All posts by cK-bot

■■■■■ Discourse SNS webhook RCE. https://0day.click/recipe/discourse-sns-rce/ https://t.me/cKure/9818

■■■■□ Interesting thread of ransomware code Data-Leak. https://twitter.com/vxunderground/status/1451832720519225348 https://t.me/cKure/9817

■□□□□ https://twitter.com/mariuszbit/status/1451616667029708802 https://github.com/mgeeky/Penetration-Testing-Tools/blob/master/windows/findSymbols.py https://t.me/cKure/9816

■□□□□ CIS Debian 9/10 Hardening. https://github.com/ovh/debian-cis https://t.me/cKure/9815

■■■■□ Token Spray – Automate the token validation using newly introduced self-contained nuclei template support. https://blog.projectdiscovery.io/nuclei-v2-5-3-release/ https://t.me/cKure/9814

■■■■■ Sandbox Bypass Affecting vm2 package, versions 

■■□□□ Data-Leak: New breach: 3.1M email addresses from CoinMarketCap were found being traded this month. CMC have advised there is “a correlation with our subscriber base”, but are yet to identify the source of the data. https://twitter.com/haveibeenpwned/status/1451650181552750594 https://t.me/cKure/9812

■■■□□ Interesting thread! https://twitter.com/vxunderground/status/1451624106005311505 https://t.me/cKure/9811

■■■■□ Melting cobalt: A tool 🔧 to hunt/mine for Cobalt Strike beacons and “reduce” their beacon configuration for later indexing. Hunts can either be expansive and internet wide using services like SecurityTrails, Shodan, or ZoomEye or a list of IP’s. https://github.com/splunk/melting-cobalt https://t.me/cKure/9810

■■■□□ CISA: GPS software bug may cause unexpected behavior this Sunday. The Cybersecurity and Infrastructure Security Agency (CISA) warned that GPS deices might experience issues over the weekend because of a timing bug impacting Network Time Protocol  (NTP) servers running the GPS Daemon (GPSD) software. https://www.bleepingcomputer.com/news/technology/cisa-gps-software-bug-may-cause-unexpected-behavior-this-sunday/ https://t.me/cKure/9809