cKure
■■■■■ #Breaking #HackingTeam #Italy #PhineasFisher #CNBT #Cayman National Bank and Trust serving Isle of Man #CyberAttack #CyberWar #Hacktivism https://unicornriot.ninja/2019/massive-hack-strikes-offshore-cayman-national-bank-and-trust/
Sherwood.torrent
1.3 MB
The torrent file was not verified before sharing in this channel.
Users are responsible for their own actions at their risk.
Users are responsible for their own actions at their risk.
■□□□□ #DataBreach
https://www.darkreading.com/attacks-breaches/disney+-credentials-land-in-dark-web-hours-after-service-launch/d/d-id/1336395
https://www.darkreading.com/attacks-breaches/disney+-credentials-land-in-dark-web-hours-after-service-launch/d/d-id/1336395
Dark Reading
Cyberattacks & Data Breaches recent news | Dark Reading
Explore the latest news and expert commentary on Cyberattacks & Data Breaches, brought to you by the editors of Dark Reading
■■■■■ #GoodRead: #Facebook took 4 hours, 13 minutes to fix the security issue from initial report by bug hunter.
https://www.josipfranjkovic.com/blog/facebook-friendlist-paymentcard-leak
https://www.josipfranjkovic.com/blog/facebook-friendlist-paymentcard-leak
JosipFranjkovic
Getting any Facebook user's friend list and partial payment card details
I enjoy breaking websites.
■■■□□ #GoodRead #Exploit
https://nlnetlabs.nl/projects/unbound/security-advisories/#vulnerability-in-ipsec-module
https://nlnetlabs.nl/projects/unbound/security-advisories/#vulnerability-in-ipsec-module
NLnet Labs
Unbound - Security Advisories
We take security very seriously. If you have found a security issue in Unbound, please submit a security report. Possible domain hijacking via promiscuous records in the authority section Date:2025-10-22 (updated: 2025-11-26) CVE:CVE-2025-11411 Credit:Yuxiao…
■■■■□ #GoodRead #Windows #LPE; local privilege escalation
https://www.zerodayinitiative.com/blog/2019/11/19/thanksgiving-treat-easy-as-pie-windows-7-secure-desktop-escalation-of-privilege
https://www.zerodayinitiative.com/blog/2019/11/19/thanksgiving-treat-easy-as-pie-windows-7-secure-desktop-escalation-of-privilege
Zero Day Initiative
Zero Day Initiative — Thanksgiving Treat: Easy-as-Pie Windows 7 Secure Desktop Escalation of Privilege
Not much interesting so far, just Yes and No buttons, a password input field, and an X button. You can click the upper-left corner of the window and get the standard, little-used “window menu”, having just Move and Close commands. The password input field…
■■■■□ #GitHub automatic security update
Automated security updates are now available to all developers 🙌
GitHub: We’ll monitor repository dependencies for known security vulnerabilities and then automatically open pull requests to update them. Another step in helping you build and secure your code.
https://github.com/features/security
Automated security updates are now available to all developers 🙌
GitHub: We’ll monitor repository dependencies for known security vulnerabilities and then automatically open pull requests to update them. Another step in helping you build and secure your code.
https://github.com/features/security
GitHub
GitHub Advanced Security · Built-in protection for every repository
Fix vulnerabilities and safeguard your software supply chain with built-in, AI-powered security.
■■□□□ #DataBreach
https://arstechnica.com/information-technology/2019/11/password-data-dumped-online-for-2-2-million-users-of-currency-and-gaming-sites/
https://arstechnica.com/information-technology/2019/11/password-data-dumped-online-for-2-2-million-users-of-currency-and-gaming-sites/
Ars Technica
Password data for ~2.2 million users of currency and gaming sites dumped online
Researcher confirms data belongs to users of Gatehub and EpicBot services.
■■■■□ #Malware #Keylogger #AV #evasion #Phoenix
https://www.zdnet.com/google-amp/article/new-phoenix-keylogger-tries-to-stop-over-80-security-products-to-avoid-detection/
https://www.zdnet.com/google-amp/article/new-phoenix-keylogger-tries-to-stop-over-80-security-products-to-avoid-detection/
ZDNET
New Phoenix Keylogger tries to stop over 80 security products to avoid detection
Phoenix linked to more than 10,000 infections since the malware's launch on a hacking forum in July.
■■■■■ #CPR #CheckPoint #News #Research #Android
This is an example of persistent #ZeroDay which cannot be removed even by the patch. As the libraries derived from open source code (having zeroday) remains vulnerable. Read article for details.
https://research.checkpoint.com/2019/long-known-vulnerabilities-in-high-profile-android-applications/
This is an example of persistent #ZeroDay which cannot be removed even by the patch. As the libraries derived from open source code (having zeroday) remains vulnerable. Read article for details.
https://research.checkpoint.com/2019/long-known-vulnerabilities-in-high-profile-android-applications/
Check Point Research
Long-known Vulnerabilities in High-Profile Android Applications - Check Point Research
Research by: Slava Makkaveev Introduction Most mobile users understandably worry about known vulnerabilities in the core operating system of their devices, which can give an attacker complete control over their mobile phones, and about zero-day vulnerabilities…