■■□□□ Russian hackers switch to LOTL technique to cause power outages. https://www.bleepingcomputer.com/news/security/russian-hackers-switch-to-lotl-technique-to-cause-power-outage/ https://t.me/cKure/13209
All posts tagged cyber
November 9, 2023 at 05:22PM
■■■■■ ProxyHub: An advanced [Finder | Checker | Server] tool for proxy servers, supporting both HTTP(S) and SOCKS protocols. https://github.com/ForceFledgling/proxyhub https://t.me/cKure/13207
November 9, 2023 at 05:12PM
■■■■■ Nuclei AI Browser Extension, built on top of cloud.projectdiscovery.io, simplifies the creation of vulnerability templates, by enabling users to extract vulnerability information from any webpages to quickly and efficiently create #nuclei templates, saving valuable time and effort. Features: • Context Menu Option to Generate Template • HackerOne Report to Nuclei Template Generation • ExploitDB…
November 9, 2023 at 04:42PM
■■■□□ Hackers exploit Looney Tunables Linux bug, steal cloud creds. https://www.bleepingcomputer.com/news/security/hackers-exploit-looney-tunables-linux-bug-steal-cloud-creds/ https://t.me/cKure/13205
November 9, 2023 at 02:51PM
■■■□□ Bobber [tool]: Bobber monitors a given Evilginx database file for changes, and if a valid Evilginx session complete with a captured Microsoft Office 365 cookie is found, Bobber will utilize the RoadTools RoadTX library to retrieve the access and refresh tokens for the user, then optionally trigger TeamFiltration to exfiltrate all the sweet, sweet…
November 8, 2023 at 05:32PM
■■■■■ DuckDuckC2: A proof-of-concept C2 channel through DuckDuckGo’s image proxy service. The provided example can be extended multiple ways to achieve different deployments. https://github.com/nopcorn/DuckDuckC2 https://nopcorn.github.io/2023/09/25/duckduckgo-as-c2 https://t.me/cKure/13201
November 8, 2023 at 05:30PM
■■■■□ Remote Code Execution in Tutanota Desktop due to Code Flaw. https://www.sonarsource.com/blog/remote-code-execution-in-tutanota-desktop-due-to-code-flaw/ https://t.me/cKure/13200
November 8, 2023 at 05:26PM
■■■■□ CVE-2023-22518: Improper Authorization Vulnerability in Confluence Data Center and Server. A critical vulnerability in Atlassian Confluence Data Center and Server. The vulnerability could potentially allow unauthenticated attackers with network access to the Confluence Instance to restore the database of the Confluence instance and eventually execute arbitrary system commands. https://github.com/ForceFledgling/CVE-2023-22518 https://t.me/cKure/13199
November 8, 2023 at 05:19PM
■□□□□ Cyber-Attack on Qatari Ecommerce Government by a group calling themselves ‘Indian Cyber Force’. It was a DoS attack. Target – https://ecommerce.gov.qa/ Check Host – https://check-host.net/check-report/130d6715kb0d Duration: 2 hours (as per the group). https://t.me/cKure/13198
November 7, 2023 at 06:10AM
■□□□□ CVE-2023-30190 (Folina) demo on windows office. https://www.facebook.com/share/r/1sTsufbUiqV8Arvc/ https://t.me/cKure/13197