The newsletter will be on a break, as do I. The next issue will be on 21th May. Articles Abusing Azure Container Registry Tasks Intro and Prior Workposts.specterops.io New XSS vectors Transition based events without style blocks So, recently, I was updating our XSS cheat sheet to fix certain vectors…portswigger.net Threat Hunting for Phishing Pages - BRANDEFENSE Phishing is a type of cybersecurity attack during which threat actors send malicious emails designed to trick people…brandefense.io

Articles Akamai Blog | Critical Remote Code Execution Vulnerabilities in Windows RPC Runtime Microsoft's April 2022 Patch Tuesday introduced patches to more than a hundred new vulnerabilities in various…www.akamai.com CVE-2022-25165: Privilege Escalation to SYSTEM in AWS VPN Client - Rhino Security Labs Vulnerabilities Overview Affected Product The AWS VPN Client application is affected by an arbitrary file write as…rhinosecuritylabs.com

Articles Cado Discovers Denonia: The First Malware Specifically Targeting Lambda - Cado Security | Cloud… Cado Labs routinely analyses cloud environments to look for the latest threats. As part of ongoing research, we found…www.cadosecurity.com Learning Machine Learning Part 1: Introduction and Revoke-Obfuscation For the past two years I’ve been trying to get a grasp on the field of machine learning with the hopes of applying it…posts.specterops.io

Articles GitHub Cache Poisoning - Scribe Security Do you know what happens under the hood of your CI? Without deep understanding, you might be vulnerable to innovative…scribesecurity.com Decrypting your own HTTPS traffic with Wireshark HTTP messages are typically are not sent in plaintext in the post-Snowden world. Instead, TLS protocol is used to…www.trickster.dev Spring4Shell: Security Analysis of the latest Java RCE '0-day' vulnerabilities in Spring | LunaSec Originally posted March 30th, 2022. Logo from Daniel Christensen. On March 29th, 2022, two RCE vulnerabilities were…www.lunasec.io

Articles Automagically Auditing GitHub (Actions) Security using OpenSSF Scorecards · Jamie Tanna | Software… In January, GitHub blogged about Reducing security risk in open source software with GitHub Actions and OpenSSF…www.jvt.me Unconstrained Delegation Microsoft to support scenarios where users authenticate via Kerberos to one system and information needs to be updated…pentestlab.blog Bypassing UAC in the most Complex Way Possible! While it's not something I spend much time on, finding a new way to bypass UAC is always amusing. When reading through…www.tiraniddo.dev

Articles How we automatically fixed thousands of Ruby 2.7 deprecation warnings Ruby 3.0 was just released on Dec. 25, 2020, with some new features and some breaking changes. GitLab was at Ruby 2.6…about.gitlab.com Google Cloud Default Service Account Lateral Movement - Orca Security An attacker can use the default service account in Google Cloud to move laterally across compute engine instances. In…orca.security

Articles Moodle 2nd Order Sqli Moodle is vulnerable to 2nd order sqli by users with Teacher or higher privileges. The reason these privileges are…muffsec.com Privilege Escalation from Node/Proxy Rights in Kubernetes RBAC One of the side effects of Kubernetes' rich API and extensive functionality is that sometimes there are security…blog.aquasec.com Go directly to namespace jail: Locking down network traffic between Kubernetes namespaces How do you restrict network traffic between namespaces in a Kubernetes cluster? In this guide, we'll show you how to…buoyant.io

Articles Piercing the Cloud Armor - The 8KB bypass in Google Cloud Platform WAF Google Cloud Armor provides a rule-based policy framework that can be used by customers of the Google Cloud Platform to…kloudle.com Exploiting Jenkins build authorization Are you aware of the risks lurking in your default Jenkins configuration?medium.com r2c blog - The best free, open-source supply-chain security tool? The lockfile tl;dr: Lockfiles often protect you from malicious new versions of dependencies. When something bad happens, they…r2c.dev

Articles SameSite: Hax - Exploiting CSRF With The Default SameSite Policy Feb 23 2022 Default SameSite settings are not the same as SameSite: Lax set explicitly. TLDR? A two-minute window from…pulsesecurity.co.nz Finding an unseen SQL Injection by bypassing escape functions in mysqljs/mysql It was found that unexpected behaviors in the query’s escape function could cause a SQL injection in mysqljs/mysqlflattsecurity.medium.com