■■□□□ #Zeroday / #0day: The LPE bug could allow an attacker to install programs; view, change, or delete data; or create new accounts with full user rights.
https://threatpost.com/windows-zero-day-circulating-faulty-fix/162610/
https://threatpost.com/windows-zero-day-circulating-faulty-fix/162610/
Threat Post
Windows Zero-Day Still Circulating After Faulty Fix
The LPE bug could allow an attacker to install programs; view, change, or delete data; or create new accounts with full user rights.
■■■□□ Censys-Python - An Easy-To-Use And Lightweight API Wrapper For The Censys Search Engine.
https://github.com/censys/censys-python
https://github.com/censys/censys-python
GitHub
GitHub - censys/censys-python: An easy-to-use and lightweight API wrapper for Censys APIs.
An easy-to-use and lightweight API wrapper for Censys APIs. - censys/censys-python
■■■■□ Vulmap - Web Vulnerability Scanning And Verification Tools.
https://github.com/zhzyker/vulmap
https://www.kitploit.com/2020/12/vulmap-web-vulnerability-scanning-and.html
https://github.com/zhzyker/vulmap
https://www.kitploit.com/2020/12/vulmap-web-vulnerability-scanning-and.html
GitHub
GitHub - zhzyker/vulmap: Vulmap 是一款 web 漏洞扫描和验证工具, 可对 webapps 进行漏洞扫描, 并且具备漏洞验证功能
Vulmap 是一款 web 漏洞扫描和验证工具, 可对 webapps 进行漏洞扫描, 并且具备漏洞验证功能 - zhzyker/vulmap
■■■□□ Microsoft Warns CrowdStrike of Hackers Targeting Azure Cloud Customers and alleged unsuccessful attempt to compromise CrowdStrike.
https://thehackernews.com/2020/12/microsoft-warns-crowdstrike-of-hackers.html
https://thehackernews.com/2020/12/microsoft-warns-crowdstrike-of-hackers.html
cKure
■□□□□ 📢 Ongoing DDoS attack impacting Netscaler ADCS. https://www.bleepingcomputer.com/news/security/citrix-confirms-ongoing-ddos-attack-impacting-netscaler-adcs/
■■□□□ Citrix confirmed that a DDoS attack is targeting Citrix Application Delivery Controller (ADC) networking equipment.
cKure
Screenshot_20201223-004909_Chrome.jpg
■■■■■ Update: Signal – the World’s Most Encrypted App – Was Not Hacked by Israeli 🇮🇱 firm Cellebrite. #Israel
https://www.haaretz.com/amp/israel-news/tech-news/.premium-no-signal-the-world-s-most-encrypted-app-was-not-hacked-by-israeli-firm-cellebr-1.9398118
https://www.haaretz.com/amp/israel-news/tech-news/.premium-no-signal-the-world-s-most-encrypted-app-was-not-hacked-by-israeli-firm-cellebr-1.9398118
Haaretz.com
No, Signal – the world’s most encrypted app – was not hacked by Israeli firm Cellebrite
***
■■□□□ Russian crypto-exchange Livecoin hacked after it lost control of its servers.
https://www.zdnet.com/article/russian-crypto-exchange-livecoin-hacked-after-it-lost-control-of-its-servers/
https://www.zdnet.com/article/russian-crypto-exchange-livecoin-hacked-after-it-lost-control-of-its-servers/
ZDNet
Russian crypto-exchange Livecoin hacked after it lost control of its servers
Hackers gained access to the Livecoin portal and modified exchange rates to 10-15 times their normal values.
■■□□□ Vulnerabilities in McAfee ePolicy Orchestrator.
https://swarm.ptsecurity.com/vulnerabilities-in-mcafee-epolicy-orchestrator/
https://swarm.ptsecurity.com/vulnerabilities-in-mcafee-epolicy-orchestrator/
PT SWARM
Vulnerabilities in McAfee ePolicy Orchestrator
This August, I discovered three vulnerabilities in McAfee ePolicy Orchestrator (ePO) version 5.10.0. McAfee ePO is software that helps IT administrators unify security management across endpoints, networks, data, and compliance solutions from McAfee and…
cKure
6dd04fe2-7d10-4632-89f1-eb8f932f6e94.pdf
■■■□□ Detailed technical analysis of SolarWinds Hack / SunBurst.
https://www.fireeye.com/blog/threat-research/2020/12/sunburst-additional-technical-details.html
https://www.fireeye.com/blog/threat-research/2020/12/sunburst-additional-technical-details.html
Google Cloud Blog
SUNBURST Additional Technical Details | Mandiant | Google Cloud Blog
■■□□□ #DataLeak: A misconfigured AWS ☁️ cloud storage bucket has exposed the personal details of hundreds of social media influencers, potentially putting them at risk of fraud and harassment, according to researchers.
