■■□□□ The BfV German domestic intelligence services warn of ongoing attacks carried out by the China-linked APT27 cyberespionage group. https://www.verfassungsschutz.de/SharedDocs/kurzmeldungen/DE/2022/2022-01-26-cyberbrief.html https://securityaffairs.co/wordpress/127230/apt/german-intel-warns-apt27-attacks.html https://t.me/cKure/10627
All posts tagged hack
January 27, 2022 at 12:33PM
■■■■■ Apple Fixes 2 Zero-Day Security Bugs, One Exploited in the Wild. CVE-2022-22587 iOS 15.3 & iPadOS 15.3 fix the Safari browser flaw that could have spilled users’ browsing data, plus a zero day IOMobileFrameBuffer bug exploited in the wild. https://support.apple.com/en-us/HT213054 https://threatpost.com/apple-zero-day-security-exploited/178040/ https://t.me/cKure/10626
January 27, 2022 at 11:01AM
■■■■□ Zero-Day: CVE-2022-0332 | Moodle 3.11 to 3.11.4 – SQL injection. https://github.com/numanturle/CVE-2022-0332 https://t.me/cKure/10625
January 26, 2022 at 09:00PM
■■■■□ Analysis of Xloader’s C2 Network Encryption. https://www.zscaler.com/blogs/security-research/analysis-xloaders-c2-network-encryption https://t.me/cKure/10624
January 26, 2022 at 08:59PM
■■□□□ VMware released security patches to address critical Log4j security vulnerabilities in VMware Horizon servers targeted in ongoing attacks. https://t.me/cKure/10623
January 26, 2022 at 08:56PM
Zero-Day: A vulnerability in Polkit’s pkexec component identified as CVE-2021-4034 (PwnKit) is present in the default configuration of all major Linux distributions and can be exploited to gain full root privileges on the system, researchers warn today. https://blog.qualys.com/vulnerabilities-threat-research/2022/01/25/pwnkit-local-privilege-escalation-vulnerability-discovered-in-polkits-pkexec-cve-2021-4034 https://www.bleepingcomputer.com/news/security/linux-system-service-bug-gives-root-on-all-major-distros-exploit-released/ https://t.me/cKure/10622
January 26, 2022 at 05:09PM
■□□□□ DazzleSpy: macOS backdoor delivered through watering hole attacks. https://www.helpnetsecurity.com/2022/01/26/watering-hole-macos-backdoor/ https://t.me/cKure/10621
January 26, 2022 at 08:54AM
■■■■□ Extrude: Analyse binaries for missing security features, information disclosure and more. Tool https://securityonline.info/extrude-analyse-binaries-for-missing-security-features/ https://t.me/cKure/10620
January 25, 2022 at 08:06PM
■■■□□ Data-Leak: United States California public office admits Covid-19 healthcare data breach. https://portswigger.net/daily-swig/california-public-office-admits-covid-19-healthcare-data-breach https://t.me/cKure/10619
January 25, 2022 at 07:02PM
■■□□□ Tool; ShadowClone allows you to distribute your long running tasks dynamically across thousands of serverless functions and gives you the results within seconds where it would have taken hours to complete. https://github.com/fyoorer/ShadowClone https://t.me/cKure/10618