■□□□□ Cyber-Attack; India: Tamil Nadu police website hacked by cyber criminals.
https://www.thehindu.com/news/national/tamil-nadu/tamil-nadu-police-website-hacked-by-cyber-criminals/article67296670.ece
https://www.thehindu.com/news/national/tamil-nadu/tamil-nadu-police-website-hacked-by-cyber-criminals/article67296670.ece
The Hindu
Tamil Nadu police website hacked by cyber criminals
Tamil Nadu police website hacked by cyber criminals
■■■■■ URL Infection Exploit Silent Java Drive by downloads may happen when visiting a site, opening an e-mail message.
https://github.com/bestjectr/Slient-Url-Exploit-New-Cve-Chrome-Exploit-Html-Downloader
https://github.com/bestjectr/Slient-Url-Exploit-New-Cve-Chrome-Exploit-Html-Downloader
Forwarded from cKure Red
In a first, spyware is found on phone of prominent Russian journalist.
● This is highly likely that Russia deployed the same Zero-Day vulnerability in the (almost) publicly available mobile application hosting a false flag Cyber-Attack on the victim.
https://www.washingtonpost.com/technology/2023/09/13/pegasus-infection-meduza-founder/
● This is highly likely that Russia deployed the same Zero-Day vulnerability in the (almost) publicly available mobile application hosting a false flag Cyber-Attack on the victim.
https://www.washingtonpost.com/technology/2023/09/13/pegasus-infection-meduza-founder/
■■■■■ Four major browsers impacted by a single zero-day vulnerability.
Microsoft Edge, Mozilla Firefox, Google Chrome and Apple's Safari browser have all released patches for CVE-2023-4863.
https://techmonitor.ai/technology/cybersecurity/four-big-tech-browsers-hit-by-one-zero-day-vulnerability
Microsoft Edge, Mozilla Firefox, Google Chrome and Apple's Safari browser have all released patches for CVE-2023-4863.
https://techmonitor.ai/technology/cybersecurity/four-big-tech-browsers-hit-by-one-zero-day-vulnerability
Tech Monitor
Four major browsers impacted by a single zero-day vulnerability
Microsoft Edge, Mozilla Firefox, Google Chrome and Apple's Safari browser have all released patches for CVE-2023-4863.
■■■■■ Autorize is a Burpsuite extension to help you automate authorization vulnerabilities!
It auto-repeats all the requests as an authenticated user as well one without a session.
https://github.com/portswigger/autorize
It auto-repeats all the requests as an authenticated user as well one without a session.
https://github.com/portswigger/autorize
GitHub
GitHub - PortSwigger/autorize: Automatic authorization enforcement detection extension for burp suite written in Jython developed…
Automatic authorization enforcement detection extension for burp suite written in Jython developed by Barak Tawily in order to ease application security people work and allow them perform an automa...
■■■□□ Caesars reportedly paid millions to stop hackers releasing its data.
https://www.engadget.com/caesars-reportedly-paid-millions-to-stop-hackers-releasing-its-data-081052820.html
https://www.engadget.com/caesars-reportedly-paid-millions-to-stop-hackers-releasing-its-data-081052820.html
Engadget
Caesars reportedly paid millions to stop hackers releasing its data
Caesars Entertainment reportedly paid "tens of millions of dollars" to hackers who threatened to release company data.
■■■■□ Bypassing UAC with SSPI Datagram Contexts.
https://splintercod3.blogspot.com/p/bypassing-uac-with-sspi-datagram.html
https://splintercod3.blogspot.com/p/bypassing-uac-with-sspi-datagram.html
■■■■■ Data-Leak: 38TB of data accidentally exposed by Microsoft AI researchers
Wiz Research found a data exposure incident on Microsoft’s AI GitHub repository, including over 30,000 internal Microsoft Teams messages – all caused by one misconfigured SAS token.
https://www.wiz.io/blog/38-terabytes-of-private-data-accidentally-exposed-by-microsoft-ai-researchers
Wiz Research found a data exposure incident on Microsoft’s AI GitHub repository, including over 30,000 internal Microsoft Teams messages – all caused by one misconfigured SAS token.
https://www.wiz.io/blog/38-terabytes-of-private-data-accidentally-exposed-by-microsoft-ai-researchers
wiz.io
38TB of data accidentally exposed by Microsoft AI researchers | Wiz Blog
Wiz Research found a data exposure incident on Microsoft’s AI GitHub repository, including over 30,000 internal Microsoft Teams messages – all caused by one misconfigured SAS token
■■■■■ Fileless Remote Code Execution on Juniper Firewalls - Blog - VulnCheck.
https://vulncheck.com/blog/juniper-cve-2023-36845
https://vulncheck.com/blog/juniper-cve-2023-36845
VulnCheck
VulnCheck - Outpace Adversaries
Vulnerability intelligence that predicts avenues of attack with speed and accuracy.
Forwarded from cKure Red
● Real world OSINT challenge.
United States' military loses F35B over its territory. Unable to track, the US government has requested civilian help to find the missing plane.
https://twitter.com/flightradar24/status/1703827299412455459
https://twitter.com/TeamCharleston/status/1703523385475534968
https://www.businessinsider.com/missing-f35-flying-after-pilot-ejected-soviet-jet-cold-war-2023-9
United States' military loses F35B over its territory. Unable to track, the US government has requested civilian help to find the missing plane.
https://twitter.com/flightradar24/status/1703827299412455459
https://twitter.com/TeamCharleston/status/1703523385475534968
https://www.businessinsider.com/missing-f35-flying-after-pilot-ejected-soviet-jet-cold-war-2023-9
X (formerly Twitter)
Flightradar24 (@flightradar24) on X
The US military is searching for a missing F-35B in South Carolina after the pilot ejected yesterday and the jet kept flying. If you have seen an F-35 in the woods, please contact the US Marines.