■■□□□ #Google + #Apple collaboration. Interesting #thread.
https://twitter.com/moxie/status/1248707315626201088
https://twitter.com/moxie/status/1248707315626201088
X (formerly Twitter)
Moxie Marlinspike (@moxie) on X
First look at Apple/Google contact tracing framework:
1) Once a day, your device derives a new key ("daily tracing key").
2) It uses that to derive a new "proximity ID" every time your device's bluetooth address changes (15min), which is broadcast to nearby…
1) Once a day, your device derives a new key ("daily tracing key").
2) It uses that to derive a new "proximity ID" every time your device's bluetooth address changes (15min), which is broadcast to nearby…
■■■■□ #IoT cloning device to be launched post #COVID19.
#Infographics for #ChameleonTiny / #ChameleonMini’s standalone cloning of #UID and encrypted card #MIFARE cloning.
#Infographics for #ChameleonTiny / #ChameleonMini’s standalone cloning of #UID and encrypted card #MIFARE cloning.
■■■■□ #DataLeak: Actor selling information about 1,410,000 U.S doctors which appear to have been scraped via #API from findadoctor.com.
#Doctor #UnitedStates
- Sample contains names, addresses, emails, phone numbers.
- Based on the Linkedin profiles, the information is genuine.
#Doctor #UnitedStates
- Sample contains names, addresses, emails, phone numbers.
- Based on the Linkedin profiles, the information is genuine.
■■■■□ #CVE-2020-1958; A high severity #LDAP injection vulnerability in #Apache #Druid 0.17.0 allowing an attacker to bypass LDAP search filter and retrieve any LDAP attribute values of users that exist on the LDAP server.
https://github.com/ggolawski/CVE-2020-1958/
https://github.com/ggolawski/CVE-2020-1958/
GitHub
GitHub - ggolawski/CVE-2020-1958: CVE-2020-1958 PoC
CVE-2020-1958 PoC. Contribute to ggolawski/CVE-2020-1958 development by creating an account on GitHub.
■■■□□ #Wordpress #woocommerce #ecommerce #plugin alters payment destination to the attackers #PayPal account.
#Fraud #CyberCrime
https://securityaffairs.co/wordpress/101445/hacking/woocommerce-plugin-e-skimmer.html
#Fraud #CyberCrime
https://securityaffairs.co/wordpress/101445/hacking/woocommerce-plugin-e-skimmer.html
Security Affairs
A e-skimmer found on WordPress site using the WooCommerce plugin
Experts from Sucuri discovered a new e-skimmer employed in MageCart attacks against WordPress websites using the WooCommerce plugin.
■□□□□ Information: Mass #scanning activity detected from 87.239.255.22 [#Israel] checking for #PaloAlto #SSL #VPN servers vulnerable to remote #CodeExecution (CVE-2019-1579).
Source: Bad Packets
Source: Bad Packets
■■■□□ #OSINT investigation: #Android #Cerberus #Trojan and the #INPS related to #COVID19 campaign .
https://bushidotoken.blogspot.com/2020/04/osint-investigation-cerberus-and-inps.html
https://bushidotoken.blogspot.com/2020/04/osint-investigation-cerberus-and-inps.html
blog.bushidotoken.net
OSINT Investigation: Cerberus and the INPS
CTI, threat intelligence, OSINT, malware, APT, threat hunting, threat analysis, CTF, cybersecurity, security
■■■□□ #GoodReport: Insecure Storage and Overly Permissive API Keys in #Android App
https://hackerone.com/reports/753868
https://hackerone.com/reports/753868
HackerOne
Zenly disclosed on HackerOne: Insecure Storage and Overly...
#Description:
Most often Developers for their ease of use,leave API keys and some sensitive keys ,Tokens as hardcoded strings,which isn't really a good ideas as it can result in Leaks of sensitive...
