■■■■■ SANS hacked: SANS infosec training org suffers data breach after phishing attack. https://www.bleepingcomputer.com/news/security/sans-infosec-training-org-suffers-data-breach-after-phishing-attack/ | #CyberAttack https://t.me/cKure/5226
All posts by cK-bot
August 12, 2020 at 02:50PM
■■□□□ #CyberAttack: China-Based APT Targeting Myanmarese Entities https://www.anomali.com/blog/unknown-china-based-apt-targeting-myanmarese-entities |#Mayanmar #Burma #CyberAttack: China-Based APT Targeting Myanmarese Entities https://www.anomali.com/blog/unknown-china-based-apt-targeting-myanmarese-entities |#Mayanmar #Burma #China https://t.me/cKure/5225
August 12, 2020 at 02:03PM
■■■■■ Internet Explorer and Windows #zeroday exploits used in Operation PowerFall. CVE-2020-0986CVE-2020-1380 https://securelist.com/ie-and-windows-zero-day-operation-powerfal#zeroday exploits used in Operation PowerFall. CVE-2020-0986CVE-2020-1380https://securelist.com/ie-and-windows-zero-day-operation-powerfall/97976/ https://t.me/cKure/5224
August 12, 2020 at 12:09PM
■■■■■ WAF bypass: XSS cheat sheet. https://portswigger.net/research/when-alert-fails-exploiting-transient-events https://t.me/cKure/5222
August 12, 2020 at 09:45AM
■■■■□ Active zeroday exploitation. https://threatpost.com/0-days-active-attack-bugs-patched-microsoft/158280/ #zeroday https://t.me/cKure/5221
August 12, 2020 at 08:56AM
■■■■□ Microsoft Patches 120 Vulnerabilities, Two Zerodays. https://www.darkreading.com/vulnerabilities—threats/microsoft-patches-120-vulnerabilities-two-zero-days/d/d-id/1338642 | #0day #zeroday https://t.me/cKure/5220
August 12, 2020 at 08:55AM
■■□□□ Slack Strengthens Cybersecurity Controls. https://securityboulevard.com/2020/08/slack-strengthens-cybersecurity-controls/ https://t.me/cKure/5219
August 12, 2020 at 08:41AM
■■■■■ Critical Flaws Affect Citrix Endpoint Management (XenMobile Servers). •CVE-2020-8208CVE-2020-8209CVE-2020-8210CVE-2020-8211CVE-2020-8212https://support.citrix.com/article/CTX277457 https://thehackernews.com/2020/08/citrix-endpoint-management.html https://t.me/cKure/5218
August 12, 2020 at 12:58AM
■■□□□ #DataLeak: NCC Group admits its training data was leaked online after folders full of CREST pentest certification exam notes posted to GitHub. https://www.theregister.com/AMP/2020/08/11/ncc_group_crest_chea#DataLeak: NCC Group admits its training data was leaked online after folders full of CREST pentest certification exam notes posted to GitHub. https://www.theregister.com/AMP/2020/08/11/ncc_group_crest_cheat_sheets/ https://t.me/cKure/5217
August 12, 2020 at 12:54AM
■■■■□ Malware is an important part of an engagement, though as many security solutions are now evolving past rudimentary signature comparisons to using more advanced techniques to detect malicious activity, it is important that we as attackers understand the methods they are using and how we can avoid them. https://blog.dylan.codes/defending-your-malware https://t.me/cKure/5216