All posts tagged news

■■■□□ ATMMalScan – Tool for Windows which helps to search for malware traces on an ATM during the DFIR process. https://github.com/fboldewin/ATMMalScan https://www.kitploit.com/2021/01/atmmalscan-tool-for-windows-which-helps.html https://t.me/cKure/6749

■■■■□ jwtXploiter: A tool to test the security of json web token https://github.com/DontPanicO/jwtXploiter https://t.me/cKure/6748

■■□□□ The Secret Parameter, LFR, and Potential RCE in NodeJS Apps https://blog.shoebpatel.com/2021/01/23/The-Secret-Parameter-LFR-and-Potential-RCE-in-NodeJS-Apps/ https://t.me/cKure/6747

■□□□□ Zmap – A Fast Single Packet Network Scanner Designed For Internet-wide Network Surveys. https://github.com/zmap/zmap https://t.me/cKure/6746

■■□□□ Location Data of More Than 100 Million Users Got Compromised. Shazam, a popular music app was a doorway to the user’s precise location. Threat actors took advantage of the Shazam app susceptibilities to discover the victim’s specific location. Ashley King, a British IT security researcher uncovered the vulnerabilities in the Shazam app which could…

■■■□□ #Zeroday: A publicly available fully-functional exploit that could be used to target SAP enterprise software. The exploit leverages a vulnerability, tracked as CVE-2020-6207, that stems from a missing authentication check in SAP Solution Manager (SolMan) version 7.2. https://thehackernews.com/2021/01/beware-fully-functional-released-online.html https://t.me/cKure/6744

■■■□□ #DataLeak: CHwapi hospital suffers a ransomware attack. On Sunday night, the CHwapi hospital in Belgium witnessed a cyberattack that incited the facility to divert emergency patients to different emergency hospitals and defer surgeries.  As per the attackers, they utilized Windows BitLocker to encrypt 40 workers and 100TB of information. In the wake of encrypting…

■□□□□ #Privacy: ADT techie admits he peeked into women’s home security cams thousands of times to watch them undress, have sex. https://go.theregister.com/feed/www.theregister.com/2021/01/23/in_brief_security/ https://t.me/cKure/6742

■■□□□ Add MobileIron CVE-2020-15505 exploit. https://github.com/rapid7/metasploit-framework/pull/14645 https://t.me/cKure/6741

■■■□□ Sigurlx – A Web Application Attack Surface Mapping Tool. https://github.com/drsigned/sigurlx https://www.kitploit.com/2021/01/sigurlx-web-application-attack-surface.html https://t.me/cKure/6740