Most often Developers for their ease of use,leave API keys and some sensitive keys ,Tokens as hardcoded strings,which isn't really a good ideas as it can result in Leaks of sensitive...
■■■□□ #DataLeak: #SCUF gaming developer.
https://www.ehackingnews.com/2020/04/11-million-customers-records-of-scuf.html
https://www.ehackingnews.com/2020/04/11-million-customers-records-of-scuf.html
cKure
■■■■■ #DataLeak: "#NoName" hacking group [#NNHackingGroup] claiming to have hacked the large Italian email provider email.it. Claims: - Data including all email correspondents, SMSes, user databases. - All stored in plaintext. - They are selling it for…
■■■■■ #NNHackingGroup shared a tweet refuting claims after email.it reportedly mentioned to #ZdNet that no premium / business accounts were hacked.
https://twitter.com/NNHackingGroup/status/1249640701442306051
https://twitter.com/NNHackingGroup/status/1249640701442306051
X (formerly Twitter)
NN Hacking Group (@NNHackingGroup) on X
https://t.co/1c6bzjDX5J conferma il nostro hack @ZDNet! Ma sostiene che "nessun account Paid/Business" è stato compromesso. Falso!
- db_premium_clienti_prem, 9 DBs
Più di 60.000 PAID/BUSINESS accounts con **password in chiaro**! 0.5 BTC!
https://t.co/60hcPJYGkm…
- db_premium_clienti_prem, 9 DBs
Più di 60.000 PAID/BUSINESS accounts con **password in chiaro**! 0.5 BTC!
https://t.co/60hcPJYGkm…
■■■■□ #PrivilegeEscalation via #ACL|s in #AD.
https://blog.fox-it.com/2018/04/26/escalating-privileges-with-acls-in-active-directory
https://blog.fox-it.com/2018/04/26/escalating-privileges-with-acls-in-active-directory
Fox-IT International blog
Escalating privileges with ACLs in Active Directory
Researched and written by Rindert Kramer and Dirk-jan Mollema Introduction During internal penetration tests, it happens quite often that we manage to obtain Domain Administrative access within a f…
■■■■■ #Dell launches a new tool to detect #BIOS attacks on Dell systems - The tool is named the Dell #SafeBIOS Events & Indicators of Attack
https://www.zdnet.com/google-amp/article/dell-releases-new-tool-to-detect-bios-attacks
https://www.zdnet.com/google-amp/article/dell-releases-new-tool-to-detect-bios-attacks
■■■□□ #BugBounty #InterestingThread
https://mobile.twitter.com/HackerHumble/status/1249648861078937601
https://mobile.twitter.com/HackerHumble/status/1249648861078937601
X (formerly Twitter)
Humble Hacker (@HackerHumble) on X
Victim Account Takeover #2:
1. Famous web application having sign up feature (email password, signup with google).
2. Registered the account with my Gmail address (eg: test@gmail.com) using email and password flow. No verification link sent to the email.…
1. Famous web application having sign up feature (email password, signup with google).
2. Registered the account with my Gmail address (eg: test@gmail.com) using email and password flow. No verification link sent to the email.…
■■■□□ #ZoomGate: over 500K #Zoom credentials sold out.
https://www.bleepingcomputer.com/news/security/over-500-000-zoom-accounts-sold-on-hacker-forums-the-dark-web/
https://www.bleepingcomputer.com/news/security/over-500-000-zoom-accounts-sold-on-hacker-forums-the-dark-web/
BleepingComputer
Over 500,000 Zoom accounts sold on hacker forums, the dark web
Over 500,000 Zoom accounts are being sold on the dark web and hacker forums for less than a penny each, and in some cases, given away for free.
■□□□□ #Darknet #InterestingThread
https://twitter.com/3XS0/status/1249787840361312257
https://twitter.com/3XS0/status/1249787840361312257
exeinfo.byethost18.com/vip/666.htm
Username : vip
Password : 123123