All posts in Uncategorized

■■□□□ Location Data of More Than 100 Million Users Got Compromised. Shazam, a popular music app was a doorway to the user’s precise location. Threat actors took advantage of the Shazam app susceptibilities to discover the victim’s specific location. Ashley King, a British IT security researcher uncovered the vulnerabilities in the Shazam app which could…

■■■□□ #Zeroday: A publicly available fully-functional exploit that could be used to target SAP enterprise software. The exploit leverages a vulnerability, tracked as CVE-2020-6207, that stems from a missing authentication check in SAP Solution Manager (SolMan) version 7.2. https://thehackernews.com/2021/01/beware-fully-functional-released-online.html https://t.me/cKure/6744

■■■□□ #DataLeak: CHwapi hospital suffers a ransomware attack. On Sunday night, the CHwapi hospital in Belgium witnessed a cyberattack that incited the facility to divert emergency patients to different emergency hospitals and defer surgeries.  As per the attackers, they utilized Windows BitLocker to encrypt 40 workers and 100TB of information. In the wake of encrypting…

■□□□□ #Privacy: ADT techie admits he peeked into women’s home security cams thousands of times to watch them undress, have sex. https://go.theregister.com/feed/www.theregister.com/2021/01/23/in_brief_security/ https://t.me/cKure/6742

■■□□□ Add MobileIron CVE-2020-15505 exploit. https://github.com/rapid7/metasploit-framework/pull/14645 https://t.me/cKure/6741

■■■□□ Sigurlx – A Web Application Attack Surface Mapping Tool. https://github.com/drsigned/sigurlx https://www.kitploit.com/2021/01/sigurlx-web-application-attack-surface.html https://t.me/cKure/6740

■■□□□ #DataLeak: Intel Confirms Unauthorized Access of Earnings-Related Data. Intel shares on Friday at one point dropped by as much as 9% from Thursday evening’s close at least partly because of reports the chipmaker was forced to release its Q4, 2020 results a little early because someone illegally accessed earnings-related data from the company. https://t.me/cKure/6739

■■■□□ #DataLeak: SonicWall Hacked Using 0-Day Bugs In Its Own VPN Product. https://thehackernews.com/2021/01/exclusive-sonicwall-hacked-using-0-day.html https://t.me/cKure/6738

■■■□□ MetaFinder – Search For Documents In A Domain Through Google. https://github.com/Josue87/MetaFinder https://www.kitploit.com/2021/01/metafinder-search-for-documents-in.html https://t.me/cKure/6737

■■■□□ Critical Cisco SD-WAN Bugs Allow RCE Attacks https://threatpost.com/critical-cisco-sd-wan-bugs-rce-attacks/163204/ https://t.me/cKure/6736