All posts tagged cyber

Zero-Day used to access 5.4M user data from Twitter (confirmed by company). https://hackerone.com/reports/1439026 Twitter confirms zero-day used to access data of 5.4 million accounts https://restoreprivacy.com/twitter-vulnerability-exposes-5-million-accounts/ https://t.me/cKure/11678

Zero-Day: Paracosme (CVE-2022-33318) is the zero-click remote code execution memory corruption exploit to compromise ICONICS Genesis64 on stage at Pwn2Own2022 Miami. https://www.zerodayinitiative.com/advisories/ZDI-22-1041/ https://t.me/cKure/11677

Zero-Day: Paracosme (CVE-2022-33318) is the zero-click remote code execution memory corruption exploit to compromise ICONICS Genesis64 on stage at Pwn2Own2022 Miami. https://www.zerodayinitiative.com/advisories/ZDI-22-1041/ https://t.me/cKure/11676

Zero-Day: Paracosme (CVE-2022-33318) is the zero-click remote code execution memory corruption exploit to compromise ICONICS Genesis64 on stage at Pwn2Own2022 Miami. https://www.zerodayinitiative.com/advisories/ZDI-22-1041/ https://t.me/cKure/11675

■■■■■ Zero-Day in VMware product line. Peter Viet: I have found vulnerabilities CVE-2022-31656 and CVE-2022-31659 leading to unauthenticated remote code execution affecting many #VMware products, such as Workspace ONE. Technical writeup and POC soon to follow. https://t.me/cKure/11673

Data-Leak: 4TB of proprietary data from Israel based Cellebrite (Cellebrite Mobilogy & Cellebrite TFS backup) leaked by anonymous source. Notably, Cellebrite Mobilogy shares code with Cellebrite Universal Forensics Extraction Device or Cellebrite UFED, used by law enforcement agencies. Source: Soufiane. https://t.me/cKure/11670

■■■■■ Data-Leak: Threat actors that go online with the moniker Adrastea claim to have hacked the multinational manufacturer of missiles MBDA. https://securityaffairs.co/wordpress/133881/data-breach/mbda-alleged-data-breach.html https://t.me/cKure/11669

■■■■□ A vulnerability, tracked as CVE-2022-30563, impacting Dahua IP Camera can allow attackers to seize control of IP cameras https://securityaffairs.co/wordpress/133877/hacking/dahua-severe-flaw.html https://t.me/cKure/11668

Cyber-Attack amid Cyber-War by Russia as apparently for about 12 hours Rostelecom hijacked part of the traffic destinated to Apple https://www.manrs.org/2022/07/for-12-hours-was-part-of-apple-engineerings-network-hijacked-by-russias-rostelecom/ https://t.me/cKure/11667

■■■■□ SSD Advisory – Microsoft SharePoint Server WizardConnectToDataStep4 Deserialization Of Untrusted Data RCE. https://ssd-disclosure.com/ssd-advisory-microsoft-sharepoint-server-wizardconnecttodatastep4-deserialization-of-untrusted-data-rce/ https://t.me/cKure/11666