All posts by cK-bot

■■■□□ Tool: Haklistgen – Turns Any Junk Text Into A Usable Wordlist For Brute-Forcing. https://github.com/hakluke/haklistgen https://t.me/cKure/9482

■■■□□ SonicWall fixed a critical security flaw, tracked as CVE-2021-20034, that impacts some Secure Mobile Access (SMA) 100 series products that can allow device takeover. https://securityaffairs.co/wordpress/122547/security/cve-2021-20034-sonicwall-sma-100.html https://t.me/cKure/9481

■■■■□ CVE-2020-3187 – unauthenticated arbitrary file deletion in Cisco. https://hackerone.com/reports/944665 https://t.me/cKure/9480

■■□□□ Groove Ransomware Gang Tries New Tactic to Attract Affiliates. The threat group, which leaked some 500,000 credentials for Fortinet SSL VPN devices, views ransomware as just one way to profit from compromised networks, experts say. https://www.darkreading.com/attacks-breaches/groove-ransomware-gang-tries-new-tactic-to-attract-affiliates https://t.me/cKure/9479

■■■■■ Developers fix multitude of vulnerabilities in Apache HTTP Server. High-impact SSRF and request smuggling bugs among flaws addressed in bumper patch cycle. https://portswigger.net/daily-swig/developers-fix-multitude-of-vulnerabilities-in-apache-http-server https://t.me/cKure/9477

■■■□□ pocsuite3; an open-sourced remote vulnerability testing and proof-of-concept development framework developed by the Knownsec 404 Team. https://github.com/knownsec/pocsuite3 https://t.me/cKure/9476

■■■■■ Cybersecurity researchers have disclosed a novel technique adopted by threat actors to deliberately evade detection with the help of malformed digital signatures of its malware payloads. “Attackers created malformed code signatures that are treated as valid by Windows but are not able to be decoded or checked by OpenSSL code — which is used…

■■■■■ $8,000 Payout: XSS to RCE in the Opera Browser https://blogs.opera.com/security/2021/09/8000-bug-bounty-highlight-xss-to-rce-in-the-opera-browser/ https://t.me/cKure/9474

■■■□□ People bank of China outlaws crypto-currency transactions. – No doubt; China remains as a strong economic power by such rules. “Paper money eventually returns to its intrinsic value – zero.” – Voltaire http://www.pbc.gov.cn/goutongjiaoliu/113456/113469/4348521/index.html https://t.me/cKure/9473

■□□□□ Unconfirmed Data-Leak from United States as actor claims to have around 1.2 GB of data (classified emails and relevant info) from dma.virginia.gov. https://t.me/cKure/9472