cKure Red

Zero-Day: Zero-click LPE exploit (CVE-2022-32893) for iOS 16 Beta 7 currently on sale. Selling price - €2,500,000.

Source: Yalu Jailbreak

973 viewsedited 04:51

cKure Red

Learning eBPF exploitation.

https://stdnoerr.github.io/writeup/2022/08/21/eBPF-exploitation-(ft.-D-3CTF-d3bpf).html

stdnoerr.github.io

Learning eBPF exploitation

975 views04:53

cKure Red

State sponsored and supported Cyber-Crime: Documents appear to show that Israeli 🇮🇱 spyware company Intellexa sold a full suite of services around a zero-day affecting both Android and iOS ecosystems.

https://twitter.com/vxunderground/status/1562550443712352256

https://www.darkreading.com/vulnerabilities-threats/receipt-8m-ios-zero-day-sale-dark-web

X (formerly Twitter)

vx-underground (@vxunderground) on X

Leaked documents online show the purchase (and documentation of) an $8,000,000 iOS Remote Code Execution 0day exploit

990 views05:22

cKure Red

cKure Red pinned «State sponsored and supported Cyber-Crime: Documents appear to show that Israeli 🇮🇱 spyware company Intellexa sold a full suite of services around a zero-day affecting both Android and iOS ecosystems. https://twitter.com/vxunderground/status/1562550443712352256…»

05:22

cKure Red

Excellent piece of work by investigative journalist Raphael from Rueters on India 🇮🇳 based mercenary hackers used to target lawyers, firms to gain competitive advantage.

https://www.reuters.com/investigates/special-report/usa-hackers-litigation/

Reuters

How mercenary hackers sway litigation battles

A trove of thousands of emails uncovered by Reuters reveals Indian cyber mercenaries hacking parties involved in lawsuits around the world – showing how hired spies have become the secret weapon of litigants seeking an edge.

954 viewsedited 04:08

cKure Red

Zero-Day: Microsoft found and shared a critical one-click exploit in the Android TikTok app.

https://www.microsoft.com/security/blog/2022/08/31/vulnerability-in-tiktok-android-app-could-lead-to-one-click-account-hijacking/

https://alternativeto.net/news/2022/9/microsoft-found-and-shared-a-critical-one-click-exploit-in-the-android-tiktok-app/

Microsoft News

Vulnerability in TikTok Android app could lead to one-click account hijacking

Microsoft discovered a high-severity vulnerability in the TikTok Android application, now identified as CVE-2022-28799 and fixed by TikTok, which could have allowed attackers to compromise users' accounts with a single click.

1.02K views19:43

cKure Red

Malware developer backdoors own malware to steal data from other hackers.

https://www.bleepingcomputer.com/news/security/dev-backdoors-own-malware-to-steal-data-from-other-hackers/amp/

BleepingComputer

Dev backdoors own malware to steal data from other hackers

Cybercriminals using Prynt Stealer to collect data from victims are being swindled by the malware developer, who also receives a copy of the info over Telegram messaging service.

1.45K views14:45

cKure Red

IoT: Firmware extraction tactics.

https://youtu.be/nruUuDalNR0

YouTube

Extracting Firmware from Embedded Devices (SPI NOR Flash) ⚡

Learn tricks and techniques like these, with us, in our amazing training courses!
https://flashback.sh/training

One of the first things you have to do when hacking and breaking embedded device security is to obtain the firmware. If you're lucky, you can…

1.57K views17:14

cKure Red

Default Credentials Cheat Sheet.

https://github.com/ihebski/DefaultCreds-cheat-sheet

GitHub

GitHub - ihebski/DefaultCreds-cheat-sheet: One place for all the default credentials to assist the Blue/Red teamers identifying…

One place for all the default credentials to assist the Blue/Red teamers identifying devices with default password 🛡️ - ihebski/DefaultCreds-cheat-sheet

1.07K views06:24

cKure Red

Zero-Day: Thread on CVE-2022-36804 Atlassian Bitbucket Command Injection Vulnerability.

https://twitter.com/_0xf4n9x_/status/1572052954538192901

1.13K views15:11

cKure Red

SSRF in Functional Administrative Support Tool pdf generator.

Vulnerable Software: Functional Administrative Support Tool (FAST) v1.0.

https://hackerone.com/reports/1628209

HackerOne

U.S. Dept Of Defense disclosed on HackerOne: SSRF in Functional...

## Summary:
I found that it is possible to inject a javascript payload during the PDF form creation process, which is then executed by the checklist application server.

## Vulnerable Software:...

1.3K views17:58

cKure Red

Interesting thread on malware.

https://twitter.com/k3dg3/status/1575173131198558208

1.28K views19:10

cKure Red

Tool 🔧 VirusTotalC2: Abusing VirusTotal API to host our C2 traffic, usefull for bypassing blocking firewall rules if VirusTotal is in the target white list.

https://github.com/D1rkMtr/VirusTotalC2

1.21K views16:12

cKure Red

● Yet another website: sqlflow.gudusoft.com (Visualizing SQL queries)

1.38K views20:33

cKure Red

A tool 🔧 to spray Shadow Credentials across an entire domain in hopes of abusing long forgotten GenericWrite/GenericAll DACLs over other objects in the domain.

https://github.com/Dec0ne/ShadowSpray/

GitHub

GitHub - Dec0ne/ShadowSpray: A tool to spray Shadow Credentials across an entire domain in hopes of abusing long forgotten Gen…

A tool to spray Shadow Credentials across an entire domain in hopes of abusing long forgotten GenericWrite/GenericAll DACLs over other objects in the domain. - Dec0ne/ShadowSpray

1.23K views04:13

cKure Red

Converting LFI into RCE by chaining PHP encoding filters.

https://www.synacktiv.com/publications/php-filters-chain-what-is-it-and-how-to-use-it.html

Synacktiv

PHP filters chain: What is it and how to use it

1.24K views09:14

cKure Red

Zero-Day: Critical Remote Code Execution issue impacts popular post-exploitation toolkit Cobalt Strike .

https://www.cobaltstrike.com/blog/out-of-band-update-cobalt-strike-4-7-2

https://securityaffairs.co/wordpress/137284/hacking/cobalt-strike-rce.html

1.38K viewsedited 11:18