All posts by cK-bot

■■□□□ Tool: pFuzz, an advanced red teaming fuzzing tool which we developed for our research. It helps to bypass web application firewall by using different methods at the same time. https://github.com/RedSection/pFuzz https://t.me/cKure/9699

■■■■■ Breaking from India 🇮🇳: Activists in Togo 🇹🇬 attacked by Indian made spyware. OSINT report by Amnesty International of a Cyber-Crime apparently by an Indian company that has been linked to the infrastructure used by Donot Group and an Indian cybersecurity company Innefu Labs. We have asked the concerned team for a comment. We…

■■■□□ Microsoft: 58% of Nation-State Cyberattacks Come From Russia (United States ). https://t.me/cKure/9692

■□□□□ Microsec.ai Launches Solution to Deliver Agentless Runtime Protection for Multi-cloud Infrastructure as a Service. https://t.me/cKure/9691

■■□□□ United States : Google has warned about 14,000 of its users about being targeted in a state-sponsored phishing campaign from APT28, a threat group that has been linked to Russia https://www.bleepingcomputer.com/news/security/google-warns-14-000-gmail-users-targeted-by-russian-hackers/ https://t.me/cKure/9690

■□□□□ Avast Team discovers new version of Zloader – 2.0 https://www.virustotal.com/gui/file/c4ab81d7b7d44dd6dfc4f2b69dbe3f22fbf23c1ae49ab8edac2d26f85ae4514d https://t.me/cKure/9689

■■■□□ Exploit: PHP 7.0-8.0 disable_functions bypass [user_filter]. This exploit uses a bug reported over 10 years ago by Christian Holler. As usual, the PoC was tested on various php builds for Debian/Ubuntu/CentOS/FreeBSD with cli/fpm/apache2 server APIs and found to work reliably. https://github.com/mm0r1/exploits/tree/master/php-filter-bypass twitter.com/mozdeco https://t.me/cKure/9688

■■■□□ Zero-Day XSS: Canopy Parental Control App Wide Open to Unpatched XSS Bugs. https://threatpost.com/canopy-parental-control-app-unpatched-xss-bugs/175384/ https://t.me/cKure/9687

■■■□□ Data-Leak: Resecurity researchers dumped Gigabytes of data from Agent Tesla C2Cs, one of the most well-known cyberespionage tools suffers a data leakage. https://securityaffairs.co/wordpress/123039/malware/agent-tesla-c2c-dumped.html https://t.me/cKure/9686

■□□□□ Data-Leak: 5-Year Breach May Have Exposed Billions of Text Messages. The attack affected Syniverse, a major telecom company that annually routes billions of text messages for hundreds of mobile carriers. https://t.me/cKure/9685