■■■■■ RCE in Citrix ShareFile Storage Zones Controller (CVE-2021-22941) – A Walk-Through. https://codewhitesec.blogspot.com/2021/09/citrix-sharefile-rce-cve-2021-22941.html?m=1 https://t.me/cKure/9535
All posts tagged cyber
September 26, 2021 at 07:54PM
■■□□□ TangleBot: New Advanced SMS Malware Targets Mobile Users Across U.S. and Canada with COVID-19 Lures. https://www.cloudmark.com/en/blog/mobile/tanglebot-new-advanced-sms-malware-targets-mobile-users-across-us-and-canada-covid-19 https://t.me/cKure/9534
September 26, 2021 at 07:14PM
■□□□□ Unconfirmed Data-Leak from Malaysia as actor claims to have data pertaining to Armed Forces of the nation. Records include:(vt_mykad,vt_tenterano,vt_fullname,vt_mobile,vt_email,vt_password,vt_penerima_mykad,vt_penerima_name,vt_user_code,vt_usr_id) The database contains some interesting data such as name, mobile phone, citizenship id, military number and more. https://t.me/cKure/9533
September 26, 2021 at 06:12PM
■■■■□ zuthaka: collaborative free open-source Command & Control integration framework. https://securityonline.info/zuthaka-collaborative-free-open-source-command-control-integration-framework/ https://t.me/cKure/9532
September 26, 2021 at 04:03PM
■■■■□ $5000 Google IDOR Vulnerability Writeup. https://asterfiester.medium.com/5000-google-idor-vulnerability-writeup-c7b45926abe9 https://t.me/cKure/9531
September 26, 2021 at 03:53PM
■■■■■ LSASS Memory Dumps are Stealthier than Ever Before https://www.deepinstinct.com/2021/01/24/lsass-memory-dumps-are-stealthier-than-ever-before/ https://t.me/cKure/9530
September 26, 2021 at 12:11PM
■□□□□ Massive DDoS attacks on VoIP Providers and simulated DDoS testing. Revil. https://www.rtcsec.com/post/2021/09/massive-ddos-attacks-on-voip-providers-and-simulated-ddos-testing/ https://t.me/cKure/9529
September 26, 2021 at 10:42AM
■■■□□ Quick note of vCenter RCE (CVE-2021–22005). https://testbnull.medium.com/quick-note-of-vcenter-rce-cve-2021-22005-4337d5a817ee https://t.me/cKure/9528
September 26, 2021 at 10:41AM
■■■□□ Data-Leak: Thai-based English language teaching website Ajarn learned of a breach this month that dated back to 2018. Data included 266k email addresses, names, genders, phone numbers and password hashes. 69% were already in haveibeenpwned. Read more: https://www.ajarn.com/data-breach https://t.me/cKure/9527
September 26, 2021 at 10:37AM
■■■□□ Collection of Event ID resources useful for Digital Forensics and Incident Response. https://github.com/stuhli/awesome-event-ids https://t.me/cKure/9526