All posts tagged hack

■■■□□ ‘Biggest cyberattack in recent years’ hits Oil India HQ, hackers demand Rs 60 crore in Bitcoin. OIL spokesperson Tridiv Hazarika says there has been no data breach so far in the attack, which is said to have occurred 10 April. Police are still investigating the source of the attack. https://theprint.in/india/biggest-cyberattack-in-recent-years-hits-oil-india-hq-hackers-demand-rs-60-crore-in-bitcoin/914792/ https://t.me/cKure/11197

■■□□□ CVE-2022-24765: This vulnerability affects users working on multi-user machines where a malicious actor could create a .git directory in a shared location above a victim’s current working directory. On Windows, for example, an attacker could create C:\.git\config, which would cause all git invocations that occur outside of a repository to read its configured values.…

■□□□□ OldGremlin ransomware deploys new malware on Russian mining org. https://www.bleepingcomputer.com/news/security/oldgremlin-ransomware-deploys-new-malware-on-russian-mining-org/ https://t.me/cKure/11195

■■■■□ Lockbit ransomware operators spent nearly six months in a government agency’s network, deleting logs and using Chrome to download hacking tools, before eventually deploying extortionware, according to Sophos threat researchers. https://go.theregister.com/feed/www.theregister.com/2022/04/14/ransomware_gang_network/ https://t.me/cKure/11194

■■■■■ ICS / SCADA: The malware toolkit, known as Pipedream, is perhaps the most versatile tool ever made to target critical infrastructure like power grids and oil refineries. https://hub.dragos.com/hubfs/116-Whitepapers/Dragos_ChernoviteWP_v2b.pdf?hsLang=en https://www.wired.com/story/pipedream-ics-malware/ https://t.me/cKure/11193

■■□□□ Cyber-Weapon for ICS / SCADA: United States warns hackers have developed “cyber tools” to compromise and “gain full access” over command and control networks and systems of certain industrial processes. https://t.me/cKure/11191

■■■□□ Microsoft Issues Patches for 2 Windows Zero-Days and 126 Other Vulnerabilities. https://msrc.microsoft.com/update-guide/releaseNote/2022-Apr https://thehackernews.com/2022/04/microsoft-issues-patches-for-2-windows.html https://t.me/cKure/11190

■■■□□ SVG SSRFs and saga of bypasses. https://infosecwriteups.com/svg-ssrfs-and-saga-of-bypasses-777e035a17a7 https://t.me/cKure/11189

■□□□□ Shodan query for CVE-2022-22954. http.favicon.hash:-1250474341 https://t.me/cKure/11188

■■■□□ vwmware one workspace /VMware Identity Manager – CVE-2022-22954 IOC detection grep one liner. This is based on the exploit code released earlier. grep -e “/catalog-portal/ui/oauth/verify?error=&deviceUdid=%24%” /opt/vmware/horizon/workspace/logs/* https://t.me/cKure/11187