From Baidu to Google’s Open Redirects

Last week, we described how an ongoing massive malware campaign began using Baidu search result links to redirect people to various ad and scam pages.
It didn’t last long. Soon after the publication of that article, the bad actors changed the links to use compromised third-party sites and a couple of day later they began using Google’s goo.gl URL shortening service.
This is a snippet from their decoded script:
The Redirect Chain
If you check Google’s own information about that shortened URL, it shows that the URL redirects to another Google owned URL maps.app.goo.gl which looks quite benign.
Continue reading From Baidu to Google’s Open Redirects at Sucuri Blog.

Link: https://blog.sucuri.net/2018/04/from-baidu-to-googles-open-redirects.html

Apple Leak, McAfee, and National Guard – Hack Naked News #169

The FTC weighs in on whether you can actually tell somebody the warranty is void, Apple’s leak memo leaks, then we got a whole bunch of statistics on cloud adoption security and businesses. Jason Wood gives expert commentary on Cyber Crime on Facebook! News: FTC Says ‘Warranty Void If Removed’ Stickers Are Bullshit, Warns Manufacturers […]
The post Apple Leak, McAfee, and National Guard – Hack Naked News #169 appeared first on Security Weekly.

Link: http://feedproxy.google.com/~r/securityweekly/Lviv/~3/MGmrJkctMwg/

Malicious Activities with Google Tag Manager

If I were to ask if you could trust a script from Google that is loading on your website, the majority of users would say “yes” or even “absolutely”. But when malicious behavior ensues, everything should be double-checked and suspected, even assets that come from “trusted sources” like Google, Facebook, and Youtube.
In the past, we saw how adsense was abused with a malvertising campaign. Even more recently, we saw how attackers injected malware that called Google AdSense ads to generate revenue for the attackers, however, there’s an even more troublesome part of the toolkit that Google offers to webmasters – Google Tag Manager.
Continue reading Malicious Activities with Google Tag Manager at Sucuri Blog.

Link: https://blog.sucuri.net/2018/04/malicious-activities-google-tag-manager.html

Cisco, SensorNet, Wombat, and Google – Enterprise Security Weekly #85

In the news, Cisco commits $50 million to end homelessness in Silicon Valley, Distil Networks’ annual bad bot report finds one in five companies now block Russian traffic, Alex Stamos’ original thoughts on Cambridge Analytica, and more on this episode of Enterprise Security Weekly! Full Show NotesVisit http://securityweekly.com/esw for all the latest episodes!
The post Cisco, SensorNet, Wombat, and Google – Enterprise Security Weekly #85 appeared first on Security Weekly.

Link: http://feedproxy.google.com/~r/securityweekly/Lviv/~3/xbXHRpBh4Qs/

Cloud Technology – What Is Auto-scaling?

Let us imagine, you are a software engineer at one of the famous home services companies in Bangalore. Since you are experienced, you are assigned to write an application for replacing an old application that does not meet the requirements of the online business. You and your team worked long hours and built an application … Continue reading Cloud Technology – What Is Auto-scaling?

Link: http://crazylearner.org/cloud-technology-what-is-auto-scaling/

Harpoon – CLI Tool For Open Source And Threat Intelligence

OSINT tool, CLI Tool For Open Source And Threat IntelligenceInstallYou can simply pip install the tool:pip3 install git+http://git@github.com/Te-k/harpoon –process-dependency-linksOptionally if you want to use the screenshot plugin, you need phantomjs and npm installed:npm install -g phantomjsTo configure harpoon, run harpoon config and fill in the needed API keys. Then run harpoon config -u to download needed files. Check what plugins are configured with harpoon config -c.UsageAfter configuration the following plugins are available within the harpoon command:help Give help on an Harpoon commandsafebrowsing Check if the given domain is in Google safe Browsing listhibp Request Have I Been Pwned API (https://haveibeenpwned.com/)cache Requests webpage cache from different sourcesmisp Get information from a MISP server through the APIspyonweb Search in SpyOnWeb through the APIcensys Request information from Censys database (https://censys.io/)shodan Requests Shodan APIvt Request Virus Total APIconfig Configure Harpoonfullcontact Requests Full Contact API (https://www.fullcontact.com/)googl Requests Google url shortener APIip Gather information on an IP addresstwitter Requests Twitter APIasn Gather information on an ASNrobtex Search in Robtex API (https://www.robtex.com/api/)hunter Request hunter.io information through the APIotx Requests information from AlienVault OTXcrtsh Search in https://crt.sh/ (Certificate Transparency database)github Request Github information through the APIbitly Request bit.ly information through the APIscreenshot Takes a screenshot of a webpagegreynoise Request Grey Noise APItelegram Request information from Telegram through the APIthreatgrid Request Threat Grid APIpgp Search for information in PGP key serverstotalhash Request Total Hash APIdns Map DNS information for a domain or an IPhybrid Requests Hybrid Analysis platformmalshare Requests MalShare databaseYou can get information on each command with harpoon help COMMANDAccess KeysTelegram : Create an applicationVirus Total : for public, create an account and get the API key in the Settings pageTotal HashHybrid AnalysisMalShareDownload Harpoon

Link: http://feedproxy.google.com/~r/PentestTools/~3/dRAD4HXcJOE/harpoon-cli-tool-for-open-source-and.html

DoubleDoor, NSA, & Google – Paul’s Security Weekly #548

In the news, DoubleDoor IoT botnet abuses two vulnerabilities to circumvent firewalls, cyber-attackers continue to be financially motivated, Internet security threats at the 2018 Olympics, and more on this episode of Paul’s Security Weekly! Paul’s Stories Five Security Books You Should Read if You Havent From tomorrow, Google Chrome will block crud ads. Here’s how […]
The post DoubleDoor, NSA, & Google – Paul’s Security Weekly #548 appeared first on Security Weekly.

Link: http://feedproxy.google.com/~r/securityweekly/Lviv/~3/GUu-LPlUAUE/

Topic: Bug Bounties – Application Security Weekly #6

This week, Keith and Paul discuss Data Security and Bug Bounty programs! They mention the lessons learned from the Uber breach and why Google paid 2.9 million in Bug Bounties in 2017! Full Show Notes Subscribe to our YouTube channel: https://www.youtube.com/securityweekly Visit our website: http://securityweekly.com Follow us on Twitter: https://www.twitter.comsecurityweekly
The post Topic: Bug Bounties – Application Security Weekly #6 appeared first on Security Weekly.

Link: http://feedproxy.google.com/~r/securityweekly/Lviv/~3/9mCtZL9zvJw/