Security Links
A vulnerability was found in Quarkus in the quarkus-security-webauthn module. The Quarkus WebAuthn module publishes default REST endpoints for registering and logging users in while allowing developers to provide custom REST endpoints. When developers provide custom REST endpoints, the default endpoints remain accessible, potentially allowing attackers to obtain a login cookie that has no corresponding user in the Quarkus application or, depending on how the application is written, could correspond to an existing user that has no relation with the current attacker, allowing anyone to log in as an existing user by just knowing that user's user name.

Red Team Notes 2.0

Well in this new book I will start to learn some Red Team Topics, and I will work on learning as much as possible, I will try to keep this updated, to newer things that I may find, I think this will help around in my future projects. I am following the MITRE ATTACK Framework and just adapting it to something for me to understand, I will make this public for anyone that want's to learn in this awesome field. If anything is wrong I will try my best to fix it.

Visit Website
Bitdefender

Smart Cybersecurity for a Smarter World. AI-Powered Protection for Your Small Business.

Buy Now Promote Certo

Detect spyware with Certo AntiSpy

Promote