All posts tagged cyber

■■■■□ ScareCrow – Payload creation framework designed around EDR bypass. https://github.com/optiv/ScareCrow https://t.me/cKure/12348

■■■□□ Hacking a bank by finding a zero-day in DotCMS. https://blog.assetnote.io/2022/05/03/hacking-a-bank-using-dotcms-rce/ https://t.me/cKure/12347

■■■□□ Zero-Day: Israeli state sponsored NSO Group’s Pegasus spyware returns in 2022 with a Trio of iOS 15 and iOS 16 Zero-Click exploit chains. https://citizenlab.ca/2023/04/nso-groups-pegasus-spyware-returns-in-2022/ https://t.me/cKure/12344

3CX Software Supply Chain Compromise Initiated by a Prior Software Supply Chain Compromise; Suspected North Korean Actor Responsible. https://www.mandiant.com/resources/blog/3cx-software-supply-chain-compromise https://t.me/cKure/12342

■■■□□ Privacy: Israeli’s iPhone Hacked With NSO’s Pegasus Spyware Twice in Two Years. https://www.haaretz.com/israel-news/security-aviation/2023-04-19/ty-article/israeli-citizen-infected-with-nso-pegasus-spyware-twice-in-two-years/00000187-8f8a-d484-adef-ef8e36910000 https://t.me/cKure/12339

■■□□□ Ghidra tutorial. https://link.medium.com/n3tGGo0U7yb https://t.me/cKure/12338

■■■■□ Recon: Interesting thread on subdomain enumeration by ProjectDiscovery. https://twitter.com/pdiscoveryio/status/1648567268949803012 https://t.me/cKure/12337

■■■□□ Israel’s state sponsored NSO hacked iPhones without user clicks in 3 new ways, researchers say. https://www.washingtonpost.com/technology/2023/04/18/nso-apple-iphones-citizen-lab/ https://t.me/cKure/12336

■■□□□ Disinformation: OSINT investigation into fake images by AFP. https://youtu.be/pIxUDQshf0o https://t.me/cKure/12335

■■■■□ Hackers abuse Google Command and Control red team tool in attacks. https://www.bleepingcomputer.com/news/security/hackers-abuse-google-command-and-control-red-team-tool-in-attacks/ https://t.me/cKure/12334