cKure
@cKure
6.59K subscribers
1.35K photos
320 videos
270 files
12K links

This channel was created in 2018 and contains content from the information security domain.

This channel is primarily run by AI bots (n8n).

Archive: ckure.esy.es
Criticals: @ckuRED
linkedin.com/company/ckure

Support 📨 i@ckure.org
Download Telegram
About
Blog
Apps
Platform
Join
cKure
6.59K subscribers
cKure
https://n0where.net/linux-privilege-escalation-roothelper
123 views
cKure
When someone doesn't understand security

https://www.securityweek.com/vulnerability-or-not-pen-tester-quarrels-software-maker
SecurityWeek
Vulnerability or Not? Pen Tester Quarrels With Software Maker
A security researcher has published details of what he considers to be a vulnerability in the RLM web application provided by Reprise Software. Reprise CEO Matt Christiano has told SecurityWeek, it is not a vulnerability.
115 views
cKure
https://www.securityweek.com/singapore-health-database-hit-major-cyberattack
SecurityWeek
Singapore Says Hackers Stole 1.5 Million Health Records in Massive Cyberattack
Hackers have stolen the health records of 1.5 million Singaporeans including Prime Minister Lee Hsien Loong, authorities said Friday, with the leader specifically targeted in the city-state's biggest ever data breach.
118 views
cKure
https://www.securityweek.com/path-securing-iot-ecosystems-starts-network
SecurityWeek
The Path to Securing IoT Ecosystems Starts at the Network
Security at the Device and Network Level is Critical to the Successful Operation of IoT
436 views
cKure
Tool for detecting DLL hijacking.

Input = .exe

https://github.com/MojtabaTajik/Robber
GitHub
GitHub - MojtabaTajik/Robber: Robber is open source tool for finding executables prone to DLL hijacking
Robber is open source tool for finding executables prone to DLL hijacking - MojtabaTajik/Robber
124 views
cKure
https://github.com/Mr-Un1k0d3r/MaliciousMacroGenerator
GitHub
GitHub - Mr-Un1k0d3r/MaliciousMacroGenerator: Malicious Macro Generator
Malicious Macro Generator. Contribute to Mr-Un1k0d3r/MaliciousMacroGenerator development by creating an account on GitHub.
125 views
cKure
https://blog.xpnsec.com/total-meltdown-cve-2018-1038/amp/
114 views
cKure
https://n0where.net/exploit-search-xpl-search
338 views
cKure
https://techcrunch.com/2018/07/19/vacuum-vulnerability-hack-diqee-positive-technologies/amp/
TechCrunch
A vacuum vulnerability could mean your Roomba knockoff is hoovering up surveillance
Yet again we are reminded that the mild conveniences of the smart home are all well and good, right up until someone decides to turn one of those
121 views
cKure
https://n0where.net/what-the-fuzz-radamsa
131 views
cKure
https://keenlab.tencent.com/en/2018/07/19/Exploiting-iOS-11-0-11-3-1-Multi-path-TCP-A-walk-through/
Keen Security Lab Blog
Exploiting iOS 11.0-11.3.1 Multi-path-TCP:A walk through
IntroductionThe iOS 11 mptcp bug (CVE-2018-4241) discovered by Ian Beer is a serious kernel vulnerability which involves a buffer overflow in mptcp_usr_connectx that allows attackers to execute arbitr
126 views
cKure
https://amp.tomshardware.com/news/cisco-backdoor-hardcoded-accounts-software,37480.html
Tom's Hardware
Backdoors Keep Appearing In Cisco's Routers
Five different backdoors were found in Cisco's software this year, and Cisco's history with backdoors goes back many years.
122 views
cKure
https://www.bleepingcomputer.com/news/security/half-a-billion-iot-devices-vulnerable-to-dns-rebinding-attacks/
BleepingComputer
Half a Billion IoT Devices Vulnerable to DNS Rebinding Attacks
Armis, the cyber-security firm that discovered the BlueBorne vulnerabilities in the Bluetooth protocol, warns that nearly half a billion of today's "smart" devices are vulnerable to a decade-old attack known as DNS rebinding.
124 views
cKure
https://n0where.net/microsoft-azure-cloud-security-auditing-azurite
130 views
cKure
https://www.eff.org/deeplinks/2018/07/between-you-me-and-google-problems-gmails-confidential-mode
Electronic Frontier Foundation
Between You, Me, and Google: Problems With Gmail's “Confidential Mode”
With Gmail’s new design rolled out to more and more users, many have had a chance to try out its new “Confidential Mode.” While many of its features sound promising, what “Confidential Mode” provides
128 views
cKure
https://opnsec.com/2018/07/into-the-borg-ssrf-inside-google-production-network/
OpnSec
Into the Borg – SSRF inside Google production network | OpnSec
Intro - Testing Google Sites and Google Caja In March 2018, I reported an XSS in Google Caja, a tool to securely embed arbitrary html/javascript in a webpage. In May 2018, after the XSS was fixed, I r
126 views
cKure
https://posts.specterops.io/hunting-for-bad-apples-part-2-6f2d01b1f7d3
Medium
Hunting for Bad Apples — Part 2
In the previous post in this series, I introduced the use case of an attacker persisting via a LaunchAgent/Daemon, and a few osquery…
123 views
cKure
https://www.hackread.com/googleusercontent-cdn-hosting-images-infected-with-malware
Hackread - Latest Cybersecurity, Tech, Crypto & Hacking News
GoogleUserContent CDN Hosting Images Infected with Malware
The injected malware uses EXIF format to hide the code and the compromised images are available on Google+ and GoogleUserContent sites.
127 views
cKure
https://n0where.net/packet-capture-utility-stenographer
124 views
cKure
Someone published a POC for CVE-2018-2893, a vulnerability in Oracle WebLogic servers

https://github.com/anbai-inc/CVE-2018-2893/
145 views
cKure
https://n0where.net/best-web-application-vulnerability-scanners
135 views