All posts by cK-bot

■■□□□ Tool: IDACode, that makes it easy to execute and debug Python scripts in your IDA environment without leaving Visual Studio Code. The VS Code extension can be found on the marketplace. IDACode is still in a very early state and bugs are to be expected. Please open a new issue if you encounter any issues.…

■■■■□ Privacy: Another iOS zero-day exploiter from the cyber crime heaven of Israel emerges QuaDream. https://www.reuters.com/technology/exclusive-iphone-flaw-exploited-by-second-israeli-spy-firm-sources-2022-02-03/ https://securityaffairs.co/wordpress/127721/malware/surveillance-firm-quadream.html https://t.me/cKure/10663

■■■■■ Interesting thread! With the commit https://github.com/hashcat/hashcat/commit/ace160d8109dfb7e2d8c0c35988bd4c5c1319a99 hashcat supports Apple’s Metal as new compute backend. Thanks to twitter.com/gm4tr1x for the contribution! All hash-modes and all attack-modes support OpenCL, CUDA, HIP or Metal as compute backend. Source: https://t.co/rENl4bdkp4 https://t.me/cKure/10662

■■■■■ Software Defined Radio, Part 6: Building a Cellphone IMSI Catcher (Stingray). https://www-hackers–arise-com.cdn.ampproject.org/c/s/www.hackers-arise.com/amp/software-defined-radio-part-6-building-a-imsi-catcher-stingray https://t.me/cKure/10661

■■■□□ https://thehackernews.com/2022/02/new-argo-cd-bug-could-let-hackers-steal.html https://t.me/cKure/10660

■■■■□ Zero-Day: Users of the Argo continuous deployment (CD) tool for Kubernetes are being urged to push through updates after a zero-day vulnerability was found that could allow an attacker to extract sensitive information such as passwords and API keys. The flaw, tagged as CVE-2022-24348 (CVSS score: 7.7), affects all versions and has been addressed…

■■■□□ A flaw in Argo CD tool for Kubernetes could be exploited by attackers to steal sensitive data from Kubernetes Apps. https://securityaffairs.co/wordpress/127708/hacking/kubernetes-argo-cd-flaw.html https://t.me/cKure/10658

■■■■□ Tool: A python script to extract information from a Microsoft Remote Desktop Web Access (RDWA) application. https://github.com/p0dalirius/RDWArecon https://t.me/cKure/10657

■■□□□ That actor, ‘Islamic Hacker Army’ (self-set name) have attacked apparent a computer system that may have connections to the SCADA network. The system belongs to the state of Israel https://t.me/cKure/10655

■■□□□ Tool: Scanmycode, is based on QuantifedCode. QuantifiedCode is a code analysis & automation platform. It helps you to keep track of issues and metrics in your software projects, and can be easily extended to support new types of analyses. https://github.com/marcinguy/scanmycode-ce https://t.me/cKure/10654