All posts tagged cyber

■■■■□ Fortinet plugs critical security hole in FortiNAC, with a PoC incoming (CVE-2022-39952). https://www.helpnetsecurity.com/2023/02/20/cve-2022-39952/ https://t.me/cKure/12116

■■■□□ NimPlant – A light first-stage C2 implant written in Nim and Python. https://github.com/chvancooten/NimPlant https://t.me/cKure/12115

■■■■□ CVE-2023-25194: Remote code execution flaw patched in Apache Kafka. https://portswigger.net/daily-swig/remote-code-execution-flaw-patched-in-apache-kafka https://t.me/cKure/12114

■■□□□ PyRDP is a Python Remote Desktop Protocol (RDP) Monster-in-the-Middle (MITM) tool and library. https://github.com/GoSecure/pyrdp/ https://t.me/cKure/12113

■■■□□ Top 10 Most Prevalent MITRE ATT&CK Techniques Used by Adversaries. https://zero.bs/smashing-the-stack-for-fun-and-profit-2023-edition.html https://t.me/cKure/12112

■□□□□ Smashing The Stack. https://zero.bs/smashing-the-stack-for-fun-and-profit-2023-edition.html https://t.me/cKure/12111

■■■■□ REUnziP: Re-Exploiting Huawei Recovery With FaultyUSB. https://labs.taszk.io/articles/post/reunzip/ https://t.me/cKure/12110

■■■■□ Zoho Manage Engine: A Different Payload for CVE-2022-47966. https://vulncheck.com/blog/cve-2022-47966-payload https://t.me/cKure/12109

■□□□□ The United States’ Federal Bureau of Investigation (FBI) is reportedly investigating malicious cyber activity on the agency’s network. The federal law enforcement agency says it already contained the “isolated incident” and is working to uncover its scope and overall impact. “The FBI is aware of the incident and is working to gain additional information,”…

Privacy-Breach: United States The IRS has paid an Israeli company! ‘Cobwebs Technologies’ hundreds of thousands of dollars for an internet investigative tool that allows the IRS to conduct undercover investigations online, according to internal IRS documents obtained by Motherboard. vice.com/en/article/xgynn4/company-helping-irs-go-undercover-cobwebs-technologies https://t.me/cKure/12105