December 4, 2023 at 09:08PM

■■■■□ Israel Palestine Cyber-War: Iranian hackers attempt to damage critical infrastructure through Israeli Unitronics products. According to a joint warning from American and Israeli cyber security agencies, since November 22, a group linked to the Iranian Revolutionary Guards has attacked Israeli company Unitronics devices which are used to control and automate machines. https://www.calcalistech.com/ctechnews/article/sjcrycyb6 https://t.me/cKure/13297

December 2, 2023 at 08:13PM

■■■□□ Organizations in the Middle East, Africa, and the U.S. have been targeted by an unknown threat actor to distribute a new backdoor called Agent Racoon. https://thehackernews.com/2023/12/agent-racoon-backdoor-targets.html https://t.me/cKure/13295

December 1, 2023 at 12:51PM

■■■■□ Researchers Expose Passive Methods Allowing RSA Keys Extraction From SSH Connections. https://www.blackhatethicalhacking.com/news/researchers-expose-passive-methods-allowing-rsa-keys-extraction-from-ssh-connections/ https://t.me/cKure/13293

December 1, 2023 at 11:38AM

■■■□□ Google has released an update to Chrome which includes seven security fixes including one for a vulnerability which is known to have already been exploited. https://chromereleases.googleblog.com/2023/11/stable-channel-update-for-desktop_28.html https://www.malwarebytes.com/blog/news/2023/11/update-now-chrome-fixes-actively-exploited-zero-day-vulnerability/amp https://t.me/cKure/13291

November 30, 2023 at 11:23AM

■■■■□ Delefriend: A proof-of-concept redteam tool to automatically find and abuse existing GCP service accounts with domain-wide delegation (DWD) on Google Workspace by smartly fuzzing all of the existing JWT combinations that are relevant to the initial GCP identity. A compromised GCP service account key with DWD enabled can be used to perform API calls…