March 26, 2024 at 12:48AM

■■■■■ Reverse Engineering Protobuf Definitions From Compiled Binaries. https://arkadiyt.com/2024/03/03/reverse-engineering-protobuf-definitiions-from-compiled-binaries/ https://t.me/cKure/13727

March 26, 2024 at 12:47AM

The new cs.github.com search allows for regex, new GitHub Dorks are possible! Example: For getting SSH and FTP passwords via connection strings with: /ssh:\/\/.*:.*@.*target\.com/ /ftp:\/\/.*:.*@.*target\.com/ https://t.me/cKure/13725

March 25, 2024 at 07:32PM

■■□□□ United States’ commerce department has implemented sanctions of Canada based surveillance civilian SandVine for selling technology to authoritarian regimes. Their credit rating has also dropped by “Moody’s ratings”. https://ratings.moodys.com/ratings-news/417457 https://t.me/cKure/13724

March 25, 2024 at 05:17AM

■□□□□ 19 million plaintext passwords exposed by incorrectly configured Firebase instances. https://www.malwarebytes.com/blog/personal/2024/03/19-million-plaintext-passwords-exposed-by-incorrectly-configured-firebase-instances https://t.me/cKure/13721

March 24, 2024 at 11:12PM

■■■■□ Two different IDOR bugs at mijn.VvAA.nl lead to potential access to data of 130k healthcare providers; including their own cyber risk insurance policy documents and more. https://medium.com/@jonathanbouman/two-different-idor-bugs-at-mijn-vvaa-nl-26d7090f33b5 https://t.me/cKure/13720

March 24, 2024 at 12:10PM

■■□□□ The Russia-linked threat actor known as Turla infected several systems belonging to an unnamed European non-governmental organization (NGO) in order to deploy a backdoor called TinyTurla-NG (TTNG). https://thehackernews.com/2024/03/russia-hackers-using-tinyturla-ng-to.html https://t.me/cKure/13718

March 24, 2024 at 06:01AM

■■■■■ CVE-2023-48788: Fortinet FortiClient EMS SQL Injection Deep Dive. https://www.horizon3.ai/attack-research/attack-blogs/cve-2023-48788-fortinet-forticlientems-sql-injection-deep-dive/ https://t.me/cKure/13716

March 23, 2024 at 04:01PM

■■□□□ Russia-linked hackers use Smokeloader malware to steal funds from Ukrainian enterprises. Smokeloader malware used by Russia-linked cybercriminals remains one of the major tools for financial hacks in Ukraine, according to a recent report. https://therecord.media/smokeloader-malware-russia-ukraine-financial-institutions https://t.me/cKure/13715