🐝 Hive Five 143 - The hacker’s guide to securing your organization

Hi friends,

Greetings from the hive!

28 years ago, on Oct 14th 1995, hackers of the world united to overload the Gibson, and prevent the Da Vinci virus from capsizing an oil fleet, designed to distract from “The Plague’s” worm stealing $25m.

Let’s take this week by swarm!

🐝 The Bee’s Knees

1. Data Exposure and ServiceNow: The Elephant in the ITSM Room. The purpose of this tutorial is to share their knowledge of how a built-in capability within ServiceNow could potentially be leveraged to extract data from records as an unauthenticated user. ENUMERATED

2. CVE-2022-4908: SOP bypass in Chrome using Navigation API. Last year, Johan discovered a Same-Origin Policy (SOP) bypass in Chrome that allowed an attacker to leak the full URLs of another window’s navigation history. JOAXCAR

3. Rails World 2023 Opening Keynote by David Heinemeier Hansson. Ruby on Rails creator and 37signals CTO David Heinemeier Hansson covered a lot of ground, including introducing 7 major tools: Propshaft, Turbo 8, Strada, Solid Cache, Solid Queue, Mission Control, and Kamal. YOUTUBE | HEY

4. Attacking Secondary Contexts in Web Applications by Sam Curry. This talk from 2020 explores attacking various ‘secondary contexts’ in web applications where data is being passed to an underlying internal HTTP server. YOUTUBE

5. RCE of Burp Scanner / Crawler via Clickjacking. Burp Suite utilizes an embedded Chrome browser for crawling and scanning web applications. The Chrome instance is launched in headless mode, with remote debugging enabled via the remote-debugging websocket port instead of remote-debugging-pipe. HACKERONE

Which Bee’s Knees was your favorite? Reply with the number (#1, #2, #3, #4, or #5)! 👉 Share on X

️💪 Sponsor

Sponsor the Hive Five and reach a highly engaged community of engineers, security researchers, and ethical hackers who are at the forefront of the industry.

🔥 Buzzworthy

✅ Changelog

1. Patrik pushed a couple of features to Practical Bug Bounty which now has ~300 tools + 170 articles. TWITTER

2. HackerOne changed the expiration time on private invites from 7 to 14 days. TWITTER

3. RetireJS/retire.js 4.3.4 is a scanner detecting the use of JavaScript libraries with known vulnerabilities. GITHUB

4. jesseduffield/lazydocker v0.23.1 now honors the host specified in the current docker context (courtesy of @rajiv-k). GITHUB

5. ZAP 2.14.0 adds support for Host Header Manipulation, ZAPit, API File Transfers, Graal JS Add-on Access, Postman collections, SBOMs, and more. ZAPROXY

📅 News

1. Halloween Sale—Save 40% with our Halloween Sale discount on books & eBooks in Springer, Apress & Palgrave titles. SPRINGER

2. Microsoft launched an AI Bug Bounty Program featuring the AI-powered Bing experience with awards up to $15,000. MICROSOFT

🎉 Celebrate

1. Maciej was awarded a $200k bounty on HackerOne. Wow! TWITTER

2. The Critical Thinking podcast blew past 100k all-time listens. Amazing! TWITTER

3. d0nut took a long hiatus from hacking. Welcome back! TWITTER

4. After an incredible journey of 4 years, umr4no, is moving on from HackerOne. Good luck! TWITTER

💰 Career

1. Alex on what to persue: “Figure out what you want to DO. Then within that context, which version makes you money.” TWITTER

2. Stu is building a Red Team in Australia, specifically Sydney, to emulate adversaries that target Telco’s. DM him if interested. TWITTER

3. A Day in My Tech Life: Kayla B. 300k+ Enterprise Tech Sales at Microsoft. Step into the world of enterprise tech sales with Kayla B., an Enterprise Tech Sales Professional at Microsoft, host of Big Boss Energy Podcast, and content creator in this “Day in the Life” tech video. YOUTUBE

4. Chris was laid off…again. He shares his tech journey, useful tips, and what’s next. YOUTUBE

5. The Calm Business Encyclopedia—An A to Z guide on running a business that’s predictable, profitable, and peaceful. WANDERINGAIMFULLY

⚡️ Community

1. Bug bounty survey data with 664 votes ran by rez0. HackerOne is the overall winner. TWITTER

2. Rachel Tobac wrote an eBook in partnership with Bitwarden: The hacker’s guide to securing your organization. TWITTER

3. g0lden unveils his plan for future content. After DEFCON, he really wanted to continue to build, but he also wanted to change his content to better reflect that, as well as include more of his life. YOUTUBE

📰 Read

1. Finding a POP chain on a common Symfony bundle. The Symfony doctrine/doctrine-bundle package is one of the most common bundles installed along Symfony applications. At the time of this blogpost release, it has been downloaded 144 million times, making it an interesting target for unserialize exploitation. SYNACKTIV

2. 2023 Microsoft Office XSS. In the server, when parsing a video from a link designated by an attacker, a malicious payload included in the video title can trigger an XSS (Cross-site Scripting) attack, allowing the execution of arbitrary Javascript code. PKSECURITY

3. On September 21, 2023, JetBrains publicly disclosed a critical security vulnerability with their CI/CD platform TeamCity. It was given a CVSS of 9.8 for the potential of bypassing authentication leading to a Remote Code Execution (RCE) attack. PROJECTDISCOVERY

4. Teaching iteration. That’s Jason’s initial idea to improve the educational system. Teach problem solving through iteration — I agree that it’s highly underrated. HEY

5. Multi-modal prompt injection image attacks against GPT-4V. GPT4-V is the new mode of GPT-4 that allows you to upload images as part of your conversations. SIMONWILLISON

💡 Tips

1. Another reminder to make sure people can DM you (if you want them to). TWITTER

2. A chrome flag to force dark mode: “chrome://flags/#enable-force-dark” TWITTER

🍯 Follow

Awesome accounts to follow. Randomly selected from my curated Twitter lists.

