🔵Unpatched Baidu SkyDrive PC version has dll hijacking vulnerability:

https://dailycve.com/unpatched-baidu-skydrive-pc-version-has-dll-hijacking-vulnerability

🔵WordPress easy-wp-smtp plugin log information disclosure vulnerability:

https://dailycve.com/wordpress-easy-wp-smtp-plugin-log-information-disclosure-vulnerability

K Health’s growth continues: Raised $ 132 million at a value of $ 1.4 billion.
#International

Google is investing in the local Indian distribution start-up Dunzo.
#International

- Manifest and userlist updater: By clicking on *"help"*>*"update files"* -

Easy install: Basically, you will be able to build your own list of apps that you'd like to mass install after a reset or fresh
install. It can also be used anytime to install a package. If you saved a backup file using the save feature prior to your reset or fresh install, you will be able to restore the apps from that list if they're available to install.

Easy PPA: With this feature, you can search launchpad.net for PPAs containing apps directly from resetter and install it into your system. It will also grab the ppa's key automatically. This eliminates the need of using a terminal to add ppas from launchpad making distros more user friendly.

Source Editor: It is a normal editor that can disable, enable, or remove ppas from a user's system but what makes this different from other source editors

>FREE: https://www.youtube.com/watch?v=k0wsPzO355o

https://github.com/gaining/Resetter/releases/tag/v3.0

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🔵File upload vulnerability exists in Huixing Home website building system:

https://dailycve.com/file-upload-vulnerability-exists-huixing-home-website-building-system

🔵Unpatched SongCMS has SQL injection vulnerability:

https://dailycve.com/unpatched-songcms-has-sql-injection-vulnerability

New cryptocurrency mining botnets for linux.
#Malwares

Cloud jacking refers to stealing an enterprise or individual’s cloud access account.
#CyberAttacks

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑 sending bulk text/image to know/unknown numbers via WHATSAPPWEB:

🄸🄽🅂🅃🄰🄻🄻🄸🅂🄰🅃🄸🄾🄽 & 🅁🅄🄽 :

Download the latest binary release.
run on your system.
or create your binary locally as below

Note : (Requirements) Golang setup on your local

1) Download https://github.com/Piyushhbhutoria/whatsappWebAPI

run commands below
2 go get .

2) go build .
Run the binary

3) Scan the QR code with whatsapp web

4) Put your lists for bulk message and pictures to send in same folder

5) Press the following number to send message on whatsapp

Test --> 0
Send Text --> 1
Send Image --> 2
Send bulk text --> 3
Send bulk image --> 4
Exit --> 5
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

According to the Latest reports: Data leak habits have improved dramatically since 2020.
#Leaks #Analytiques

An unforeseen special market for telecommuting and GIGA mobile notebooks, but the reason why manufacturers are still ready.
#International

🔵Unpatched SongCMS has SQL injection vulnerability:

https://dailycve.com/unpatched-songcms-has-sql-injection-vulnerability

🔵Oracle Fusion Middleware Access Control Error Vulnerability:

(Shell Code inside the link)

https://dailycve.com/oracle-fusion-middleware-access-control-error-vulnerability

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑What are the uses of a shell code ?

1) Download and execute
Download and execute is a type of remote shellcode that downloads and executes some form of malware on the target system. This type of shellcode does not spawn a shell, but rather instructs the machine to download a certain executable file off the network, save it to disk and execute it. Nowadays, it is commonly used in drive-by download attacks, where a victim visits a malicious webpage that in turn attempts to run such a download and execute shellcode in order to install software on the victim's machine. A variation of this type of shellcode downloads and loads a library.

2) Staged
When the amount of data that an attacker can inject into the target process is too limited to execute useful shellcode directly, it may be possible to execute it in stages. First, a small piece of shellcode (stage 1) is executed. This code then downloads a larger piece of shellcode (stage 2) into the process's memory and executes it.

3) Egg-hunt
This is another form of staged shellcode, which is used if an attacker can inject a larger shellcode into the process but cannot determine where in the process it will end up. Small egg-hunt shellcode is injected into the process at a predictable location and executed. This code then searches the process's address space for the larger shellcode (the egg) and executes it

4) Omelette
This type of shellcode is similar to egg-hunt shellcode, but looks for multiple small blocks of data (eggs) and recombines them into one larger block (the omelette) that is subsequently executed. This is used when an attacker can only inject a number of small blocks of data into the process.

5) Shellcode execution strategy
An exploit will commonly inject a shellcode into the target process before or at the same time as it exploits a vulnerability to gain control over the program counter. The program counter is adjusted to point to the shellcode, after which it gets executed and performs its task. Injecting the shellcode is often done by storing the shellcode in data sent over the network to the vulnerable process, by supplying it in a file that is read by the vulnerable process or through the command line or environment in the case of local exploits.

(a short brief using some wiki references)
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

Launched "Gov-Cloud", a huge government cloud that swallows local governments and German law, and is confused by local governments.
#Updates

Without their smart speakers Yandex left Russians.
#International

🔵Tufin Securechange cross-site scripting vulnerability:

https://dailycve.com/tufin-securechange-cross-site-scripting-vulnerability

🔵Cisco Data Center Network Manager input validation error vulnerability:
(DC - 237-2021)

https://dailycve.com/cisco-data-center-network-manager-input-validation-error-vulnerability