All posts tagged cyber

■■■■□ Ivanti warns of new actively exploited MobileIron zero-day bug. CVE-2023-38035 – API Authentication Bypass on Sentry Administrator Interface https://forums.ivanti.com/s/article/CVE-2023-38035-API-Authentication-Bypass-on-Sentry-Administrator-Interface https://www.bleepingcomputer.com/news/security/ivanti-warns-of-new-actively-exploited-mobileiron-zero-day-bug/ https://t.me/cKure/12776

■■■■□ PoC exploit for zero-day Windows Error Reporting Service bug (CVE-2023-36874) releases. https://securityonline.info/poc-exploit-for-0-day-windows-error-reporting-service-bug-cve-2023-36874-releases/ https://t.me/cKure/12775

■□□□□ [ Tool ] FaceChain: A deep-learning toolchain for generating your Digital-Twin. https://github.com/modelscope/facechain https://t.me/cKure/12774

■■■■□ Asset inventory of over 800 public bug bounty programs. https://github.com/trickest/inventory https://t.me/cKure/12773

■■□□□ Interesting thread. https://twitter.com/vxunderground/status/1693742275145150927 https://t.me/cKure/12772

■■■□□ Windows Error Reporting Service Privilege Enhancement Vulnerability (CVE-2023-36874). #untested https://github.com/d0rb/CVE-2023-36874 https://t.me/cKure/12771

■■■■□ Zero-Day: Thousands of Android malware apps use stealthy APKs to bypass security, study finds. Zimperium report. https://www.tomsguide.com/news/thousands-of-android-malware-apps-use-stealthy-apks-to-bypass-security-study-finds https://t.me/cKure/12770

■■■■□ WinRAR flaw lets hackers run programs when you open RAR archives. https://www.bleepingcomputer.com/news/security/winrar-flaw-lets-hackers-run-programs-when-you-open-rar-archives/ https://t.me/cKure/12769

■□□□□ Eyes is an OSINT tool to get existing accounts from an email. https://github.com/N0rz3/Eyes https://t.me/cKure/12768

■■■■□ CloudEyE — From .lnk to Shellcode. https://gi7w0rm.medium.com/cloudeye-from-lnk-to-shellcode-4b5f1d6d877 https://t.me/cKure/12767