Critical bug in Cisco EoL Small Business Routers will receive no patch

Cisco warns of a critical flaw in small business RV016, RV042, RV042G, and RV082 routers, which have reached end of life (EoL). Cisco is warning of a critical vulnerability, tracked as CVE-2023-20025 (CVSS score of 9.0), that impacts small business RV016, RV042, RV042G, and RV082 routers. The IT giant announced that these devices will receive no security […]

The post Critical bug in Cisco EoL Small Business Routers will receive no patch appeared first on Security Affairs.

January 13, 2023
Read More >>

Is there phones who call without a sim card

So i am looking to find a device, that can call normally without a sim card, and that is also able to set custom caller id (so i can call as somebody else) Btw i am not looking to do anything illegal or harmful with such a device, all i am asking for i…

January 12, 2023
Read More >>

Hiding text in files

Awhile back I was looking at some malicious stuff that showed up on someone’s server and one of the tricks they did was to hide a bunch of javascript in template files. If you catted the file or viewed it in nano you saw nothing. View it in vi and poof, bunch of malicious code.

Thought it was kind of cool but didn’t take notes or keep samples. Year later I find a need for this for a project. Google searches were somewhat unhelpful since all manner of stupid stuff matches.

Anyone know what the method is called so I can do more research?

submitted by /u/FantasticThing359
[link] [comments]

January 12, 2023
Read More >>

Threat actors actively exploit Control Web Panel RCE following PoC release

Threat actors are actively exploiting a recently patched critical remote code execution (RCE) vulnerability in Control Web Panel (CWP). Threat actors are actively exploiting a recently patched critical vulnerability, tracked as CVE-2022-44877 (CVSS score: 9.8), in Control Web Panel (CWP). The exploitation attempts began on January 6, 2023, after a proof-of-concept (PoC) exploit code was published […]

The post Threat actors actively exploit Control Web Panel RCE following PoC release appeared first on Security Affairs.

January 12, 2023
Read More >>

would this work?

imagine having to pentest a data center , you notice theyr routers are not secure , so you use log4j or some other exploit to get access to them , now that you have router access how would you modify the dns adress of example.com that the servers recei…

January 12, 2023
Read More >>

Threat actors claim access to Telegram servers through insiders

Researchers reported that a threat actor claims to provide access to internal servers at Telegram for $20,000. SafetyDetectives reported that a member of a dark web marketplace is claiming to provide access to internal servers at Telegram for $20,000. The seller claims that the access is permanent because is provided by insiders that are staff […]

The post Threat actors claim access to Telegram servers through insiders appeared first on Security Affairs.

January 12, 2023
Read More >>

Twitter: 200M dataset was not obtained through the exploitation of flaws in its systems

Twitter said that its investigation revealed that users’ data offered for sale online was not obtained from its systems. Twitter provided an update on its investigation launched after data of 200 Million users were offered for sale online. The company has found “no evidence” that the data were obtained by hacking into its systems. Below […]

The post Twitter: 200M dataset was not obtained through the exploitation of flaws in its systems appeared first on Security Affairs.

January 12, 2023
Read More >>