CISA adds another 95 flaws to its known exploited
https://www.cisa.gov/known-exploited-vulnerabilities-catalog
Attack landscape update: Ransomware 2.0, automated recon, and supply chain attacks
https://blog.f-secure.com/attack-landscape-update-h1-2021
https://www.cisa.gov/known-exploited-vulnerabilities-catalog
Attack landscape update: Ransomware 2.0, automated recon, and supply chain attacks
https://blog.f-secure.com/attack-landscape-update-h1-2021
Forwarded from LAPSUS$
SAMSUNG LEAK IS HERE!
Now leaking confidential Samsung source code! Our leak from breach includes:
DEVICES/HARDWARE
-Source code for every Trusted Applet (TA) installed on all samsung device's TrustZone (TEE) with specific code for every type of TEE OS (QSEE, TEEGris etc) THIS INCLUDES DRM MODULES AND KEYMASTER/GATEKEEPER!
-Algorithms for all biometric unlock operations, including source code that communicates directly with sensor (down to the lowest level, we're talking individual RX/TX bitstreams here)
-Bootloader source code for all recent Samsung devices, including Knox data and code for authentication.
-Various other data, confidential source code from Qualcomm.
ONLINE SERVICES
-Samsung activation servers source code (for first-time setup)
-SAMSUNG ACCOUNTS FULL SOURCE CODE! Including Authentication, Identity, API, Services, and many more that wouldn't fit here!
-Various other data.
As always, enjoy! ;)
REPEATEDLY ASKING US ANOTHER NVIDIA WILL RESULT IN A BAN. GIVE US TIME
Now leaking confidential Samsung source code! Our leak from breach includes:
DEVICES/HARDWARE
-Source code for every Trusted Applet (TA) installed on all samsung device's TrustZone (TEE) with specific code for every type of TEE OS (QSEE, TEEGris etc) THIS INCLUDES DRM MODULES AND KEYMASTER/GATEKEEPER!
-Algorithms for all biometric unlock operations, including source code that communicates directly with sensor (down to the lowest level, we're talking individual RX/TX bitstreams here)
-Bootloader source code for all recent Samsung devices, including Knox data and code for authentication.
-Various other data, confidential source code from Qualcomm.
ONLINE SERVICES
-Samsung activation servers source code (for first-time setup)
-SAMSUNG ACCOUNTS FULL SOURCE CODE! Including Authentication, Identity, API, Services, and many more that wouldn't fit here!
-Various other data.
As always, enjoy! ;)
REPEATEDLY ASKING US ANOTHER NVIDIA WILL RESULT IN A BAN. GIVE US TIME
Quickly discover exposed hosts on the internet using multiple search engine
https://github.com/projectdiscovery/uncover
https://github.com/projectdiscovery/uncover
Pandora is an simple undetectable open-source virus composed of agents, servers and masters
https://github.com/thisisnzed/Pandora
https://github.com/thisisnzed/Pandora
Exploit CVE-2022-25636 Linux kernel net/netfilter/nf_dup_netdev.c
https://github.com/Bonfee/CVE-2022-25636
CVE-2022-0847 Linux Kernel overwriting data in arbitrary read-only files
https://github.com/bbaranoff/CVE-2022-0847
https://github.com/Bonfee/CVE-2022-25636
CVE-2022-0847 Linux Kernel overwriting data in arbitrary read-only files
https://github.com/bbaranoff/CVE-2022-0847
Cobalt Strike Licensed Key
https://github.com/trewisscotch/Cobalt-Strike-Licensed-Key
https://github.com/trewisscotch/Cobalt-Strike-Licensed-Key
CVE-2022-22005 Microsoft Sharepoint RCE
https://hnd3884.github.io/posts/cve-2022-22005-microsoft-sharepoint-RCE
https://hnd3884.github.io/posts/cve-2022-22005-microsoft-sharepoint-RCE
Test whether a container environment is vulnerable to container escapes via CVE-2022-0492
https://unit42.paloaltonetworks.com/cve-2022-0492-cgroups
Prophet Spider Exploits Citrix ShareFile Remote Code Execution Vulnerability CVE-2021-22941 to Deliver Webshell
https://www.crowdstrike.com/blog/prophet-spider-exploits-citrix-sharefile
https://unit42.paloaltonetworks.com/cve-2022-0492-cgroups
Prophet Spider Exploits Citrix ShareFile Remote Code Execution Vulnerability CVE-2021-22941 to Deliver Webshell
