Welcome to the #IWWeekly78 - the Monday newsletter that brings the best in Infosec straight to your inbox.
To help you out, we have 5 Articles, 4 Threads, 3 Videos, 2 Job Alerts and a Special Item
Read, upskill yourself and spread love to the community 💝
Excited? Let’s jump in 👇
📝 5 Infosec Articles
- Discover how OAuth misconfigurations can inadvertently grant unauthorized admin access across an organization's products in this eye-opening article by @H4cktus.
- Learn the art of manual SQL Injection with @bug4you as he reveals his journey of finding four of them in a single target by leveraging Repeater Tab.
- Exploring Cutting-Edge Root Detection and Bypass Methods in Mobile Security by @8kSec.
- Check how misconfigured SSO [OIDC] implementations can lead to account takeovers in this eye-opening article by @Crypt0g30rgy.
- Presidential hopeful Ahmed Eltantawy falls prey to digital espionage in 'Predator in the Wires,' a chilling expose by @jsrailton, @RonDeibert, @billmarczak, and their dedicated team.
🧵4 Trending Tweets
- Learn tmux to avoid juggling between multiple terminals via this informative thread by @marcolivermunz
- @vidocsecurity shows us how Unicodes can be used to takeover accounts and bypass block lists
- Find out how @dothash_ found was able to perform account takeover by exploiting reset password functionality
- @iustinBB shows us how to find domains associated to an organization using duckduckgo-radar.
📽️ 3 Insightful Videos
- Watch this super informative video on virtual hosts by @nahamsec
- @LiveOverflow explains various hacker tweets in much more detail.
- Another interesting @ctbbpodcast podcast episode with Lupin where interesting topics such as pair hacking, joining a team, and starting a business together are discussed.
💼 2 Job Alerts
- Join LTI Mindtree as an OT Security Professional in Hyderabad with 5-10 years of experience required.
- Join Meta team as a Product Security Engineer for Web, with opportunities in multiple locations and remote work options.
🎁 1 Special Item
- Join @gregxsunday as he delves into the world of Bug Bounty with a case study on predicting identifiers in IDOR vulnerabilities.
Caido is a lightweight web security auditing toolkit that aims to help security professionals and enthusiasts audit web applications with efficiency and ease.
Get 10$ off on the annual plans for https://caido.io/ using our code: infosecwriteups
That’s all for this week. Hope you enjoyed these incredible finds and learned something new from today’s newsletter. Meet you again next week hacker, until then keep pushing 💪
This newsletter would not have been made possible without our amazing ambassadors.
Resource contribution by: Nikhil A Memane, Hardik Singh, Ayush Singh, Nithin R, Vinay Kumar, Tuhin Bose
Newsletter formatting by: Manan, Ayush Singh, Hardik Singh, Rushi Padhiyar, Nithin R
Lots of love