■■■□□ A number of state-back threat actors from Russia and China have been observed exploiting a recent security flaw in the WinRAR archiver tool for Windows as part of their operations. The vulnerability in question is CVE-2023-38831 (CVSS score: 7.8), which allows attackers to execute arbitrary code when a user attempts to view a benign…
All posts in Uncategorized
October 19, 2023 at 06:55AM
■■■□□ Over 40,000 admin portal accounts use ‘admin’ as a password https://www.bleepingcomputer.com/news/security/over-40-000-admin-portal-accounts-use-admin-as-a-password/ https://t.me/cKure/13053
October 19, 2023 at 01:24AM
DARPA worried battlefield mixed reality vulnerable to ‘cognitive attacks’. Hacks, physical tricks could turn headsets into vomit extractors, but tests already show no ops needed for that. https://www.theregister.com/2023/10/12/darpa_worried_battlefield_mixed_reality/ https://t.me/cKure/13052
October 19, 2023 at 12:39AM
■■■■■ Tool: DLL-Spoofer POC for a DLL spoofer to determine DLL Hijacking This python script scans a provided DLL’s exports and creates a basic duplicate CPP DLL template. All exported functions are re-used and pop a simple message window. Additionally on DLL attach we execute the first exported function. This is useful for simply providing…
October 18, 2023 at 08:20PM
■■■■□ OSINT investigation by legendary ‘Bellingcat’ on Israel-Palestine conflict where IDF bombed a hospital with 600 to 800 deaths were reported. A few hundred beyond recognition or missing body parts. And few thousand were maimed (severely injured). https://www.bellingcat.com/news/2023/10/18/identifying-possible-crater-from-gaza-hospital-blast/ https://t.me/cKure/13050
October 18, 2023 at 08:07PM
■■■■□ Palestine-Israel Cyber-War update: Malicious “RedAlert – Rocket Alerts” Application Targets Israeli Phone Calls, SMS, and User Information. https://blog.cloudflare.com/malicious-redalert-rocket-alerts-application-targets-israeli-phone-calls-sms-and-user-information/ https://t.me/cKure/13049
October 18, 2023 at 07:09PM
■■■□□ Splunk AD Threat hunting. https://amr-git-dot.github.io/forensic%20investigation/AD_Threat_Hunting/ https://t.me/cKure/13048
October 18, 2023 at 07:02PM
■■■□□ Detecting and preventing LSASS credential dumping attacks. https://www.microsoft.com/en-us/security/blog/2022/10/05/detecting-and-preventing-lsass-credential-dumping-attacks/ https://t.me/cKure/13047
October 17, 2023 at 02:38PM
Spam iOS, Android and Windows with Bluetooth pairing messages using Flipper Zero or Android smartphone. https://www.mobile-hacker.com/2023/10/17/spam-ios-android-and-windows-with-bluetooth-pairing-messages-using-flipper-zero-or-android-smartphone/ https://t.me/cKure/13045
October 17, 2023 at 01:10AM
■■■□□ Archives: Snowden. https://youtu.be/0dGqR4ue8dg https://t.me/cKure/13044