From securityonline.info
Script to perform automatic initial web and vulnerability recon.
It has some checks in case of errors.
There is a possibility to skip some checks, to restart them, and/or to continue with the last point you stopped. (This is because sometimes there are network issues like a time limit on VPN).
Remember if you copy or link the inter-recon script to the bin path (ex: /usr/bin/) you can execute the script from where you want. It will create the output where you are.
From ehackingnews.com
DNS-over-HTTPS is a privacy feature in Windows 11 that allows users to evade censorship and Internet activity by doing encrypted DNS lookups. Your computer must first query a domain name system (DNS) server for the IP address associated with the hostname before connecting to a website or other host on the Internet.
The method aims to improve user privacy and security by avoiding eavesdropping and DNS data modification by man-in-the-middle attacks by encrypting data between the DoH client and the DoH-based DNS resolver using the HTTPS protocol. Google and the Mozilla Foundation began testing DNS over HTTPS versions in March 2018. For users in the United States, Firefox switched to DNS over HTTPS by default in February 2020.
From blumira.com
Proof-of-concept exploit code was published on Github on June 29, 2021 for a vulnerability (CVE-2021-1675) in Print Spooler (spoolsv.exe), a Windows program that manages print jobs.
The vulnerability was discovered by security researchers Tencent Security, AFINE, and NSFOCUS. Microsoft released a patch for CVE-2021-1675 on June 8, 2021 as a part of June 2021 Patch Tuesday, initially describing the vulnerability as a low severity privilege vulnerability. On June 21, Microsoft updated that description to critical severity and stated that there was the potential for remote code execution (RCE).
From helpnetsecurity.com
No matter who you talk to or work with, they probably use email as a primary means of communication. Most of us spend about 5 hours a day checking email, sometimes refreshing our inboxes even while in meetings or during meals. Email is integrated into almost every part of our day and, much to the pleasure of cybercriminals, is full of vulnerabilities.
From thehackernews.com
Colombian authorities on Wednesday said they have arrested a Romanian hacker who is wanted in the U.S. for distributing a virus that infected more than a million computers from 2007 to 2012.
Mihai Ionut Paunescu (aka “Virus”), the individual in question, was detained at the El Dorado airport in Bogotá, the Office of the Attorney General of Colombia said.
Paunescu was previously charged by the U.S. Department of Justice (DoJ) in January 2013 for operating a bulletproof hosting service that “enabled cyber criminals to distribute the Gozi Virus, the Zeus Trojan and other notorious malware, and conduct other sophisticated cyber crimes.” He was arrested in Romania in December 2012 but managed to avoid extradition to the U.S.
From securityboulevard.com
As automotive supply chains become more complex, automotive manufacturers are increasingly susceptible to a ransomware attack, according to a report from Black Kite.
The security firm’s researchers analyzed the cybersecurity posture and ransomware susceptibility for the top 100 automotive manufacturers and the top 100 automotive suppliers, finding alarming security issues including companies’ susceptibility to phishing attacks, publicly visible ports and credential management.
Bob Maley, chief security officer at Black Kite, noted software vulnerabilities and the use of leaked and stolen credentials are the traditional entry points used by ransomware bad actors to gain access to critical data and systems.
From thehackernews.com
Cybersecurity researchers have detailed critical security vulnerabilities affecting NETGEAR DGN2200v1 series routers, which they say could be reliably abused as a jumping-off point to compromise a network’s security and gain unfettered access.
The three HTTPd authentication security weaknesses (CVSS scores: 7.1 – 9.4) impact routers running firmware versions prior to v1.0.0.60, and have since been fixed by the company in December 2020 as part of a coordinated vulnerability disclosure process.
“The rising number of firmware attacks and ransomware attacks via VPN devices and other internet-facing systems are examples of attacks initiated outside and below the operating system layer,” Microsoft 365 Defender Research Team’s Jonathan Bar Or said. “As these types of attacks become more common, users must look to secure even the single-purpose software that run their hardware—like routers.”