Zero-Day: New Windows Search zero-day added to Microsoft protocol nightmare.
https://www.bleepingcomputer.com/news/security/new-windows-search-zero-day-added-to-microsoft-protocol-nightmare/
https://www.bleepingcomputer.com/news/security/new-windows-search-zero-day-added-to-microsoft-protocol-nightmare/
BleepingComputer
New Windows Search zero-day added to Microsoft protocol nightmare
A new Windows Search zero-day vulnerability can be used to automatically open a search window containing remotely-hosted malware executables simply by launching a Word document.
Exclusive | Zero-Day: A high severity EoP bug has been identified by a fellow researcher in SolarWinds Orion platform.
โ The bug is not patched and latest version of the software is vulnerable. We (ckure) have confirmed the bug with the researcher and will disclose once researcher and SolarWinds release a stable patch or a workaround.
โ The bug is not patched and latest version of the software is vulnerable. We (ckure) have confirmed the bug with the researcher and will disclose once researcher and SolarWinds release a stable patch or a workaround.
Google Researchers Detail 5-Year-Old Apple Safari Vulnerability Exploited in the Wild.
The issue, tracked as CVE-2022-22620 (CVSS score: 8.8), concerns a case of a use-after-free vulnerability in the WebKit component that could be exploited by a piece of specially crafted web content to gain arbitrary code execution.
https://googleprojectzero.blogspot.com/2022/06/an-autopsy-on-zombie-in-wild-0-day.html
The issue, tracked as CVE-2022-22620 (CVSS score: 8.8), concerns a case of a use-after-free vulnerability in the WebKit component that could be exploited by a piece of specially crafted web content to gain arbitrary code execution.
https://googleprojectzero.blogspot.com/2022/06/an-autopsy-on-zombie-in-wild-0-day.html
Blogspot
An Autopsy on a Zombie In-the-Wild 0-day
Posted by Maddie Stone, Google Project Zero Whenever thereโs a new in-the-wild 0-day disclosed, Iโm very interested in understanding t...
Spyware: The curious tale of a fake Carrier.app targeting users from Italy ๐ฎ๐น and Kazakhstan ๐ฐ๐ฟ
https://googleprojectzero.blogspot.com/2022/06/curious-case-carrier-app.html
https://googleprojectzero.blogspot.com/2022/06/curious-case-carrier-app.html
Blogspot
The curious tale of a fake Carrier.app
Posted by Ian Beer, Google Project Zero NOTE: This issue was CVE-2021-30983 was fixed in iOS 15.2 in December 2021. Towards the ...
โSyslogkโ; a Linux kernel rootkit found under development in the wild.
https://decoded.avast.io/davidalvarez/linux-threat-hunting-syslogk-a-kernel-rootkit-found-under-development-in-the-wild/
(Based on --> adore-ng): Linux rootkit adapted for 2.6 and 3.x: https://github.com/yaoyumeng/adore-ng
https://decoded.avast.io/davidalvarez/linux-threat-hunting-syslogk-a-kernel-rootkit-found-under-development-in-the-wild/
(Based on --> adore-ng): Linux rootkit adapted for 2.6 and 3.x: https://github.com/yaoyumeng/adore-ng
Gendigital
Linux Threat Hunting: โSyslogkโ a kernel rootkit found under development in the wild
Syslogk Rootkit Revealed: Analysis
Privilege-Escalation: This cheasheet is aimed at the CTF Players and Beginners to help them understand the fundamentals of Privilege Escalation with examples.
https://github.com/Ignitetechnologies/Privilege-Escalation
https://github.com/Ignitetechnologies/Privilege-Escalation
GitHub
GitHub - Ignitetechnologies/Privilege-Escalation: This cheasheet is aimed at the CTF Players and Beginners to help them understandโฆ
This cheasheet is aimed at the CTF Players and Beginners to help them understand the fundamentals of Privilege Escalation with examples. - Ignitetechnologies/Privilege-Escalation
This media is not supported in your browser
VIEW IN TELEGRAM
Cyber-War: Lithuania ๐ฑ๐น has been hit by cyber-attacks after an ultimatum from Russian ๐ท๐บ Killnet hackers.
