All posts in Uncategorized

■■■□□ Exploit development. https://youtu.be/rvSPN_wPFN4 https://t.me/cKure/5363

■□□□□ Darknet fraud: https://www.hackread.com/empire-market-exit-scam-admins-steal-btc/ https://t.me/cKure/5362

■■■□□ Auth bypass: Leaking Google Cloud service accounts and projects https://www.ezequiel.tech/2020/08/leaking-google-cloud-projects.html https://t.me/cKure/5361

■□□□□ Interesting thread on HTTP desync / Smuggling attack https://mobile.twitter.com/PortSwiggerRes/status/1298574366909890560 https://t.me/cKure/5360

■■■■□ Exploit Code (un-tested) for V8: https://github.com/r4j0x00/exploits/blob/master/chrome-exploit/exploit.js Source: https://mobile.twitter.com/r4j0x00/status/1298682570448674817 https://t.me/cKure/5359

■□□□□ Deep Fake: Setting the Stage for Next-Gen Social Engineering. https://www.darkreading.com/attacks-breaches/deep-fake-setting-the-stage-for-next-gen-social-engineering/a/d-id/1338680 https://t.me/cKure/5358

■□□□□ #DataLeak: US-based grocery delivery and pick-up service Instacart has disclosed a security incident that involved unauthorized access of customer information by two support agents from a third-party vendor retained by the company. Instacart says it discovered the breach during a review of support protocols and immediately opened an investigation alongside a forensic analysis team.…

■■□□□ TLS and VPN Flaws Offer Most Pen Tester Access. https://www.infosecurity-magazine.com:443/news/tls-vpn-flaws-tester/ https://t.me/cKure/5356

■■□□□ Hackers for hire group target organizations via 3ds Max exploit. https://securityaffairs.co/wordpress/107541/cyber-crime/3ds-max-exploit-group.html https://t.me/cKure/5355

■■□□□ IDOR through MongoDB Object IDs Prediction. https://techkranti.com/idor-through-mongodb-object-ids-prediction/ https://t.me/cKure/5354