All posts tagged news

■□□□□ #DataLeak: UiPath admits to accidentally exposing a file containing the personal details of some of its registered users. https://www.zdnet.com/google-amp/article/robotics-unicorn-uipath-discloses-data-breach/ https://t.me/cKure/6325

■■■■□ CVE-2020-17140 Windows SMB Information Disclousure Analysis – 360 核心安全技术博客. https://blogs.360.cn/post/CVE-2020-17140-Analysis.html https://t.me/cKure/6324

■■□□□ Interesting thread with report on netwalker ransomware. https://mobile.twitter.com/falsneg/status/1337148946536226816 https://t.me/cKure/6323

■■■■■ One of the cleanest lock picking and key generation setup for ordinary locks. https://youtu.be/DGdsIrAjp3k https://t.me/cKure/6322

■■□□□ Facebook doxes APT32, links #Vietnam’s primary hacking group to local IT firm. https://www.zdnet.com/article/facebook-doxes-apt32-links-vietnams-primary-hacking-group-to-local-it-firm/ https://t.me/cKure/6321

■■□□□ Likely Ginghis Khan revenge by #China: Chinese APT suspected of supply chain attack on Mongolian government agencies. https://www.zdnet.com/article/chinese-apt-suspected-of-supply-chain-attack-on-mongolian-government-agencies/ https://t.me/cKure/6320

■■■□□ Fireeye TTPs used by the red team tools: https://www.picussecurity.com/resource/blog/techniques-tactics-procedures-utilized-by-fireeye-red-team-tools https://t.me/cKure/6319

■■■■□ Site wide CSRF affecting both job seeker and Employer account on glassdoor.com https://hackerone.com/reports/790061 https://t.me/cKure/6318

■■■■□ Portable Data exFiltration: XSS for PDF files. https://portswigger.net/research/portable-data-exfiltration https://t.me/cKure/6317

■□□□□ 85,000 MySQL Servers Hit in Active Ransomware Campaign. https://www.darkreading.com/threat-intelligence/85000-mysql-servers-hit-in-active-ransomware-campaign/d/d-id/1339673 https://t.me/cKure/6316