#awsappsyncvulnerability نتائج البحث
Cloudflare WAF Bypass → XSS 💡 The vulnerability occurred because the URL was being printed directly in JavaScript. Used this payload to achieve reflected XSS: --'<00 foo="<a%20href="javascript:prompt(404)">XSS-Click</00>--%20// #CyberSecurity #BugBounty #XSS
If ANYONE can access it, locally or remotely, it's vulnerable. Period.
Another critical bug 🔥🐞 Combination of two vulnerabilities: Path traversal + File upload = Arbitrary File Write 😈 The vulnerable function behind was php://input without any validation 🤭
CVE-2024–50340 allows changing Symfony's APP_ENV via URL parameters, allowing attackers to dump source code and credentials. I’ve forked EOS so it can be used to exploit this vulnerability. 🔗 Exploit: github.com/nollium/CVE-20… Blog post link in the next tweet. 🧵
🚨We could bypass authentication to thousands of applications by exploiting a configuration-based vulnerability in AWS ALB. Here’s everything you need to know about the #ALBeast vulnerability discovered by @MiggoSecurity
⚡ Researchers have uncovered critical AWS vulnerabilities that could allow attackers to gain full control over AWS accounts, manipulate AI modules, or exfiltrate sensitive data, putting countless organizations at risk. Read: thehackernews.com/2024/08/expert… #cybersecurity #infosec
DevOps (Lab-5)-Detecting code vulnerabilities with OWASP towardsaws.com/devops-lab-5-d…
🚨👀🪳 DEVELOPING: Critical security flaw in Atlassian's Confluence software could lead to significant data loss. Immediate patching advised. Vulnerability tracked as CVE-2023-22518.
Our security research team at @assetnote discovered a critical RCE vulnerability in Avaya Device Services. This vulnerability has affected our customers and has also led to over $60k of findings in bug bounties. You can read the writeup of this issue here: blog.assetnote.io/2023/02/01/rce…
assetnote.io
RCE in Avaya Aura Device Services
RCE in Avaya Aura Device Services
NEW ROOM: Explore the first 5 vulnerabilities from the OWASP API Security Top 10 list with hands-on examples! 🔨Broken authorization and authentication 🏴☠️Excessive data exposure 🫗Lack of resources and rate-limiting issues tryhackme.com/room/owaspapis…
New cloud security research! We found a vulnerability in AWS AppSync that allowed us to trick the AppSync service to assume roles in other accounts, allowing us to access their resources. securitylabs.datadoghq.com/articles/appsy…
#AWSSecuritySeries Summary: ☑️List of AWS Vulnerabilities:🧵 👇
One of the things I really love is to write technical blog posts. so here is a NEW one - my AWS RDS Vulnerability blog.lightspin.io/aws-rds-critic… #AWS #cloudsecurity #Lightspin
A critical #vulnerability, CVE-2022-22536, affecting at least 5000 #SAP #Java application #servers will need immediate attention from their administrators. Our free service will help you understand your exposure. hubs.li/Q013Wt3T0
The Assetnote security research team discovered a full-read SSRF vulnerability in Jamf Pro (post-authentication) a few months ago. blog.assetnote.io/2021/11/30/jam… (CVE-2021-39303 & CVE-2021-40809). Tracing sinks to sources is always a valid strategy.
assetnote.io
Discovering Full Read SSRF in Jamf (CVE-2021-39303 & CVE-2021-40809)
Discovering Full Read SSRF in Jamf (CVE-2021-39303 & CVE-2021-40809)
Common AWS Security Vulnerabilities: 1) Subdomain Takeover 2) SSRF To Instance Meta-Data 3) Cognito Misconfiguration 4) S3 Open Bucket 5) Lambda Runtime API SSRF 6) API Gateway Denial of Service 7) Poor Authorizer Function
Here is one of my recent findings - Tale of 3 vulnerabilities to account takeover ! SSRF-->Cloudflare bypass--> Rate limiting to account takeover. medium.com/@logicbomb_1/t… #security #infosec #awareness #bugbounty
This vulnerability is not about a wormable global takedown of computers, but instead resourced attackers who own network transit points being able to modify communication streams at-will. Basically, nation-state APTs who routinely compromise foreign network infrastructure.
the @OWASP publishes a Top Ten Web Application Vulnerabilities list. Here is how to use #AWS WAF to mitigate them. d0.awsstatic.com/whitepapers/Se…
Something went wrong.
Something went wrong.
United States Trends
- 1. Thanksgiving 1.23M posts
- 2. Thankful 223K posts
- 3. Turkey Day 29.1K posts
- 4. Busta Rhymes N/A
- 5. Lil Jon N/A
- 6. Toys R Us N/A
- 7. Turn Down for What N/A
- 8. Afghanistan 231K posts
- 9. Mr. Fantasy N/A
- 10. #ProBowlVote 9,418 posts
- 11. Shaggy 3,204 posts
- 12. #Gratitude 6,728 posts
- 13. #Grateful 3,996 posts
- 14. Gobble Gobble 19.7K posts
- 15. Debbie Gibson N/A
- 16. Sarah Beckstrom 8,746 posts
- 17. taylor momsen N/A
- 18. Feliz Día de Acción de Gracias 2,201 posts
- 19. Andrew Wolfe 24.6K posts
- 20. Darlene Love N/A