Cyber Security News Aggregator

Cyber Security News Aggregator

All posts tagged cyber

July 21, 2022 at 03:13PM

Posted on Author cK-botPosted in Uncategorized

■■■■□ CVE-2022-26138: A remote, unauthenticated attacker with knowledge of the hardcoded password could exploit this to log into Confluence and access all content accessible to users in the confluence-users group. The password is disabled1system1user6708 https://twitter.com/fluepke/status/1549892089181257729 https://t.me/cKure/11651

July 21, 2022 at 09:06AM

Posted on Author cK-botPosted in Uncategorized

■■■■□ PT Swarm team has reproduced an Arbitrary File Read for an internal site of Skype for Business / MS Lync. CVE: CVE-2022-26911 Subdomains: dialin, meet, lyncdiscover, sip, … Original advisory: https://t.co/WaYc1zs9Hh The PoC https://twitter.com/ptswarm/status/1549744638193541122 https://t.me/cKure/11650

July 19, 2022 at 09:23AM

Posted on Author cK-botPosted in Uncategorized

■■■□□ A known threat actor is selling a Zero-Day exploit for Microsoft Windows online. The exploit has RCE capabilities as per the actor. Alleged PoC has also been shared. https://t.me/cKure/11647

July 18, 2022 at 08:55AM

Posted on Author cK-botPosted in Uncategorized

■■■■□ Discovery of an extensive espionage campaign in Thailand involving the abuse of NSO Group’s Pegasus spyware. In collaboration with ‘iLawFX’ and ‘DigitalReachSEA’. https://citizenlab.ca/2022/07/geckospy-pegasus-spyware-used-against-thailands-pro-democracy-movement/ https://t.me/cKure/11643

July 18, 2022 at 08:53AM

Posted on Author cK-botPosted in Uncategorized

Mangle, a tool that manipulates aspects of compiled executables (.exe or DLL). Mangle can remove known Indicators of Compromise (IoC) based strings and replace them with random characters, change the file by inflating the size to avoid EDRs, and can clone code-signing certs from legitimate files. In doing so, Mangle helps loaders evade on-disk and…

Read