All posts tagged cyber

● A series of critical zero-day vulnerabilities have been detected by a security researcher in D-Link devices / CPEs. As per reports; most or all devices are vulnerable and system access can be achieved. @ckuRED could not conform independently. https://t.me/cKure/13450

■■■□□ [Tool] CVEMap: Open-source tool to query, browse and search CVEs. https://www.helpnetsecurity.com/2024/02/01/cvemap-query-browse-search-cve/ https://t.me/cKure/13449

■□□□□ Data leak at fintech giant reveals staff calling clients ‘idiots’. https://cybernews.com/security/direct-trading-technologies-data-leak/ https://t.me/cKure/13448

■■□□□ Analysis of Cisco Anyconnect vulnerability CVE-2020-3259 as the initial access vector used by the Akira ransomware group https://www.truesec.com/hub/blog/akira-ransomware-and-exploitation-of-cisco-anyconnect-vulnerability-cve-2020-3259 https://t.me/cKure/13447

■■■□□ Reverse Engineering a Cobalt Strike Dropper With Binary Ninja. https://binary.ninja/2022/07/22/reverse-engineering-cobalt-strike.html https://t.me/cKure/13446

■■■■□ SAP Cloud Connector https://redrays.io/blog/sap-cloud-connector-security/ https://t.me/cKure/13445

■■□□□ Cyber-Crime: Energy giant Schneider Electric hit by Cactus ransomware attack. https://www.bleepingcomputer.com/news/security/energy-giant-schneider-electric-hit-by-cactus-ransomware-attack/ https://t.me/cKure/13444

■■□□□ SyscallMeMaybe: Implementation of Indirect Syscall technique to pop an innocent calc.exe https://github.com/oldboy21/SyscallMeMaybe https://t.me/cKure/13443

■■□□□ PurpleLab: Lab solution, providing a swift setup for cybersecurity professionals to test detection rules, simulate logs, and various security tasks. https://github.com/Krook9d/PurpleLab https://t.me/cKure/13442

■■■□□ GraphStrike: A suite of tools that enables CobaltStrike’s HTTPS #Beacon to use Microsoft Graph API for C2 communications. https://github.com/RedSiege/GraphStrike https://t.me/cKure/13441