Infosec Weekly #2 - Docker, Google Dorks, Bug Bounty and other interesting Infosec stuff.

Hey 👋

Welcome to the second edition of the Infosec Weekly - a brand new newsletter bringing to you the best and latest in Infosec straight to your inbox every Monday.

Hope you had a great weekend. We had a super fun time curating the most interesting Infosec-related content to help you learn something new and think out of the box.

Excited? Let’s dive in 👇

Here are some interesting articles and lessons for you hand-picked by our team:

#1 -  Read about docker via Disabling privileged accounts, Creating Read-Only file system and Preventing Inter Container Communication.

#2 - Learn how to find sensitive information like credentials and webcams using google dorks.

#3 - Find out how to intercept Emulator Traffic using magisk.

#4 - Did you know there was a way to bypass the 2FA of Instagram using the reset password feature? This bounty hunter was awarded 3150$ for it! Read this to know the details.

#5 - Learn about how misconfiguration in AWS cognito has led to updating the email of the victim account with the attacker password leading to account takeover.

#6 - Here’s an interesting vulnerability a security researcher found in an application where he was able to bypass bank verification using parameter tampering.

That’s all for this week. Hope you enjoyed these incredible new finds and learned something new from today’s newsletter.

IWCON Videos Of The Week

As per your request, here are the two IWCON recordings for this week (we'll publish two new recordings every Monday):

1. Louis Nyffenegger talked about How to Get Better at Hacking. Watch it here.
   
   
2. Emile Fugulin shared about Building Hacker Tooling, an insight into the first year of Caido. Watch it here.
   
   

Thank you for being a member of our awesome community. Feel free to share it with your Infosec buddies.

See you again next week.

Lots of love

Editorial team,

Infosec Writeups