Critical encryption vulnerability found in secure communications platform Matrix.
https://portswigger.net/daily-swig/critical-encryption-vulnerability-found-in-secure-communications-platform-matrix
https://portswigger.net/daily-swig/critical-encryption-vulnerability-found-in-secure-communications-platform-matrix
The Daily Swig | Cybersecurity news and views
Critical encryption vulnerability found in secure communications platform Matrix
Implementation bug discovered in certain clients and libraries
cKure Red
Israel ๐ฎ๐ฑ: A tale of state sponsored cyber terrorism and crime, for financial gains; all in the name of spreading peace โ How NSO Group came into existence and how it goes access to someone's device illegally to anyone who is willing to pay. A good pieceโฆ
A consortium of journalists gained access to a leak of more than 50,000 phone numbers entered into a system used for targeting by Pegasus, a sophisticated spyware product made by the Israel ๐ฎ๐ฑ sponsored company NSO Group. Governments around the world paid the company vast sums of money to gain access to Pegasus and let them use it to attack their targets.
https://cdn.occrp.org/projects/project-p
https://cdn.occrp.org/projects/project-p
OCCRP
Who's on the List? โ The Pegasus Project | OCCRP
Search the data and learn more about the people around the world who were selected for targeting by NSO Group spyware.
cKure Red
CVE-2021-40444 PoC https://github.com/lockedbyte/CVE-2021-40444
Fully Weaponized CVE-2021-40444
Malicious docx generator to exploit CVE-2021-40444 (Microsoft Office Word Remote Code Execution), works with arbitrary DLL files.
https://github.com/klezVirus/CVE-2021-40444
Malicious docx generator to exploit CVE-2021-40444 (Microsoft Office Word Remote Code Execution), works with arbitrary DLL files.
https://github.com/klezVirus/CVE-2021-40444
GitHub
GitHub - klezVirus/CVE-2021-40444: CVE-2021-40444 - Fully Weaponized Microsoft Office Word RCE Exploit
CVE-2021-40444 - Fully Weaponized Microsoft Office Word RCE Exploit - klezVirus/CVE-2021-40444
BDREvilDecryptor.exe
9.3 MB
Bitdefender Offers Free Universal Decryptor for REvil/Sodinokibi Ransomware
https://www.bitdefender.com/blog/labs/bitdefender-offers-free-universal-decryptor-for-revil-sodinokibi-ransomware
https://www.bitdefender.com/blog/labs/bitdefender-offers-free-universal-decryptor-for-revil-sodinokibi-ransomware
Cyber-Attack by India ๐ฎ๐ณ on Pakistan ๐ต๐ฐ and China ๐จ๐ณ as Windows Zero-Day(s) made by United States ๐บ๐ธ company used in spy campaign.
India apparently leaked the Zeroday details and were used by rogue hacking units of South Korea ๐ฐ๐ท (non-state sponsored).
https://www.forbes.com/sites/thomasbrewster/2021/09/17/exodus-american-tech-helped-india-spy-on-china/
India apparently leaked the Zeroday details and were used by rogue hacking units of South Korea ๐ฐ๐ท (non-state sponsored).
https://www.forbes.com/sites/thomasbrewster/2021/09/17/exodus-american-tech-helped-india-spy-on-china/
Forbes
Exclusive: An American Company Fears Its Windows Hacks Helped India Spy On China And Pakistan
Texas-based Exodus Intelligence says it had to cut ties with India after its research into Windows security was weaponized to attack China and Pakistan. Itโs now looking into whether or not its valuable code leaked to other nations.
iOS 15 iCloud Private Relay Vulnerability Identified.
https://fingerprintjs.com/blog/ios15-icloud-private-relay-vulnerability/
https://fingerprintjs.com/blog/ios15-icloud-private-relay-vulnerability/
Fingerprint
iOS 15 iCloud Private Relay Vulnerability Identified
Learn more about this vulnerability in Appleโs new iCloud Private Relay service and how you can prevent your data from being leaked.
Latest FinFisher spyware upgrades 'particularly worrying,' says Kaspersky.
