Creating A fake wireless Acess Point in 2 minutes

InfoSec Write-ups - Medium-- Creating A fake wireless Access Point in 2 minutesPart 1Microcontrollers are great, One of the most popular and cheapest is the ESP8266, an Arduino- chip on which the Wi-fi deauther project is based.I have used this one https://amzn.to/36kKSWa with an OLED display to play around creating fake wireless access point, and deauthenticate ( … Continue reading Creating A fake wireless Acess Point in 2 minutes

V8 Array Overflow Exploitation: 2019 KCTF Problem 5 小虎还乡

InfoSec Write-ups - Medium-- 1. IntroductionHave you ever thought about exploiting dynamically generated code? Do you know that an exploit can also be source code instead of data? The root cause of this bug is an inconsistency in the JIT compiler of v8. The inconsistency tricked the JIT compiler to dynamically generate code that contains … Continue reading V8 Array Overflow Exploitation: 2019 KCTF Problem 5 小虎还乡

Unlimited Balance in an Online Transportation Application Account

InfoSec Write-ups - Medium-- I was surfing in one of the famous online transportation applications and its PWA service. After a while I noticed a Critical vulnerability in Payment Gateway Module. So Let me explain the scenario.At the first step, You should enter your mobile number and then it sends an OTP to verify your … Continue reading Unlimited Balance in an Online Transportation Application Account

Over 2800 e-Shops Running Outdated Magento Software Hit by Credit Card Hackers

The Hacker News-- A wave of cyberattacks against retailers running the Magento 1.x e-commerce platform earlier this September has been attributed to one single group, according to the latest research. "This group has carried out a large number of diverse Magecart attacks that often compromise large numbers of websites at once through supply chain attacks, … Continue reading Over 2800 e-Shops Running Outdated Magento Software Hit by Credit Card Hackers

Build Your 2021 Cybersecurity Plan With This Free PPT Template

The Hacker News-- The end of the year is coming, and it's time for security decision-makers to make plans for 2021 and get management approval. Typically, this entails making a solid case regarding why current resources, while yielding significant value, need to be reallocated and enhanced. The Definitive 2021 Security Plan PPT Template is built … Continue reading Build Your 2021 Cybersecurity Plan With This Free PPT Template

Microsoft Releases Windows Security Updates For Critical Flaws

The Hacker News-- Microsoft formally released fixes for 112 newly discovered security vulnerabilities as part of its November 2020 Patch Tuesday, including an actively exploited zero-day flaw disclosed by Google's security team last week. The rollout addresses flaws, 17 of which are rated as Critical, 93 are rated as Important, and two are rated Low in severity, … Continue reading Microsoft Releases Windows Security Updates For Critical Flaws