■□□□□ Indonesia bars financial institutions from offering crypto services. https://t.me/cKure/10629
All posts by cK-bot
January 27, 2022 at 12:36PM
■■□□□ The BfV German domestic intelligence services warn of ongoing attacks carried out by the China-linked APT27 cyberespionage group. https://www.verfassungsschutz.de/SharedDocs/kurzmeldungen/DE/2022/2022-01-26-cyberbrief.html https://securityaffairs.co/wordpress/127230/apt/german-intel-warns-apt27-attacks.html https://t.me/cKure/10627
January 27, 2022 at 12:33PM
■■■■■ Apple Fixes 2 Zero-Day Security Bugs, One Exploited in the Wild. CVE-2022-22587 iOS 15.3 & iPadOS 15.3 fix the Safari browser flaw that could have spilled users’ browsing data, plus a zero day IOMobileFrameBuffer bug exploited in the wild. https://support.apple.com/en-us/HT213054 https://threatpost.com/apple-zero-day-security-exploited/178040/ https://t.me/cKure/10626
January 27, 2022 at 11:01AM
■■■■□ Zero-Day: CVE-2022-0332 | Moodle 3.11 to 3.11.4 – SQL injection. https://github.com/numanturle/CVE-2022-0332 https://t.me/cKure/10625
January 26, 2022 at 09:00PM
■■■■□ Analysis of Xloader’s C2 Network Encryption. https://www.zscaler.com/blogs/security-research/analysis-xloaders-c2-network-encryption https://t.me/cKure/10624
January 26, 2022 at 08:59PM
■■□□□ VMware released security patches to address critical Log4j security vulnerabilities in VMware Horizon servers targeted in ongoing attacks. https://t.me/cKure/10623
January 26, 2022 at 08:56PM
Zero-Day: A vulnerability in Polkit’s pkexec component identified as CVE-2021-4034 (PwnKit) is present in the default configuration of all major Linux distributions and can be exploited to gain full root privileges on the system, researchers warn today. https://blog.qualys.com/vulnerabilities-threat-research/2022/01/25/pwnkit-local-privilege-escalation-vulnerability-discovered-in-polkits-pkexec-cve-2021-4034 https://www.bleepingcomputer.com/news/security/linux-system-service-bug-gives-root-on-all-major-distros-exploit-released/ https://t.me/cKure/10622
January 26, 2022 at 05:09PM
■□□□□ DazzleSpy: macOS backdoor delivered through watering hole attacks. https://www.helpnetsecurity.com/2022/01/26/watering-hole-macos-backdoor/ https://t.me/cKure/10621
January 26, 2022 at 08:54AM
■■■■□ Extrude: Analyse binaries for missing security features, information disclosure and more. Tool https://securityonline.info/extrude-analyse-binaries-for-missing-security-features/ https://t.me/cKure/10620
January 25, 2022 at 08:06PM
■■■□□ Data-Leak: United States California public office admits Covid-19 healthcare data breach. https://portswigger.net/daily-swig/california-public-office-admits-covid-19-healthcare-data-breach https://t.me/cKure/10619