All posts in May 2021

■□□□□ Data-Leak: US Agency for Global Media data breach caused by a phishing attack. https://www.bleepingcomputer.com/news/security/us-agency-for-global-media-data-breach-caused-by-a-phishing-attack/ https://t.me/cKure/7840

■□□□□ CVE-2020-28017: An integer overflow in receive_add_recipient() has been found in Exim before version 4.94.2. https://security.archlinux.org/CVE-2020-28017 https://t.me/cKure/7839

■■■■■ CLI for the IPinfo.io IP address API. https://github.com/ipinfo/cli https://t.me/cKure/7838

■■■■■ Unconfirmed: Google Chrome XOR Typer Out-Of-Bounds Access / Remote Code Execution. https://paste.ubuntu.com/p/kdWBprwt8H/ https://t.me/cKure/7836

■■■□□ Stracciatella: Powershell runspace from within C# with AMSI and Script Block Logging disabled. https://github.com/mgeeky/Stracciatella https://t.me/cKure/7835

■□□□□ https://danfabulich.medium.com/never-run-google-ads-if-you-have-an-android-app-897a20604450 https://t.me/cKure/7834

■■■■■ Apple on Monday released security updates for iOS, macOS, and watchOS to address three zero-day flaws and expand patches for a fourth vulnerability that the company said might have been exploited in the wild. CVE-2021-30663: An integer overflow vulnerability that could be exploited to craft malicious web content, which may lead to code execution. The flaw was addressed with…

■■■□□ Data-Leak / Iran Hacker leaks 150 million user records from Iranian Raychat app. https://www.hackread.com/hacker-leaks-iranian-raychat-app-user-records/ https://t.me/cKure/7832

■■■■□ New Attacks Slaughter All Spectre Defenses. https://threatpost.com/attacks-slaughter-spectre-defenses/165809/ https://t.me/cKure/7831

■■■■□ Evasor – A Tool To Be Used In Post Exploitation Phase For Blue And Red Teams To Bypass APPLICATIONCONTROL Policies. https://github.com/cyberark/Evasor https://t.me/cKure/7830