โ Pasted 'ckure' emoji at bottom right of the video to obscure profanity.
โ Pasted 'ckure' emoji at bottom right of the video to obscure profanity.
Cyber-War: Iran ๐ฎ๐ท has been hit with a strong SCADA based cyber-attack as multiple organisations capitulate under the physical damages that have been caused.
Please note that this is 1-sided information by the threat actor who did not contact us directly.
In their message; they said, "Today, we, "Gonjeshke Darande", carried out cyberattacks against Iran's steel industry which affiliated with the IRGC and the Basij: the Khouzestan Steel Company (KSC), the Mobarakeh Steel Company (Isfahan) (MSC) and the Hormozgan Steel Company (HOSCO). These companies are subject to international sanctions and continue their operations despite the restrictions. These cyberattacks, being carried out carefully so to protect innocent individuals, are in response to the aggression of the Islamic Republic.
As you can see in attached video, these cyberattacks have been carried out carefully so to protect innocent individuals. We also expose here evidence of our access to these companies."
Please note that this is 1-sided information by the threat actor who did not contact us directly.
In their message; they said, "Today, we, "Gonjeshke Darande", carried out cyberattacks against Iran's steel industry which affiliated with the IRGC and the Basij: the Khouzestan Steel Company (KSC), the Mobarakeh Steel Company (Isfahan) (MSC) and the Hormozgan Steel Company (HOSCO). These companies are subject to international sanctions and continue their operations despite the restrictions. These cyberattacks, being carried out carefully so to protect innocent individuals, are in response to the aggression of the Islamic Republic.
As you can see in attached video, these cyberattacks have been carried out carefully so to protect innocent individuals. We also expose here evidence of our access to these companies."
cKure Red
Video
โ Ckure is able to confirm the cyber-attack on Iran ๐ฎ๐ท to be authentic.
Weaponizing and Abusing Hidden Functionalities
Contained in Office Document Properties.
https://www.offensive-security.com/offsec/macro-weaponization/
Contained in Office Document Properties.
https://www.offensive-security.com/offsec/macro-weaponization/
OffSec
Weaponizing and Abusing Hidden Functionalities Contained in Office Document Properties | OffSec
TJ shows us how adversaries use macro weaponization techniques to abuse hidden functionalities contained in Office document properties.
Bypassing Firefox's HTML Sanitizer API.
https://portswigger.net/research/bypassing-firefoxs-html-sanitizer-api
https://portswigger.net/research/bypassing-firefoxs-html-sanitizer-api
PortSwigger Research
Bypassing Firefox's HTML Sanitizer API
The HTML Sanitizer is a great new API that allows web developers to filter untrusted HTML natively in the browser rather than use a JavaScript library such as DOM Purify. Microsoft created a similar A
Massive ayber-attack launched by 'DragonForce Malaysia' ๐ฒ๐พ and 'Hacktivist Indonesia' ๐ฎ๐ฉ on India ๐ฎ๐ณ as a revenge amid remarks by ruling party (BJP) spokesperson Nupur Sharma on the prophet (Islam).
Around 2K websites were taken down (data stolen and defaced). These include a vast variety of governed sites.
As per source, details of Nupur Sharma were leaked including contact details and location.
As of now the attack has not stopped and over a dozen hackers participated in the onslaught.
India has cited help from Interpol and help from authorities in Malaysia ๐ฒ๐พ and Indonesia ๐ฎ๐ฉ
Around 2K websites were taken down (data stolen and defaced). These include a vast variety of governed sites.
As per source, details of Nupur Sharma were leaked including contact details and location.
As of now the attack has not stopped and over a dozen hackers participated in the onslaught.
India has cited help from Interpol and help from authorities in Malaysia ๐ฒ๐พ and Indonesia ๐ฎ๐ฉ