Random in Security is a summary of the cybersecurity news.
The exploit involves a path traversal bug, enabling attackers to read arbitrary files on the system. Check Point put this out as an information disclosure bug. Watchtowr has a detailled writeup.
When converting to ISO-2022-CN-EXT charset glibc’s iconv function used by PHP is susceptible to a buffer overflow. This overflow can be exploited to achieve remote code execution in PHP applications, leveraging PHP’s filter functions to manipulate data streams in unexpected ways. Ambionics Security has a writeup.
A vulnerability in Git that allows remote code execution via a git clone operation by exploiting submodule paths with symlinks on case-insensitive filesystems. The original advisory already includes some details. This article by Amal Murali goes into some details.
This article argues that APIs should not redirect HTTP requests to HTTPS as it hides errors and exposes sensitive data in plaintext. Instead, APIs should either disable the HTTP interface entirely or return clear error messages for unencrypted requests to ensure security and help developers quickly identify and correct mistakes.
The article by Chris Haller provides a detailed overview of setting up, collecting data, analyzing, and leveraging BloodHound CE for identifying security risks in Active Directory environments. It covers the importance of understanding AD complexity, using the GOADv2 forest for sample data, and highlights tools such as SharpHound and BloodHound.py for data collection, along with insights on navigating the BloodHound CE interface and utilizing its features effectively.
Operation Endgame is an international law enforcement initiative targeting cybercrime, resulting in the dismantling of several major botnets and the arrest of multiple suspects. The operation, which continues to unfold, aims to disrupt the infrastructure used by cybercriminals and mitigate the financial impact on victims, estimated to be in the hundreds of millions of euros (Operation Endgame).
A golang implementation of endlessh exporting Prometheus metrics, visualized by a Grafana dashboard.