■■■■□ WinRAR flaw lets hackers run programs when you open RAR archives.
https://www.bleepingcomputer.com/news/security/winrar-flaw-lets-hackers-run-programs-when-you-open-rar-archives/
https://www.bleepingcomputer.com/news/security/winrar-flaw-lets-hackers-run-programs-when-you-open-rar-archives/
BleepingComputer
WinRAR flaw lets hackers run programs when you open RAR archives
A high-severity vulnerability has been fixed in WinRAR, the popular file archiver utility for Windows used by millions, that can execute commands on a computer simply by opening an archive.
■■■■□ Zero-Day: Thousands of Android malware apps use stealthy APKs to bypass security, study finds. Zimperium report.
https://www.tomsguide.com/news/thousands-of-android-malware-apps-use-stealthy-apks-to-bypass-security-study-finds
https://www.tomsguide.com/news/thousands-of-android-malware-apps-use-stealthy-apks-to-bypass-security-study-finds
tom's guide
Thousands of Android malware apps use stealthy APKs to bypass security, study finds
Hackers are always cooking up new ways to get their
■■■□□ Windows Error Reporting Service Privilege Enhancement Vulnerability (CVE-2023-36874).
#untested
https://github.com/d0rb/CVE-2023-36874
#untested
https://github.com/d0rb/CVE-2023-36874
GitHub
GitHub - d0rb/CVE-2023-36874: This repository contains a proof-of-concept exploit written in C++ that demonstrates the exploitation…
This repository contains a proof-of-concept exploit written in C++ that demonstrates the exploitation of a vulnerability affecting the Windows Error Reporting (WER) component. - d0rb/CVE-2023-36874
■□□□□ [ Tool ] FaceChain: A deep-learning toolchain for generating your Digital-Twin.
https://github.com/modelscope/facechain
https://github.com/modelscope/facechain
GitHub
GitHub - modelscope/facechain: FaceChain is a deep-learning toolchain for generating your Digital-Twin.
FaceChain is a deep-learning toolchain for generating your Digital-Twin. - modelscope/facechain
cKure
■■■□□ Windows Error Reporting Service Privilege Enhancement Vulnerability (CVE-2023-36874). #untested https://github.com/d0rb/CVE-2023-36874
■■■■□ PoC exploit for zero-day Windows Error Reporting Service bug (CVE-2023-36874) releases.
https://securityonline.info/poc-exploit-for-0-day-windows-error-reporting-service-bug-cve-2023-36874-releases/
https://securityonline.info/poc-exploit-for-0-day-windows-error-reporting-service-bug-cve-2023-36874-releases/
Cybersecurity News
PoC exploit for 0-day Windows Error Reporting Service bug (CVE-2023-36874) releases
PoC exploit code will be released for a zero-day vulnerability (CVE-2023-36874) allowing privilege escalation in Microsoft Windows.
■■■■□ Ivanti warns of new actively exploited MobileIron zero-day bug.
CVE-2023-38035 – API Authentication Bypass on Sentry Administrator Interface
https://forums.ivanti.com/s/article/CVE-2023-38035-API-Authentication-Bypass-on-Sentry-Administrator-Interface
https://www.bleepingcomputer.com/news/security/ivanti-warns-of-new-actively-exploited-mobileiron-zero-day-bug/
CVE-2023-38035 – API Authentication Bypass on Sentry Administrator Interface
https://forums.ivanti.com/s/article/CVE-2023-38035-API-Authentication-Bypass-on-Sentry-Administrator-Interface
https://www.bleepingcomputer.com/news/security/ivanti-warns-of-new-actively-exploited-mobileiron-zero-day-bug/
Ivanti
CVE-2023-38035 – API Authentication Bypass on Sentry Administrator Interface
<span style="font-size: 11pt;"><span style="line-height: 107%;"><span style="font-family: Calibri,sans-serif;"><span style="font-family: "Arial",sans-serif;">A vulnerability has been discovered in Ivanti Sentry, formerly known as MobileIron Sentry. This vulnerability…
■■■■□ Researchers discovered a massive campaign that delivered a proxy server application to at least 400,000 Windows systems.
