■■■■□ Researchers have disclosed a new attack technique called Silver SAML that can be successful even in cases where mitigations have been applied against Golden SAML attacks. https://thehackernews.com/2024/02/new-silver-saml-attack-evades-golden.html https://t.me/cKure/13579
All posts tagged cyber
March 1, 2024 at 11:08PM
■■■■□ Court orders maker of Pegasus spyware to hand over code to WhatsApp. Israeli company NSO Group is accused in lawsuit by Meta’s messaging app of spying on 1,400 users over a two-week period. https://www.theguardian.com/technology/2024/feb/29/pegasus-surveillance-code-whatsapp-meta-lawsuit-nso-group https://t.me/cKure/13578
March 1, 2024 at 11:05PM
■■■■□ Apache Solr Backup/Restore APIs RCE Poc (CVE-2023-50386). https://github.com/vvmdx/Apache-Solr-RCE_CVE-2023-50386_POC https://t.me/cKure/13577
March 1, 2024 at 03:17PM
■■■□□ Interesting thread on 403 bypass. https://twitter.com/intigriti/status/1763516054741905580 https://t.me/cKure/13576
March 1, 2024 at 01:41PM
■□□□□ An Automotive Locksmith On The Flipper Zero And Car Theft. https://hackaday.com/2024/02/29/an-automotive-locksmith-on-the-flipper-zero-and-car-theft/ https://t.me/cKure/13575
March 1, 2024 at 01:39PM
■■■■□ CSP bypass on PortSwigger.net using Google script resources joaxcar.com. https://hackerone.com/reports/2279346 Blog: https://joaxcar.com/blog/2024/02/19/csp-bypass-on-portswigger-net-using-google-script-resources/ https://t.me/cKure/13574
March 1, 2024 at 01:29PM
■■■■□ Interesting thread: Cyber Threat Intelligence on Bangladesh Intelligence on Hacker Groups Targeting Bangladesh Government, Educational Institutions, and Businesses. https://twitter.com/stealthmole_int/status/1763384906074489174 https://t.me/cKure/13573
March 1, 2024 at 01:24PM
■■■■□ Zero-Day: Actively exploited open redirect in Google Web Light. https://www.mymybank.tld/?redirect_to=https://login.mybank.tld https://untrustednetwork.net/en/2024/02/26/google-open-redirect/ https://t.me/cKure/13572
March 1, 2024 at 12:18PM
■■■■■ Kali Linux 2024.1 released: New tools, new look, new Kali Nethunter kernels. ● I love the Bluetooth hacking modules. https://www.helpnetsecurity.com/2024/02/29/kali-linux-2024-1-released-new-tools-new-look-kali-nethunter-kernels/ https://t.me/cKure/13571
February 29, 2024 at 09:00AM
■■□□□ Chinese Cyberspies Use New Malware in Ivanti VPN Attacks. Chinese threat actors target Ivanti VPN appliances with new malware designed to persist system upgrades. https://www.securityweek.com/chinese-cyberspies-use-new-malware-in-ivanti-vpn-attacks/ https://t.me/cKure/13570