Security Affairs newsletter Round 406 by Pierluigi Paganini

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free for you in your email box. If you want to also receive for free the newsletter with the international press subscribe here. Clop ransomware claims the hack of 130 orgs using GoAnywhere MFT flaw CISA adds Fortra […]

The post Security Affairs newsletter Round 406 by Pierluigi Paganini appeared first on Security Affairs.

How to stay anonymous online?

Hello, i think that hackers should know about it. So, can you tell me how can i stay anonymous online? submitted by /u/fughes [link] [comments]

Is this guy trying to hack me??

I bought a laptop for a very cheap price. It’s a gaming laptop that costs about $1,200… I got it for $400. I’ve asked the guy that sold it to me for a video of him with the laptop on and show that it’s running and he even mentioned my name so I know th…

Phishing website keeps saying "Deceptive site ahead"

Im currently hired to pentest a company and phish some employees but when i use MaxPhisher to generate a link and the link is clicked it says "deceptive site ahead" does anyone know how to remove that warning messege? submitted by &#32…

VPN/UDP port forwarding flaws?

I have my own VPN set up on my home network and I would like to do some pen-testing to find any vulnerabilities in my setup. I have port forwarding on my router that is configured for UDP protocol traffic to pass through to the VPN server. In the port forwarding on my router settings I have it set to a specific url/ip in the “Application” field (which is where the source address goes on my router for some reason). I’m using the same internal and external port. Is there anything that stands out that might make me vulnerable? What can I try to test how secure this is?
I realize no one will be able to give a perfect response without knowing everything about my network setup, but I’m just not going to put all that on a hacking sub (plus I don’t think that’s allowed here anyway). Thanks in advance for any ideas.

submitted by /u/i_ate_them_all
[link] [comments]

Why isn’t this FTP exploit working?

I’m working on a lab and found a device which has ProFTPD version 1.3.4.a installed. I found that it is vulnerable to the mod_copy exploit in metasploit which should work for all ProFTPD versions < 1.3.5. I have all of the options selected properly. It should work, but it’s giving me the old “exploit completed, but no session created”. What am I doing wrong?

Vuln scan results: https://i.imgur.com/Pg6wPBZ.png

submitted by /u/erase-d
[link] [comments]