All posts tagged cyber

■■■■□ CRLFsuite: A CRLF injection (HTTP Response Splitting) scanner. https://github.com/Raghavd3v/CRLFsuite https://t.me/cKure/13060

■■□□□ Critical RCE flaws found in SolarWinds access audit solution. https://www.bleepingcomputer.com/news/security/critical-rce-flaws-found-in-solarwinds-access-audit-solution/ https://t.me/cKure/13059

■■■□□ OSINT on the Russia-Ukraine conflict. Complete Infographic on Conflict in Ukraine: best to date Check out this comprehensive daily infographic on the ongoing conflict in Ukraine, sourced from multiple outlets. It was created by Konstantin Gorshenev and required five months of dedicated effort to compile. The video provides a detailed overview of the progression…

■■■□□ AFP Fact-Check debunks Israeli disinformation campaign in the form of a video. https://factcheck.afp.com/doc.afp.com.33YN7WH https://t.me/cKure/13056

■■■■□ Disinformation: Information sources like Alexa (bot) favors anti-semitism (anti Palestinian) rhetoric. https://www.instagram.com/reel/CyjIz7ROFKo/ https://t.me/cKure/13055

■■■□□ A number of state-back threat actors from Russia and China have been observed exploiting a recent security flaw in the WinRAR archiver tool for Windows as part of their operations. The vulnerability in question is CVE-2023-38831 (CVSS score: 7.8), which allows attackers to execute arbitrary code when a user attempts to view a benign…

■■■□□ Over 40,000 admin portal accounts use ‘admin’ as a password https://www.bleepingcomputer.com/news/security/over-40-000-admin-portal-accounts-use-admin-as-a-password/ https://t.me/cKure/13053

DARPA worried battlefield mixed reality vulnerable to ‘cognitive attacks’. Hacks, physical tricks could turn headsets into vomit extractors, but tests already show no ops needed for that. https://www.theregister.com/2023/10/12/darpa_worried_battlefield_mixed_reality/ https://t.me/cKure/13052

■■■■■ Tool: DLL-Spoofer POC for a DLL spoofer to determine DLL Hijacking This python script scans a provided DLL’s exports and creates a basic duplicate CPP DLL template. All exported functions are re-used and pop a simple message window. Additionally on DLL attach we execute the first exported function. This is useful for simply providing…

■■■■□ OSINT investigation by legendary ‘Bellingcat’ on Israel-Palestine conflict where IDF bombed a hospital with 600 to 800 deaths were reported. A few hundred beyond recognition or missing body parts. And few thousand were maimed (severely injured). https://www.bellingcat.com/news/2023/10/18/identifying-possible-crater-from-gaza-hospital-blast/ https://t.me/cKure/13050