All posts tagged cyber

■■■■■ CVE-2021-30551 (Type confusion in V8 in Google Chrome). https://cwresearchlab.co.kr/entry/CVE-2021-30551-Type-confusion-in-V8-in-Google-Chrome https://t.me/cKure/14078

Zero-Day: “CVE-2024-21388” – Microsoft Edge’s Marketing API Exploited for Covert Extension Installation. https://labs.guard.io/cve-2024-21388-microsoft-edges-marketing-api-exploited-for-covert-extension-installation-879fe5ad35ca https://t.me/cKure/14076

■■■■■ Code execution in Cisco Secure Client with NAM. https://www.synacktiv.com/advisories/code-execution-in-cisco-secure-client-with-nam https://t.me/cKure/14075

■□□□□ The Dubai Unlocked investigation shows how the emirate became a refuge for self-proclaimed “Cryptoqueen” Ruja Ignatova and nearly a dozen of her associates, even as the United Arab Emirates (UAE) sought to clean up its image as a haven for criminals and fraudsters. Leaked Dubai property files link luxury flats to OneCoin crypto scammers…

■□□□□ Property Data-Leak from Dubai, UAE https://www.occrp.org/en/dubai-unlocked/ https://www.dawn.com/news/1833476 ● However, state controlled media cites otherwise and retired the data-leak claims. https://www.khaleejtimes.com/uae/uae-rubbishes-dubai-unlocked-property-report-claims-vows-to-continue-pursuing-global-criminals https://t.me/cKure/14072

■□□□□ Microsoft fixes three zero-day vulnerabilities, two actively exploited. https://www.csoonline.com/article/2108583/microsoft-fixes-three-zero-day-vulnerabilities-two-actively-exploited.html https://t.me/cKure/14071

■■□□□ ESP32-S3 1.69-inch touch display features 6-axis IMU, RTC, UART, and more… https://www.cnx-software.com/2024/05/17/esp32-s3-1-69-inch-touch-display-features-6-axis-imu-rtc-uart/ https://t.me/cKure/14070

■■□□□ HackBat – DIY open-source hardware Flipper Zero alternative features Raspberry Pi RP2040 MCU, ESP8266 WiFi module, RF transceiver… https://www.cnx-software.com/2024/05/16/hackbat-diy-open-source-hardware-flipper-zero-alternative-features-raspberry-pi-rp2040-mcu-esp8266-wifi-module-rf-transceiver/ https://t.me/cKure/14069

■■■■□ Critical Git vulnerability allows RCE when cloning repositories with submodules (CVE-2024-32002). https://www.helpnetsecurity.com/2024/05/16/git-cve-2024-32002/ https://t.me/cKure/14068

■■■■■ A good read on the difference between site and origin. The terms even experts fail to use circle and often implement interchangeably. https://portswigger.net/web-security/csrf/bypassing-samesite-restrictions https://t.me/cKure/14067