All posts tagged hack

■■■■□ Another Remote Code Execution bug conflated towards Spring4Shell is in Spring Cloud https://spring.io/blog/2022/03/29/cve-report-published-for-spring-cloud-function https://t.me/cKure/11101

Deleted copy of Spring4Shell exploit code that triggered the infosec storm. https://webcache.googleusercontent.com/search?q=cache:fMlVaoPj2YsJ:https://github.com/helloexp+&cd=1&hl=en&ct=clnk&gl=us https://t.me/cKure/11100

■■■■■ Zero-Day: Spring Framework RCE, Official Announcement {Spring4Shell}. The vulnerability impacts Spring MVC and Spring WebFlux applications running on JDK 9+. The specific exploit requires the application to run on Tomcat as a WAR deployment. If the application is deployed as a Spring Boot executable jar, i.e. the default, it is not vulnerable to the…

■■■□□ Spring4Shell: Zero-Day Vulnerability in Spring Framework (CVE-2022-22965). https://www.rapid7.com/blog/post/2022/03/30/spring4shell-zero-day-vulnerability-in-spring-framework/ https://t.me/cKure/11098

☆ FORCEDENTRY: Sandbox Escape. A blog by Google’s elite Project zero. The article documents samples share by CitizenLab of the malware the Israel based state-sponsored Cyber-Crime syndicate ‘NSO-Group’ is infecting devices of people. Which often results in their death or harm to them or their relatives. https://googleprojectzero.blogspot.com/2022/03/forcedentry-sandbox-escape.html https://t.me/cKure/11096

■■□□□ A bug in Honda is indicative of the sprawling car-attack surface that could give cyberattackers easy access to victims, as global use of ‘smart car tech’ and EVs surges. https://threatpost.com/automaker-cybersecurity-lagging-tech-adoption/179204/ https://t.me/cKure/11095

■■■□□ New Version of PCI DSS Designed to Tackle Emerging Payment Threats. https://www.pcisecuritystandards.org/document_library?category=pcidss&document=pci_dss https://t.me/cKure/11094

■■■■□ Researchers have disclosed what they say is the first-ever Python-based ransomware strain specifically designed to target exposed Jupyter notebooks, a web-based interactive computing platform that allows editing and running programs via a browser. “The attackers gained initial access via misconfigured environments, then ran a ransomware script that encrypts every file on a given path…

■■■■■ Sophos’ CVE-2022-1040 Zero-Day was used by state sponsored threat actor in the wild says Sophos. The exploit can be triggered remotely via crafter HTTP-POST request at authentication page of the firewall. Workarounds exist. Best one is to take the Sophos consoles offline from www (host internally). ● The exploit was used by apparently Russia…

■■■■■ Zero-Day / Spring4Shell: Security Analysis of the latest Java RCE ‘0-day’ vulnerabilities in Spring. Unauthenticated Remote Code Execution via injection (class) and insecure Java Deserialization exploitable via crafted HTTP-POST request. https://www.lunasec.io/docs/blog/spring-rce-vulnerabilities/ https://t.me/cKure/11091