#auth

This Metasploit module exploits built-in functionality in OpenNMS Horizon in order to execute arbitrary commands as the opennms user. For versions 32.0.2 and higher, this module requires valid credentials for a user with ROLE_FILESYSTEM_EDITOR privileges and either ROLE_ADMIN or ROLE_REST. For versions 32.0.1 and lower, credentials are required for a user with ROLE_FILESYSTEM_EDITOR, ROLE_REST, and/or ROLE_ADMIN privileges. In that case, the module will automatically escalate privileges via CVE-2023-40315 or CVE-2023-0872 if necessary. This module has been successfully tested against OpenNMS version 31.0.7.

We now have new information on the entire kill chain this actor uses, including the tactics, techniques and procedures (TTPs) utilized to steal valuable information from their victims and propagate through their infected enterprises.

By Uzair Amir Your web browser serves as the gateway to the internet, but it also acts as a potential entry point for cybercriminals to access your computer and smartphone. This is a post from HackRead.com Read the original post: Why Browser Security Matters More Than You Think

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 7.1 ATTENTION: Exploitable remotely/low attack complexity/public exploits are available Vendor: Advantech Equipment: WebAccess/SCADA Vulnerability: SQL Injection 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an authenticated attacker to read or modify a remote database. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following versions of Advantech WebAccess/SCADA, a bowser-based SCADA software, are affected: WebAccess/SCADA: Version 9.1.5U 3.2 Vulnerability Overview 3.2.1 IMPROPER NEUTRALIZATION OF SPECIAL ELEMENTS USED IN AN SQL COMMAND ('SQL INJECTION') CWE-89: There is a SQL Injection vulnerability in Advantech's WebAccess/SCDA software that allows an authenticated attacker to remotely inject SQL code on the database. Successful exploitation of this vulnerability could allow an attacker to read or modify data on the remote database. CVE-2024-2453 has been assigned to this vulnerability. A CVSS v3.1 base score of 6...

By Waqas About to pay your taxes? Watch out for tax return phishing and malware campaigns targeting individual taxpayers and businesses. This is a post from HackRead.com Read the original post: Microsoft Warns of New Tax Returns Phishing Scams Targeting You

Researchers scanned the internet for incorrectly configured Firebase instances and what they found was frightening.

Ivanti has disclosed details of a critical remote code execution flaw impacting Standalone Sentry, urging customers to apply the fixes immediately to stay protected against potential cyber threats. Tracked as CVE-2023-41724, the vulnerability carries a CVSS score of 9.6. "An unauthenticated threat actor can execute arbitrary commands on the underlying operating system of the appliance

By Waqas CISPA Researchers Unveil 'Loop DoS' Attack: A New Frontier in Denial-of-Service Tactics! This is a post from HackRead.com Read the original post: New Loop DoS Attack Threatens Hundreds of Thousands of Systems

## Summary and impact [`GoogleOAuthenticator.hosted_domain`] is used to restrict what Google accounts can be authorized to access a JupyterHub. The restriction _is intended_ to ensure Google accounts are part of one or more Google organizations/workspaces verified to control specified domain(s). The vulnerability is that the actual restriction has been to Google accounts with emails ending with the domain. Such accounts could have been created by anyone which at one time was able to read an email associated with the domain. This was described by Dylan Ayrey (@dxa4481) in this [blog post] from 15th December 2023. ## Remediation Upgrade to `oauthenticator>=16.3.0` or restrict who can login another way, such as [`allowed_users`] or [`allowed_google_groups`]. [`GoogleOAuthenticator.hosted_domain`]: https://oauthenticator.readthedocs.io/en/latest/reference/api/gen/oauthenticator.google.html#oauthenticator.google.GoogleOAuthenticator.hosted_domain [`allowed_users`]: https://oauthenticat...

Moby is an open source container framework originally developed by Docker Inc. as Docker. It is a key component of Docker Engine, Docker Desktop, and other distributions of container tooling or runtimes. As a batteries-included container runtime, Moby comes with a built-in networking implementation that enables communication between containers, and between containers and external resources. Moby's networking implementation allows for creating and using many networks, each with their own subnet and gateway. This feature is frequently referred to as custom networks, as each network can have a different driver, set of parameters, and thus behaviors. When creating a network, the `--internal` flag is used to designate a network as _internal_. The `internal` attribute in a docker-compose.yml file may also be used to mark a network _internal_, and other API clients may specify the `internal` parameter as well. When containers with networking are created, they are assigned unique network int...