uncovered in WordPress - published about 10 years ago.
Content: Researchers have revealed a potentially serious flaw in WordPress software, that allows hackers to search for abandoned or inactive WordPress sites before mounting phishing attacks aimed at enticing users to install infected updates.  Hackers can then quickly hijack the website and direct visitors to deliver malicious content. WordPress is by far the most po...
https://penturalabs.wordpress.com/2014/10/03/new-security-flaw-uncovered-in-wordpress/ 
🔥🔥
 
Published: 2014 10 03 14:19:49
Received: 2021 06 06 09:04:46
Feed: Pentura Labs's Blog
Source: Pentura Labs's Blog
Category: Cyber Security
Topic: Cyber Security
Article: AT&T suffers insider data breach - published about 10 years ago.
Content: AT&T has become the latest multinational company to suffer a data breach after one of its own employees gained access to customer data. The US mobile telecoms giant has started informing around 1,600 customers in Vermont that their personal data was breached in August. In a letter posted on the Vermont government’s website, AT&T confirmed that a form...
https://penturalabs.wordpress.com/2014/10/09/att-suffers-insider-data-breach/ 
🔥🔥
 
Published: 2014 10 09 14:32:02
Received: 2021 06 06 09:04:46
Feed: Pentura Labs's Blog
Source: Pentura Labs's Blog
Category: Cyber Security
Topic: Cyber Security
Article: Kmart hit by card hack attack - published about 10 years ago.
Content: It’s been revealed that a data breach at US retail chain Kmart that compromised card details lasted over a month. The discount department store said that the malware was discovered last week but had been operating since early September. Based on its investigation so far, the company said that it believes credit and debit cards were exposed but that no person...
https://penturalabs.wordpress.com/2014/10/22/kmart-hit-by-card-hack-attack/ 
🔥🔥
 
Published: 2014 10 22 15:20:17
Received: 2021 06 06 09:04:46
Feed: Pentura Labs's Blog
Source: Pentura Labs's Blog
Category: Cyber Security
Topic: Cyber Security
Article: Research Reveals Cost of Online Fraud to UK - published about 10 years ago.
Content: This week has been Get Safe Online Week and to coincide with the event, the National Fraud Intelligence Bureau researched cyber-crime in the UK. The research found that over the last year, the ten biggest online scams cost victims over £670m – although the actual figure is thought to be significantly higher than that due to unreported crimes. A separate poll...
https://penturalabs.wordpress.com/2014/10/30/research-reveals-cost-of-online-fraud-to-uk/ 
🔥🔥
 
Published: 2014 10 30 10:21:43
Received: 2021 06 06 09:04:46
Feed: Pentura Labs's Blog
Source: Pentura Labs's Blog
Category: Cyber Security
Topic: Cyber Security
Article: Most businesses do not understand data breach risks - published about 10 years ago.
Content: Research by HP has uncovered a lack of understanding among businesses of the risks associated with data breaches. More than 70% of US and UK executives surveyed by the Ponemon Institute said that their organisation does not understand fully the dangers of breaches, while less than half of top executives and board members are kept informed about the response ...
https://penturalabs.wordpress.com/2014/11/07/most-businesses-do-not-understand-data-breach-risks/ 
🔥🔥
 
Published: 2014 11 07 16:19:54
Received: 2021 06 06 09:04:46
Feed: Pentura Labs's Blog
Source: Pentura Labs's Blog
Category: Cyber Security
Topic: Cyber Security
Article: [IRCCloud] Inadequate input validation on API endpoint leading to self denial of service and increased system load - published about 9 years ago.
Content: So as you do, I was just looking around, manually fuzzing some Web Sockets requests, seeing if I could get any sort of XSS, Remote IRC Command Injection or SQLi mainly – ended up that I didn’t find much there that worse worth noting. So I started seeing if their logic was all alright, so one of their requests looked similar to: {“_reqid”:1234, “cid”:5678, “t...
https://penturalabs.wordpress.com/2015/10/13/fuzzing-for-fun-and-profit/ 
🔥🔥
 
