The Secure Edge: Daily Round-up of Infosec Blogs — Issue #2

QOTD: “All our dreams can come true, if we have the courage to pursue them.” — Walt Disney

Sometimes the best thing you can do for your growth is changing your surroundings. — Friday Motivation.

Faking Smart Industry: A Honeypot — driven approach for exploring Cyber Security Threat Landscapewww.youtube.com
Faking Smart Industry: A Honeypot — driven approach for exploring Cyber Security Threat Landscape — -Authors: Ahmed, Mohiuddin (Edith Cowan University); Rashi…

Fake Ransomware Infection Spooks Website Ownersblog.sucuri.net

Android App Traffic Decryption using Nox Player — Windows Guide — Google Docsdocs.google.com

Written Information about Android App Traffic Decryption & Defeat Certificate Pinning By ZwinK.

GitLab disclosed on HackerOne: Stored XSS via Mermaid Prototype…

hackerone.com

Harvest Finance Uninitialized Proxies Bug Fix Postmortem — $200k Bounty | by Immunefi | Immunefi | Nov, 2021 | Mediummedium.com
Software development is an iterative process, and mistakes can happen at any time. That’s why, in the practice of developing software, there is usually a team of QA Engineers — who act as a second…

Judge.me disclosed on HackerOne: Stored XSS in Email Templates via…

hackerone.com

Summary: Stored cross-site scripting (also known as second-order or persistent XSS) arises when an application receives data from …

Seamlessly Discovering Netgear Universal Plug-and-Pwn (UPnP) 0-daysblog.grimm-co.com

This report detailed a vulnerability in the UPnP daemon included in many Netgear SOHO Devices. Exploitation of this vulnerability allows attackers on the affected device’s network to obtain RCE as root on the SOHO device. The exact list of devices affected by these vulnerabilities is included in the Bug Identification section.

Simple SSRF Allows Access To Internal Assets | Caffeine’s Sitecoffeejunkie.me

By Sam

--

--

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store