#amazon

The FV Flowplayer Video Player plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘_fv_player_user_video’ parameter saved via the 'save' function hooked via init, and the plugin is also vulnerable to Arbitrary Usermeta Update via the 'save' function in versions up to, and including, 7.5.37.7212 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page, and makes it possible to update the user metas arbitrarily, but the meta value can only be a string.

### Summary The provided Minimal IAM Policy for `bastic connect` does not include `ssm:SessionDocumentAccessCheck`. This results in the ability to get a shell session on the bastion, not just the intended access for Port Forwarding. ### Details `basti connect` is designed to "securely connect to your RDS/Aurora/Elasticache/EC2 instances", using a bastion instance "with [AWS Session Manager](https://docs.aws.amazon.com/systems-manager/latest/userguide/session-manager.html) port forwarding capability to make the target available on your localhost." The [Minimal IAM Policy](https://github.com/BohdanPetryshyn/basti#minimal-iam-permissions) allows port forwarding via the following statement: ``` { "Effect": "Allow", "Action": "ssm:StartSession", "Resource": [ "arn:aws:ssm:*:*:document/AWS-StartPortForwardingSessionToRemoteHost", "arn:aws:ec2:<your-region>:<your-account-id>:instance/<your-basti-instance-id>" ] } ``` This statement does no...

Lazarus Group appears to be changing its tactics, increasingly relying on open-source tools and frameworks in the initial access phase of their attacks, as opposed to strictly employing them in the post-compromise phase.

This is the third documented campaign attributed to this actor in less than a year, with the actor reusing the same infrastructure throughout these operations.

By Habiba Rashid The escort service under discussion is Fatal Model, Brazil's largest escort site. This is a post from HackRead.com Read the original post: Brazil’s Top Escort Service Exposes Millions of Escort and Client Data

In large metropolitan areas, tourists are often easy to spot because they're far more inclined than locals to gaze upward at the surrounding skyscrapers. Security experts say this same tourist dynamic is a dead giveaway in virtually all computer intrusions that lead to devastating attacks like ransomware, and that more organizations should set simple virtual tripwires that sound the alarm when authorized users and devices are spotted exhibiting this behavior.

By Habiba Rashid TP-Link Tapo L530E Smart Bulb found vulnerable, putting user WiFi credentials at risk. This is a post from HackRead.com Read the original post: TP-Link Smart Bulb Users at Risk of WiFi Password Theft

An issue in TPLink Smart bulb Tapo series L530 v.1.0.0 and Tapo Application v.2.8.14 allows a remote attacker to obtain sensitive information via the authentication code for the UDP message.

From a user’s perspective, OAuth works like magic. In just a few keystrokes, you can whisk through the account creation process and gain immediate access to whatever new app or integration you’re seeking. Unfortunately, few users understand the implications of the permissions they allow when they create a new OAuth grant, making it easy for malicious actors to manipulate employees into giving

New research reveals the strategies hackers use to hide their malware distribution system, and companies are rushing to release mitigations for the “Downfall” processor vulnerability on Intel chips.