All posts by cK-bot

■■□□□ Cybersecurity Agencies Warn of China-linked APT40’s Rapid Exploit Adaptation. https://thehackernews.com/2024/07/cybersecurity-agencies-warn-of-china.html https://t.me/cKure/14374

■■□□□ Nuitka: Revisit the basics of Python reversing. https://goatmilkk.notion.site/Nuitka-a3ac9ee7f3f240f3baa345c17f2b8aa3 https://t.me/cKure/14373

■■■■□ RCE bug in widely used Ghostscript library now exploited in attacks. https://www.bleepingcomputer.com/news/security/rce-bug-in-widely-used-ghostscript-library-now-exploited-in-attacks/ https://t.me/cKure/14372

■■■■□ Solar 4RAYS threat intel team uncovers a new APT group “Lifting Zmiy” (eng. Lifting Serpent) that targets government organizations in Russia and Eastern Europe. The group hosted their C2 infrastructure on compromised servers, which were used in SCADA networks. https://rt-solar.ru/solar-4rays/blog/4506/ https://t.me/cKure/14371

https://s3.timeweb.cloud/fd51ce25-6f95e3f8-263a-4b13-92af-12bc265adb44/rockyou2024.zip https://t.me/cKure/14370

■■■■□ How CVE-2022-24785 MomentJS Path Traversal Works: Detailed Exploit Guide. https://0xjay.com/how-cve-2022-24785-momentjs-path-traversal-works-detailed-exploit-guide https://t.me/cKure/14369

■■■□□ PoC Exploit Released for HTTP File Server Remote Code Execution Vulnerability. https://cybersecuritynews.com/poc-exploit-http-file-server/ https://t.me/cKure/14368

■■■■□ Active Directory Certificate Services (AD CS) – A Beautifully Vulnerable and Mis-configurable Mess. https://logan-goins.com/2024-05-04-ADCS/ https://t.me/cKure/14367

■■■■□ RockYou2024: 10 billion passwords leaked in the largest compilation of all time. https://cybernews.com/security/rockyou2024-largest-password-compilation-leak/ https://t.me/cKure/14366

■■■■■ Signal Messaging App security concern | Privacy An interesting thread: https://x.com/mysk_co/status/1809287118235070662 https://t.me/cKure/14364