The Secure Edge: Daily Round-up of Infosec Blogs — #33 [Copied Version]

Hola! Here is your Today’s Newsletter.

Thoughts:

Be like family to your friends, a friend to strangers, and a stranger to your enemies.Naval

Heath Tip — — ;

Infosec Funda:

A Scientific Notation Bug in MySQL left AWS WAF Clients Vulnerable to SQL Injection — GoSecurewww.gosecure.net
GoSecure ethical hackers found a bug in MySQL that left AWS WAF users vulnerable to SQL injection. Our team further confirmed modsecurity to be affected.

Booking Tickets for 1Rupee in IRCTC Bus Booking App | by Udhaya Prakash | Nov, 2021 | Mediumsherlocksecure.medium.com
Here is my medium write-up of a simple price manipulation bug with some slight understanding of the price breakup used by the IRCTC Bus booking platform. It all started when I was casually trying to…

Back-to-Back PlayStation 5 Hacks Hit on the Same Day — The Security Bloggerwww.thesecurityblogger.com

CEH Practical Guide | Practical Examination | Prepapration Guidewww.youtube.com

Broken Access Control: Pentester’s Gold Minepayatu.com
Broken Access Control 101 — The blog discusses the What are Broken Access Control issues? How to approach them? and a couple of real life scenarios encountered.

What is a Website Backdoor?blog.sucuri.net
A backdoor provides a shortcut for authorized or unauthorized users to gain access to an unauthorized location of a website, software, or system. There are many different ways to categorize backdoors, but they are usually not in plain sight and are intentionally difficult to detect.

Easily find hidden API, AWS keys , secret token, keys 🤑 and more using this Burp extension #burp#pocwww.youtube.com
In this tutorial, I will show and demonstrate a very useful extension that can increase the possibility of finding hidden assets like apikey, token, AWS keys…

Practice WiFi Hacking on this $3 ESP8266 Router | HakBytewww.youtube.com
On this episode of HakByte, Alex Lynd shows how to set up a $3 NAT router on the ESP8266 WiFi microcontroller, which can be used to legally practice WiFi hacking. This episode demonstrates using the WiFi Nugget to run a deauthentication attack against the $3 access point, and capturing a handshake using Aircrack-ng on a Linux computer.

PCI DSS — 5 Most Commonly Observed Control Failures — SISA Blogwww.sisainfosec.com
Companies must pay attention to common PCI DSS control failures, or it will become challenging for them to be PCI compliant.

Previous Newsletters:

The Secure Edge: Daily Round-up of Infosec Blogs — Issue #3 | Revuewww.getrevue.co
The Secure Edge: Daily Round-up of Infosec Blogs — Hack The Planet.

The Secure Edge: Daily Round-up of Infosec Blogs — Issue #2 | Revuewww.getrevue.co
The Secure Edge: Daily Round-up of Infosec Blogs — QOTD: “All our dreams can come true, if we have the courage to pursue them.” — Walt DisneySometimes the best t

Twitter Things!

--

--

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store