All posts by cK-bot

■□□□□ The Indian Embassy of Ireland (@IndiainIreland) Twitter account has been hijacked. The individuals who stole it are using it to shill various cryptocurrency scams and pretending to be Elon Musk. Source: vk (twitter). https://t.me/cKure/11854

■■■■□ FortiOS, FortiProxy, and FortiSwitchManager Authentication Bypass IOCs (CVE-2022-40684). https://www.horizon3.ai/fortinet-iocs-cve-2022-40684/ https://t.me/cKure/11853

■■■□ Largest Bug-Bounty (physical) has a Guiness record. ● I was part of this event. https://www.guinnessworldrecords.com/world-records/696037-largest-bug-bounty-competition https://t.me/cKure/11852

■■■■■ Tools & Interesting Things for RedTeam Ops. https://github.com/bigb0sss/RedTeam-OffensiveSecurity https://t.me/cKure/11851

■■■□□ File Block EXE. https://github.com/trustedsec/SysmonCommunityGuide/blob/master/chapters/file-blockshredding.md https://t.me/cKure/11850

A tool to spray Shadow Credentials across an entire domain in hopes of abusing long forgotten GenericWrite/GenericAll DACLs over other objects in the domain. https://github.com/Dec0ne/ShadowSpray/ https://t.me/cKure/11848

■■■■□ Hackers Can Use ‘App Mode’ in Chromium Browsers’ for Stealth Phishing Attacks. https://thehackernews.com/2022/10/hackers-can-use-app-mode-in-chromium.html https://t.me/cKure/11847

■■■■■ Zero-Day: CVE-2022-40684 (CVSS score: 9.6). Fortinet revealed that the newly patched critical security vulnerability impacting its firewall and proxy products is being actively exploited in the wild. https://thehackernews.com/2022/10/fortinet-warns-of-active-exploitation.html https://t.me/cKure/11846

■■■□□ Real-world infosec wordlists, updated regularly. https://github.com/trickest/wordlists https://t.me/cKure/11845

● Yet another website: sqlflow.gudusoft.com (Visualizing SQL queries) https://t.me/cKure/11843