All posts tagged cyber

■□□□□ Data-Leak as Google has reportedly complied with data requests from Hong Kong’s government despite an earlier pledge not to offer the city user data without the U.S. Department of Justice’s cooperation. China https://uk.pcmag.com/security/135609/google-complies-with-hong-kong-data-requests-after-vowing-not-to https://t.me/cKure/9290

CVE-2021-39115: Template Injection in Email Templates leads to code execution on Jira Service Management Server. https://github.com/PetrusViet/CVE-2021-39115 https://t.me/cKure/9289

■□□□□ webstor: Fast Identification of Vulnerable Web Technologies in your Organization. https://github.com/RossGeerlings/webstor https://t.me/cKure/9288

■■■■□ CVE-2021-40346 PoC (HAProxy HTTP Smuggling). https://github.com/knqyf263/CVE-2021-40346 https://t.me/cKure/9287

■□□□□ Financial fraud by Google. Revealed: Google illegally underpaid thousands of workers across dozens of countries. https://twitter.com/guardian/status/1436436487441199107 https://t.me/cKure/9286

■□□□□ Virginia Defense Force Email Accounts Hit by a Cyber Attack. https://www.ehackingnews.com/2021/09/virginia-defense-force-email-accounts.html https://t.me/cKure/9285

■□□□□ Microsoft has fixed the Azurescape issue, a flaw in Azure Container Instances that allows to take over containers of other platform users. https://securityaffairs.co/wordpress/122081/hacking/microsoft-azurescape-flaw.html https://t.me/cKure/9284

■□□□□ WhatsApp to offer end-to-end encrypted backups in iCloud, Google Drive with user-managed keys. As of now they are not E2E encrypted. Only chats are (as per their claim) which has been refuted though. https://t.me/cKure/9283

■□□□□ Cyber-Attack: UN Computer Networks Breached by Hackers Earlier This Year. https://www.ehackingnews.com/2021/09/un-computer-networks-breached-by.html https://t.me/cKure/9282

CVE-2021-40444 PoC https://github.com/lockedbyte/CVE-2021-40444 https://t.me/cKure/9281