ZAP Map Local로 쉽게 Fake Response 만들기
보안 테스팅에선 HTTP Response를 자주 변경해야할 경우가 많습니다. 이럴 때 저는 보통 ZAP에선 breakpoint와 replace 기능, 그리고 스크립팅을 주로 사용했었습니다. (+Proxify의 DSL) 최근 일부 Proxy…
Month: October 2023
ConnectedIO’s 3/4G Routers Vulnerability Execute Malicious Code
Critical issues in ConnectedIO’s ER2000 edge routers have been discovered, and an attacker can leverage them to compromise the cloud infrastructure completely, remotely execute malicious…
The Israel-Hamas War Is Drowning X in Disinformation
Musk deleted his recommendation soon after posting it, but not before it was viewed over 11 million times. Later on Sunday, Musk wrote: “As always,…
Maintainers of a open tool Warns of Critical Curl Vulnerability
Two new vulnerabilities have been discovered in the widely used Curl tool. These two vulnerabilities are identified as CVE-2023-38545 and CVE-2023-38546. One of these vulnerabilities…
Learn more about FBI warning on Phantom Hacker Campaign sweeping the US
In a concerning turn of events, the FBI has issued a warning regarding the alarming rise of the ‘Phantom Hacker’ campaign that has swept across…
Israeli Footage & Analysis, WSFTP + MOVEIT, AI Explainability, Andreessen vs. Perell on Writing, and more…
Unsupervised Learning is a Security, AI, and Meaning-focused podcast that looks at how best to thrive as humans in a post-AI world. It combines original…
Recently Patched TagDiv Plugin Flaw Exploited to Hack Thousands of WordPress Sites
A recently patched vulnerability affecting a plugin associated with the Newspaper and Newsmag themes has been exploited to hack thousands of WordPress websites as part…
Hackers hijack Citrix NetScaler login pages to steal credentials
Hackers are conducting a large-scale campaign to exploit the recent CVE-2023-3519 flaw in Citrix NetScaler Gateways to steal user credentials. The flaw is a critical…
How Reality TV Star Mishel Karen Lost $160,000 In Double Whammy
09 Oct How Reality TV Star Mishel Karen Lost $160,000 In Double Whammy Posted at 10:31h in Blogs, Videos by Di Freeze Romance and investment…
Credential Harvesting Campaign Targets Unpatched NetScaler Instances
A credential harvesting campaign is targeting Citrix NetScaler gateways that have not been patched against a recent vulnerability, IBM reports. Tracked as CVE-2023-3519 (CVSS score…
HelloKitty ransomware source code leaked on hacking forum
A threat actor has leaked the complete source code for the first version of the HelloKitty ransomware on a Russian-speaking hacking forum, claiming to be…
Security Patch for Two New Flaws in Curl Library Arriving on October 11
Oct 09, 2023NewsroomSoftware Security / Vulnerability The maintainers of the Curl library have released an advisory warning of two security vulnerabilities that are expected to…