All posts tagged hack

☆ Researchers devised a new attack method called ‘Trojan Source’ that allows hide vulnerabilities into the source code of a software project. ● This logical vulnerability is tracked as CVE-2021-42574. https://www.trojansource.codes/ Details: https://securityaffairs.co/wordpress/124081/hacking/trojan-source-attack.html https://t.me/cKure/9921

■■□□□ Hackers Exploiting GitLab Unauthenticated RCE Flaw in the Wild. https://thehackernews.com/2021/11/alert-hackers-exploiting-gitlab.html https://t.me/cKure/9920

■■■■■ List of Pentest utilities | tools https://github.com/S3cur3Th1sSh1t/Pentest-Tools https://t.me/cKure/9919

■■■■□ BlackMatter: New Data Exfiltration Tool Used in Attacks. https://symantec-enterprise-blogs.security.com/blogs/threat-intelligence/blackmatter-data-exfiltration https://t.me/cKure/9918

■■■□□ Tool: BetterSafetyKatz. This modified fork of SafetyKatz dynamically fetches the latest pre-compiled release of Mimikatz directly from the gentilkiwi GitHub repo, runtime patching on detected signatures and uses SharpSploit DInvoke to get it into memory. https://github.com/Flangvik/BetterSafetyKatz https://t.me/cKure/9917

■□□□□ Cybersecurity can drive business transformation instead of holding it back. https://www.helpnetsecurity.com/2021/11/01/cybersecurity-drive-business-transformation/ https://t.me/cKure/9916

■□□□□ Japan : Chaos Ransomware operators target gamers’ Windows devices using Minecraft alt lists as a lure and promoting them on gaming forums. Minecraft Japanese gamers hit by Chaos ransomware using alt lists as lure. https://securityaffairs.co/wordpress/123978/breaking-news/minecraft-gamers-chaos-ransomware.html https://t.me/cKure/9915

■□□□□ ‘Trojan Source’ Bug Threatens the Security of All Code. https://krebsonsecurity.com/2021/11/trojan-source-bug-threatens-the-security-of-all-code/ https://t.me/cKure/9914

● Yet another website: malapi.io https://t.me/cKure/9913

■■■■□ Data-Leak from KSA (Saudi Arabia ) as ~3GB data is publicly leaked pertaining to the regime’s military and government working. Ckure has informed KSA-CERT via public channel. https://t.me/cKure/9911