DigeeX @digeex@noc.social

Raider: A tool to test authentication in web applications | The Daily Swig: https://portswigger.net/daily-swig/raider-a-tool-to-test-authentication-in-web-applications

Actively exploited Apache 0-day also allows remote code execution: https://www.bleepingcomputer.com/news/security/actively-exploited-apache-0-day-also-allows-remote-code-execution/

European Parliament calls for ban on AI-powered mass surveillance: https://www.bleepingcomputer.com/news/technology/european-parliament-calls-for-ban-on-ai-powered-mass-surveillance/

Twitch Hack of 135 GB of Data Includes How Much Its Biggest Streamers Make - VICE: https://www.vice.com/amp/en/article/dyvnjk/twitch-hack-of-135-gb-of-data-includes-how-much-its-biggest-streamers-make

U.S. govt to sue contractors who hide breach incidents: https://www.bleepingcomputer.com/news/security/us-govt-to-sue-contractors-who-hide-breach-incidents/

Hackers of SolarWinds stole data on U.S. sanctions policy, intelligence probes | Reuters: https://www.reuters.com/world/us/hackers-solarwinds-breach-stole-data-us-sanctions-policy-intelligence-probes-2021-10-07/

Microsoft: Russian state hackers behind 53% of attacks on US govt agencies: https://www.bleepingcomputer.com/news/security/microsoft-russian-state-hackers-behind-53-percent-of-attacks-on-us-govt-agencies/

Details of some 100 million visitors to Thailand exposed online: research firm | South China Morning Post: https://www.scmp.com/news/asia/southeast-asia/article/3149475/details-some-100-million-visitors-thailand-exposed-online

UK plans to invest £5 billion in retaliatory cyber-attacks: https://www.bleepingcomputer.com/news/security/uk-plans-to-invest-5-billion-in-retaliatory-cyber-attacks/

Company That Routes Billions of Text Messages Quietly Says It Was Hacked : https://www.vice.com/en/article/z3xpm8/company-that-routes-billions-of-text-messages-quietly-says-it-was-hacked

What Happened to Facebook, Instagram, & WhatsApp? – Krebs on Security: https://krebsonsecurity.com/2021/10/what-happened-to-facebook-instagram-whatsapp/

Misconfigured Airflows Leak Credentials from Popular Services: https://www.intezer.com/blog/cloud-security/misconfigured-airflows-leak-credentials/

Hackers rob thousands of Coinbase customers using MFA flaw: https://www.bleepingcomputer.com/news/security/hackers-rob-thousands-of-coinbase-customers-using-mfa-flaw/

FCC Proposal Targets SIM Swapping, Port-Out Fraud – Krebs on Security: https://krebsonsecurity.com/2021/10/fcc-proposal-targets-sim-swapping-port-out-fraud/

MoneyLion locks customer accounts after credential stuffing attacks: https://www.bleepingcomputer.com/news/security/moneylion-locks-customer-accounts-after-credential-stuffing-attacks/

Ransomware gangs are complaining that other crooks are stealing their ransoms | ZDNet: https://www.zdnet.com/article/these-ransomware-crooks-are-complaining-they-are-getting-ripped-off-by-other-ransomware-crooks/

s1r1us - Prototype Pollution: https://blog.s1r1us.ninja/research/PP

US Congress asks FBI to explain delay in helping Kaseya atack victims: https://www.bleepingcomputer.com/news/security/us-congress-asks-fbi-to-explain-delay-in-helping-kaseya-atack-victims/

RansomEXX ransomware Linux encryptor may damage victims' files: https://www.bleepingcomputer.com/news/security/ransomexx-ransomware-linux-encryptor-may-damage-victims-files/

Fake Amnesty International Pegasus scanner used to infect Windows: https://www.bleepingcomputer.com/news/security/fake-amnesty-international-pegasus-scanner-used-to-infect-windows/

QNAP fixes bug that let attackers run malicious commands remotely: https://www.bleepingcomputer.com/news/security/qnap-fixes-bug-that-let-attackers-run-malicious-commands-remotely/