Últimos bugs [EN]

[Bot]

From Zero to Hero Part 1: Bypassing Intel DCM’s Authentication by Spoofing Kerberos and LDAP Responses (CVE-2022-33942)
https://www.rcesecurity.com/2022/11/from...022-33942/

[Bot]

SSRF via DNS Rebinding (CVE-2022–4096)
https://medium.com/@basu-banakar/ssrf-vi...bf75928bb2

[Bot]

Why you should consider running a live hacking event
https://blog.intigriti.com/2022/11/22/wh...ing-event/

[Bot]

Burp Suite and Protobuf
https://security.humanativaspa.it/burp-s...-protobuf/

[Bot]

Bug Bounty Calculator – Crunch the numbers and optimize your VDP
https://blog.intigriti.com/2022/11/17/bu...-your-vdp/

[Bot]

Header spoofing via a hidden parameter in Facebook Batch GraphQL APIs
https://feed.bugs.xdavidhu.me/bugs/0017

[Bot]

Till REcollapse
Fuzzing the web for mysterious bugs
https://0xacb.com/2022/11/21/recollapse/

[Bot]

System misconfiguration is the number one vulnerability, at least for Mastodon
https://www.alevsk.com/2022/11/system-mi...-mastodon/

[Bot]

CTF Walkthrough: Hacking An API with Snyk!
https://m.youtube.com/watch?v=QLFrgNgVG2o

[Bot]

A Confused Deputy Vulnerability in AWS AppSync
https://securitylabs.datadoghq.com/artic...isclosure/