All posts by cK-bot

■■■□□ Fall of the machines: Exploiting the Qualcomm NPU (neural processing unit) kernel driver. https://securitylab.github.com/research/qualcomm_npu/ https://t.me/cKure/10204

■□□□□ A tiny typo in an automated email to thousands of customers turns out to be a big problem for legal. https://www.theregister.com/2021/11/22/who_me/ https://t.me/cKure/10203

■■■■□ Breaking: Data-Leak as GoDaddy said in a data breach notification published today that the data of up to 1.2 million of its customers was exposed after hackers gained access to the company’s Managed WordPress hosting environment. https://www.sec.gov/Archives/edgar/data/1609711/000160971121000122/gddyblogpostnov222021.htm https://t.me/cKure/10202

■□□□□ A brief about U.S. data compliance laws. https://www.helpnetsecurity.com/2021/11/22/u-s-data-compliance-laws/ https://t.me/cKure/10201

■■□□□ United States | Potential Cyber-Attack as the world’s largest manufacturer of wind turbines was forced to shut down IT systems across several locations over the weekend after a cybersecurity incident. https://www.vestas.com/en/media/company-news/2021/vestas-impacted-by-cyber-security-incident-c3457473 https://t.me/cKure/10200

■■■■□ Reverse engineering & modifying Android apps with JADX & Frida. https://httptoolkit.tech/blog/android-reverse-engineering/ https://t.me/cKure/10199

■■■■■ Intercept & view all JavaScript HTTP(S). Mock endpoints or entire servers. Rewrite, redirect, or inject errors. https://httptoolkit.tech/javascript/ https://t.me/cKure/10198

■■■■□ Linux Kernel Exploitation. https://github.com/xairy/linux-kernel-exploitation https://t.me/cKure/10197

■■■■□ Tool: YARP; Yet Another Reverse Proxy https://microsoft.github.io/reverse-proxy/ Documentation: https://microsoft.github.io/reverse-proxy/articles/getting-started.html https://github.com/microsoft/reverse-proxy https://t.me/cKure/10196

■■■□□ Cyber-Attack on middle-east entities. Threat actors are exploiting ProxyLogon and ProxyShell exploits in unpatched Microsoft Exchange Servers as part of an ongoing spam campaign that leverages stolen email chains to bypass security software and deploy malware on vulnerable systems. The findings come from Trend Micro following an investigation into a number of intrusions in…