All posts by cK-bot

■■■■■ [Cracking Windows Kernel with HEVD] Chapter 4: How do we write a shellcode to elevate privileges and gracefully return to userland? https://mdanilor.github.io/posts/hevd-4/ https://t.me/cKure/14244

■■□□□ New York Times source code stolen using exposed GitHub token. https://www.bleepingcomputer.com/news/security/new-york-times-source-code-stolen-using-exposed-github-token/ https://t.me/cKure/14243

■□□□□ SAST CTF: Try to solve without checking answers. Level: Basic https://x.com/intigriti/status/1799729403179524130 https://t.me/cKure/14242

■■■■□ Interesting thread! 2007 Microsoft bug. https://x.com/Laughing_Mantis/status/1799457232607985698 https://t.me/cKure/14241

■■□□□ United Kingdom foreign secretary falls victim to hoax video call. https://www.bbc.com/news/articles/crggxy2pe1eo https://t.me/cKure/14240

■■■■□ TikTok fixes zero-day bug used to hijack high-profile accounts. https://www.bleepingcomputer.com/news/security/tiktok-fixes-zero-day-bug-used-to-hijack-high-profile-accounts/ https://t.me/cKure/14239

■■■■□ LightSpy Spyware’s macOS Variant Found with Advanced Surveillance Capabilities. https://thehackernews.com/2024/06/lightspy-spywares-macos-variant-found.html https://t.me/cKure/14238

■■■■□ Replicant: Reproducing a Fault Injection Attack on the Trezor One. #IoT https://voidstarsec.com/blog/replicant-part-1 https://t.me/cKure/14237

■■■■■ Extracting WhatsApp Database (or any app data) from Android 12/13 using CVE-2024-0044. https://tinyhack.com/2024/06/07/extracting-whatsapp-database-or-any-app-data-from-android-12-13-using-cve-2024-0044/ https://t.me/cKure/14236

■■■□□ File-Tunnel : Tunnel TCP connections through a file. https://labs.jumpsec.com/whats-in-a-name-writing-custom-dns-tunnelling-protocol-on-the-fly-exploiting-unexpected-aws-lambda-misconfiguration-all-in-a-web-app-pen-test-part-1/ https://t.me/cKure/14235