cKure Red
CVE-2021-40444 PoC https://github.com/lockedbyte/CVE-2021-40444
Fully Weaponized CVE-2021-40444
Malicious docx generator to exploit CVE-2021-40444 (Microsoft Office Word Remote Code Execution), works with arbitrary DLL files.
https://github.com/klezVirus/CVE-2021-40444
Malicious docx generator to exploit CVE-2021-40444 (Microsoft Office Word Remote Code Execution), works with arbitrary DLL files.
https://github.com/klezVirus/CVE-2021-40444
GitHub
GitHub - klezVirus/CVE-2021-40444: CVE-2021-40444 - Fully Weaponized Microsoft Office Word RCE Exploit
CVE-2021-40444 - Fully Weaponized Microsoft Office Word RCE Exploit - klezVirus/CVE-2021-40444
BDREvilDecryptor.exe
9.3 MB
Bitdefender Offers Free Universal Decryptor for REvil/Sodinokibi Ransomware
https://www.bitdefender.com/blog/labs/bitdefender-offers-free-universal-decryptor-for-revil-sodinokibi-ransomware
https://www.bitdefender.com/blog/labs/bitdefender-offers-free-universal-decryptor-for-revil-sodinokibi-ransomware
Cyber-Attack by India 🇮🇳 on Pakistan 🇵🇰 and China 🇨🇳 as Windows Zero-Day(s) made by United States 🇺🇸 company used in spy campaign.
India apparently leaked the Zeroday details and were used by rogue hacking units of South Korea 🇰🇷 (non-state sponsored).
https://www.forbes.com/sites/thomasbrewster/2021/09/17/exodus-american-tech-helped-india-spy-on-china/
India apparently leaked the Zeroday details and were used by rogue hacking units of South Korea 🇰🇷 (non-state sponsored).
https://www.forbes.com/sites/thomasbrewster/2021/09/17/exodus-american-tech-helped-india-spy-on-china/
Forbes
Exclusive: An American Company Fears Its Windows Hacks Helped India Spy On China And Pakistan
Texas-based Exodus Intelligence says it had to cut ties with India after its research into Windows security was weaponized to attack China and Pakistan. It’s now looking into whether or not its valuable code leaked to other nations.
iOS 15 iCloud Private Relay Vulnerability Identified.
https://fingerprintjs.com/blog/ios15-icloud-private-relay-vulnerability/
https://fingerprintjs.com/blog/ios15-icloud-private-relay-vulnerability/
Fingerprint
iOS 15 iCloud Private Relay Vulnerability Identified
Learn more about this vulnerability in Apple’s new iCloud Private Relay service and how you can prevent your data from being leaked.
Latest FinFisher spyware upgrades 'particularly worrying,' says Kaspersky.
Eight-month analysis finds four-layer obfuscation, two-stage loader, and a new UEFI attack
https://go.theregister.com/feed/www.theregister.com/2021/09/28/kasperky_finfisher_spyware_report/
Eight-month analysis finds four-layer obfuscation, two-stage loader, and a new UEFI attack
https://go.theregister.com/feed/www.theregister.com/2021/09/28/kasperky_finfisher_spyware_report/
The Register
Latest FinFisher spyware upgrades 'particularly worrying,' says Kaspersky
Eight-month analysis finds four-layer obfuscation, two-stage loader, and a new UEFI attack
● One of the android devices used to administer this channel was accessed remotely, a few hours ago by an unknown entity.
No modifications to data were noticed on the device.
No modifications to data were noticed on the device.
🔧 Tool: TrevorC2 - Command and Control via Legitimate Behavior over HTTP
https://github.com/trustedsec/trevorc2
https://github.com/trustedsec/trevorc2
GitHub
GitHub - trustedsec/trevorc2: TrevorC2 is a legitimate website (browsable) that tunnels client/server communications for covert…
TrevorC2 is a legitimate website (browsable) that tunnels client/server communications for covert command execution. - trustedsec/trevorc2
PANDORA PAPERS
The largest investigation in journalism history exposes a shadow financial system that benefits the world’s most rich and powerful.
https://www.icij.org/investigations/pandora-papers/
The largest investigation in journalism history exposes a shadow financial system that benefits the world’s most rich and powerful.
https://www.icij.org/investigations/pandora-papers/
Updated list of Hacking channels on telegram: https://t.me/cKure/7364
Telegram
cKure
● Sharing is Caring. Thenceforth, sharing some of the prominent hacking channels and groups on telegram.
