■■■■■ Trick & Treat! Paying Leets and Sweets for Linux Kernel privescs and k8s escapes. https://security.googleblog.com/2021/11/trick-treat-paying-leets-and-sweets-for.html https://t.me/cKure/10282
All posts by cK-bot
November 29, 2021 at 03:56PM
■■■■□ Windows 11 password write in plain text. Finally had a moment to test Winlogon password leaking (a.k.a. notifying) on Windows 11. No big surprise.And the flow is:-user enters password-winlogon loads mpnotify.exe-mpnotify opens RPC channel-winlogon sends pass via RPC-mpnotify forwards to DLL-DLL stores it on disk pic.twitter.com/502qCao1BH — Grzegorz Tworek (@0gtweet) November 29, 2021 https://t.me/cKure/10281
November 29, 2021 at 11:08AM
Data Exfiltration via CSS + SVG Font by Masato Kinugawa. Thread: https://twitter.com/kinugawamasato/status/1464884299195322371 https://t.me/cKure/10279
November 29, 2021 at 10:31AM
■■■□□ Pegasus iPhone hack victims come forward after alerts from Apple https://bgr.com/tech/pegasus-iphone-hack-victims-come-forward-after-alerts-from-apple/ https://t.me/cKure/10278
November 29, 2021 at 10:28AM
■■■□□ Zero-Day: Windows 10 Zero-Click Security Exploit Wanted. Reward: $3 Million. ● Apparently the new Windows 11 seems to give some hard time to the Cyber-Crime syndicates. https://www.forbes.com/sites/daveywinder/2021/11/21/windows-10-zero-click-security-exploit-wanted-reward-3-million https://t.me/cKure/10277
November 29, 2021 at 10:24AM
■■■■□ France : Cyber-Crime by Nexa Technologies – was indicted for complicity in acts of torture, the French firm is accused of having sold surveillance equipment to the Egypt Source: AFP https://hackademicus.nl/french-court-indicted-nexa-technologies-for-complicity-in-acts-of-torture/ https://t.me/cKure/10275
November 29, 2021 at 10:21AM
■□□□□ Australia will force social networks to identify trolls, so they can be sued for defamation. https://t.me/cKure/10274
November 29, 2021 at 10:20AM
■□□□□ Hackers take over IKEA’ employee accounts and send phishing emails. https://t.me/cKure/10273
November 29, 2021 at 12:45AM
■■■□□ Fuzzing101 with LibAFL – Part III: Fuzzing tcpdump. . https://epi052.gitlab.io/notes-to-self/blog/2021-11-20-fuzzing-101-with-libafl-part-3/ https://t.me/cKure/10272
November 28, 2021 at 06:17PM
■■■□□ Execute ELF files on a machine without dropping an ELF. https://github.com/nnsee/fileless-elf-exec https://t.me/cKure/10271