All posts in Uncategorized

■■■□□ CVE-2021-25646 Apache Druid RCE POC https://gist.github.com/FanqXu/36c5e0070fd8e0b6646993b4e386a6b1 https://t.me/cKure/6801

■■■□□ Escalating SSRF to RCE https://sanderwind.medium.com/escalating-ssrf-to-rce-7c0147371c40 https://t.me/cKure/6800

■■■■□ Geacon – A roll to Implement CobaltStrike’s Beacon in Go language. Download: https://github.com/darkr4y/geacon How to: https://www.kitploit.com/2021/02/geacon-implement-cobaltstrikes-beacon.html https://t.me/cKure/6799

■■■■□ Archives: VBA Macro Trying to Alter the Application Menus. https://isc.sans.edu/diary/rss/27068 https://t.me/cKure/6798

● What most people don’t understand is that most Black-Hats are White during the day. Just another side of the coin with alias. https://t.me/cKure/6797

■■■□□ Common windows AD misconfigurations used by adversaries. https://www.crowdstrike.com/blog/seven-common-microsoft-ad-misconfigurations-that-adversaries-abuse/ https://t.me/cKure/6796

■■■□□ Chrome’s #Zeroday exploit by #NorthKorea 🇰🇵 is tracked here: https://bugs.chromium.org/p/chromium/issues/detail?id=1170176 The issue details and bounty amount will be shared here: https://chromereleases.googleblog.com/2021/02/stable-channel-update-for-desktop_4.html https://t.me/cKure/6795

■□□□□ Report by NCC-Group. https://research.nccgroup.com/2021/01/31/2020-annual-research-report/ https://t.me/cKure/6794

■□□□□ ⚠️ #UnitedStates 🇺🇸: Fraudsters are Using Fake W-8BEN Forms for 2021 Tax Season. https://t.me/cKure/6793

■■■■■ Google fixes Chrome zero-day actively exploited in the wild. CVE-2021-21148: A heap based buffer overflow. Exploit allegedly created by Zinc group; DPRK #NorthKorea https://www.bleepingcomputer.com/news/security/google-fixes-chrome-zero-day-actively-exploited-in-the-wild/ | #0day #Zeroday https://t.me/cKure/6792