Cisco Releases Security Updates for IOS XE SD-WAN Solution Software

Original release date: April 30, 2020

Cisco has released security updates to address a vulnerability in IOS XE SD-WAN Solution software. An attacker could exploit this vulnerability to take control of an affected system.

The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the Cisco Security Advisory and apply the necessary updates.

This product is provided subject to this Notification and this Privacy & Use policy.

WordPress Releases Security Update

Original release date: April 30, 2020

WordPress 5.4 and prior versions are affected by multiple vulnerabilities. An attacker could exploit some of these vulnerabilities to take control of an affected website.

The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the WordPress Security Release and upgrade to WordPress 5.4.1.

This product is provided subject to this Notification and this Privacy & Use policy.

Second Order – Subdomain Takeover Scanner Tool

Second Order – Subdomain Takeover Scanner Tool

Second Order Subdomain Takeover Scanner Tool scans web applications for second-order subdomain takeover by crawling the application and collecting URLs (and other data) that match specific rules or respond in a specific way.

Using Second Order Subdomain Takeover Scanner Tool

Command line options:

-base string
Base link to start scraping from (default "http://127.0.0.1")
-config string
Configuration file (default "config.json")
-debug
Print visited links in real-time to stdout
-output string
Directory to save results in (default "output")

Example:

go run second-order.go -base https://example.com -config config.json -output example.com -concurrency 10

Config File for Second Order Subdomain Takeover Scanner Tool

Example configuration file included (config.json)

  • Headers: A map of headers that will be sent with every request.

Read the rest of Second Order – Subdomain Takeover Scanner Tool now! Only available at Darknet.

Adobe Releases Security Updates for Multiple Products

Original release date: April 29, 2020

Adobe has released security updates to address vulnerabilities in multiple products. An attacker could exploit some of these vulnerabilities to take control of an affected system.

The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the following Adobe Security Bulletins and apply the necessary updates.

This product is provided subject to this Notification and this Privacy & Use policy.