■■■■■ Remote Code execution at ws1.aholdusa.com — Compromising logins of Ahold Delhaize USA employees for >3.5 years (or even 18 years?). https://medium.com/@jonathanbouman/remote-code-execution-at-ws1-aholdusa-com-compromising-logins-of-ahold-delhaize-usa-employees-c7c9aca7e05d https://t.me/cKure/13365
All posts tagged cyber
December 17, 2023 at 08:50PM
■■■□□ Observed Exploitation Attempts of Struts 2 S2-066 Vulnerability (CVE-2023-50164). https://www.akamai.com/blog/security-research/apache-struts-cve-exploitation-attempts https://t.me/cKure/13364
December 16, 2023 at 09:53PM
■■■■□ Data-Leak: United States nuclear research lab data breach impacts 45,000 people. https://www.bleepingcomputer.com/news/security/us-nuclear-research-lab-data-breach-impacts-45-000-people/ https://t.me/cKure/13363
December 16, 2023 at 06:50PM
Whatsapp Spoofing impersonate of reply message All official WhatsApp clients, upon receiving a “Message Reply” payload (QuotedMessage), do not validate whether the “ContextInfo” of this “QuotedMessage” is valid/exists (“StanzaId” and “Participant”). This allows a malicious actor to send in private chats or groups a “QuotedMessage” of a message that never existed on behalf of another…
December 16, 2023 at 12:54PM
■■■■□ Bulk Analysis of Cobalt Strike’s Beacon Configurations. https://www.archcloudlabs.com/projects/bulk-cs-analysis/ https://t.me/cKure/13360
December 16, 2023 at 03:43AM
■■■□□ M5StickC PLUS2 IoT development kit features ESP32-PICO-V3-02 SiP, larger 200 mAh battery. https://www.cnx-software.com/2023/12/13/m5stickc-plus2-iot-development-kit-esp32-pico-v3-02-sip-200-mah-battery/ https://t.me/cKure/13359
December 16, 2023 at 02:32AM
■■■□□ Apache Struts 2 vulnerability discovered, as proof of concept circulates. https://www.csoonline.com/article/1260010/apache-struts-2-vulnerability-discovered-as-proof-of-concept-circulates.html https://t.me/cKure/13358
December 15, 2023 at 11:38AM
■■■■□ APIDetector – Efficiently Scan For Exposed Swagger Endpoints Across Web Domains And Subdomains. https://github.com/brinhosa/apidetector https://www.kitploit.com/2023/12/apidetector-efficiently-scan-for.html https://t.me/cKure/13357
December 15, 2023 at 11:37AM
■■■■■ Exploiting A Remote Heap Overflow With A Custom TCP Stack. https://www.synacktiv.com/en/publications/exploiting-a-remote-heap-overflow-with-a-custom-tcp-stack.html https://t.me/cKure/13356
December 15, 2023 at 11:36AM
■■■■■ Turning Google smart speakers into wiretaps for $100k. https://downrightnifty.me/blog/2022/12/26/hacking-google-home.html https://t.me/cKure/13355