All posts tagged cyber

■■□□□ Google Chrome’s Site Isolation thread! https://twitter.com/campuscodi/status/1435649390438461448 https://t.me/cKure/9280

■■■□□ CVE-2021-40444 https://blog.nviso.eu/2021/09/09/kusto-hunting-query-for-cve-2021-40444 https://t.me/cKure/9276

■■□□□ Tool: SharpSpray is a Windows domain password spraying tool written in .NET C#. https://github.com/iomoath/SharpSpray https://t.me/cKure/9275

■□□□□ Interesting thread! https://twitter.com/sagitz_/status/1436376741602336769 https://t.me/cKure/9274

■■■■■ CVE-2021-40444 Sample https://github.com/Udyz/CVE-2021-40444-Sample/blob/main/poc.html https://t.me/cKure/9270

■■■□□ ANALYSIS OF A PARALLELS DESKTOP STACK CLASH VULNERABILITY AND VARIANT HUNTING USING BINARY NINJA https://www.zerodayinitiative.com/blog/2021/9/9/analysis-of-a-parallels-desktop-stack-clash-vulnerability-and-variant-hunting-using-binary-ninja https://t.me/cKure/9269

■□□□□ Tool: JSPanda JSpanda is a client-side prototype pollution vulnerability scanner. It has two key features, scanning vulnerability the supplied URLs and analyzing the JavaScript libraries’ source code. However, JSpanda cannot detect advanced prototype pollution vulnerabilities. https://github.com/RedSection/jspanda https://t.me/cKure/9268

■■■□□ Microsoft Warns of Cross-Account Takeover Bug in Azure Container Instances. https://thehackernews.com/2021/09/microsoft-warns-of-cross-account.html https://t.me/cKure/9267

■■□□□ Thousands of Fortinet VPN Account Credentials Leaked. https://threatpost.com/thousands-of-fortinet-vpn-account-credentials-leaked/169348/ https://t.me/cKure/9266

■■□□□ United States 🇺🇸: A previously undocumented backdoor that was recently found targeting an unnamed computer retail company based in the U.S. has been linked to a longstanding Chinese espionage operation dubbed Grayfly | China 🇨🇳 https://thehackernews.com/2021/09/experts-link-sidewalk-malware-attacks.html https://t.me/cKure/9265