https://www.crowdstrike.com/blog/prophet-spider-exploits-citrix-sharefile
Zen and the Art of SMM Bug Hunting | Finding, Mitigating and Detecting UEFI Vulnerabilities
https://www.sentinelone.com/labs/zen-and-the-art-of-smm-bug-hunting-finding-mitigating-and-detecting-uefi-vulnerabilities
https://www.sentinelone.com/labs/zen-and-the-art-of-smm-bug-hunting-finding-mitigating-and-detecting-uefi-vulnerabilities
Cloud Bucket Leak Detection Tools
https://github.com/UzJu/Cloud-Bucket-Leak-Detection-Tools
https://github.com/UzJu/Cloud-Bucket-Leak-Detection-Tools
steal victim images exact location device info and much more
https://github.com/swagkarna/Nivistealer
https://github.com/swagkarna/Nivistealer
A toolkit that brings together penetration testing tools such as wireless tools, web tools, password cracking tools, etc
https://github.com/MyMeepSQL/OmegaDSToolkit
https://github.com/MyMeepSQL/OmegaDSToolkit
Rufus is a Dos tool written in Python3
https://github.com/billythegoat356/Rufus
Vulture is a tool written in Python3 allowing you to gain access
to all the files of the victim's computer without any permissions
https://github.com/billythegoat356/Vulture
https://github.com/billythegoat356/Rufus
Vulture is a tool written in Python3 allowing you to gain access
to all the files of the victim's computer without any permissions
https://github.com/billythegoat356/Vulture
Container Escape to Shadow Admin: GKE Autopilot Vulnerabilities
https://unit42.paloaltonetworks.com/gke-autopilot-vulnerabilities
Put an io_uring on it: Exploiting the Linux Kernel
https://www.graplsecurity.com/post/iou-ring-exploiting-the-linux-kernel
Reversing embedded device bootloader (U-Boot) - p.1
https://www.shielder.it/blog/2022/03/reversing-embedded-device-bootloader-u-boot-p.1
https://unit42.paloaltonetworks.com/gke-autopilot-vulnerabilities
Put an io_uring on it: Exploiting the Linux Kernel
https://www.graplsecurity.com/post/iou-ring-exploiting-the-linux-kernel
Reversing embedded device bootloader (U-Boot) - p.1
https://www.shielder.it/blog/2022/03/reversing-embedded-device-bootloader-u-boot-p.1
Russian government sites hacked in supply chain attack, This comes after the Russian government shared a list of more than 17,000 IP
https://www.bleepingcomputer.com/news/security/russian-government-sites-hacked-in-supply-chain-attack
https://www.bleepingcomputer.com/news/security/russian-government-sites-hacked-in-supply-chain-attack
Cybersecurity researchers at Proofpoint say they detected a 500% jump in attempted mobile malware attacks during the first few months of 2022, with significant peaks at the beginning and end of February
https://www.proofpoint.com/us/blog/email-and-cloud-threats/mobile-malware-surging-europe-look-biggest-threats
https://www.proofpoint.com/us/blog/email-and-cloud-threats/mobile-malware-surging-europe-look-biggest-threats
Detect Mapping detection to MITRE ATT&CK
https://blog.nviso.eu/2022/03/09/dettct-mapping-detection-to-mitre-attck
https://blog.nviso.eu/2022/03/09/dettct-mapping-detection-to-mitre-attck
Tools for gathering information and actions forensic
https://github.com/danieldurnea/FBI-tools
https://github.com/danieldurnea/FBI-tools
Oracle Access Manager Pre-Auth RCE (CVE-2021–35587 Analysis)
https://testbnull.medium.com/oracle-access-manager-pre-auth-rce-cve-2021-35587-analysis-1302a4542316
https://testbnull.medium.com/oracle-access-manager-pre-auth-rce-cve-2021-35587-analysis-1302a4542316
Securing Developer Tools: Package Managers
https://blog.sonarsource.com/securing-developer-tools-package-managers
Escalating from Logic App Contributor to Root Owner in Azure
https://www.netspi.com/blog/technical/cloud-penetration-testing/azure-logic-app-contributor-escalation-to-root-owner
https://blog.sonarsource.com/securing-developer-tools-package-managers
Escalating from Logic App Contributor to Root Owner in Azure
https://www.netspi.com/blog/technical/cloud-penetration-testing/azure-logic-app-contributor-escalation-to-root-owner