Welcome to the tenth edition of Infosec Weekly - the Monday newsletter that brings the best trends in Infosec straight to your inbox.
Today’s edition is exciting 😁
We’ve included freshly brewed Infosec content in a format of 5 articles, 4 Threads, 3 videos, 2 Github repos and tools, and 1 job alert, to help you maximize the benefit from this newsletter and take a massive jump ahead in your career.
Sounds interesting? Let’s dive in👇
📝 5 Infosec Articles
#1 A wonderful article by Palo Alto Networks on how global analytics was used to discover a sophisticated threat actor.
#2 Checkout Secjuice’s interesting article on breaking reverse proxy parser logic.
#3 Well curated article by Asem Eleraky on how analyzing JS files can lead to RCE.
#4 From open redirect to RCE in one week by @ByQwert. Arguably one of the finest write-ups we’ve read this week.
#5 Arbitrary file upload tricks in Java by @pyn3rd.
🧵4 Trending Threads
#1 Broken access control pro tips by @_zwink
#2 7 Methods you can try to bypass CSRF Protection by @harshbothra_
#3 Top 10 pentesting tips by @hackthebox_eu
#4 @LiveOverflow shows us the behind the scenes of making LiveOverflow videos
📽️ 3 Insightful Videos
#1 @samwcyo shows how to break into cloud wallets.
#2 Could you hack into google cloud? Watch this amazing video by LiveOverflow to find out.
#3 Exploiting MSDT 0-Day CVE-2022-30190 by John Hammond
#1 Python wrapper around the amazing KNOXSS API by Brute Logic by @xnl_h4ck3r.
#2 Burp Suite extension for testing SAML infrastructures by Roland Bischofberger and @emanuelduss.
💰1 Job Alert ⚠️
#1 Opening for a Security Analyst Intern. Apply here.
That’s all for this week. Hope you enjoyed these incredible finds and learned something new from today’s newsletter.
Before we say bye…
If you found this newsletter interesting, and know other people who would too, we'd really appreciate if you could forward it to them 📨
If you have questions, comments, or feedback, just reply to this email or let us know on Twitter @InfoSecComm.
See you again next week.
Lots of love
This newsletter has been created in collaboration with our amazing ambassadors including Mohit Khemchandani, Manikesh Singh, Vinay Kumar, Pramod Kumar Pradhan and many others.
Special mention: Nithin R (thebotsite.me), a world-class cybersecurity researcher and our past IWCON speaker, has helped us to curate the newsletter.
P.S. If you wish to join our Ambassadors channel and contribute to the newsletter, reply to this email with your discord username.