Hak5 | Hax 4 BIOS, WordPress & Counter-Strike, oh my! - ThreatWire @hak5 | Uploaded 9 months ago | Updated 3 hours ago
Support ThreatWire → https://www.patreon.com/threatwire
@endingwithali Twitch → https://twitch.tv/endingwithali
[!!] ThreatWire Patreon has moved to https://www.patreon.com/threatwire
0:00 - Intro
0:27 - All your logos are belong to us
2:08 - Just another Wordpress vulnerability
2:55 - Counter-Strike 2 HTML Injection DOS attack?
LINKS
Story 1
https://binarly.io/posts/finding_logofail_the_dangers_of_image_parsing_during_system_boot/index.html
https://binarly.io/posts/The_Far_Reaching_Consequences_of_LogoFAIL/index.html
https://arstechnica.com/security/2023/12/just-about-every-windows-and-linux-device-vulnerable-to-new-logofail-firmware-attack/
https://cyberscoop.com/logofail-vulnerability-boot-process/
https://www.scmagazine.com/news/logofail-vulnerabilities-may-affect-95-of-computers-researchers-say
Story 2
https://www.bleepingcomputer.com/news/security/50k-wordpress-sites-exposed-to-rce-attacks-by-critical-bug-in-backup-plugin/
https://www.wordfence.com/blog/2023/12/critical-unauthenticated-remote-code-execution-found-in-backup-migration-plugin/
https://www.cve.org/CVERecord?id=CVE-2023-6553
Story 3
https://www.bleepingcomputer.com/news/security/counter-strike-2-html-injection-bug-exposes-players-ip-addresses/
https://www.hackread.com/gamers-warned-of-cs2-exploit-reveal-ip-address/
____________________________________________
Founded in 2005, Hak5's mission is to advance the InfoSec industry. We do this through our award winning educational podcasts, leading pentest gear, and inclusive community – where all hackers belong.
Support ThreatWire → https://www.patreon.com/threatwire
@endingwithali Twitch → https://twitch.tv/endingwithali
[!!] ThreatWire Patreon has moved to https://www.patreon.com/threatwire
0:00 - Intro
0:27 - All your logos are belong to us
2:08 - Just another Wordpress vulnerability
2:55 - Counter-Strike 2 HTML Injection DOS attack?
LINKS
Story 1
https://binarly.io/posts/finding_logofail_the_dangers_of_image_parsing_during_system_boot/index.html
https://binarly.io/posts/The_Far_Reaching_Consequences_of_LogoFAIL/index.html
https://arstechnica.com/security/2023/12/just-about-every-windows-and-linux-device-vulnerable-to-new-logofail-firmware-attack/
https://cyberscoop.com/logofail-vulnerability-boot-process/
https://www.scmagazine.com/news/logofail-vulnerabilities-may-affect-95-of-computers-researchers-say
Story 2
https://www.bleepingcomputer.com/news/security/50k-wordpress-sites-exposed-to-rce-attacks-by-critical-bug-in-backup-plugin/
https://www.wordfence.com/blog/2023/12/critical-unauthenticated-remote-code-execution-found-in-backup-migration-plugin/
https://www.cve.org/CVERecord?id=CVE-2023-6553
Story 3
https://www.bleepingcomputer.com/news/security/counter-strike-2-html-injection-bug-exposes-players-ip-addresses/
https://www.hackread.com/gamers-warned-of-cs2-exploit-reveal-ip-address/
____________________________________________
Founded in 2005, Hak5's mission is to advance the InfoSec industry. We do this through our award winning educational podcasts, leading pentest gear, and inclusive community – where all hackers belong.
