All posts tagged telegram

■■□□□ Nuitka: Revisit the basics of Python reversing. https://goatmilkk.notion.site/Nuitka-a3ac9ee7f3f240f3baa345c17f2b8aa3 https://t.me/cKure/14373

■■■■□ RCE bug in widely used Ghostscript library now exploited in attacks. https://www.bleepingcomputer.com/news/security/rce-bug-in-widely-used-ghostscript-library-now-exploited-in-attacks/ https://t.me/cKure/14372

■■■■□ Solar 4RAYS threat intel team uncovers a new APT group “Lifting Zmiy” (eng. Lifting Serpent) that targets government organizations in Russia and Eastern Europe. The group hosted their C2 infrastructure on compromised servers, which were used in SCADA networks. https://rt-solar.ru/solar-4rays/blog/4506/ https://t.me/cKure/14371

https://s3.timeweb.cloud/fd51ce25-6f95e3f8-263a-4b13-92af-12bc265adb44/rockyou2024.zip https://t.me/cKure/14370

■■■■□ How CVE-2022-24785 MomentJS Path Traversal Works: Detailed Exploit Guide. https://0xjay.com/how-cve-2022-24785-momentjs-path-traversal-works-detailed-exploit-guide https://t.me/cKure/14369

■■■□□ PoC Exploit Released for HTTP File Server Remote Code Execution Vulnerability. https://cybersecuritynews.com/poc-exploit-http-file-server/ https://t.me/cKure/14368

■■■■□ Active Directory Certificate Services (AD CS) – A Beautifully Vulnerable and Mis-configurable Mess. https://logan-goins.com/2024-05-04-ADCS/ https://t.me/cKure/14367

■■■■□ RockYou2024: 10 billion passwords leaked in the largest compilation of all time. https://cybernews.com/security/rockyou2024-largest-password-compilation-leak/ https://t.me/cKure/14366

■■■■■ Signal Messaging App security concern | Privacy An interesting thread: https://x.com/mysk_co/status/1809287118235070662 https://t.me/cKure/14364

Rockyou-2024 has been released on July 4, 2024, in a 45 GB zip file. Previous Rockyou-2021 had 8.4 billion passwords, and the new version has 1.5 billion (added by hacker ‘ObamaCare’), making it a 10 billion word-list. https://t.me/cKure/14362