All posts tagged cyber

■■■■■ Leaking ObjRefs to Exploit HTTP .NET Remoting. https://code-white.com/blog/leaking-objrefs-to-exploit-http-dotnet-remoting/ https://t.me/cKure/13719

■■□□□ The Russia-linked threat actor known as Turla infected several systems belonging to an unnamed European non-governmental organization (NGO) in order to deploy a backdoor called TinyTurla-NG (TTNG). https://thehackernews.com/2024/03/russia-hackers-using-tinyturla-ng-to.html https://t.me/cKure/13718

■■■■■ CVE-2023-48788: Fortinet FortiClient EMS SQL Injection Deep Dive. https://www.horizon3.ai/attack-research/attack-blogs/cve-2023-48788-fortinet-forticlientems-sql-injection-deep-dive/ https://t.me/cKure/13716

■■□□□ Russia-linked hackers use Smokeloader malware to steal funds from Ukrainian enterprises. Smokeloader malware used by Russia-linked cybercriminals remains one of the major tools for financial hacks in Ukraine, according to a recent report. https://therecord.media/smokeloader-malware-russia-ukraine-financial-institutions https://t.me/cKure/13715

■□□□□ Amazon under investigation for selling illegal electronic devices. https://techxplore.com/news/2024-03-amazon-illegal-electronic-devices.html https://t.me/cKure/13714

■■■■□ Manfred Paul breaks into Apple’s Safari browser with a combination of integer underflow bug and PAC bypass. https://youtube.com/shorts/LiFyV-3550E https://t.me/cKure/13713

■■■■□ VMware Workstation exploit by researchers of ‘STAR Labs SG’. https://youtube.com/shorts/b6bLRuzWTnl https://t.me/cKure/13712

■■■■□ Researchers from ‘Cold Eye’ perform guest-to-host escape in Virtual Box. https://youtube.com/shorts/UNBER3Xu4d4 https://t.me/cKure/13711

■■■■□ Seungnyun Lee from ‘Kaist hacking lab’ pawns Microsoft Edge and Chrome browsers using double-tap exploit. https://youtube.com/shorts/QX8pB7dYfJs https://t.me/cKure/13710

■■■□□ Docker Sandbox Escape by ‘STAR Labs SG’ at pwn²own Vancouver. https://youtube.com/shorts/Zc6fnZrJwT0 https://t.me/cKure/13709