■■■■□ Exploiting the libwebp Vulnerability, Part 1: Playing with Huffman Code. https://www.darknavy.org/blog/exploiting_the_libwebp_vulnerability_part_1/ https://t.me/cKure/13881
All posts tagged hack
April 18, 2024 at 02:54PM
■■■■□ LSA Whisperer – Getting credentials from LSASS without accessing its memory. https://posts.specterops.io/lsa-whisperer-20874277ea3b https://t.me/cKure/13880
April 18, 2024 at 02:54PM
■■■■□ ZIP embedding attack on Google Chrome extensions. https://readme.synack.com/exploits-explained-zip-embedding-attack-on-google-chrome-extensions https://t.me/cKure/13879
April 18, 2024 at 01:35PM
■■■□□ Hackers can read your encrypted AI-assistant chats. For ‘OpenAI’, chats are readable for to flawed encryption and passive sniffing of the network traffic should be enough to compromise the confidentiality. https://www.linkedin.com/pulse/hackers-can-read-your-encrypted-ai-assistant-chats-narendra-sahoo-72daf https://t.me/cKure/13878
April 18, 2024 at 05:31AM
■■■□□ Remediation for Zero-Day, CVE-2024-3149. Update the following softwares to the mentioned version or above and change existing (NIST P521) private keys ● WinSCP 6.3.3 ● FileZilla 3.67.0 ● PuTTY 0.80 NIST P521 private keys are exposed due to biased signature generation. Details: https://www.openwall.com/lists/oss-security/2024/04/15/6 https://t.me/cKure/13876
April 18, 2024 at 05:22AM
■■■■□ Update to WinSCP 6.3.3 as older versions are vulnerable to NIST P521 private keys 🔑 biased signature generation. https://winscp.net/tracker/2285 as part of Zero-Day CVE-2024-31497. https://winscp.net/eng/docs/history#6.3.3 https://t.me/cKure/13875
April 18, 2024 at 05:17AM
■■■■□ Update to FileZilla 3.67.0: FileZilla impacted due to PuTTY ECDSA NIST P-521 private key recovery vulnerability (CVE-2024-31497). https://filezilla-project.org/versions.php https://t.me/cKure/13874
April 18, 2024 at 05:03AM
■■■■□ Zero-Day | CVE-2024-31497 (affecting PuTTY). Research by researchers at Ruhr University. https://www.openwall.com/lists/oss-security/2024/04/15/6 https://t.me/cKure/13873
April 18, 2024 at 04:56AM
Zero-Day in SSH client ‘PuTTY’ assigned CVE-2024-31497 (account takeover via key guessing). Widely-Used PuTTY SSH Client Found Vulnerable to Key Recovery Attack The maintainers of the PuTTY Secure Shell (SSH) and Telnet client are alerting users of a critical vulnerability impacting versions from 0.68 through 0.80 that could be exploited to achieve full recovery of…
April 17, 2024 at 10:57PM
■■■■□ Electronic Warfare: Jam-Resistant American Radio Keeps Ukraine’s Long-Range Drones Flying. https://www.forbes.com/sites/davidhambling/2024/04/17/jam-resistant-american-radio-keeps-ukraines-long-range-drones-flying/ https://t.me/cKure/13870