Published: 2015 10 13 12:04:47
Received: 2021 06 06 09:04:46
Feed: Pentura Labs's Blog
Source: Pentura Labs's Blog
Category: Cyber Security
Topic: Cyber Security
Article: [IRCCloud] History and Another XSS Bug Bounty - published about 9 years ago.
Content: Personally, I have been a user of IRC since 2004 on some private networks and some other well-known ones such as Freenode. However, it was always inconvenient to have to set up an IRC Bouncer, so when IRCCloud came around, I was excited to try it and see if it provided me with a method of staying connected to all the required networks without having to downl...
https://penturalabs.wordpress.com/2015/10/14/irccloud-history-and-another-xss-bug-bounty/ 
🔥🔥
 
Published: 2015 10 14 10:50:15
Received: 2021 06 06 09:04:46
Feed: Pentura Labs's Blog
Source: Pentura Labs's Blog
Category: Cyber Security
Topic: Cyber Security
Article: Finding and Exploiting Same Origin Method Execution vulnerabilities - published almost 9 years ago.
Content: Recently it came to my attention that it was possible to abuse JSONP callbacks using a vulnerability known as SOME – Same Origin Method Execution which can be used by an attacker to widely abuse a user’s trust between the web application and the intended flow of execution. For example, using the SOME attack it is possible for an attacker to trick a user to v...
https://penturalabs.wordpress.com/2015/12/30/finding-and-exploiting-same-origin-method-execution-vulnerabilities/ 
🔥🔥
 
Published: 2015 12 30 23:37:46
Received: 2021 06 06 09:04:46
Feed: Pentura Labs's Blog
Source: Pentura Labs's Blog
Category: Cyber Security
Topic: Cyber Security
Article: SNMPPLUX - published over 8 years ago.
Content: Pentura continually develop new tools and scripts to improve the effectiveness of the team. One such tool called SNMPPLUX is an offshoot of a larger development project (ORR). SNMPPLUX is a USM compliant SNMPv1, SNMPv2c and SNMPv3 authentication scanner powered by pysnmp, re, sys, getopt, array, time and multiprocessing python modules. As well as providin...
https://penturalabs.wordpress.com/2016/04/01/snmpplux/ 
🔥🔥
 
Published: 2016 04 01 08:21:28
Received: 2021 06 06 09:04:46
Feed: Pentura Labs's Blog
Source: Pentura Labs's Blog
Category: Cyber Security
Topic: Cyber Security
09:04 Shell Shock Rapid 7 Threatsweeper
🔥🔥
09:04 New security flaw uncovered in WordPress
🔥🔥
09:04 AT&T suffers insider data breach
🔥🔥
09:04 Kmart hit by card hack attack
🔥🔥
09:04 Research Reveals Cost of Online Fraud to UK
🔥🔥
09:04 Most businesses do not understand data breach risks
🔥🔥
09:04 [IRCCloud] Inadequate input validation on API endpoint leading to self denial of service and increased system load
🔥🔥
09:04 [IRCCloud] History and Another XSS Bug Bounty
🔥🔥
09:04 Finding and Exploiting Same Origin Method Execution vulnerabilities
🔥🔥
09:04 SNMPPLUX
🔥🔥
Cyber Tzar Free Score Certificate
Cyber Tzar Free Score Certificate
Navigation
Return to Planet "Home"
Ordered/grouped:
Filter applied:
Current page:
Go to "Navigation Help" (page end)
Articles in this collection: 14
  • "Home" links back to the front page, effectivly the Planet "Home Page"; shows all articles, with no selections, or groupings.
  • Default date ordering is by "Received Date" (due to not all RSS feeds having a "Published Date").
  • Authors is the most poorly serviced field in the articles we see from cyber security news providers.
  • Only Published Date selections use the articles Published Date (for ordering and grouping).
  • The first page always shows fifty items plus from zero to up to a remaining forty-nine items, before they are commited permently to the next page.
  • All subsequent pages show fifty items.
  • Pagination is in reverse ordering (so that pages are permamenent links, aka "permalinks", to their content).
  • Return to the top of this page "Go Now"

Custom HTML Block

Click to Open Code Editor