■■□□□ PrivFu: Kernel mode WinDbg extension and PoCs for token privilege investigation.

https://github.com/daem0nc0re/PrivFu

■■■□□ CVE-2022-0847 eBPF: An eBPF program to detect and defense attacks on CVE-2022-0847 (DirtyPipe).

https://github.com/h4ckm310n/CVE-2022-0847-eBPF

■■□□□ LdrLibraryEx: A small x64 library to load dll's into memory.

https://github.com/Cracked5pider/LdrLibraryEx

■■■□□ Google Warns How Hackers Could Abuse Calendar Service as a Covert C2 Channel.

https://thehackernews.com/2023/11/google-warns-of-hackers-absing-calendar.html

■□□□□ Cyber-Attack on Qatari Ecommerce Government by a group calling themselves 'Indian Cyber Force'. It was a DoS attack.

Target - https://ecommerce.gov.qa/

Check Host - https://check-host.net/check-report/130d6715kb0d

Duration: 2 hours (as per the group).

■■■■□ CVE-2023-22518: Improper Authorization Vulnerability in Confluence Data Center and Server.

A critical vulnerability in Atlassian Confluence Data Center and Server. The vulnerability could potentially allow unauthenticated attackers with network access to the Confluence Instance to restore the database of the Confluence instance and eventually execute arbitrary system commands.

https://github.com/ForceFledgling/CVE-2023-22518

■■■■□ Remote Code Execution in Tutanota Desktop due to Code Flaw.

https://www.sonarsource.com/blog/remote-code-execution-in-tutanota-desktop-due-to-code-flaw/

■■■■■ DuckDuckC2: A proof-of-concept C2 channel through DuckDuckGo's image proxy service. The provided example can be extended multiple ways to achieve different deployments.

https://github.com/nopcorn/DuckDuckC2

https://nopcorn.github.io/2023/09/25/duckduckgo-as-c2

■■■■□ Israel-Palestine Cyber-War update!

Snapshot of the Escalated Cyber Warfare in the 2023 Israel-Hamas Conflict : United Kingdom🇬🇧

Twelve pro-Palestinian hacker groups claimed to have targeted the United Kingdom, which supports Israel, and conducted defacement and DDoS attacks on approximately 34 British websites.

■■■□□ Bobber [tool]: Bobber monitors a given Evilginx database file for changes, and if a valid Evilginx session complete with a captured Microsoft Office 365 cookie is found, Bobber will utilize the RoadTools RoadTX library to retrieve the access and refresh tokens for the user, then optionally trigger TeamFiltration to exfiltrate all the sweet, sweet loot. Bobber supports monitoring a local file path or a file path on a remote host through SSH.

https://github.com/Flangvik/Bobber

■■■□□ Hackers exploit Looney Tunables Linux bug, steal cloud creds.

https://www.bleepingcomputer.com/news/security/hackers-exploit-looney-tunables-linux-bug-steal-cloud-creds/

■■■■■ ⚛️ Nuclei AI Browser Extension, built on top of cloud.projectdiscovery.io, simplifies the creation of vulnerability templates, by enabling users to extract vulnerability information from any webpages to quickly and efficiently create #nuclei templates, saving valuable time and effort.

Features:
• Context Menu Option to Generate Template
• HackerOne Report to Nuclei Template Generation
• ExploitDB exploit to Nuclei Template Generation
• BugCrowd / Intigriti / Synack support (Coming soon).

https://github.com/projectdiscovery/nuclei-ai-extension

■■■■■ 🎭 ProxyHub: An advanced [Finder | Checker | Server] tool for proxy servers, supporting both HTTP(S) and SOCKS protocols.

https://github.com/ForceFledgling/proxyhub

■■□□□ Russian hackers switch to LOTL technique to cause power outages.

https://www.bleepingcomputer.com/news/security/russian-hackers-switch-to-lotl-technique-to-cause-power-outage/

■■■■□ Signal tests usernames that keep your phone number private.

https://www.bleepingcomputer.com/news/software/signal-tests-usernames-that-keep-your-phone-number-private/