Latest FinFisher spyware upgrades 'particularly worrying,' says Kaspersky.
Eight-month analysis finds four-layer obfuscation, two-stage loader, and a new UEFI attack
https://go.theregister.com/feed/www.theregister.com/2021/09/28/kasperky_finfisher_spyware_report/
Eight-month analysis finds four-layer obfuscation, two-stage loader, and a new UEFI attack
https://go.theregister.com/feed/www.theregister.com/2021/09/28/kasperky_finfisher_spyware_report/
The Register
Latest FinFisher spyware upgrades 'particularly worrying,' says Kaspersky
Eight-month analysis finds four-layer obfuscation, two-stage loader, and a new UEFI attack
● One of the android devices used to administer this channel was accessed remotely, a few hours ago by an unknown entity.
No modifications to data were noticed on the device.
No modifications to data were noticed on the device.
🔧 Tool: TrevorC2 - Command and Control via Legitimate Behavior over HTTP
https://github.com/trustedsec/trevorc2
https://github.com/trustedsec/trevorc2
GitHub
GitHub - trustedsec/trevorc2: TrevorC2 is a legitimate website (browsable) that tunnels client/server communications for covert…
TrevorC2 is a legitimate website (browsable) that tunnels client/server communications for covert command execution. - trustedsec/trevorc2
PANDORA PAPERS
The largest investigation in journalism history exposes a shadow financial system that benefits the world’s most rich and powerful.
https://www.icij.org/investigations/pandora-papers/
The largest investigation in journalism history exposes a shadow financial system that benefits the world’s most rich and powerful.
https://www.icij.org/investigations/pandora-papers/
Updated list of Hacking channels on telegram: https://t.me/cKure/7364
Telegram
cKure
● Sharing is Caring. Thenceforth, sharing some of the prominent hacking channels and groups on telegram.
The list is ordered as per content quality. However, there could be inconsistency in a few places.
Please note that some of the channels are owned…
The list is ordered as per content quality. However, there could be inconsistency in a few places.
Please note that some of the channels are owned…
Breaking: India 🇮🇳: Activists in Togo 🇹🇬 attacked by Indian made spyware.
OSINT report by Amnesty International of a Cyber-Crime apparently by an Indian company that has been linked to the infrastructure used by Donot Group and an Indian cybersecurity company Innefu Labs.
Report: https://github.com/blackorbird/APT_REPORT/blob/master/Donot/Donot%20Group%20%26%20Innefu%20Labs.pdf
OSINT report by Amnesty International of a Cyber-Crime apparently by an Indian company that has been linked to the infrastructure used by Donot Group and an Indian cybersecurity company Innefu Labs.
Report: https://github.com/blackorbird/APT_REPORT/blob/master/Donot/Donot%20Group%20%26%20Innefu%20Labs.pdf
GitHub
APT_REPORT/Donot/Donot Group & Innefu Labs.pdf at master · blackorbird/APT_REPORT
Interesting APT Report Collection And Some Special IOCs - blackorbird/APT_REPORT
Deepfence ThreatMapper helps you to monitor and secure your running applications, in Cloud, Kubernetes, Docker, and Fargate Serverless.
https://github.com/deepfence/ThreatMapper
https://github.com/deepfence/ThreatMapper
GitHub
GitHub - deepfence/ThreatMapper: Open Source Cloud Native Application Protection Platform (CNAPP)
Open Source Cloud Native Application Protection Platform (CNAPP) - deepfence/ThreatMapper
Old but Gold: Bypassing the Air-Gap system for sensitive info.
Your body reveals your password by interfering with Wi-Fi
https://dl.acm.org/doi/10.1145/2976749.2978397
http://www.theregister.co.uk/2016/11/13/researchers_point_finger_at_handy_smartphone_exploit/
Your body reveals your password by interfering with Wi-Fi
https://dl.acm.org/doi/10.1145/2976749.2978397
http://www.theregister.co.uk/2016/11/13/researchers_point_finger_at_handy_smartphone_exploit/
The Register
Your body reveals your password by interfering with Wi-Fi
Wave goodbye to security if crims can pop a MIMO router
CVE-2021-35052: WinRar remote code execution.
