All posts by cK-bot

■■■■■ LTESniffer – An Open-source LTE Downlink/Uplink Eavesdropper. https://github.com/SysSec-KAIST/LTESniffer https://t.me/cKure/12374

■■■□□ CVE-2022-1040 Sophos XG Firewall Authentication bypass. https://blog.viettelcybersecurity.com/cve-2022-1040-sophos-xg-firewall-authentication-bypass/ https://t.me/cKure/12373

■■■■□ XSSI (Cross Site Script Inclusion) to Steal AccessToken and More. https://github.com/AnkitCuriosity/Write-Ups/blob/main/XSSI%20(Cross%20Site%20Script%20Inclusion)%20to%20Steal%20AccessToken%20and%20More.md https://t.me/cKure/12372

■■□□□ Finding XSS in a million websites (cPanel CVE-2023-29489). https://blog.assetnote.io/2023/04/26/xss-million-websites-cpanel/ https://t.me/cKure/12371

■■■□□ The Art of Clipboard Forensics Recovering Deleted Data | RET2Pwn. https://xret2pwn.github.io/The-Art-of-Clipboard-Forensics-Recovering-Deleted-Data/ https://t.me/cKure/12369

■■■■■ Major power failure in Israel after suspected cyber attack. Israel’s Electric Company says fault at a production unit is the most likely reason. https://www.thenationalnews.com/mena/2023/04/27/major-power-failure-in-israel-after-suspected-cyber-attack/ https://t.me/cKure/12368

■■■■□ Process Injection | Windows | Thick client testing. https://vanmieghem.io/process-injection-evading-edr-in-2023/ https://t.me/cKure/12367

■■□□□ High-severity vulnerability (CVE-2023-29552) discovered in the Service Location Protocol (SLP). https://www.bitsight.com/blog/new-high-severity-vulnerability-cve-2023-29552-discovered-service-location-protocol-slp https://t.me/cKure/12366

■■■■■ Tunnel via Cloudflare to any TCP Service. https://iq.thc.org/tunnel-via-cloudflare-to-any-tcp-service https://t.me/cKure/12365

■■■■□ Stealing GitHub staff’s access token via GitHub Actions. https://blog.ryotak.net/post/github-actions-staff-access-token-en/ https://t.me/cKure/12364