All posts tagged cyber

■■■■■ Google Chrome V8 CVE-2024-0517 Out-of-Bounds Write Code Execution. https://blog.exodusintel.com/2024/01/19/google-chrome-v8-cve-2024-0517-out-of-bounds-write-code-execution/ https://t.me/cKure/13416

■■■■■ A PoC that exploits a vulnerability to bypass the Xiaomi HyperOS community restrictions of BootLoader unlocked account bindings. https://github.com/MlgmXyysd/Xiaomi-HyperOS-BootLoader-Bypass#xiaomi-hyperos-bootloader-bypass https://t.me/cKure/13414

■■■■■ Microsoft Teams Covert Channels Research. https://blog.compass-security.com/2024/01/microsoft-teams-covert-channels-research/ https://t.me/cKure/13413

■■■■■ PoC Script for CVE-2022-36553: Exploits an unauthenticated remote command injection vulnerability in Hytec Inter HWL-2511-SS device. https://github.com/0xNslabs/CVE-2022-36553-PoC https://t.me/cKure/13412

■■■□□ CVE-2024-20656: Windows LPE in the VSStandardCollectorService150 service. https://github.com/Wh04m1001/CVE-2024-20656 https://t.me/cKure/13411

Stealing the Bitlocker key from a TPM. https://astralvx.com/stealing-the-bitlocker-key-from-a-tpm/ https://t.me/cKure/13409

■■■■□ Mobile pentesting basics. https://pentestguy.com/ssl-pinning-bypass-using-frida-and-objection/ https://t.me/cKure/13408

■■■■□ Data-Leak: A Threat Actor referring to himself as Ignacio, also humorously calling himself “the McFlurry Bandit”, compromised McDonalds git repo. It contains a large quantity of source code. https://t.me/cKure/13405

■■■■□ Data-Leak from Israel as pro Palestine hacker groups target identities of Jewish (alleged Zionists). Doxxing of multiple individuals happening on telegram and deep web by the groups. https://t.me/cKure/13404

■■■■■ [Tool] SSH-Snake: A self-propagating, self-replicating, file-less script that automates the post-exploitation task of SSH private key and host discovery. https://github.com/MegaManSec/SSH-Snake https://t.me/cKure/13402