A group called MoroccanConquest By hacking and publishing data related to the CIA and NATO intelligence services, as well as documents about dishes seen in Spain
The team published files attached to two documents, and the other file contains information such as email and names,..... etc.
After checking the first file, we found that the document is normally available to the public.
This is the link to the first document: https://en.m.wikisource.org/wiki/Page:Flying_Saucers_in_Spain_and_North_Africa,_CIA_report.pdf/1
The second document has nothing to do with the first one and is also available to the public You can verify this via Google.
For files containing information such as emails and names that were leaked in 2018
Which indicates that this group has published leaked data before and did not commit any hacking.
#Investigation_of_hacking
#Cyber_Security_News
The team published files attached to two documents, and the other file contains information such as email and names,..... etc.
After checking the first file, we found that the document is normally available to the public.
This is the link to the first document: https://en.m.wikisource.org/wiki/Page:Flying_Saucers_in_Spain_and_North_Africa,_CIA_report.pdf/1
The second document has nothing to do with the first one and is also available to the public You can verify this via Google.
For files containing information such as emails and names that were leaked in 2018
Which indicates that this group has published leaked data before and did not commit any hacking.
#Investigation_of_hacking
#Cyber_Security_News
π₯9π€£7β€2π1π1π€ͺ1
π¨π¨
A new report reveals that the U.S. government (and its services) intends to gradually phase out C and C++ developers and their software as well. In short, this is due to the poor security practices associated with these languages.
The CISA (Cybersecurity and Infrastructure Security Agency) advises developers to transition to more secure languages when it comes to security practices. It recommends Rust, Java, C#, Go, Python, and Swift, considering them to produce fewer errors and weaker security vulnerabilities.
However, this is not that easy. There are significant challenges to this transition:
πΉ Cost vs. Performance: Transitioning from C/C++ will require substantial financial resources, leading to a dilemma of sacrificing performance for cost, or cost for performance.
πΉ Human Resources: The transition also requires experts in languages other than C/C++, which means renewing the workforce from the smallest elements to the largest.
πΉ Reliability of New Products: Transitioning to Rust, for example, may not provide long-term support. Developers may abandon it, for instance.
There was also a previous report (about two years ago) indicating that there are not many C/C++ developers in the world, not just in the U.S. The new report may echo the old one. The shortage of C/C++ developers means we either need to build frameworks in this technology or transition to other technologies.
#Investigation_of_hacking
#Cyber_Security_News
A new report reveals that the U.S. government (and its services) intends to gradually phase out C and C++ developers and their software as well. In short, this is due to the poor security practices associated with these languages.
The CISA (Cybersecurity and Infrastructure Security Agency) advises developers to transition to more secure languages when it comes to security practices. It recommends Rust, Java, C#, Go, Python, and Swift, considering them to produce fewer errors and weaker security vulnerabilities.
However, this is not that easy. There are significant challenges to this transition:
πΉ Cost vs. Performance: Transitioning from C/C++ will require substantial financial resources, leading to a dilemma of sacrificing performance for cost, or cost for performance.
πΉ Human Resources: The transition also requires experts in languages other than C/C++, which means renewing the workforce from the smallest elements to the largest.
πΉ Reliability of New Products: Transitioning to Rust, for example, may not provide long-term support. Developers may abandon it, for instance.
There was also a previous report (about two years ago) indicating that there are not many C/C++ developers in the world, not just in the U.S. The new report may echo the old one. The shortage of C/C++ developers means we either need to build frameworks in this technology or transition to other technologies.
#Investigation_of_hacking
#Cyber_Security_News
π₯3β€2π2π1π₯°1π1
#Exploit π¨ CVE-2024-32640: Automated SQL Injection Exploitation PoC
βοΈA new exploit called "Muraider" has been developed to automate the detection and exploitation of CVE-2024-32640, a SQL injection vulnerability in Mura/Masa CMS. The tool uses Python and integrates with Ghauriβ¦
https://github.com/Stuub/CVE-2024-32640-SQLI-MuraCMS
#Investigation_of_hacking
#Cyber_Security_News
βοΈA new exploit called "Muraider" has been developed to automate the detection and exploitation of CVE-2024-32640, a SQL injection vulnerability in Mura/Masa CMS. The tool uses Python and integrates with Ghauriβ¦
https://github.com/Stuub/CVE-2024-32640-SQLI-MuraCMS
#Investigation_of_hacking
#Cyber_Security_News
π2π2β€1π1π₯1π₯°1π―1π1
xWP-NewV.zip
797.7 KB
π¨π¨
The newest WordPress 2024 Exploits
βοΈThe best newest 2024 method to get webshells
You don't need to buy tools and exploits to get shells, here are the best ones for free.
#Investigation_of_hacking
#Cyber_Security_News
#codeb0ss
The newest WordPress 2024 Exploits
βοΈThe best newest 2024 method to get webshells
You don't need to buy tools and exploits to get shells, here are the best ones for free.
