All posts in May 2021

■■□□□ KubeArmor – Container-aware Runtime Security Enforcement System. https://github.com/accuknox/KubeArmor https://t.me/cKure/7852

■■■□□ Facebook blocks Signal from using ads to show Instagram data collection. Signal attempted to use the Facebook ad program to show how much data is being collected by Instagram to push targeted ads and got banned. https://www.hackread.com/facebook-blocks-signal-instagram-data-collected/ https://t.me/cKure/7850

■■□□□ mobile-mobile control. https://www.instagram.com/reel/COfhCHIgRdG/ https://t.me/cKure/7849

■□□□□ Anti-Spam WordPress Plugin Could Expose Website User Data. https://threatpost.com/anti-spam-wordpress-plugin-expose-data/165901/ https://t.me/cKure/7848

■■■■■ pentest lab: A local pentest lab leverages docker to spin multiple victim services and an attacker service running Kali Linux. https://github.com/oliverwiegers/pentest_lab https://t.me/cKure/7847

■□□□□ Multiple critical vulnerabilities in Exim email server software pose RCE risk. https://portswigger.net/daily-swig/multiple-critical-vulnerabilities-in-exim-email-server-software-pose-rce-risk https://t.me/cKure/7846

■□□□□ Puredns is a fast domain resolver and subdomain bruteforcing tool that can accurately filter out wildcard subdomains and DNS poisoned entries. https://github.com/d3mondev/puredns https://t.me/cKure/7845

■■■□□ CVE-2021-21551 ‘Millions’ of Dell PCs will grant malware, rogue users admin-level access if asked nicely. https://go.theregister.com/feed/www.theregister.com/2021/05/04/dell_driver_flaw/ https://t.me/cKure/7843

■■□□□ Global Phishing Attacks Spawn Three New Malware Strains. The never-seen malware strains have “professionally coded sophistication” and were launched by a well-resourced APT using nearly 50 domains, one hijacked. https://threatpost.com/global-phishing-attacks-new-malware-strains/165857/ https://t.me/cKure/7842

■■■□□ Pystinger – Bypass Firewall For Traffic Forwarding Using Webshell. https://github.com/FunnyWolf/pystinger https://t.me/cKure/7841