■■■■□ Bad regex used in Facebook Javascript SDK leads to account takeovers in third party websites that included it. https://ysamm.com/?p=510 https://t.me/cKure/6567
All posts in December 2020
December 31, 2020 at 08:17PM
■■■■■ Offensive Lateral Movement in Windows. https://posts.specterops.io/offensive-lateral-movement-1744ae62b14f https://t.me/cKure/6566
December 31, 2020 at 08:11PM
■□□□□ Fines against banks for data breaches and noncompliance more than doubled in 2020. https://portswigger.net/daily-swig/fines-against-banks-for-data-breaches-and-noncompliance-more-than-doubled-in-2020 https://t.me/cKure/6565
December 31, 2020 at 05:34PM
■■□□□#DataLeak: Emotet campaign hits Lithuania’s National Public Health Center and several state institutions. https://securityaffairs.co/wordpress/112817/malware/emotet-campaign-hit-lithuania.html https://t.me/cKure/6563
December 31, 2020 at 04:56PM
● The website was taken down. The attackers created another domain though. Apparently the domain was posted by the attacker related account in our discussion group (@ckureg). The group is followed by various blue teams and threat intel platforms that can directly take action against such domains. https://t.me/cKure/6562
December 31, 2020 at 12:30PM
■■■■■ Responder now supports SMBv2, shows if smb1 is disabled or not, which Os/Build version, if RDP is open, domain joined, last reboot, etc. And.. you get all that information in less than 5 seconds per class C. https://github.com/lgandx/Responder https://t.me/cKure/6560
December 31, 2020 at 11:47AM
■■■■□ #OSINT: Investigate Google Accounts with emails. github.com/mxrch/GHunt https://t.me/cKure/6559
December 31, 2020 at 09:57AM
■■□□□ Apple loses lawsuit against cyber security startup Corellium. https://www.hackread.com/apple-loses-lawsuit-cyber-security-startup-corellium/ https://t.me/cKure/6558
December 31, 2020 at 07:52AM
■■■■■ #Exclusive #DataLeak: Hacker group RedRabbit Team have created a website which sends details of AirTel #India over the email. We have tested the data for authenticity. Takes around 10 hours to send details. This will be the most audacious leak as it is available on .com clear-net website. https://t.me/cKure/6557
December 30, 2020 at 11:09AM
■■□□□ SolarWinds / Solorigate attackers wanted to access cloud data of the victims. https://t.me/cKure/6553