Cisco Patches Critical Vulnerabilities in SD-WAN, DNA Center, SSMS Products
Cisco this week released patches to address a significant number of vulnerabilities across its product portfolio, including several critical flaws in [...]

Amazon Awards $18,000 for Exploit Allowing Kindle E-Reader Takeover
Amazon has awarded an $18,000 bug bounty for an exploit chain that could have allowed an attacker to take complete control of a Kindle e-reader simply [...]
![S3 Ep16: Darkweb bust, security at home, and browser snoopage [Podcast] S3 Ep16: Darkweb bust, security at home, and browser snoopage [Podcast]](https://modernnetsec.io/wp-content/uploads/2021/01/s3-ep16-darkweb-bust-security-at-home-and-browser-snoopage-podcast.png)
S3 Ep16: Darkweb bust, security at home, and browser snoopage [Podcast]
by Paul Ducklin Anonymous and private, yet busted – we explain how darkweb sites sometimes keep your secrets… and sometimes don’t. We help you imp [...]

SolarWinds Attack: Microsoft sheds lights into Solorigate second-stage activation
Microsoft’s report provides details of the entire SolarWinds attack chain with a deep dive in the second-stage activation of malware and tools. Micros [...]

CDK – Zero Dependency Container Penetration Toolkit
CDK is an open-sourced container penetration toolkit, designed for offering stable exploitation in different slimmed containers without any OS [...]

Cisco fixed multiple flaws in Cisco SD-WAN products and Smart Software Manager Satellite Web UI
Cisco fixed multiple flaws in Cisco SD-WAN products that could allow an unauthenticated, remote attacker to execute attacks against its devices. [...]
Scanning Activity Detected After Release of Exploit for Critical SAP SolMan Flaw
A Russian researcher has made public on GitHub a functional exploit targeting a critical vulnerability that SAP patched in its Solution Manager produc [...]

Logic bugs found in popular apps, including Signal and FB Messenger
Flaws in popular messaging apps, such as Signal and FB Messenger allowed to force a target device to transmit audio to an attacker device. Google Proj [...]

DNSpooq bugs expose millions of devices to DNS cache poisoning
Security flaws in a widely used DNS software package could allow attackers to send users to malicious websites or to remotely hijack their devices M [...]

Reconftw – Simple Script For Full Recon
This is a simple script intended to perform a full recon on an objective with multiple subdomains tl;dr Requires Go Run ./install.sh before firs [...]