All posts by John Doe

■■■■■ Injecting rootkit shellcode into an industrial PLC. Security vulnerabilities in the Schneider Electric M340. LE Security researchers Amir Zaltzman and Avishai Wool shared their journey to hacking Schneider Electric equipment and were able to find and exploit multiple vulnerabilities in its PLCs. In their paper, “From Pass-the-Hash to Code Execution on Schneider Electric M340…

■■■■□ Unconfirmed video of Defense Bypass / adding exclusion. Bypass windows defender with JScript

■□□□□ Cyber-War: Indian Hacktivists claim data breach. Stating Verbatim: Pakistan’s Prison Infrastructure (under Directorate of Monitoring, Pakistan) compromized. Important data obtained related to the prison inmates, their complaints, as well as incidents in the prison like some inmates verbally abusing some some guy named Imran Khan in Rawalpindi Adiala Jail, etc. The complaints include: torture,…

■■■■□ KoviD: A Loadable Kernel Module (LKM) designed for Linux Kernel version 5 and later. https://github.com/carloslack/KoviD

■■■□□ Hacker group shares the following message: After So Many Defaces We returned to DDoS Attacks. Quoting verbatim: Targeting Government sites like: E Portal of Income Tax https://check-host.net/check-report/25f26eb6k5bf official Portal of UP State https://check-host.net/check-report/25f27d2bk144 Portal of Delhi NCR https://check-host.net/check-report/25f281cck706 #Cyber_Wrath

■■■■■ Stealthy .NET Malware : Hiding Malicious Payloads as Bitmap Resources. https://unit42.paloaltonetworks.com/malicious-payloads-as-bitmap-resources-hide-net-malware/ Reverse Engineering Snake Keylogger : Full .NET Malware Analysis Walkthrough https://any.run/cybersecurity-blog/reverse-engineering-snake-keylogger/ A deep dive into .NET malware obfuscators: https://any.run/cybersecurity-blog/net-malware-obfuscators-analysis-part-one/

🍏 CVE-2024-44236: Remote Code Execution vulnerability in Apple macOS. An out-of-bounds write vulnerability has been reported in macOS. The vulnerability is due to the lack of proper validation of “lutAToBType” and “lutBToAType” tag types. A remote attacker could exploit this vulnerability by enticing a victim to open a crafted file. A successful attack may result…

■■□□□ Pakistan Air Force commander, with DG-ISPR in a press conference, released military radio conversation between Indian pilots in which they claimed shooting 5 jets and a drone within over an hour of dog-fight between Indian and Pakistani jets. ✈️✈️✈️🚜☄☄🚀🚀🚀🛩 Inference: 🤍It is very improbable that Indian Air-Force used unencrypted communication. 🤍If it was encrypted,…

■■■□□ Cyber War waged by multiple non state actors on Indian cyber assets. Quoting verbatim: Currently we have taken down radio service in India and caused a total outage of online audio streaming from radioindia.in servers Proofs: https://check-host.net/check-report/25ec3f01k9e6 https://check-host.net/check-report/25ec38b7k137 https://check-host.net/check-report/25ec37fck284 #DieNet

■■■□□ Unsafe at Any Speed: Abusing Python Exec for Unauth RCE in Langflow AI. Unsafe at Any Speed: Abusing Python Exec for Unauth RCE in Langflow AI