All posts in Uncategorized

■■■□□ CVE-2022-43781 and CVE-2022-43782: Atlassian Releases Patches for Critical Flaws Affecting Crowd and Bitbucket Products. https://thehackernews.com/2022/11/atlassian-releases-patches-for-critical.html https://t.me/cKure/11948

■■□□□ CVE-2022-40363: Exploiting Flipper Zero’s NFC file loader. https://vvx7.io/posts/2022/09/your-amiibos-haunted/ https://nvd.nist.gov/vuln/detail/CVE-2022-40363 https://t.me/cKure/11947

■■■□□ Interesting thread: GBK Encoding / MultiByte Attack for XSS, CRLF, WAF bypass. https://twitter.com/therceman/status/1593577852900986881 https://t.me/cKure/11946

■■■□□ Analysis of a LoadLibraryA Stack String Obfuscation Technique with Radare2 & x86dbg. https://www.archcloudlabs.com/projects/loadlibrary-analysis/ https://t.me/cKure/11945

■■□□□ A ruling in our legal case against the Glupteba botnet. https://blog.google/outreach-initiatives/public-policy/a-ruling-in-our-legal-case-against-the-glupteba-botnet/ https://t.me/cKure/11944

■■■■□ Emulate Any ISA Card With A Raspberry Pi and an FPGA. https://hackaday.com/2022/11/13/emulate-any-isa-card-with-a-raspberry-pi-and-an-fpga/ https://t.me/cKure/11943

■■□□□ Microsoft Warns of Hackers Using Google Ads to Distribute Royal Ransomware. https://thehackernews.com/2022/11/microsoft-warns-of-hackers-using-google.html https://t.me/cKure/11942

■■■■■ Phishing with Google Calendar and Evilginx2 to Deliver a Malicious Zoom Link. https://drew-sec.github.io/ https://t.me/cKure/11941

■■■□ China based ‘Mustang Panda’ Hackers Actively Targeting Governments Worldwide. https://thehackernews.com/2022/11/chinese-mustang-panda-hackers-actively.html https://t.me/cKure/11940

Orpheus – Bypasses most Kerberoast Detections (with Modified KDC Options and Encryption Types). https://www.trustedsec.com/blog/the-art-of-bypassing-kerberoast-detections-with-orpheus/ https://t.me/cKure/11938