All posts tagged cyber

■■■□□ Microsoft Autodiscover abused to collect web requests, credentials. https://www.zdnet.com/article/design-flaw-in-microsoft-autodiscover-abused-to-leak-windows-domain-credentials https://t.me/cKure/9455

■□□□□ CVE-2021-26084: The cryptocurrency miner is exploiting the new Confluence remote code execution bug. https://www.zdnet.com/article/this-cryptocurrency-miner-is-exploiting-the-new-confluence-remote-code-execution-bug https://t.me/cKure/9454

■■□□□ Data-Leak at RaidForums as data marketplace accidentally exposes private staff page. https://www.bleepingcomputer.com/news/security/raidforums-data-marketplace-accidentally-exposes-private-staff-page/ https://t.me/cKure/9451

■■■□□ LINUX X86 ASSEMBLY – HOW TO TEST CUSTOM SHELLCODE USING A C PAYLOAD TESTER https://secureideas.com/blog/2021/09/linux-x86-assembly-how-to-test-custom-shellcode-using-a-c-payload-tester.html https://t.me/cKure/9450

■■■■□ Hardware Tool: UHFKiller v1.1 https://sneaktechnology.com/product/uhfkiller-v1-1/ https://t.me/cKure/9448

■■□□□ Russia : Cisco Talos recently discovered a new backdoor used by the Russian Turla APT group. https://blog.talosintelligence.com/2021/09/tinyturla.html https://t.me/cKure/9445

■■■□□ Apache Dubbo: All roads lead to RCE. https://securitylab.github.com/research/apache-dubbo/ https://t.me/cKure/9444

■■■■□ Data-Leak of 106 Million Visitors to Thailand Breached. https://www.infosecurity-magazine.com/news/data-of-106-million-visitors-to/ https://t.me/cKure/9443

■■■■□ Binary podcast including TrendMicro’s analysis of NSO Group’s ForcedEntry, a curl use-after-free, and an Azure Sphere SM infoleak. https://m.twitch.tv/dayzerosec https://t.me/cKure/9442

■■■■□ Security researchers disclosed a new zero-day flaw in Apple’s macOS Finder that can allow attackers to run arbitrary commands on Macs. https://securityaffairs.co/wordpress/122447/hacking/zero-day-macos.html https://t.me/cKure/9441