All posts tagged hack

■■□□□ New SolarMarker Malware Variant Using Updated Techniques to Stay Under the Radar. https://thehackernews.com/2022/04/new-solarmarker-malware-variant-using.html https://t.me/cKure/11230

■■■□□ Stunner is a tool to test and exploit STUN, TURN and TURN over TCP servers. https://github.com/firefart/stunner/ https://t.me/cKure/11229

■■■■■ Reversing a NSIS dropper using quick and dirty shellcode emulation. https://malcat.fr/blog/reversing-a-nsis-dropper-using-quick-and-dirty-shellcode-emulation/ https://t.me/cKure/11228

■■□□□ Beware: Powershell Windows Toolbox that helped install Google Play on Windows 11 is malware. https://www.neowin.net/news/beware-powershell-windows-toolbox-that-helped-install-google-play-on-windows-11-is-malware/ https://t.me/cKure/11227

■■■■□ United States offers up to $5 Million Reward for indifferent regarding North Korea based Lazarus group. https://rewardsforjustice.net/index/?north-korea=north-korea https://t.me/cKure/11226

■■■■□ United States offers up to $5 Million Reward for indifferent regarding North Korea based Lazarus group. https://rewardsforjustice.net/index/?north-korea=north-korea https://t.me/cKure/11225

■■■□□ Ukraine Threat actors are targeting Ukrainian government agencies with phishing attacks delivering the IcedID malware. https://securityaffairs.co/wordpress/130250/cyber-warfare-2/icedid-against-ukraine-gov-agencies.html https://t.me/cKure/11224

■■□□□ GitHub Says Hackers Breached Dozens of Organizations Using Stolen OAuth Access Tokens. https://thehackernews.com/2022/04/github-says-hackers-breach-dozens-of.html https://t.me/cKure/11223

■■□□□ United States : The U.S. Treasury Department has implicated the North Korea-backed Lazarus Group (aka Hidden Cobra) in the theft of $540 million from video game Axie Infinity’s Ronin Network last month. On Thursday, the Treasury tied the Ethereum wallet address that received the stolen funds to the threat actor and sanctioned the funds…

■■■□□ Zero-Day: Cisco has released a security advisory to warn about a critical vulnerability (CVSS v3 score: 10.0), tracked as CVE-2022-20695, impacting the Wireless LAN Controller (WLC) software. The security flaw allows remote attackers to log in to target devices through the management interface without using a valid password. https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-wlc-auth-bypass-JRNhV4fF https://www.bleepingcomputer.com/news/security/cisco-vulnerability-lets-hackers-craft-their-own-login-credentials/ https://t.me/cKure/11221