1. @j0v0x0 | j0v | Software developer, ethical hacker and security researcher.

2. @act1vand0 | Walter Martín Villalba | Founder and ProdSec Consultant at @C13Security. Founder and Director at @InfoSecMap. SB Leader & @AppSecCali organizer at @OWASP. Leader at @AppSecBA.

3. @AletheDenis | ᗩᒪETᕼE | ‘Uh-Lee-th’ | Senior Security Consultant @bishopfox | BlackBadge @DefCon @tracelabs | Future Cat Lady | Followed by @ladygaga & @forbes - Yes, Really.

4. @Michael1026H1 | Michael Blake | H1: michael1026. Application Security Engineer Oregon.

5. @monicalent | Monica Lent | Dev founder of affilimate (Analytics SaaS for affiliate publishers). Courses & Community. Sharing as she goes.

🚀 Productivity

1. An acronym to help you keep on track. TWITTER

2. An interesting approach to energy levels and brain-intensive work. At the start of the day, James plans out his tasks in pseudocode. TWITTER

3. marcusolsson/obsidian-projects is a plugin for Obsidian that lets you manage and visualize notes for project management. GITHUB

4. The workspace of Channing Allen, co-founder of Indie Hackers. They helps share the stories, business ideas, strategies, and revenue numbers from the founders of profitable online businesses. WORKSPACES

5. One Task is an app that shows a single task on your Home Screen or Lock Screen. SINDRESORHUS

Get $200 to try DigitalOcean. Level up your bug bounty game with the ultimate VPS solution. It’s my go-to for all recon, automation, and even VPN needs. Get access to a comprehensive range of cloud resources, all at an affordable price.

🌐 Technology

1. TIL The founder of Sony hired an outspoken critic of their products so they could make better products. 20 years later, he became the president of Sony. TWITTER

2. Daniel’s latest ExtWis extraction of a brilliant piece of content featuring Neri Oxman discussing her work at the intersection of computational design, digital fabrication, material science, and synthetic biology. TWITTER

3. 10 key traits to be an effective software engineer. Ranging from caring about users and their need to being comfortable taking on new challenges. TWITTER

4. HEY is running No Build JavaScript for the main app. I’d never heard of this approach before but it looks interesting. 500kb of JS uncompressed. TWITTER

5. How to set your default speaker/audio/sound output on Windows, including power tools and tips for pros. YOUTUBE

🧠 Wisdom

1. A reminder from IppSec: “be more open to things you don’t think are valuable, experiment with life, and try things you think you’d dislike out.” TWITTER

2. What stops us from getting better. There’s no replacement for just doing the work. JFDI is Alex Hillman’s mantra and all credit for the concept goes to him. YOUTUBE

3. Something I’ve learned and try to get better at every day is to walk into every single interaction with the goal of adding as much value as possible. TWITTER

4. rez0 on that we’re living in the most comfortable, healthy, abundant time in the history of the universe: “There are near infinite interesting things to work on.” TWITTER

5. Daniel on the importance of the balance between creation and consumption. TWITTER

💛 Cross-pollination

1. Topics, insights, and quotes from the Neri Oxman and Lex Fridman Conversation. The importance of novelty in multiple disciplines to create something truly innovative. DANIELMIESSLER

2. There was a major breakthrough in the Vesuvius Challenge: they have read the first word from a unopened Herculaneum scroll. TWITTER

3. Elon Musk’s Twitter Takeover (full documentary). FRONTLINE traces Elon Musk’s long and often troubled relationship with Twitter, following his journey from being one of the platform’s most provocative users to becoming its owner. YOUTUBE

4. Breaking the Rules: The Young Entrepreneur Who Squatted at AOL. The saying “he lives at his office” has rarely been taken so seriously. For two months, 20-year-old Eric Simons worked on his start-up out of the AOL headquarters in Palo Alto, California. He also slept, ate, worked out, and bathed at AOL. INC

5. OpenStax offers free college textbooks for all types of students, making education accessible & affordable for everyone. OPENSTAX

🐝 Fact

The western honeybee (Apis mellifera) is the most geographically widespread bee on Earth . It has been domesticated, or at least exploited, by humans for so long that its origins are now unclear. Probably arose in Africa and then spread into Europe (recent studies of honeybee DNA have suggested that there may even have been three different prehistoric invasions of Europe, from Africa), and later, with colonial expansion, to North America (1620s) and Australia (1820s).

This bee fact is brought to you by The Beekeeper’s Bible: Bees, Honey, Recipes & Other Home Uses.

Subscribe to the Hive Five to read the rest.