All posts in Uncategorized

■■■■■ XSS without arbitrary JavaScript. https://portswigger.net/research/redefining-impossible-xss-without-arbitrary-javascript https://t.me/cKure/5624

■■■■□ CVE-2020-8147: Flaw in input validation in npm package utils-extend version 1.0.8 and previous versions may allow prototype pollution attack that may result in remote code execution or denial of service of applications using utils-extend. https://vulmon.com/vulnerabilitydetails?qid=CVE-2020-8147 https://t.me/cKure/5623

■■■■■ UAC bypass (Privilege escalation) https://github.com/elastic/detection-rules/blob/main/rules/windows/privilege_escalation_uac_bypass_diskcleanup_hijack.toml https://mobile.twitter.com/SBousseaden/status/1308683468168146945 https://t.me/cKure/5620

■■□□□ Govt. Services Firm Tyler Technologies Hit in Apparent Ransomware Attack. https://krebsonsecurity.com/2020/09/govt-services-firm-tyler-technologies-hit-in-apparent-ransomware-attack/ https://t.me/cKure/5619

■■■■■ Bypassing User-Mode Hooks. https://winternl.com/memfuck/ https://t.me/cKure/5618

● Yet another website: https://weibell.github.io/reverse-shell-generator/https://weibell.github.io/reverse-shell-generator/ https://t.me/cKure/5616

■■□□□ Material Shell: GNOME UI for Linux. https://github.com/material-shell/material-shell https://t.me/cKure/5615

■■■□□ #DataLeak: Shopify discloses security incident caused by two rogue employees. https://www.zdnet.com/article/shopify-discloses-security-incident-caused-by-two-rogue-employees/#ftag=R#DataLeak: Shopify discloses security incident caused by two rogue employees. https://www.zdnet.com/article/shopify-discloses-security-incident-caused-by-two-rogue-employees/#ftag=RSSbaffb68 https://t.me/cKure/5614

■■■□□ RE https://blog.whtaguy.com/2020/04/guys-30-reverse-engineering-tips-tricks.html https://t.me/cKure/5613

■■■■□ uTorrent CVE-2020-8437 https://blog.whtaguy.com/2020/09/utorrent-cve-2020-8437-vulnerability.html https://t.me/cKure/5612