Cyber Security News Aggregator

Cyber Security News Aggregator

All posts tagged hack

June 25, 2022 at 11:17PM

Posted on Author cK-botPosted in Uncategorized

■■■■□ HTTPLoot: An automated tool which can simultaneously crawl, fill forms, trigger error/debug pages and “loot” secrets out of the client-facing code of sites. https://github.com/redhuntlabs/HTTPLoot https://t.me/cKure/11526

June 25, 2022 at 10:55PM

Posted on Author cK-botPosted in Uncategorized

■■■■■ Zero-Day: Cybersecurity researchers have detailed a recently patched high-severity security vulnerability in the popular Fastjson library that could be potentially exploited to achieve remote code execution. Tracked as CVE-2022-25845 (CVSS score: 8.1), the issue relates to a case of deserialization of untrusted data in a supported feature called “AutoType.” It was patched by the…

Read

June 25, 2022 at 01:57PM

Posted on Author cK-botPosted in Uncategorized

■■■■■ Good bye to XSS. // this is safe by default document.body.setHTML(‘unsafe HTML here’) Firefox: about:config#dom.security.sanitizer.enabled Chrome: chrome://flags#enable-experimental-web-platform-features More info here: https://wicg.github.io/sanitizer-api/#dom-element-sethtml https://t.me/cKure/11521

June 23, 2022 at 11:27AM

Posted on Author cK-botPosted in Uncategorized

■■■□□ A threat actor has leaked 800GB of data from Bahra cables company and Electric house, a Saudi Arabian company. The companies serve the needs of many industrial companies engaged in real estate construction, electric utilities, transport, petrochemical and marine industries. The threat actor published some samples in his onion blog. https://t.me/cKure/11518

June 22, 2022 at 12:34PM

Posted on Author cK-botPosted in Uncategorized

■■■□□ New DFSCoerce NTLM Relay attack allows Windows domain takeover. https://www.bleepingcomputer.com/news/microsoft/new-dfscoerce-ntlm-relay-attack-allows-windows-domain-takeover/ https://t.me/cKure/11517