All posts by cK-bot

■■■□□ Sophos Firewall CVE-2022-1040 (RCE) One-liner mass checker. Sophos Firewall CVE-2022-1040 (RCE) one-liner mass checker. REF: https://attackerkb.com/topics/cdXl2NL3cR/cve-2022-1040 cat sophos_servers | while read host do; do curl –connect-timeout 10 -ks -H “X-Requested-With: XMLHttpRequest” -X POST “https://$host/userportal/Controller?mode=8700&operation=1&datagrid=179&json=\{“”:”TEST”\}” | grep -q ‘Session Expired’ && printf “$host \033[1;41mVulnerable a CVE-2022-1040 (Sophos RCE)\e[0m\n”; done; https://github.com/CronUp/Vulnerabilidades/blob/main/CVE-2022-1040_checker https://t.me/cKure/11318

■□□□□ Cyber-Attack on Russia as Anonymous NB65 Claims Hack on Russian Payment Processor Qiwi. https://t.me/cKure/11317

■■□□□ China-linked Mustang Panda APT group targets entities in Asia, the European Union, Russia, and the US in a new wave of attacks. https://t.me/cKure/11316

■■■■■ Researchers Develop RCE Exploit for the Latest F5 BIG-IP Vulnerability. CVE-2022-1388 (CVSS score: 9.8), the flaw relates to an iControl REST authentication bypass that, if successfully exploited, could lead to remote code execution, allowing an attacker to gain initial access and take control of an affected system. https://thehackernews.com/2022/05/researchers-develop-rce-exploit-for.html?m=1 https://t.me/cKure/11315

■■□□□ United States offers $15 million reward for info on the Conti ransomware gang. https://www.state.gov/reward-offers-for-information-to-bring-conti-ransomware-variant-co-conspirators-to-justice/ https://t.me/cKure/11314

■■■■■ Fileless Malware Hides Shellcode in Windows Event Logs. https://thehackernews.com/2022/05/this-new-fileless-malware-hides.html https://t.me/cKure/11313

■■■■□ Finding origin IP behind WAF. Bypassing a WAF using the origin IP? We love it! 🥰 This tip will help you find the origin IP without any issues!Note: This will only work if the target have their own mail server. Thank you @_cyberkhalid for providing this one! 💪#bugbounty #bugbountytips 👇 pic.twitter.com/nqzieCc04k — INTIGRITI (@intigriti)…

■□□□□ Microsoft says the Xbox Live services are currently down in a major outage, impacting customers worldwide and preventing them from launching or buying games. https://t.me/cKure/11310

■■■□□ USB-based Wormable Malware Targets Windows Installer. Activity dubbed ‘Raspberry Robin’ uses Microsoft Standard Installer and other legitimate processes to communicate with threat actors and execute nefarious commands. https://threatpost.com/usb-malware-targets-windows-installer/179521/ https://t.me/cKure/11309

Speed-Hack: WordPress sites getting hacked ‘within seconds’ of TLS certificates being issued. https://portswigger.net/daily-swig/wordpress-sites-getting-hacked-within-seconds-of-tls-certificates-being-issued https://t.me/cKure/11308