All posts tagged cyber

■■■■□ Sncscan – Tool For Analyzing SAP Secure Network Communications (SNC). https://github.com/usdAG/sncscan https://t.me/cKure/13465

■■■■■ Analysis of VirtualBox CVE-2023-21987 and CVE-2023-21991. https://qriousec.github.io/post/vbox-pwn2own-2023/ https://t.me/cKure/13464

■■■■□ A new attack surface for JNDI injection-CVE-2024-20931 analysis. https://glassyamadeus.github.io/2024/01/31/CVE_2024_20931/ https://t.me/cKure/13463

■■■■■ [Tool] Cartographer is a code coverage mapping plugin for Ghidra, enabling researchers to observe which parts of a program have been executed without requiring source code. https://github.com/nccgroup/Cartographer https://research.nccgroup.com/2023/07/20/tool-release-cartographer/ https://t.me/cKure/13461

■■■■□ Havoc C2 with AV/EDR Bypass Methods in 2024 (Part 1). https://medium.com/@sam.rothlisberger/havoc-c2-with-av-edr-bypass-methods-in-2024-part-1-733d423fc67b https://t.me/cKure/13460

■■■■■ A zero-day vulnerability (and PoC) to blind defenses relying on Windows event logs. https://github.com/floesen/EventLogCrasher https://www.helpnetsecurity.com/2024/01/31/windows-event-log-vulnerability/ https://t.me/cKure/13458

■■■■□ How I hacked chess.com with a rookie exploit. https://skii.dev/rook-to-xss/ https://t.me/cKure/13457

Bypassing Wi-Fi Encryption by Manipulating Transmit Queues. https://www.usenix.org/system/files/usenixsecurity23-schepers.pdf https://t.me/cKure/13455

■■■■□ Taking over WhatsApp accounts by reading voicemails. https://medium.com/@rramgattie/taking-over-whatsapp-accounts-by-reading-voicemails-68ad70dc2499 https://t.me/cKure/13454

● A series of critical zero-day vulnerabilities (approximately 3 issues) have been detected by a security researcher in D-Link devices / CPEs. As per reports; most or all devices are vulnerable and system access can be achieved. @ckuRED could not confirm independently. https://t.me/cKure/13452