All posts in Uncategorized

■■■□□ Common Nginx misconfigurations that leave your web server open to attack. https://blog.detectify.com/2020/11/10/common-nginx-misconfigurations/ https://t.me/cKure/6363

● @ckure has received ~300 MB file of leaked data from #China of Chinese Communist Party ☭ (Shanghai Clique). https://t.me/cKure/6362

■■□□□ #UAE : Government official claims victim of increase in #CyberAttack frequency. https://www.reuters.com/article/us-emirates-tech-israel-idUSKBN28G0BW https://t.me/cKure/6361

■■□□□ SolarWinds: only 18,000 odd customers installed backdoored software linked to US govt hacks. https://t.me/cKure/6360

■■■□□ #DataLeak: Spotify Changes Passwords After Another Data Breach. This is the third breach in the past few weeks for the world’s most popular streaming service. https://threatpost.com/spotify-changes-passwords-data-breach/162256/ https://t.me/cKure/6359

■■■□□ Zodiac Killer Cipher Is Cracked After Eluding Sleuths For 51 Years. https://arstechnica.com/information-technology/2020/12/zodiac-killer-cipher-is-cracked-after-eluding-sleuths-for-51-years/ https://t.me/cKure/6358

■■■■■ PoC exploits for CVE-2020-17143 and CVE-2020-17141 the XXE bugs against Exchange Server. – Low privileged authentication only – CVE-2020-17141 is in the EWS API. https://srcincite.io/pocs/cve-2020-17143.py.txt https://srcincite.io/pocs/cve-2020-17141.py.txt https://t.me/cKure/6357

■■■■□ #DataLeak, #Pakistan : ckmc.edu.pk hacked. Actor claimed that the entire site has been backed up and data was dropped (as per the queries shared with @ckure). https://t.me/cKure/6356

■■■□□ Highly Evasive Attacker Leverages SolarWinds Supply Chain to Compromise Multiple Global Victims With SUNBURST Backdoor. http://www.fireeye.com/blog/threat-research/2020/12/evasive-attacker-leverages-solarwinds-supply-chain-compromises-with-sunburst-backdoor.html https://t.me/cKure/6354

■■■□□ Alleged #DataLeak of Airtel #India . https://mobile.twitter.com/cyberblackmagic/status/1338466070303297537 https://t.me/cKure/6353