The list is ordered as per content quality. However, there could be inconsistency in a few places.
Please note that some of the channels are owned…
The list is ordered as per content quality. However, there could be inconsistency in a few places.
Please note that some of the channels are owned…
Breaking: India 🇮🇳: Activists in Togo 🇹🇬 attacked by Indian made spyware.
OSINT report by Amnesty International of a Cyber-Crime apparently by an Indian company that has been linked to the infrastructure used by Donot Group and an Indian cybersecurity company Innefu Labs.
Report: https://github.com/blackorbird/APT_REPORT/blob/master/Donot/Donot%20Group%20%26%20Innefu%20Labs.pdf
OSINT report by Amnesty International of a Cyber-Crime apparently by an Indian company that has been linked to the infrastructure used by Donot Group and an Indian cybersecurity company Innefu Labs.
Report: https://github.com/blackorbird/APT_REPORT/blob/master/Donot/Donot%20Group%20%26%20Innefu%20Labs.pdf
GitHub
APT_REPORT/Donot/Donot Group & Innefu Labs.pdf at master · blackorbird/APT_REPORT
Interesting APT Report Collection And Some Special IOCs - blackorbird/APT_REPORT
Deepfence ThreatMapper helps you to monitor and secure your running applications, in Cloud, Kubernetes, Docker, and Fargate Serverless.
https://github.com/deepfence/ThreatMapper
https://github.com/deepfence/ThreatMapper
GitHub
GitHub - deepfence/ThreatMapper: Open Source Cloud Native Application Protection Platform (CNAPP)
Open Source Cloud Native Application Protection Platform (CNAPP) - deepfence/ThreatMapper
Old but Gold: Bypassing the Air-Gap system for sensitive info.
Your body reveals your password by interfering with Wi-Fi
https://dl.acm.org/doi/10.1145/2976749.2978397
http://www.theregister.co.uk/2016/11/13/researchers_point_finger_at_handy_smartphone_exploit/
Your body reveals your password by interfering with Wi-Fi
https://dl.acm.org/doi/10.1145/2976749.2978397
http://www.theregister.co.uk/2016/11/13/researchers_point_finger_at_handy_smartphone_exploit/
The Register
Your body reveals your password by interfering with Wi-Fi
Wave goodbye to security if crims can pop a MIMO router
CVE-2021-35052: WinRar remote code execution.
WinRAR’s vulnerable trialware: when free software isn’t free.
https://swarm.ptsecurity.com/winrars-vulnerable-trialware-when-free-software-isnt-free/
https://thehackernews.com/2021/10/bug-in-free-winrar-software-could-let.html
WinRAR’s vulnerable trialware: when free software isn’t free.
https://swarm.ptsecurity.com/winrars-vulnerable-trialware-when-free-software-isnt-free/
https://thehackernews.com/2021/10/bug-in-free-winrar-software-could-let.html
PT SWARM
WinRAR’s vulnerable trialware: when free software isn’t free
In this article we discuss a vulnerability in the trial version of WinRAR which has significant consequences for the management of third-party software. This vulnerability allows an attacker to intercept and modify requests sent to the user of the application.…
CVE-2021-30573 PoC for Google Chrome
Google Chrome Use After Free vulnerability reported by S4E Team.
https://github.com/s4e-lab/CVE-2021-30573-PoC-Google-Chrome
Google Chrome Use After Free vulnerability reported by S4E Team.
https://github.com/s4e-lab/CVE-2021-30573-PoC-Google-Chrome
GitHub
GitHub - s4eio/CVE-2021-30573-PoC-Google-Chrome: Google Chrome Use After Free vulnerability reported by S4E Team
Google Chrome Use After Free vulnerability reported by S4E Team - s4eio/CVE-2021-30573-PoC-Google-Chrome