Different attack types Archives

In API Security

Slack GitHub Account Hacked via Stolen Employee API Token

January 5, 2023 3 Mins Read

On December 29, 2022, Slack was alerted to suspicious activity on their GitHub account. Upon investigation, the company discovered that a limited number of employee tokens had been stolen and misused to gain access to an externally hosted repository. The threat actor had also downloaded private code repositories on December 27, but neither Slack’s primary codebase nor any customer data were included in the downloaded repositories. Upon being notified of the incident, Slack immediately invalidated…

In API Security

New text2shell RCE vulnerability in Apache Common Texts CVE-2022-42889

October 17, 2022 2 Mins Read

Yet another RCE with a CVSS score of 9.8 out of 10 was disclosed a few hours ago. This issue looks like the same Log4shell and it seems even more dangerous since Common Texts are used more broadly. The Apache Foundation published a vulnerability in the Apache Commons Text project code and published a message to this effect in the project’s mailing list on October 13th, an official date of birth of Text4Shell vulnerability. This…

In API Security

How Uber was hacked in 2022

September 16, 2022 4 Mins Read

What happened? The first information about the incident was issued yesterday, September 15th, 2022. We know that a hacker called “Tea Pot” successfully accessed Uber infrastructure and critical cloud services such as AWS, Slack, Google Workspace, and others. Most likely, Uber understood what had happened after this message was posted to their corporate Slack from the hacker itself: Source: https://www.theverge.com/2022/9/16/23356213/uber-hack-teen-slack-google-cloud-credentials-powershell The community became aware of this incident from a public message posted by a hacker on…

In API Security

Two critical security flaws found in Nginx-Ingress controller

May 12, 2022 3 Mins Read

Ingress controllers allow users to configure an HTTP load balancer for applications running on Kubernetes. It’s needed to serve those applications to clients outside of the Kubernetes Cluster. It’s also configured with Kubernetes API to deploy objects called Ingress Resources The NGINX Ingress Controller is a production-grade Ingress controller (daemon) that runs alongside NGINX Open Source or NGINX Plus instances in a Kubernetes environment. The daemon monitors NGINX Ingress resources and Kubernetes Ingress resources to…

In API Security

CVE-2022-1388: Critical security vulnerabilities in F5 Big-IP allows attackers to execute arbitrary code

May 6, 2022 2 Mins Read

On May 5, 2022, MITRE published CVE-2022-1388, an authentication bypass vulnerability in the BIG-IP modules affecting the iControl REST component. The vulnerability was assigned a CVSSv3 score of 9.8 The vulnerability was discovered internally by the F5 security team and there is no evidence of whether it’s exploited publicly. There is no publicly available proof of concept at the time of writing this blog post. Newly discovered BIG-IP vulnerability affects the following product and versions:…

In Different attack types

What Is Local File Inclusion Vulnerability?

December 15, 2021 9 Mins Read

Introduction This article clarifies what nearby record consideration (LFI) weaknesses are, including the way assailants can take advantage of them on weak web applications and what safe coding practices can assist you with forestalling local document incorporation assaults. Record incorporations are important for each high-level server-side language on the web. They are expected to keep web application code clean and viable. They additionally permit web applications to peruse documents from the record framework, give download…