Programming & Scripting - Security Master

15Oct 2023 by webmaster No Comments

What is New in KB5030219- September Cumulative Update for Windows 11?

Microsoft recently rolled out the KB5030219 cumulative update for Windows 11 on September 12, 2023. This update is part of the monthly Patch Tuesday updates and includes security fixes as well as improvements and fixes for issues in Windows 11. Microsoft made this cumulative update- KB5030219 available for both Windows 11 versions 22H2 and 21H2. It can be installed on devices running Windows 11 Home, Pro, Pro for Workstations, Enterprise, and Education editions. Microsoft announced 24 months of support for Home, Pro, Pro for Workstations, and Pro Education editions and 36 months of support for its Enterprise and Education editions. This mandatory update contains security fixes for 24 vulnerabilities in Windows 11. Additionally, it also includes quality improvements for the servicing stack, the component responsible for installing Windows updates. In…

15Oct 2023 by webmaster No Comments

How to Fix CVE-2023-22515- A Critical Privilege Escalation Vulnerability in Confluence Data Center and Server?

Application Security, Futuristic Technologies, Programming & Scripting

Confluence is a popular wiki-based collaboration tool developed by Atlassian that helps teams to collaborate and share knowledge efficiently. Atlassian offers the Confluence Data Center and Server versions for large enterprises that need additional scalability, security, and customizability compared to the SaaS Confluence Cloud version. Recently, Atlassian disclosed an actively exploited critical severity authentication vulnerability in the Confluence Data Center and Server, tracked as CVE-2023-22515. This vulnerability could allow an unauthenticated, remote attacker to create an administrator account and gain full control of the vulnerable Confluence instance. In this blog, we will discuss a summary of the CVE-2023-22515 vulnerability, impacted versions, and step-by-step procedure to fix CVE-2023-22515, a critical severity Privilege Escalation Vulnerability in Confluence. A Short Note About Confluence Server and Data Center Confluence Server is an on-premises version of Confluence optimized for large enterprises.…

15Oct 2023 by webmaster No Comments

Raspberry Pi 4 8GB Starter Kit Review

Linux, Programming & Scripting

Imagine the heights you can reach with the Raspberry Pi 4 8GB Starter Kit – 128GB Edition! This incredible tech pack comes fully loaded with a Raspberry Pi 4 8GB Model B, featuring a 1.5GHz 64-bit quad-core CPU (8GB RAM). The kit also boasts a highly efficient Raspberry Pi 4B case that contains a supremely quiet 40mm PWM fan and four heat sinks, ensuring your device maintains excellent heat distribution. You also get a perfectly stable 5V 3.6A Type C Power Supply sporting an ON/OFF switch for your convenience, along with TUV and RoHS certifications guaranteeing professional standards. A huge bonus is the 128GB High Speed Class 10 Card that comes with a Card Reader, ensuring compatibility with all versions of Raspberry Pi. And on top of all that, your package…

23Aug 2023 by webmaster No Comments

How to Fix CVE-2023-26077(8)- Two Critical 0-Day Vulnerabilities in Atera Windows Installers?

Programming & Scripting, Threats & Vulnerabilities

Abusing Windows software is the most common thing. However, the sad news is letting attackers abuse is also very common. Most likely this happens due to several reasons, some of them are lack of knowledge, poor security practices, ignoring security standers, and anything that gives a way for attackers to compromise. We will talk about one such instance in this post. Mandiant discovered two critical 0-day vulnerabilities in Atera Windows installer applications. The vulnerabilities are given the identifiers CVE-2023-26077 and CVE-2023-26078, however their CVSS scores are not determined during the publish of this post. The first flaw could allow the attackers to execute arbitrary code execution as SYSTEM during the repair operation. The second flaw allows attackers to escalate privilege by spawning a command prompt window that further enables the attacker to perform tasks…

25Jun 2023 by Ernest Haberli Jr. No Comments

Trends in Programming Industry in 2023

Best Reads, Programming & Scripting

As the development of software becomes more complicated, developers need to understand the latest trends. Some tools tend to become obsolete while some legacy languages keep growing stronger. Amid the evolution, newer programming languages are gaining popularity. There are newer ways to test apps and write codes. For instance, C and C++ are a favorite for creating languages for many devices. The Java family is still a trending package for web pages and creating other programs. In 2023, there will be more adoption of AI, Web 3.0, and no-code development. There are a lot of trends to watch out for in the programming sector in 2023. Cloud-Native Technologies In 2023, cloud-native technologies are changing app development strategies. It has revolutionized the development, deployment, and scaling of applications. Developers are leaning…

25Jun 2023 by Ernest Haberli Jr. No Comments

How To Prevent Your Apple Device From DoorLock Vulnerability?

