Zego: Firebase Database Takeover in Zego Sense Android app

Hello Team, Summary: publicly available Firebase Database api-project-615509201590.firebaseio.com Platform Affected: android com.zegocover.zego Steps To Reproduce: in res/values/strings.xml https://api-project-615509201590.firebaseio.com POC: Go to...

Google Services Weaponized to Bypass Security in Phishing, BEC Campaigns

A spike in recent phishing and business email compromise BEC attacks can be traced back to criminals learning how to exploit Google Services, according to research from Armorblox. Social distancing has driven entire businesses into the arms of the Google ecosystem looking for a reliable, simple w...

Prototype Pollution

firebase is vulnerable to prototype pollution. An attacker is able to inject properties into existing construct prototypes and modify attributes such as proto, constructor and prototype via the deepExtend function within the DeepCopy.ts file...

Google Firebase Js Sdk prototype contamination vulnerability

Google Firebase Js Sdk is a client-side code base for connecting to the Firebase backend service from Google. firebase/util versions prior to 0.3.4 contain a prototype contamination vulnerability that originates from the deepExtend function in DeepCopy.ts. An attacker could exploit this...

CVE-2020-7765

This affects the package @firebase/util before 0.3.4. This vulnerability relates to the deepExtend function within the DeepCopy.ts file. Depending on if user input is provided, an attacker can overwrite and pollute the object prototype of a program...

CVE-2020-7765

This affects the package @firebase/util before 0.3.4. This vulnerability relates to the deepExtend function within the DeepCopy.ts file. Depending on if user input is provided, an attacker can overwrite and pollute the object prototype of a program...

CVE-2020-7765

Summary: The vulnerability affects the package @firebase/util prior to 0.3.4. It stems from the DeepCopy.ts file’s deepExtend function, where unsanitized user input can overwrite and pollute a program’s Object.prototype (prototype pollution). Impact: Contamination of prototypes and potential down...

CVE-2020-7765 Prototype Pollution

This affects the package @firebase/util before 0.3.4. This vulnerability relates to the deepExtend function within the DeepCopy.ts file. Depending on if user input is provided, an attacker can overwrite and pollute the object prototype of a program...

Google Firebase Js Sdk 安全漏洞

Google Firebase Js Sdk is a client-side code base for connecting to the Firebase backend service from Google. firebase/util versions prior to 0.3.4 contain a prototype contamination vulnerability that originates from the deepExtend function in DeepCopy.ts. An attacker could exploit this...

Google Firebase cloud messaging abused to spread Android malware

By Waqas Dubbed Firestarter by researchers; the Android malware campaign is exploiting the Kashmir issue between India and Pakistan but its target remains the Pakistani government, noted Cisco Talos researchers. Cisco Talos researchers have discovered that the APT threat group DoNot exploits...

Firestarter Android Malware Abuses Google Firebase Cloud Messaging

An APT group is starting fires with a new Android malware loader, which uses a legitimate Google messaging service to bypass detection. The malware, dubbed “Firestarter,” is used by an APT threat group called “DoNot.” DoNot uses Firebase Cloud Messaging FCM, which is a cross-platform cloud soluti...

DoNot’s Firestarter abuses Google Firebase Cloud Messaging to spread

By Warren Mercer, Paul Rascagneres and Vitor Ventura. The newly discovered Firestarter malware uses Google Firebase Cloud Messaging to notify its authors of the final payload location.Even if the command and control C2 is taken down, the DoNot team can still redirect the malware to another C2 usi...

2bsafe-api (>=1.0.1 <=1.0.2), 3architecture (>=1.0.0 <=1.7.0) +2321 more potentially affected by CVE-2020-7765 via @firebase/util (>=0.1.10-canary.a1020bf <=0.3.4-2020103231751)

@firebase/util NPM version =0.1.10-canary.a1020bf, =1.0.1, =1.0.0, =1.0.0, =1.0.0, =0.1.0, =0.1.1, =1.0.24, =0.65.0, =0.53.0, =0.50.0, =1.0.1, =0.0.2, =0.0.1, =0.1.0 and more Source cves: CVE-2020-7765 Source advisory: SNYK:JS-FIREBASEUTIL-1038324...

Prototype Pollution

Overview @firebase/util is a wrapper of some Webchannel Features for the Firebase JS SDK. Affected versions of this package are vulnerable to Prototype Pollution. This vulnerability relates to the deepExtend function within the DeepCopy.ts file. Depending on if user input is provided, an attacker...

Node.js third-party modules: [@firebase/util] Prototype pollution

Module module name: @firebase/util version: 0.3.2 npm page: https://www.npmjs.com/package/@firebase/util Module Description NOTE: This is specifically tailored for Firebase JS SDK usage, if you are not a member of the Firebase team, please avoid using this package This is a wrapper of some...

app-context-connie (>=0.0.1 <=1.1.0), app-context-connie-firebase (>=0.0.1 <=0.0.3) +1 more potentially affected by CVE-2020-7706 via connie-lang (>=0.0.1 <=0.1.0)

connie-lang NPM version =0.0.1, =0.0.1, =0.0.1, =0.0.1, =0.2.1 Source cves: CVE-2020-7706 Source advisory: SNYK:JS-CONNIELANG-598853...

h1-ctf: [H1-2006] CTF Writeup

H1-2006 CTF Writeup I am fairly new to CTFs - this is just my second CTF after H1-415 CTF, at which I didn't get far at all. I think the most valuable thing I can do for anyone who comes across this writeup, is to describe exactly what I was thinking at each step along the way, including all my...

Crooks Tap Google Firebase in Fresh Phishing Tactic

A series of phishing campaigns using Google Firebase storage URLs have surfaced, showing that cybercriminals continue to leverage the reputation of Google’s cloud infrastructure to dupe victims and skate by secure email gateways. Google Firebase is a mobile and web application development platfor...

Google Firebase misconfiguration exposes data of 20k+ Android users

By Sudais Asif Up to 24000 Android apps may be at risk because of certain misconfiguration on... This is a post from HackRead.com Read the original post: Google Firebase misconfiguration exposes data of 20k+ Android users...

Over 4000 Android Apps Expose Users' Data via Misconfigured Firebase Databases

More than 4,000 Android apps that use Google's cloud-hosted Firebase databases are 'unknowingly' leaking sensitive information on their users, including their email addresses, usernames, passwords, phone numbers, full names, chat messages and location data. The investigation, led by Bob Diachenko...