■■■■□ HashDB beta goes live. HashDB is a free community-sourced library of hashing algorithms used in malware, with an IDA plugin! API https://hashdb.openanalysis.net/ IDA Plugin https://github.com/OALabs/hashdb-ida Add Custom Algorithms https://github.com/OALabs/hashdb Source: https://twitter.com/herrcore/status/1441515001282535427 https://t.me/cKure/9514
All posts tagged cyber
September 25, 2021 at 02:26PM
■■□□□ Cyber-Attack on United States as Port of Houston Attacked Employing Zoho Zero-Day Vulnerability. CISA officers on 23rd of September reported about a potential government-backed hacker organization that has tried to break the Port of Houston networks, one of the major port agencies in the United States, employing zero-day vulnerabilities in a Zoho user authentication…
September 25, 2021 at 02:22PM
■■■■■ Report: Technical assessment of the security of Chinese 5G handsets sold in Lithuania – in built backdoors, censorship etc (*ANALYSIS OF PRODUCTS MADE BY Huawei, Xiaomi and OnePlus). PDF: https://www.nksc.lt/doc/en/analysis/2021-08-23_5G-CN-analysis_env3.pdf https://t.me/cKure/9511
September 25, 2021 at 02:20PM
■■■■■ Financially motivated actor breaks certificate parsing to avoid detection. Mr. Neel Mehta found an attacker using certificates that OpenSSL won’t parse but Windows will accept. https://blog.google/threat-analysis-group/financially-motivated-actor-breaks-certificate-parsing-avoid-detection/amp/ https://t.me/cKure/9510
September 25, 2021 at 02:18PM
■■■■□ CVE-2021-30869: Erye Hernandez of Google Threat Analysis Group, Clément Lecigne of Google Threat Analysis Group, and Ian Beer of Google Project Zero. https://support.apple.com/en-us/HT212825 https://twitter.com/ShaneHuntley/status/1441102086385455112 https://t.me/cKure/9509
September 25, 2021 at 02:16PM
■■■□□ Autodiscover, a protocol used by Microsoft Exchange for automatic configuration of clients such as Microsoft Outlook, has a design flaw that causes the protocol to “leak” web requests to Autodiscover domains outside of the user’s domain but in the same TLD (i.e. Autodiscover.com). https://www.guardicore.com/labs/autodiscovering-the-great-leak/ https://t.me/cKure/9508
September 25, 2021 at 02:14PM
■■■□□ Supporting articles for (https://t.me/cKure/9506) https://machinehum.medium.com/im-putting-a-wifi-router-into-a-wall-charger-part-1-882df714bbf3 https://machinehum.medium.com/im-putting-a-wifi-router-into-a-wall-charger-part-2-bf04c779c905 https://machinehum.medium.com/im-not-putting-a-wifi-router-into-a-phone-charger-7b36e90ee08d https://t.me/cKure/9507
September 25, 2021 at 02:12PM
■■■■■ Tool: The WiFiWart is an open source WiFi penetration device masquerading as a regular wall charger. It features a 1.2Ghz Cortex A7 MPU with two WiFi chips onboard. The electrical, mechanical and software is all completely open source. The elec is design in Kicad, hardware in FreeCAD and software will be all GNU/Linux based.…
September 25, 2021 at 02:08PM
■□□□□ Data-Leak from Iran of apparent Traffic department is up for sale for 28K USD in BTC containing 24 M records. https://t.me/cKure/9504
September 25, 2021 at 02:05PM
■■■■■ VMware CVE-2021-22005 Technical & Impact analysis. https://censys.io/blog/vmware-cve-2021-22005-technical-impact-analysis/ https://t.me/cKure/9503