From One Attack Domain to Another: Contrastive Transfer Learning with Siamese Networks for APT Detection

Advanced Persistent Threats APT pose a major cybersecurity challenge due to their stealth, persistence, and adaptability. Traditional machine learning detectors struggle with class imbalance, high dimensional features, and scarce real world traces. They often lack transferability-performing well ...

The vulnerability of the distributed Git version control system, related to the transfer of private resources to a new domain, allows a hacker to gain access to confidential information.

The vulnerability of the distributed Git version control system relates to the unsafe handling of symbolic links when using local cloning optimization. Git breaks down local clones whose parent directory $GITDIR/objects contains symbolic links. However, the directory itself may still be a symboli...

Shopify: Non-store owners can transfer Shopify-managed domain to another domain provider

A vulnerability was found where Shopify staff members without the 'Transfer domain to another Shopify store' permission were able to transfer Shopify-managed domains to external domain providers. This allowed non-store owners to transfer store domains outside of Shopify's control...

CVE-2022-30236

A CWE-669: Incorrect Resource Transfer Between Spheres vulnerability exists that could allow unauthorized access when an attacker uses cross-domain attacks. Affected Products: Wiser Smart, EER21000 & EER21001 V4.5 and prior...

WeLeakInfo Leaked Customer Payment Info

A little over a year ago, the FBI and law enforcement partners overseas seized WeLeakInfo.com, a wildly popular service that sold access to more than 12 billion usernames and passwords stolen from thousands of hacked websites. In an ironic turn of events, a lapsed domain registration tied to...

DVWA Pro-test CSRF vulnerability-vulnerability warning-the black bar safety net

CSRF is a cross-site request forgery, i.e., a user at A site after login in the same client of the Site B using the vulnerability to get A site's Cookie and other authentication information, and forgery as legitimate identity request to A site. This article in the local environment, carry out the...

ThinkSNS存在dns域传送漏洞可获取其域内地址

简要描述： ThinkSNS存在dns域传送漏洞可获取其域内主机 详细说明： ThinkSNS存在dns域传送漏洞可获取其域内地址 漏洞证明： 所属域为：thinksns.com 使用nslookup查看其dns服务器信息： 其中ns4.01isp.net服务器存在dns域传送漏洞，利用该漏洞可获取其域内的相关地址 获取的域名信息 thinksns.com. MX 5 mxbiz1.qq.com thinksns.com. MX 10 mxbiz2.qq.com thinksns.com. A 121.199.57.54 thinksns.com. NS ns3.01isp.com...

53KF dns zone transfer vulnerability-vulnerability warning-the black bar safety net

Detailed description: 53KF business online platform dns-domain transfer vulnerability Vulnerability proof: root@kali: dnsenum 53kf.com ! !...

用友dns域传送泄露漏洞

简要描述： dns域传送泄露漏洞 详细说明： 这台的未正确设置 ns1.ufsoft.com.cn Trying Zone Transfer for yonyou.com on ns1.ufsoft.com.cn ... yonyou.com 3600 IN SOA yonyou.com 3600 IN A 125.35.5.132 yonyou.com 3600 IN NS yonyou.com 3600 IN NS yonyou.com 3600 IN NS yonyou.com 3600 IN MX yonyou.com 3600 IN TXT ns3.ufsoft.com.cn...

上海商派ShopEx DNS 域传送漏洞

简要描述： ns1.shopex.cn ns2.shopex.cn DNS 服务器配置不当，造成信息泄露。 详细说明： 漏洞证明： utcbag13 A 60.191.141.162 utcbag16 A 60.191.141.162 sumcl.vip A 60.191.142.61 vip-dr A 60.191.141.146 vip484 A 222.92.116.42 vipdemo A 222.92.116.42 vipmall A 124.74.193.216 vps NS server = ns1.shopex.cn vps NS server = ns2.shopex....

Nmap NSE net: dns-zone-transfer

Requests a zone transfer AXFR from a DNS server. The script sends an AXFR query to a DNS server. The domain to query is determined by examining the name given on the command line, the DNS server's hostname, or it can be specified with the dns-zone-transfer.domain' script argument. If the query is...