All posts tagged hacker

■■■■□ Post-Auth Blind NoSQL Injection in the users.list API leads to Remote Code Execution. https://hackerone.com/reports/1130874 https://t.me/cKure/8782

■■■■□ Beelogeer, an open source keylogger that can be disguised as an Adobe Flash update, Word, pdf or pptx document. $ git clone https://github.com/4w4k3/BeeLogger.git $ cd BeeLogger $ install.sh $ bee.py https://t.me/cKure/8781

■■■■■ FOCA (Fingerprinting Organizations with Collected Archives) https://github.com/ElevenPaths/FOCA https://t.me/cKure/8780

■■■■■ Ruse – Mobile Camera-Based Application That Attempts To Alter Photos To Preserve Their Utility To Humans While Making Them Unusable For Facial Recognition Systems. https://github.com/derrumbe/Ruse https://t.me/cKure/8779

■■□□□ Android Banking Trojan Vultur uses screen recording for credentials stealing. https://t.me/cKure/8778

■□□□□ UNCONFIRMED Israel : An actor claims to sell source code (size 150 MB) of the infamous Israeli Cyber-Weapon Pegasus created by ex government employed hackers under NSO Group (private company). The actor is apparently selling it for 1 BTC or 18 ETH (non negotiable) and is open to a middle man service. https://t.me/cKure/8777

■■■■□ ESP32 Marauder: suite of WiFi/Bluetooth offensive and defensive tools for the ESP32. https://github.com/justcallmekoko/ESP32Marauder https://t.me/cKure/8776

■■■□□ United States’ DOJ: SolarWinds hackers breached emails from 27 US Attorneys’ offices. https://www.bleepingcomputer.com/news/security/doj-solarwinds-hackers-breached-emails-from-27-us-attorneys-offices/ https://t.me/cKure/8775

■□□□□ CVE-2021-22930: Node.js fixes severe HTTP2 bug that could let attackers crash apps. https://www.bleepingcomputer.com/news/security/nodejs-fixes-severe-http-bug-that-could-let-attackers-crash-apps/ https://t.me/cKure/8774

■■■□□ Data-Leak from China as social network TikTok loses 70K records to dark market online. A sample was shared and apparently looks good. https://t.me/cKure/8773