A team at vpnMentor discovered the AWS S3 bucket wide open with no encryption or password protection, back in early November. Action has apparently yet to be taken by the company responsible, Barcelona-based “social commerce” company 21 Buttons.
https://www.infosecurity-magazine.com:443/news/misconfigured-bucket-exposes/
A team at vpnMentor discovered the AWS S3 bucket wide open with no encryption or password protection, back in early November. Action has apparently yet to be taken by the company responsible, Barcelona-based “social commerce” company 21 Buttons.
https://www.infosecurity-magazine.com:443/news/misconfigured-bucket-exposes/
Infosecurity Magazine
Misconfigured AWS Bucket Exposes Hundreds of Social Influencers
Victims could be targeted by stalkers and fraudsters
cKure
■■■□□ Microsoft Warns CrowdStrike of Hackers Targeting Azure Cloud Customers and alleged unsuccessful attempt to compromise CrowdStrike. https://thehackernews.com/2020/12/microsoft-warns-crowdstrike-of-hackers.html
■■■■□ SolarWinds / Solorigate: Suspected Russian hackers used Microsoft vendors to breach customers.
https://in.mobile.reuters.com/article/amp/idINKBN28Y1QF
https://in.mobile.reuters.com/article/amp/idINKBN28Y1QF
Reuters
Suspected Russian hackers used Microsoft vendors to breach customers
The suspected Russian hackers behind the worst U.S. cyber attack in years leveraged reseller access to Microsoft Corp services to penetrate targets that had no compromised network software from SolarWinds Corp, investigators said.
■■□□□ Apple sends hacker-friendly iPhones to researchers, expects quick fix for vulnerabilities. The phones allow attackers to bypass code signing and similar features that prohibit offensive tactics.
■■■□□ Police Arrest 21 WeLeakInfo Customers Who Bought Breached Personal Data.
https://thehackernews.com/2020/12/police-arrest-21-weleakinfo-customers.html
https://thehackernews.com/2020/12/police-arrest-21-weleakinfo-customers.html
■■□□□ Another technical writeup.
SolarWinds' SunBurst: the next level of stealth.
https://blog.reversinglabs.com/blog/sunburst-the-next-level-of-stealth
SolarWinds' SunBurst: the next level of stealth.
https://blog.reversinglabs.com/blog/sunburst-the-next-level-of-stealth
ReversingLabs
The attack on SolarWinds: Next-level stealth was key
The SunBurst supply chain attack, which was behind the SolarWinds compromise, took sophistication and patience.
cKure
■■■□□ Microsoft Warns CrowdStrike of Hackers Targeting Azure Cloud Customers and alleged unsuccessful attempt to compromise CrowdStrike. https://thehackernews.com/2020/12/microsoft-warns-crowdstrike-of-hackers.html
■■□□□ 🇺🇸 | 🇷🇺 #CyberWar update: CrowdStrike releases free Azure tool to review assigned privileges.
https://hackademicus.nl/crowdstrike-releases-free-azure-tool-to-review-assigned-privileges/
https://hackademicus.nl/crowdstrike-releases-free-azure-tool-to-review-assigned-privileges/
hackademicus.nl
Hackademicus is under construction
it's all about security stupid!
■■□□□ ApkLeaks - Scanning APK File For URIs, Endpoints And Secrets.
https://github.com/dwisiswant0/apkleaks
https://github.com/dwisiswant0/apkleaks
GitHub
GitHub - dwisiswant0/apkleaks: Scanning APK file for URIs, endpoints & secrets.
Scanning APK file for URIs, endpoints & secrets. Contribute to dwisiswant0/apkleaks development by creating an account on GitHub.
■■□□□ CVE-2020-8150 – Remote Code Execution as SYSTEM/root via Backblaze.
http://seclists.org/fulldisclosure/2020/Dec/55
http://seclists.org/fulldisclosure/2020/Dec/55
seclists.org
Full Disclosure: Re: [FD]
CVE-2020-8150 – Remote Code Execution as SYSTEM/root via Backblaze
CVE-2020-8150 – Remote Code Execution as SYSTEM/root via Backblaze