#Investigation_of_hacking
#Cyber_Security_News
#codeb0ss
β€βπ₯3β€1π1π₯°1π1π1
π¨_CvEploiterv2 x xWPv3 Ultimate/Beast Software
π―The most advanced software for CV 2024 expl0its and WordPress vulnerabilities
with the latest version/method.]
βοΈCVE-2024-38761 - Wordpress [Zephyr Project Manager] < Unauthenticated Information Exposure.
βοΈCVE-2024-38759 - Wordpress [Search & Replace] < Unauthenticated PHP Object Injection.
βοΈCVE-2024-6313 - Wordpress [Gutenberg Forms] < Unauthenticated Arbitrary File Upload.
βοΈCVE-2024-6164 - Wordpress [Filter & Grids] < Unauthenticated Local File Inclusion.
βοΈCVE-2024-40348 -
[Bazarr] < Unauthenticated Arbitrary File Read.
βοΈ#CVE-2024-4295 - Wordpress [Email Subscribers by Icegram Expres] < Unauthenticated SQL Injection via Hash.
βοΈCVE-2024-4577 - PHP [CGI] < Unauthenticated Command Injection.
βοΈCVE-2024-4836 - [Edito CMS] < Unauthenticated Sensitive Data Leak.
βοΈCVE-2024-32399 - RaidenMAILD [MailServer] < Unauthenticated Path Traversal.
#Investigation_of_hacking
#Cyber_Security_News
#codeb0ss
π―The most advanced software for CV 2024 expl0its and WordPress vulnerabilities
with the latest version/method.]
βοΈCVE-2024-38761 - Wordpress [Zephyr Project Manager] < Unauthenticated Information Exposure.
βοΈCVE-2024-38759 - Wordpress [Search & Replace] < Unauthenticated PHP Object Injection.
βοΈCVE-2024-6313 - Wordpress [Gutenberg Forms] < Unauthenticated Arbitrary File Upload.
βοΈCVE-2024-6164 - Wordpress [Filter & Grids] < Unauthenticated Local File Inclusion.
βοΈCVE-2024-40348 -
[Bazarr] < Unauthenticated Arbitrary File Read.
βοΈ#CVE-2024-4295 - Wordpress [Email Subscribers by Icegram Expres] < Unauthenticated SQL Injection via Hash.
βοΈCVE-2024-4577 - PHP [CGI] < Unauthenticated Command Injection.
βοΈCVE-2024-4836 - [Edito CMS] < Unauthenticated Sensitive Data Leak.
βοΈCVE-2024-32399 - RaidenMAILD [MailServer] < Unauthenticated Path Traversal.
#Investigation_of_hacking
#Cyber_Security_News
#codeb0ss
π4β€2π1π₯°1π1
π¨π¨The group announced MoroccanConquest that it launched denial of service attacks on the Italian National Gendarmerie website.
And posted the verification link to disable the site.
βοΈAfter checking, we found that the site is working normally and there is nothing wrong with it And it was not affected by any cyber attack.
β make sure: https://www.carabinieri.it/
#Investigation_of_hacking
#Cyber_Security_News
And posted the verification link to disable the site.
βοΈAfter checking, we found that the site is working normally and there is nothing wrong with it And it was not affected by any cyber attack.
β make sure: https://www.carabinieri.it/
#Investigation_of_hacking
#Cyber_Security_News
π5π₯2π₯°2π€2π«‘2β€1π1π1
An unknown group Team 1956 has carried out a massive cyber attack on the CreditGuard payment gateway operated by the Israeli company Hyp targeting the connection between card devices and payment systems This resulted in a complete disruption of credit card payment services in supermarkets stores gas stations and others within the entity
The Jerusalem Post reported that thousands of credit card reading devices at gas stations and major retail chains in the entity stopped working on Sunday morning following a DDoS attack that hit the company responsible for operating the devices
The Hyp Credit Guard company stated to Israeli media that a suspected denial of service attack on communication suppliers is the likely cause of the malfunction across Israeli stores The attack affected many companies across the entity including the Maccabi Health Fund the Gett taxi service the Wolt food delivery app and payment systems for public transport such as Rav Kav Online and HopOn
#Investigation_of_hacking
#CyberSecurityNews
The Jerusalem Post reported that thousands of credit card reading devices at gas stations and major retail chains in the entity stopped working on Sunday morning following a DDoS attack that hit the company responsible for operating the devices
The Hyp Credit Guard company stated to Israeli media that a suspected denial of service attack on communication suppliers is the likely cause of the malfunction across Israeli stores The attack affected many companies across the entity including the Maccabi Health Fund the Gett taxi service the Wolt food delivery app and payment systems for public transport such as Rav Kav Online and HopOn
#Investigation_of_hacking
#CyberSecurityNews
π₯5π3π₯°2β€1π1π1