WinRAR’s vulnerable trialware: when free software isn’t free.
https://swarm.ptsecurity.com/winrars-vulnerable-trialware-when-free-software-isnt-free/
https://thehackernews.com/2021/10/bug-in-free-winrar-software-could-let.html
WinRAR’s vulnerable trialware: when free software isn’t free.
https://swarm.ptsecurity.com/winrars-vulnerable-trialware-when-free-software-isnt-free/
https://thehackernews.com/2021/10/bug-in-free-winrar-software-could-let.html
PT SWARM
WinRAR’s vulnerable trialware: when free software isn’t free
In this article we discuss a vulnerability in the trial version of WinRAR which has significant consequences for the management of third-party software. This vulnerability allows an attacker to intercept and modify requests sent to the user of the application.…
CVE-2021-30573 PoC for Google Chrome
Google Chrome Use After Free vulnerability reported by S4E Team.
https://github.com/s4e-lab/CVE-2021-30573-PoC-Google-Chrome
Google Chrome Use After Free vulnerability reported by S4E Team.
https://github.com/s4e-lab/CVE-2021-30573-PoC-Google-Chrome
GitHub
GitHub - s4eio/CVE-2021-30573-PoC-Google-Chrome: Google Chrome Use After Free vulnerability reported by S4E Team
Google Chrome Use After Free vulnerability reported by S4E Team - s4eio/CVE-2021-30573-PoC-Google-Chrome
Breaking from Iran 🇮🇷 as Nationwide Cyber-Attack shuts down "smart fuel network," gas stations across the country rendering them dysfunctional as per state media.
Data-Leak of ~20K personnel of Israel 🇮🇱 defence forces (regular army) leaked by a Cyber-Crime group called Moses-Staff including names, ID, phone number, personal photographs, address and similar.
Refer: https://t.me/cKure/9860
Refer: https://t.me/cKure/9860
cKure Red
Data-Leak of ~20K personnel of Israel 🇮🇱 defence forces (regular army) leaked by a Cyber-Crime group called Moses-Staff including names, ID, phone number, personal photographs, address and similar. Refer: https://t.me/cKure/9860
Data-Leak from Israel 🇮🇱 as threat actor from unknown origin has posted tens of GBs of leaked data from the ministry of defense, Israel.
All Windows versions impacted by new LPE zero-day vulnerability.
A public proof-of-concept (PoC) exploit and technical details for an unpatched Windows zero-day privilege elevation vulnerability has been disclosed that allows users to gain SYSTEM privileges under certain conditions.
https://www.bleepingcomputer.com/news/security/all-windows-versions-impacted-by-new-lpe-zero-day-vulnerability/
A public proof-of-concept (PoC) exploit and technical details for an unpatched Windows zero-day privilege elevation vulnerability has been disclosed that allows users to gain SYSTEM privileges under certain conditions.
https://www.bleepingcomputer.com/news/security/all-windows-versions-impacted-by-new-lpe-zero-day-vulnerability/
BleepingComputer
All Windows versions impacted by new LPE zero-day vulnerability
A security researcher has disclosed technical details for a Windows zero-day privilege elevation vulnerability and a public proof-of-concept (PoC) exploit that gives SYSTEM privileges under certain conditions.
CVE-2021-42574
Researchers devised a new attack method called ‘Trojan Source’ that allows hide vulnerabilities into the source code of a software project.
https://www.trojansource.codes/
Details: https://securityaffairs.co/wordpress/124081/hacking/trojan-source-attack.html
Researchers devised a new attack method called ‘Trojan Source’ that allows hide vulnerabilities into the source code of a software project.
https://www.trojansource.codes/
Details: https://securityaffairs.co/wordpress/124081/hacking/trojan-source-attack.html
Security Affairs
Trojan Source attack method allows hiding flaws in source code
Researchers devised a new attack method called 'Trojan Source' that allows hide vulnerabilities into the source code of a software project.