Eight-month analysis finds four-layer obfuscation, two-stage loader, and a new UEFI attack
https://go.theregister.com/feed/www.theregister.com/2021/09/28/kasperky_finfisher_spyware_report/
Eight-month analysis finds four-layer obfuscation, two-stage loader, and a new UEFI attack
https://go.theregister.com/feed/www.theregister.com/2021/09/28/kasperky_finfisher_spyware_report/
The Register
Latest FinFisher spyware upgrades 'particularly worrying,' says Kaspersky
Eight-month analysis finds four-layer obfuscation, two-stage loader, and a new UEFI attack
โ One of the android devices used to administer this channel was accessed remotely, a few hours ago by an unknown entity.
No modifications to data were noticed on the device.
No modifications to data were noticed on the device.
๐ง Tool: TrevorC2 - Command and Control via Legitimate Behavior over HTTP
https://github.com/trustedsec/trevorc2
https://github.com/trustedsec/trevorc2
GitHub
GitHub - trustedsec/trevorc2: TrevorC2 is a legitimate website (browsable) that tunnels client/server communications for covertโฆ
TrevorC2 is a legitimate website (browsable) that tunnels client/server communications for covert command execution. - trustedsec/trevorc2
PANDORA PAPERS
The largest investigation in journalism history exposes a shadow financial system that benefits the worldโs most rich and powerful.
https://www.icij.org/investigations/pandora-papers/
The largest investigation in journalism history exposes a shadow financial system that benefits the worldโs most rich and powerful.
https://www.icij.org/investigations/pandora-papers/
Updated list of Hacking channels on telegram: https://t.me/cKure/7364
Telegram
cKure
โ Sharing is Caring. Thenceforth, sharing some of the prominent hacking channels and groups on telegram.
The list is ordered as per content quality. However, there could be inconsistency in a few places.
Please note that some of the channels are ownedโฆ
The list is ordered as per content quality. However, there could be inconsistency in a few places.
Please note that some of the channels are ownedโฆ
Breaking: India ๐ฎ๐ณ: Activists in Togo ๐น๐ฌ attacked by Indian made spyware.
OSINT report by Amnesty International of a Cyber-Crime apparently by an Indian company that has been linked to the infrastructure used by Donot Group and an Indian cybersecurity company Innefu Labs.
Report: https://github.com/blackorbird/APT_REPORT/blob/master/Donot/Donot%20Group%20%26%20Innefu%20Labs.pdf
OSINT report by Amnesty International of a Cyber-Crime apparently by an Indian company that has been linked to the infrastructure used by Donot Group and an Indian cybersecurity company Innefu Labs.
Report: https://github.com/blackorbird/APT_REPORT/blob/master/Donot/Donot%20Group%20%26%20Innefu%20Labs.pdf
GitHub
APT_REPORT/Donot/Donot Group & Innefu Labs.pdf at master ยท blackorbird/APT_REPORT
Interesting APT Report Collection And Some Special IOCs - blackorbird/APT_REPORT
Deepfence ThreatMapper helps you to monitor and secure your running applications, in Cloud, Kubernetes, Docker, and Fargate Serverless.
https://github.com/deepfence/ThreatMapper
https://github.com/deepfence/ThreatMapper
GitHub
GitHub - deepfence/ThreatMapper: Open Source Cloud Native Application Protection Platform (CNAPP)
Open Source Cloud Native Application Protection Platform (CNAPP) - deepfence/ThreatMapper
Old but Gold: Bypassing the Air-Gap system for sensitive info.
Your body reveals your password by interfering with Wi-Fi
https://dl.acm.org/doi/10.1145/2976749.2978397
http://www.theregister.co.uk/2016/11/13/researchers_point_finger_at_handy_smartphone_exploit/
Your body reveals your password by interfering with Wi-Fi
https://dl.acm.org/doi/10.1145/2976749.2978397
http://www.theregister.co.uk/2016/11/13/researchers_point_finger_at_handy_smartphone_exploit/
The Register
Your body reveals your password by interfering with Wi-Fi
Wave goodbye to security if crims can pop a MIMO router