■■■■■ CVE-2023-24941: MICROSOFT NETWORK FILE SYSTEM REMOTE CODE EXECUTION. https://www.zerodayinitiative.com/blog/2023/5/31/cve-2023-24941-microsoft-network-file-system-remote-code-execution https://t.me/cKure/12456
All posts tagged hack
June 2, 2023 at 05:10PM
■■■■■ Wi-Fi stack exploitation (Broadcom chipsets). Part 1 https://googleprojectzero.blogspot.com/2017/04/over-air-exploiting-broadcoms-wi-fi_4.html Part 2 https://googleprojectzero.blogspot.com/2017/04/over-air-exploiting-broadcoms-wi-fi_11.html Part 3 https://googleprojectzero.blogspot.com/2017/10/over-air-vol-2-pt-3-exploiting-wi-fi.html https://t.me/cKure/12454
June 2, 2023 at 12:25PM
Money message ransomware group hacks MSI and steals BIOS / Intel keys which will enable bad actors to code sign the firmware and send as an update to MSI systems. MSI Signing Keys for Intel Boot Guard we’re released by the group. Now anyone can sign device firmware with MSI private keys. This represents a…
June 2, 2023 at 02:33AM
■■■■□ New MOVEit Transfer zero-day mass-exploited in data theft attacks. https://www.bleepingcomputer.com/news/security/new-moveit-transfer-zero-day-mass-exploited-in-data-theft-attacks/ https://t.me/cKure/12451
June 2, 2023 at 02:02AM
■■■□□ Stored XSS + HTML injection vulnerability on Microsoft. https://medium.com/@abdulparkar9554/how-i-found-stored-xss-html-injection-vulnerability-on-microsoft-6b8682c03680 https://t.me/cKure/12449
May 31, 2023 at 04:48PM
■■■■□ CVE-2023-2825 (analysis and exploit). https://occamsec.com/exploit-for-cve-2023-2825/ https://t.me/cKure/12448
May 30, 2023 at 04:16PM
■■■■□ Brida is a Burp Suite Extension that, working as a bridge between Burp Suite and Frida, lets you use and manipulate applications’ own methods while tampering the traffic exchanged between the applications and their back-end services/servers. It supports all platforms supported by Frida (Windows, macOS, Linux, iOS, Android, and QNX). https://github.com/federicodotta/Brida https://t.me/cKure/12447
May 29, 2023 at 08:15PM
■■■■□ ‘File Archiver In The Browser’ phishing trick uses ZIP domains. https://www.bleepingcomputer.com/news/security/clever-file-archiver-in-the-browser-phishing-trick-uses-zip-domains/ https://t.me/cKure/12446
May 29, 2023 at 08:14PM
■■■■□ United States govt contractor ABB confirms ransomware attack, data theft. https://new.abb.com/news/detail/103405/abb-provides-details-about-it-security-incident https://www.bleepingcomputer.com/news/security/us-govt-contractor-abb-confirms-ransomware-attack-data-theft/ https://t.me/cKure/12445
May 29, 2023 at 08:12PM
■■□□□ Microsoft 365 phishing attacks use encrypted RPMSG messages. https://www.bleepingcomputer.com/news/security/microsoft-365-phishing-attacks-use-encrypted-rpmsg-messages/ https://t.me/cKure/12444