AI & Automation, Blockchain, Cloud & OS Platforms, Cyber Security, Futuristic Technologies, Mobile, Programming & Scripting

Researchers published a new vulnerability in Apple iOS devices that could let an attacker completely make the device unresponsive. The flaw is tracked by the name of ‘DoorLock’ was found in HomeKit of iOS, which allows an attacker to perform a denial of service attack on the vulnerable iOS device, which could make the device almost unresponsive. Since the bug is not fully fixed by Apple, it has become more important for all iOS users to be aware about the flaw and take the required steps to prevent their Apple devices from DoorLock vulnerability. We have published this post to educate you about the flaw and Let you know how to prevent your Apple device from DoorLock vulnerability. What Is Apple HomeKit? HomeKit is a central management system built by Apple to…

25Jun 2023 by Ernest Haberli Jr. No Comments

How To Fix CVE-2021-43304(5)- Heap Buffer Overflow Vulnerabilities In ClickHouse Database Management System

Application Security, Application/Appliance, Cloud & OS Platforms, Cyber Security, Linux, Programming & Scripting, Tutorials

Security researchers JFrog have disclosed total multiple new high severity vulnerabilities in ClickHouse, an open-source database management system (DBMS) dedicated to online analytical processing (OLAP). The list is made up of seven vulnerabilities, ranging CVSS score from 6.5 to 8.8. It’s been said that attackers could weaponize these vulnerabilities to leak memory contents, remote code execution, and even crash the servers. Users of the ClickHouse Database Management System should consider reading this post because a user with the lowest privileges can trigger all the vulnerabilities. It is must to learn How to Fix CVE-2021-43304(5)- Heap Buffer Overflow Vulnerabilities in ClickHouse Database Management System. What Is ClickHouse Database Management System? ClickHouse is an open-source, high-performance columnar OLAP database management system developed by Yandex. It enables DB admins to generate holistic analytical reports using SQL queries in…

23Jun 2023 by Ernest Haberli Jr. No Comments

Top 6 Scripting Languages for Hackers and Pentesters:

Best Reads, Cyber Security, INFOSEC, Pen Testing, Programming & Scripting

There is no single language developed for hackers and pentesters, and no buddy can develop in the feature too. There is a reason for that. Hackers and Pentesters can’t limit themselves to a particular technology; It is their job to work with pretty much anything people use. They need to understand and learn the database, operating systems, programming languages, applications, services, and tools. It is not practical to cover all the topics in a single article. As the title says, we will be covering only a few commonly used scripting languages for hackers and pentesters in the article. What Is a Scripting Language? How Does a Scripting Language Differ From a Programming Language? A scripting language is a variant type of programming language which doesn’t need compilers to execute. Those who are…

15Jun 2023 by Ernest Haberli Jr. No Comments

Understanding the Importance of ChatGPT In Cyber Security

AI & Automation, Application Security, Best Reads, Cryptography, Cyber Attacks, Cyber Security, Network Security, Pen Testing, Programming & Scripting, Tutorials

As technology continues to evolve, so do cyber threats. According to Cybercrime Magazine: In 2021 alone, cybercrime caused losses of around $1 trillion worldwide and is expected to grow to 10.5 trillion annually by 2025. To stay ahead of attackers and strengthen defenses against them, cybersecurity companies are seeking ways to enhance technology. One promising technology that’s becoming increasingly popular in this space is ChatGPT – an emerging standard that promises improved efficiency when handling sensitive data. ChatGPT has the potential to revolutionize cybersecurity by providing a faster and more efficient method for analyzing data, detecting threats, and responding to incidents. By employing machine learning algorithms, ChatGPT helps security teams identify and mitigate threats more efficiently – thus reducing both the impact and cost of cyber attacks. In this blog we will explore…