All posts in Uncategorized

■■□□□ Drupal issues emergency fix for critical bug with known exploits. https://www.bleepingcomputer.com/news/security/drupal-issues-emergency-fix-for-critical-bug-with-known-exploits/ https://t.me/cKure/6155

■■□□□ PrivescCheck: This script aims to enumerate common Windows security misconfigurations that can be leveraged for privilege escalation. It also gathers various information that might be useful for exploitation and/or post-exploitation. https://github.com/itm4n/PrivescCheck https://t.me/cKure/6154

■■□□□ #DataLeak: Actor is selling access to the email accounts of hundreds of C-level executives. https://www.zdnet.com/article/a-hacker-is-selling-access-to-the-email-accounts-of-hundreds-of-c-level-executives/ https://t.me/cKure/6153

■■■□□ Windows RpcEptMapper Service Insecure Registry Permissions EoP. https://itm4n.github.io/windows-registry-rpceptmapper-eop/ https://t.me/cKure/6152

■□□□□ CVE-2012-5958 libupnp 1.6.18 – Stack-based buffer overflow (DoS) exploit code. https://www.exploit-db.com/exploits/49119 https://t.me/cKure/6151

■■■■■ RCE (local exploit): Foxit Reader 9.0.1.1049 – Arbitrary Code Execution. https://www.exploit-db.com/exploits/49116 https://t.me/cKure/6149

■■■■□ Digitally signed Bandook malware targets multiple sectors, again. https://thehackernews.com/2020/11/digitally-signed-bandook-malware-once.html https://t.me/cKure/6148

■■□□□ Spoofed FBI Internet Domains Pose Cyber and Disinformation Risks. https://www.ic3.gov/Media/Y2020/PSA201123 https://t.me/cKure/6147

■■□□□ Android Reverse Engineering WorkBench for VS Code. https://github.com/Surendrajat/APKLab https://t.me/cKure/6146

■■□□□ Hack the lights: The Italian Job in terms of cybersecurity. https://www.kaspersky.com/blog/three-italian-jobs/37841/ https://t.me/cKure/6145