Dec 24, 2021
The Secure Edge: Daily Round-up of Infosec Blogs — #33 [Copied Version]
Hola! Here is your Today’s Newsletter.
Thoughts:
Be like family to your friends, a friend to strangers, and a stranger to your enemies. — Naval
Infosec Funda:
A Scientific Notation Bug in MySQL left AWS WAF Clients Vulnerable to SQL Injection — GoSecure — www.gosecure.net
GoSecure ethical hackers found a bug in MySQL that left AWS WAF users vulnerable to SQL injection. Our team further confirmed modsecurity to be affected.
Booking Tickets for 1Rupee in IRCTC Bus Booking App | by Udhaya Prakash | Nov, 2021 | Medium — sherlocksecure.medium.com
Here is my medium write-up of a simple price manipulation bug with some slight understanding of the price breakup used by the IRCTC Bus booking platform. It all started when I was casually trying to…
Back-to-Back PlayStation 5 Hacks Hit on the Same Day — The Security Blogger — www.thesecurityblogger.com
CEH Practical Guide | Practical Examination | Prepapration Guide — www.youtube.com
Broken Access Control: Pentester’s Gold Mine — payatu.com
Broken Access Control 101 — The blog discusses the What are Broken Access Control issues? How to approach them? and a couple of real life scenarios encountered.
What is a Website Backdoor? — blog.sucuri.net
A backdoor provides a shortcut for authorized or unauthorized users to gain access to an unauthorized location of a website, software, or system. There are many different ways to categorize backdoors, but they are usually not in plain sight and are intentionally difficult to detect.
Easily find hidden API, AWS keys , secret token, keys 🤑 and more using this Burp extension #burp#poc — www.youtube.com
In this tutorial, I will show and demonstrate a very useful extension that can increase the possibility of finding hidden assets like apikey, token, AWS keys…
Practice WiFi Hacking on this $3 ESP8266 Router | HakByte — www.youtube.com
On this episode of HakByte, Alex Lynd shows how to set up a $3 NAT router on the ESP8266 WiFi microcontroller, which can be used to legally practice WiFi hacking. This episode demonstrates using the WiFi Nugget to run a deauthentication attack against the $3 access point, and capturing a handshake using Aircrack-ng on a Linux computer.
PCI DSS — 5 Most Commonly Observed Control Failures — SISA Blog — www.sisainfosec.com
Companies must pay attention to common PCI DSS control failures, or it will become challenging for them to be PCI compliant.
Previous Newsletters:
The Secure Edge: Daily Round-up of Infosec Blogs — Issue #3 | Revue — www.getrevue.co
The Secure Edge: Daily Round-up of Infosec Blogs — Hack The Planet.
The Secure Edge: Daily Round-up of Infosec Blogs — Issue #2 | Revue — www.getrevue.co
The Secure Edge: Daily Round-up of Infosec Blogs — QOTD: “All our dreams can come true, if we have the courage to pursue them.” — Walt DisneySometimes the best t