AT&T Alien Labs researchers uncovered a massive campaign that delivered a proxy server application to at least 400,000 Windows systems.
https://securityaffairs.com/149592/cyber-crime/rise-proxy-server-application.html
AT&T Alien Labs researchers uncovered a massive campaign that delivered a proxy server application to at least 400,000 Windows systems.
https://securityaffairs.com/149592/cyber-crime/rise-proxy-server-application.html
Security Affairs
A massive campaign delivered a proxy server application to 400,000 Windows systems
Researchers discovered a massive campaign that delivered proxy server application to at least 400,000 Windows systems.
■■■■■ ATO | How I exploited security issue to take over admin account.
https://ar1fshaikh.medium.com/1st-ato-how-i-exploited-security-issue-to-take-over-admin-account-e0ae309dc356
https://ar1fshaikh.medium.com/1st-ato-how-i-exploited-security-issue-to-take-over-admin-account-e0ae309dc356
Medium
ATO | How I exploited security issue to take over admin account
Few days ago I came across one bug bounty program of an booking website lets call https://redacted.com, it was interesting website with…
■■■■■ #untested exploit
Weaponized CobaltStrike BOF for CVE-2023-36874 Windows Error Reporting LPE.
https://github.com/Octoberfest7/CVE-2023-36874_BOF
Weaponized CobaltStrike BOF for CVE-2023-36874 Windows Error Reporting LPE.
https://github.com/Octoberfest7/CVE-2023-36874_BOF
GitHub
GitHub - Octoberfest7/CVE-2023-36874_BOF: Weaponized CobaltStrike BOF for CVE-2023-36874 Windows Error Reporting LPE
Weaponized CobaltStrike BOF for CVE-2023-36874 Windows Error Reporting LPE - Octoberfest7/CVE-2023-36874_BOF
■■■□□ Cyber-Crime: Owners of nine IP addresses from Navi Mumbai booked by police for hacking into food company's server They allegedly hacked into the server of a online food company and causing loss of more than Rs 4.3 lakh.
1 lakh = 100K
https://www.deccanherald.com/india/maharashtra/owners-of-nine-ip-addresses-from-navi-mumbai-booked-by-police-for-hacking-into-food-companys-server-2660733
1 lakh = 100K
https://www.deccanherald.com/india/maharashtra/owners-of-nine-ip-addresses-from-navi-mumbai-booked-by-police-for-hacking-into-food-companys-server-2660733
Deccan Herald
Owners of nine IP addresses from Navi Mumbai booked by police for hacking into food company's server
They allegedly hacked into the server of a online food company and causing loss of more than Rs 4.3 lakh.
■■□□□ Data-Leak: Byju’s exposed sensitive student data, including loan details.
https://techcrunch.com/2023/08/25/byjus-student-data-exposed/
https://techcrunch.com/2023/08/25/byjus-student-data-exposed/
TechCrunch
Byju’s exposed sensitive student data, including loan details
India's most valuable startup has fixed a server-side misconfiguration that exposed the sensitive data of its students.
■□□□□ Just Git … and Smashing Windows
Thank you, Linus Torvalds.
https://medium.com/asecuritysite-when-bob-met-alice/just-git-7ce83acbf60f
Thank you, Linus Torvalds.
https://medium.com/asecuritysite-when-bob-met-alice/just-git-7ce83acbf60f
Medium
Just Git … and Smashing Windows
Thank you, Linus Torvalds
■■■■■ Hooking / Detoxifying Memory Before Doing Crime.
https://dazzyddos.github.io/posts/Naughty_Hooking_Detoxifying_Memory/
https://dazzyddos.github.io/posts/Naughty_Hooking_Detoxifying_Memory/
Dazzy Ddos
Naughty Hooking Detoxifying Memory Before Doing Crime
Introduction Konnichiwa my dear readers, I trust it’s been a while since my last update. I’m thrilled to be back, and I’m excited to delve into an intriguing, yet undeniably significant aspect of malware development and evasion today.
Forwarded from cKure Red
United States: A Warning from the NSA, CISA and NIST on Post-Quantum Cryptography.
https://medium.com/asecuritysite-when-bob-met-alice/a-warning-from-the-nsa-cisa-and-nist-on-post-quantum-cryptography-fc406a5ade71
https://medium.com/asecuritysite-when-bob-met-alice/a-warning-from-the-nsa-cisa-and-nist-on-post-quantum-cryptography-fc406a5ade71
Medium
All Change in Cybersecurity!
A Warning from the NSA, CISA and NIST on Post-Quantum Cryptography