realansgar

@[email protected]
25 Followers
63 Following
71 Posts
đŸ§‘â€đŸ’» finding flags at @ FluxFingers
🔏 finding bugs @cure53
he/him
Websitehttps://realansgar.dev
GitHubhttps://github.com/realansgar
realansgarMay 24, 2024
~swapgsMay 24, 2024

I started playing with @AsahiLinux on my laptop a few weeks ago and ended up finding a bunch of RCE's on the software forge where all @fedora packages and remixes are developed!

Huge kudos to the maintainers for this new release (https://pagure.io/pagure/blob/6b06ac585529c3087364a5ebe4fb9d7c20e3c872/f/doc/changelog.rst)—can't wait to share the details in a blog post one of these days.

Next stop, the kernel.org infrastructure? 

Tree - pagure - Pagure.io

realansgarDec 21, 2023
Sonar ResearchDec 12, 2023
Critical vulnerabilities in pfSense firewall: RCE via XSS and Command Injection!
Find out how SonarCloud discovered these vulnerabilities in our newest blog post:
https://www.sonarsource.com/blog/pfsense-vulnerabilities-sonarcloud?utm_medium=social&utm_source=mastodon&utm_campaign=&utm_content=blog-pfsense-vulnerabilities-sonarcloud-231212-p1&utm_term=ww_en_all_x
(CVE-2023-42325, CVE-2023-42326, CVE-2023-42327)
#vulnerability #pfSense #cleancode
pfSense Security: Sensing Code Vulnerabilities with SonarCloud

Our Clean Code solution SonarCloud discovered multiple vulnerabilities leading to remote code execution on pfSense CE 2.7.0. Let's see how SonarCloud found them and how it can keep your code clean.

realansgarSep 5, 2023
Sonar ResearchSep 5, 2023

Stolen with Style: Dive into our technical writeup of a complex Cross-Site Scripting vulnerability we discovered in Proton Mail!

Be ready for a story about parser differentials, sandbox bypasses, and CSS data exfiltration:

https://www.sonarsource.com/blog/code-vulnerabilities-leak-emails-in-proton-mail/?utm_source=mastodon&utm_medium=social&utm_campaign=protonmail&utm_content=security&utm_term=mofu

#security #appsec #cleancode

Code Vulnerabilities Put Proton Mails at Risk

The Sonar Research team discovered critical code vulnerabilities in Proton Mail, Skiff and Tutanota. This post covers the technical details of the XSS vulnerability in Proton Mail.

realansgarJun 29, 2023
James KettleJun 29, 2023
We've just published a new Web Security Academy topic on GraphQL! Learn how to abuse introspection, discover hidden data, bypass rate-limits, and trigger CSRF with this popular API technology.
https://portswigger.net/web-security/graphql
Testing GraphQL APIs | Web Security Academy

In this section we'll look at how to test GraphQL APIs. GraphQL vulnerabilities generally arise due to implementation and design flaws. For example, the ...

realansgarJun 19, 2023
comexJun 19, 2023

“[T]he app starts to figure out ‘real IP address’ by doing a request to both google and bing with query ‘what+is+my+ip’.”

Afterwards, the app “does a couple of requests to 2 different config files stored in personal google drive account of the app creator.”

Whoever wrote this takes a very
 straightforward approach to programming!

https://lecromee.github.io/posts/swing_vpn_ddosing_sites/

Swing VPN app is a DDOS botnet

tldr: Swing VPN is using its user base to DDOS sites using its users as a an attack botnet. Introduction It all started with a friend of mine complaining that his phone was doing a request to a specific app every few seconds. Initial assumption was that the phone was infected with a virus but a 2 minute investigation showed that all requests went from ‘Swing VPN’ app which were legitimately installed on the phone as VPN service.

realansgarMay 12, 2023
We know it's hard to get a secure messaging app right. But this just keeps getting worse. Somehow they check all the "what's wrong with modern app dev" boxes, including confidently overselling (lying about) what the app actually does
https://crnkovic.dev/testing-converso/
Testing a new encrypted messaging app's extraordinary claims

How I accidentally breached a nonexistent database and found every private key in a 'state-of-the-art' encrypted messenger called Converso.

crnkovic.dev
realansgarMay 11, 2023
Dan GillmorMay 10, 2023

"(W)hat we are witnessing is the wealthiest companies in history (Microsoft, Apple, Google, Meta, Amazon 
) unilaterally seizing the sum total of human knowledge that exists in digital, scrapable form and walling it off inside proprietary products, many of which will take direct aim at the humans whose lifetime of labor trained the machines without giving permission or consent."

https://www.theguardian.com/commentisfree/2023/may/08/ai-machines-hallucinating-naomi-klein

AI machines aren’t ‘hallucinating’. But their makers are

Tech CEOs want us to believe that generative AI will benefit humanity. They are kidding themselves

The Guardian
realansgarMay 10, 2023
tagesschauMay 10, 2023
Cyberangriffe - IT-Dienstleister des Bundes im Visier https://www.tagesschau.de/investigativ/br-recherche/it-dienstleister-bundesbehoerden-hacker-100.html?at_medium=mastodon&at_campaign=tagesschau.de
Cyberangriffe - IT-Dienstleister des Bundes im Visier

Hacker haben IT-Unternehmen angegriffen, die fĂŒr Bundesbehörden arbeiten. Nach BR-Informationen war es möglich, große Mengen E-Mail-Kommunikation mit personenbezogenen Daten abzugreifen.

tagesschau.de
realansgarMay 9, 2023
Eva WolfangelMay 9, 2023

Edupression ist die dritte „App auf Rezept“, in der @zerforschung eine massive SicherheitslĂŒcke gefunden hat. In diesem Fall waren TagebucheintrĂ€ge von Menschen mit Depressionen einsehbar, Diagnosen, deren Aussagen zu Selbstmordgedanken und vieles mehr. Hoch private, sensible Daten miserabel geschĂŒtzt.

Ich habe recherchiert, was das systematische Problem hinter der Sicherheit von digitalen Gesundheitsanwendungen ist. (€ Thread gibts morgen)
#datenschutz #gesundheit
https://www.zeit.de/digital/datenschutz/2023-05/gesundheitsapp-datenschutz-depression-edupression-sicherheitsluecke

Datenschutz: Wenn Hacker mit Gesundheits-Apps besonders leichtes Spiel haben

Eine Gesundheits-App verliert Daten psychisch kranker Menschen. Sie ist nicht die erste "App auf Rezept", bei der das passiert. Das liegt auch am System dahinter.

ZEIT ONLINE
realansgarMay 6, 2023
Swissky May 3, 2023
So you think you can block Macros? - Pieter Ceelen
https://outflank.nl/blog/2023/04/25/so-you-think-you-can-block-macros/
So you think you can block Macros? | Outflank

blog about macro blocking/signing, attacker/red team work arounds and further mitigations. Macro signing, message bar & Excel add-ins

Outflank