All posts tagged cyber

■■■□□ #DataLeak: Oblivion – Data Leak Checker And OSINT Tool. https://github.com/loseys/Oblivion https://t.me/cKure/6578

■■□□□ AutoHotkey-Based credential stealer targets bank in the US and Canada. https://securityaffairs.co/wordpress/112895/malware/credential-stealer-banks.html https://t.me/cKure/6576

■■■■□ #DataLeak: Facebook ads used to steal 615000+ credentials in a phishing campaign. The campaign targeted users in multiple countries including #Egypt , #Philippines, #Pakistan , and #Nepal https://securityaffairs.co/wordpress/112882/hacking/facebook-phishing-campaign-2.html https://t.me/cKure/6575

■■■■□CVE-2020-29583: A hardcoded credential vulnerability was identified in the “zyfwp” user account in some Zyxel firewalls and AP controllers. The account was designed to deliver automatic firmware updates to connected access points through FTP. https://www.zyxel.com/support/CVE-2020-29583.shtml https://t.me/cKure/6573

■■■■□ CVE-2020-29583: Secret Backdoor Account Found in Several Zyxel Firewall, VPN Products. https://thehackernews.com/2021/01/secret-backdoor-account-found-in.html https://t.me/cKure/6572

■□□□□ City of Cornelia Witnessed Fourth Ransomware Attack. https://www.ehackingnews.com/2021/01/city-of-cornelia-witnessed-fourth.html https://t.me/cKure/6571

■■□□□ RogueWinRM – Windows Local Privilege Escalation From Service Account To System. https://www.kitploit.com/2021/01/roguewinrm-windows-local-privilege.html https://t.me/cKure/6570

■■■□□ GKE Auditor – Detect Google Kubernetes Engine Misconfigurations. https://www.darknet.org.uk/2021/01/gke-auditor-detect-google-kubernetes-engine-misconfigurations https://t.me/cKure/6569

■■■■□#DataLeak: SolarWinds hackers accessed some of the source-code of Microsoft. https://thehackernews.com/2020/12/microsoft-says-solarwinds-hackers.html https://t.me/cKure/6568

■■■■□ Bad regex used in Facebook Javascript SDK leads to account takeovers in third party websites that included it. https://ysamm.com/?p=510 https://t.me/cKure/6567