■□□□□ Interesting thread on HTTP desync / Smuggling attack https://mobile.twitter.com/PortSwiggerRes/status/1298574366909890560 https://t.me/cKure/5360
All posts in August 2020
August 27, 2020 at 02:09AM
■■■■□ Exploit Code (un-tested) for V8: https://github.com/r4j0x00/exploits/blob/master/chrome-exploit/exploit.js Source: https://mobile.twitter.com/r4j0x00/status/1298682570448674817 https://t.me/cKure/5359
August 27, 2020 at 12:32AM
■□□□□ Deep Fake: Setting the Stage for Next-Gen Social Engineering. https://www.darkreading.com/attacks-breaches/deep-fake-setting-the-stage-for-next-gen-social-engineering/a/d-id/1338680 https://t.me/cKure/5358
August 26, 2020 at 09:38PM
■□□□□ #DataLeak: US-based grocery delivery and pick-up service Instacart has disclosed a security incident that involved unauthorized access of customer information by two support agents from a third-party vendor retained by the company. Instacart says it discovered the breach during a review of support protocols and immediately opened an investigation alongside a forensic analysis team.…
August 26, 2020 at 09:31PM
■■□□□ TLS and VPN Flaws Offer Most Pen Tester Access. https://www.infosecurity-magazine.com:443/news/tls-vpn-flaws-tester/ https://t.me/cKure/5356
August 26, 2020 at 09:26PM
■■□□□ Hackers for hire group target organizations via 3ds Max exploit. https://securityaffairs.co/wordpress/107541/cyber-crime/3ds-max-exploit-group.html https://t.me/cKure/5355
August 26, 2020 at 08:05PM
■■□□□ IDOR through MongoDB Object IDs Prediction. https://techkranti.com/idor-through-mongodb-object-ids-prediction/ https://t.me/cKure/5354
August 26, 2020 at 07:53PM
■□□□□ FBI informant provides a glimpse into the inner workings of tech support scams. https://www.zdnet.com/article/fbi-informant-provides-a-glimpse-into-the-inner-workings-of-tech-support-scams | #UnitedStates https://t.me/cKure/5353
August 26, 2020 at 09:38AM
■□□□□ Email security bypass. https://www.darkreading.com/attacks-breaches/attackers-use-unicode-and-html-to-bypass-email-security-tools/d/d-id/1338739 https://t.me/cKure/5352
August 25, 2020 at 07:03PM
■□□□□ #Privacy: DHS is tracking people using cell phone location data from a company called Venntel. Customs and Border Protection Paid $476,000 to a Location Data Firm in New Deal. https://www.vice.com/amp/en_us/article/k7qyv3/customs-border-protection-venntel-location-#Privacy: DHS is tracking people using cell phone location data from a company called Venntel. Customs and Border Protection Paid $476,000 to a Location Data…