CVE-2024-29033

OAuthenticator provides plugins for JupyterHub to use common OAuth providers, as well as base classes for writing one's own Authenticators with any OAuth 2.0 provider. GoogleOAuthenticator.hosteddomain is used to restrict what Google accounts can be authorized access to a JupyterHub. The...

SolarMarker Malware Uses Novel Techniques to Persist on Hacked Systems

In a sign that threat actors continuously shift tactics and update their defensive measures, the operators of the SolarMarker information stealer and backdoor have been found leveraging stealthy Windows Registry tricks to establish long-term persistence on compromised systems. Cybersecurity firm...

Boofuzz - Network Protocol Fuzzing for Humans

Boofuzz is a fork of and the successor to the venerable Sulley fuzzing framework. Besides numerous bug fixes, boofuzz aims for extensibility. The goal: fuzz everything. Why? Sulley has been the preeminent open source fuzzer for some time, but has fallen out of maintenance. Features Like Sulley,...

Ruby On Rails File Content Disclosure ('doubletap')

This module uses a path traversal vulnerability in Ruby on Rails versions = "Ruby On Rails File Content Disclosure 'doubletap'", 'Description' = %q This module uses a path traversal vulnerability in Ruby on Rails versions = 'Carter Brainerd ', Metasploit module 'John Hawthorn ' PoC/discovery ,...

The Offensive Web Application Penetration Testing Framework: TIDoS

TIDoS Framework is a comprehensive web-app audit framework. TIDoS is made to be comprehensive and versatile. It is a highly flexible framework where you just have to select and use modules. But before that, you need to set your own API KEYS for various OSINT purposes. To do so, open up APIKEYS.py...

Misconfigured Google Groups Settings Leaking Sensitive Data

By Uzair Amir Kenna Security in collaboration with KrebsOnSecurity has identified the presence This is a post from HackRead.com Read the original post: Misconfigured Google Groups Settings Leaking Sensitive Data...

Public Google Groups Leaking Sensitive Data at Thousands of Orgs

Thousands of organizations out there are leaking some form of sensitive email, according to an analysis, thanks to a widespread misconfiguration in Google Groups. According to Kenna Security, the afflicted include Fortune 500 companies, hospitals, universities and colleges, newspapers and...

Are Your Google Groups Leaking Data?

Google is reminding organizations to review how much of their Google Groups mailing lists should be public and indexed by Google.com. The notice was prompted in part by a review that KrebsOnSecurity undertook with several researchers who've been busy cataloging thousands of companies that are usi...

groups.google.com XSS vulnerability

Vulnerable URL: https://groups.google.com/group/rootbytetest/attach/80ade35d14961/rootbyte.html?part=0.1=0=1 Details: Description| Value ---|--- Patched:| Verification in progress Latest check for patch:| 03.01.2018 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank|...