■■■■■ Reverse Engineering Protobuf Definitions From Compiled Binaries. https://arkadiyt.com/2024/03/03/reverse-engineering-protobuf-definitiions-from-compiled-binaries/ https://t.me/cKure/13727
All posts by cK-bot
March 26, 2024 at 12:47AM
The new cs.github.com search allows for regex, new GitHub Dorks are possible! Example: For getting SSH and FTP passwords via connection strings with: /ssh:\/\/.*:.*@.*target\.com/ /ftp:\/\/.*:.*@.*target\.com/ https://t.me/cKure/13725
March 25, 2024 at 07:32PM
■■□□□ United States’ commerce department has implemented sanctions of Canada based surveillance civilian SandVine for selling technology to authoritarian regimes. Their credit rating has also dropped by “Moody’s ratings”. https://ratings.moodys.com/ratings-news/417457 https://t.me/cKure/13724
March 25, 2024 at 11:29AM
■■■■■ Advanced exploits that I wrote for Pwn2Own competitions and other occasions. https://github.com/badd1e/Pwn https://t.me/cKure/13722
March 25, 2024 at 05:17AM
■□□□□ 19 million plaintext passwords exposed by incorrectly configured Firebase instances. https://www.malwarebytes.com/blog/personal/2024/03/19-million-plaintext-passwords-exposed-by-incorrectly-configured-firebase-instances https://t.me/cKure/13721
March 24, 2024 at 11:12PM
■■■■□ Two different IDOR bugs at mijn.VvAA.nl lead to potential access to data of 130k healthcare providers; including their own cyber risk insurance policy documents and more. https://medium.com/@jonathanbouman/two-different-idor-bugs-at-mijn-vvaa-nl-26d7090f33b5 https://t.me/cKure/13720
March 24, 2024 at 12:10PM
■■■■■ Leaking ObjRefs to Exploit HTTP .NET Remoting. https://code-white.com/blog/leaking-objrefs-to-exploit-http-dotnet-remoting/ https://t.me/cKure/13719
March 24, 2024 at 12:10PM
■■□□□ The Russia-linked threat actor known as Turla infected several systems belonging to an unnamed European non-governmental organization (NGO) in order to deploy a backdoor called TinyTurla-NG (TTNG). https://thehackernews.com/2024/03/russia-hackers-using-tinyturla-ng-to.html https://t.me/cKure/13718
March 24, 2024 at 06:01AM
■■■■■ CVE-2023-48788: Fortinet FortiClient EMS SQL Injection Deep Dive. https://www.horizon3.ai/attack-research/attack-blogs/cve-2023-48788-fortinet-forticlientems-sql-injection-deep-dive/ https://t.me/cKure/13716
March 23, 2024 at 04:01PM
■■□□□ Russia-linked hackers use Smokeloader malware to steal funds from Ukrainian enterprises. Smokeloader malware used by Russia-linked cybercriminals remains one of the major tools for financial hacks in Ukraine, according to a recent report. https://therecord.media/smokeloader-malware-russia-ukraine-financial-institutions https://t.me/cKure/13715