All posts by cK-bot

■■■■□ HTML Smuggling: Recent observations of threat actor techniques. https://blog.delivr.to/html-smuggling-recent-observations-of-threat-actor-techniques-74501d5c8a06?gi=bb7ac222e3e7 https://t.me/cKure/12117

■■■■□ Fortinet plugs critical security hole in FortiNAC, with a PoC incoming (CVE-2022-39952). https://www.helpnetsecurity.com/2023/02/20/cve-2022-39952/ https://t.me/cKure/12116

■■■□□ NimPlant – A light first-stage C2 implant written in Nim and Python. https://github.com/chvancooten/NimPlant https://t.me/cKure/12115

■■■■□ CVE-2023-25194: Remote code execution flaw patched in Apache Kafka. https://portswigger.net/daily-swig/remote-code-execution-flaw-patched-in-apache-kafka https://t.me/cKure/12114

■■□□□ PyRDP is a Python Remote Desktop Protocol (RDP) Monster-in-the-Middle (MITM) tool and library. https://github.com/GoSecure/pyrdp/ https://t.me/cKure/12113

■■■□□ Top 10 Most Prevalent MITRE ATT&CK Techniques Used by Adversaries. https://zero.bs/smashing-the-stack-for-fun-and-profit-2023-edition.html https://t.me/cKure/12112

■□□□□ Smashing The Stack. https://zero.bs/smashing-the-stack-for-fun-and-profit-2023-edition.html https://t.me/cKure/12111

■■■■□ REUnziP: Re-Exploiting Huawei Recovery With FaultyUSB. https://labs.taszk.io/articles/post/reunzip/ https://t.me/cKure/12110

■■■■□ Zoho Manage Engine: A Different Payload for CVE-2022-47966. https://vulncheck.com/blog/cve-2022-47966-payload https://t.me/cKure/12109

■□□□□ The United States’ Federal Bureau of Investigation (FBI) is reportedly investigating malicious cyber activity on the agency’s network. The federal law enforcement agency says it already contained the “isolated incident” and is working to uncover its scope and overall impact. “The FBI is aware of the incident and is working to gain additional information,”…