cKure

■■□□□ #DataLeak: A misconfigured AWS ☁️ cloud storage bucket has exposed the personal details of hundreds of social media influencers, potentially putting them at risk of fraud and harassment, according to researchers.

A team at vpnMentor discovered the AWS S3 bucket wide open with no encryption or password protection, back in early November. Action has apparently yet to be taken by the company responsible, Barcelona-based “social commerce” company 21 Buttons.

https://www.infosecurity-magazine.com:443/news/misconfigured-bucket-exposes/

Infosecurity Magazine

Misconfigured AWS Bucket Exposes Hundreds of Social Influencers

Victims could be targeted by stalkers and fraudsters

549 views16:51

cKure

■■■□□ Microsoft Warns CrowdStrike of Hackers Targeting Azure Cloud Customers and alleged unsuccessful attempt to compromise CrowdStrike. https://thehackernews.com/2020/12/microsoft-warns-crowdstrike-of-hackers.html

■■■■□ SolarWinds / Solorigate: Suspected Russian hackers used Microsoft vendors to breach customers.

https://in.mobile.reuters.com/article/amp/idINKBN28Y1QF

Reuters

Suspected Russian hackers used Microsoft vendors to breach customers

The suspected Russian hackers behind the worst U.S. cyber attack in years leveraged reseller access to Microsoft Corp services to penetrate targets that had no compromised network software from SolarWinds Corp, investigators said.

597 views17:15

cKure

■■□□□ Apple sends hacker-friendly iPhones to researchers, expects quick fix for vulnerabilities. The phones allow attackers to bypass code signing and similar features that prohibit offensive tactics.

604 viewsedited 20:57

cKure

■■■□□ Police Arrest 21 WeLeakInfo Customers Who Bought Breached Personal Data.

https://thehackernews.com/2020/12/police-arrest-21-weleakinfo-customers.html

604 views05:49

cKure

■■□□□ Another technical writeup.
SolarWinds' SunBurst: the next level of stealth.

https://blog.reversinglabs.com/blog/sunburst-the-next-level-of-stealth

ReversingLabs

The attack on SolarWinds: Next-level stealth was key

The SunBurst supply chain attack, which was behind the SolarWinds compromise, took sophistication and patience.

585 views08:59

cKure

■□□□□ https://isc.sans.edu/diary/rss/26924

SANS Internet Storm Center

Internet Storm Center Diary 2024-09-11 - SANS Internet Storm Center

Internet Storm Center Diary 2024-09-11, Author: Johannes Ullrich

534 views11:06

cKure

■■□□□ 🇺🇸 | 🇷🇺 #CyberWar update: CrowdStrike releases free Azure tool to review assigned privileges.

https://hackademicus.nl/crowdstrike-releases-free-azure-tool-to-review-assigned-privileges/

hackademicus.nl

Hackademicus is under construction

it's all about security stupid!

559 views11:37

cKure

■■□□□ ApkLeaks - Scanning APK File For URIs, Endpoints And Secrets.

https://github.com/dwisiswant0/apkleaks

GitHub

GitHub - dwisiswant0/apkleaks: Scanning APK file for URIs, endpoints & secrets.

Scanning APK file for URIs, endpoints & secrets. Contribute to dwisiswant0/apkleaks development by creating an account on GitHub.

1.31K views12:21

cKure

■■□□□ CVE-2020-8150 – Remote Code Execution as SYSTEM/root via Backblaze.

http://seclists.org/fulldisclosure/2020/Dec/55

seclists.org

Full Disclosure: Re: [FD]
CVE-2020-8150 – Remote Code Execution as SYSTEM/root via Backblaze

528 views12:38

cKure

■■■□□ #DataLeak: REvil ransomware group, aka Sodinokibi, hacked The Hospital Group and threatens to release before-and-after pictures of celebrity clients.

https://securityaffairs.co/wordpress/112637/cyber-crime/the-hospital-group-revil.html

542 viewsedited 12:42

cKure

■■■□□ Analyzing APT19 malware (viz. DLL backdoor) using a step-by-step method.

https://cybergeeks.tech/analyzing-apt19-malware-using-a-step-by-step-method/

528 views15:39

cKure

■■□□□ 📢 Emotet botnet is back hitting 100K recipients per day

534 views15:42

cKure

■□□□□ #DataLeak: Japanese 🇯🇵 game developer Koei Tecmo discloses data breach after hacker leaks stolen data.

https://www.bleepingcomputer.com/news/security/koei-tecmo-discloses-data-breach-after-hacker-leaks-stolen-data/ #Japan

BleepingComputer

Koei Tecmo discloses data breach after hacker leaks stolen data

Japanese game developer Koei Tecmo has disclosed a data breach and taken their European and American websites offline after stolen data was posted to a hacker forum.

528 views19:12

cKure

■□□□□ Apple 🍎 iCloud outage prevents device activations, access to data.

520 views19:15

cKure

■■■□□ SolarWinds has released an updated advisory for the additional SuperNova malware discovered to have been distributed through the company's network management platform.

https://www.bleepingcomputer.com/news/security/solarwinds-releases-updated-advisory-for-new-supernova-malware/

BleepingComputer

SolarWinds releases updated advisory for new SUPERNOVA malware

SolarWinds has released an updated advisory for the additional SuperNova malware discovered to have been distributed through the company's network management platform.

600 views19:17

cKure

● Yet another website: cmd5.org [Hash Search]

1.32K views19:25

cKure

■□□□□ 😂 GoDaddy apologized for insensitive phishing email sent to its employees offering a fake bonus.

615 views19:28

About

Blog

Apps

Platform