All posts by cK-bot

■□□□□ Multiple critical vulnerabilities in Exim email server software pose RCE risk. https://portswigger.net/daily-swig/multiple-critical-vulnerabilities-in-exim-email-server-software-pose-rce-risk https://t.me/cKure/7846

■□□□□ Puredns is a fast domain resolver and subdomain bruteforcing tool that can accurately filter out wildcard subdomains and DNS poisoned entries. https://github.com/d3mondev/puredns https://t.me/cKure/7845

■■■□□ CVE-2021-21551 ‘Millions’ of Dell PCs will grant malware, rogue users admin-level access if asked nicely. https://go.theregister.com/feed/www.theregister.com/2021/05/04/dell_driver_flaw/ https://t.me/cKure/7843

■■□□□ Global Phishing Attacks Spawn Three New Malware Strains. The never-seen malware strains have “professionally coded sophistication” and were launched by a well-resourced APT using nearly 50 domains, one hijacked. https://threatpost.com/global-phishing-attacks-new-malware-strains/165857/ https://t.me/cKure/7842

■■■□□ Pystinger – Bypass Firewall For Traffic Forwarding Using Webshell. https://github.com/FunnyWolf/pystinger https://t.me/cKure/7841

■□□□□ Data-Leak: US Agency for Global Media data breach caused by a phishing attack. https://www.bleepingcomputer.com/news/security/us-agency-for-global-media-data-breach-caused-by-a-phishing-attack/ https://t.me/cKure/7840

■□□□□ CVE-2020-28017: An integer overflow in receive_add_recipient() has been found in Exim before version 4.94.2. https://security.archlinux.org/CVE-2020-28017 https://t.me/cKure/7839

■■■■■ CLI for the IPinfo.io IP address API. https://github.com/ipinfo/cli https://t.me/cKure/7838

■■■■■ Unconfirmed: Google Chrome XOR Typer Out-Of-Bounds Access / Remote Code Execution. https://paste.ubuntu.com/p/kdWBprwt8H/ https://t.me/cKure/7836

■■■□□ Stracciatella: Powershell runspace from within C# with AMSI and Script Block Logging disabled. https://github.com/mgeeky/Stracciatella https://t.me/cKure/7835