Smishing: Understanding SMS Phishing Tactics
Smishing with EvilGophish:
https://fin3ss3g0d.net/index.php/2024/03/04/smishing-with-evilgophish/
Smishing with EvilGophish:
https://fin3ss3g0d.net/index.php/2024/03/04/smishing-with-evilgophish/
Safely detect whether a FortiGate SSL VPN is vulnerable to CVE-2024-21762
https://github.com/BishopFox/cve-2024-21762-check
https://github.com/BishopFox/cve-2024-21762-check
GitHub
GitHub - BishopFox/cve-2024-21762-check: Safely detect whether a FortiGate SSL VPN is vulnerable to CVE-2024-21762
Safely detect whether a FortiGate SSL VPN is vulnerable to CVE-2024-21762 - BishopFox/cve-2024-21762-check
PurpleLab
allow you to easily deploy an entire lab to create/test your detection rules, simulate logs, play tests, download and run malware and mitre attack techniques, restore the sandbox and many other features..:
https://github.com/Krook9d/PurpleLab
allow you to easily deploy an entire lab to create/test your detection rules, simulate logs, play tests, download and run malware and mitre attack techniques, restore the sandbox and many other features..:
https://github.com/Krook9d/PurpleLab
Warp
Еerminal reimagined with AI and collaborative tools for better productivity
https://www.warp.dev/
Еerminal reimagined with AI and collaborative tools for better productivity
https://www.warp.dev/
www.warp.dev
Warp: The Agentic Development Environment
The fastest way to build with multiple AI agents, from writing code to deploying it. Trusted by over half a million engineers, Warp gives developers speed, privacy, and control to ship faster.
2024ThreatDetectionReport_RedCanary.pdf
14.3 MB
Thread Detection Report 2024 (from red canary)
With mitigation recommendations.
With mitigation recommendations.
Digital Forensics Lab - CYL2002
This repository contains the course material for the digital forensics lab offered at FAST National University of Computer and Emerging Sciences, available for public use and learning.
https://github.com/vonderchild/digital-forensics-lab
This repository contains the course material for the digital forensics lab offered at FAST National University of Computer and Emerging Sciences, available for public use and learning.
https://github.com/vonderchild/digital-forensics-lab
GitHub
GitHub - vonderchild/digital-forensics-lab: CTF styled Digital Forensics labs, as offered in FAST NUCES Karachi during Spring 2023.
CTF styled Digital Forensics labs, as offered in FAST NUCES Karachi during Spring 2023. - vonderchild/digital-forensics-lab
Recent ‘MFA Bombing’ Attacks Targeting Apple Users
https://krebsonsecurity.com/2024/03/recent-mfa-bombing-attacks-targeting-apple-users/
https://krebsonsecurity.com/2024/03/recent-mfa-bombing-attacks-targeting-apple-users/
Krebs on Security
Recent ‘MFA Bombing’ Attacks Targeting Apple Users
Several Apple customers recently reported being targeted in elaborate phishing attacks that involve what appears to be a bug in Apple's password reset feature. In this scenario, a target's Apple devices are forced to display dozens of system-level prompts…
“CVE-2024-21388”- Microsoft Edge’s Marketing API Exploited for Covert Extension Installation
Microsoft Edge browser, designated CVE-2024–21388. This flaw could have allowed an attacker to exploit a private API, initially intended for marketing purposes, to covertly install additional browser extensions with broad permissions without the user’s knowledge.
https://labs.guard.io/cve-2024-21388-microsoft-edges-marketing-api-exploited-for-covert-extension-installation-879fe5ad35ca
Microsoft Edge browser, designated CVE-2024–21388. This flaw could have allowed an attacker to exploit a private API, initially intended for marketing purposes, to covertly install additional browser extensions with broad permissions without the user’s knowledge.
https://labs.guard.io/cve-2024-21388-microsoft-edges-marketing-api-exploited-for-covert-extension-installation-879fe5ad35ca
Medium
“CVE-2024-21388”- Microsoft Edge’s Marketing API Exploited for Covert Extension Installation
By Oleg Zaytsev (Guardio Labs)
Dredge - Dredging up secrets from the depths of a filesystem
Dredge is a linux command-line tool for finding and logging secrets on a filesystem for manual inspection:
https://github.com/grahamhelton/dredge
Dredge is a linux command-line tool for finding and logging secrets on a filesystem for manual inspection:
https://github.com/grahamhelton/dredge
GitHub
GitHub - grahamhelton/dredge: Dredging up secrets from the depths of the file system
Dredging up secrets from the depths of the file system - grahamhelton/dredge
According official Kali twitter blog post - The xz package, starting from version 5.6.0 to 5.6.1, was found to contain a backdoor. The impact of this vulnerability affected Kali between March 26th to March 29th. If you updated your Kali installation on or after March 26th, it is crucial to apply the latest updates today
Hack via hacker distro?)
CVE - https://nvd.nist.gov/vuln/detail/CVE-2024-3094
🔹 FAQ on the xz-utils backdoor: https://gist.github.com/thesamesam/223949d5a074ebc3dce9ee78baad9e27
🔹 Checker vulnerability: https://github.com/FabioBaroni/CVE-2024-3094-checker/blob/main/CVE-2024-3094-checker.sh
🔹 Detection: https://github.com/byinarie/CVE-2024-3094-info
🔹 More details: https://www.wiz.io/blog/cve-2024-3094-critical-rce-vulnerability-found-in-xz-utils
Hack via hacker distro?)
CVE - https://nvd.nist.gov/vuln/detail/CVE-2024-3094
Please open Telegram to view this post
VIEW IN TELEGRAM
X (formerly Twitter)
Kali Linux (@kalilinux) on X
The xz package, starting from version 5.6.0 to 5.6.1, was found to contain a backdoor. The impact of this vulnerability affected Kali between March 26th to March 29th. If you updated your Kali installation on or after March 26th, it is crucial to apply the…
Awesome Azure Penetration Testing
A collection of resources, tools and more for penetration testing and securing Microsofts cloud platform Azure:
https://github.com/Kyuu-Ji/Awesome-Azure-Pentest
A collection of resources, tools and more for penetration testing and securing Microsofts cloud platform Azure:
https://github.com/Kyuu-Ji/Awesome-Azure-Pentest
GitHub
GitHub - Kyuu-Ji/Awesome-Azure-Pentest: A collection of resources, tools and more for penetration testing and securing Microsofts…
A collection of resources, tools and more for penetration testing and securing Microsofts cloud platform Azure. - Kyuu-Ji/Awesome-Azure-Pentest
Python-for-Cybersecurity.pdf
8.3 MB
For offensive / defensive
Command Injection and Backdoor Account in D-Link NAS Devices
The described vulnerability affects multiple D-Link NAS devices, including models DNS-340L, DNS-320L, DNS-327L, and DNS-325, among others. The vulnerability lies within the nas_sharing.cgi uri, which is vulnerable due to two main issues: a backdoor facilitated by hardcoded credentials, and a command injection vulnerability via the system parameter..:
https://github.com/netsecfish/dlink?tab=readme-ov-file
The described vulnerability affects multiple D-Link NAS devices, including models DNS-340L, DNS-320L, DNS-327L, and DNS-325, among others. The vulnerability lies within the nas_sharing.cgi uri, which is vulnerable due to two main issues: a backdoor facilitated by hardcoded credentials, and a command injection vulnerability via the system parameter..:
https://github.com/netsecfish/dlink?tab=readme-ov-file
GitHub
GitHub - netsecfish/dlink
Contribute to netsecfish/dlink development by creating an account on GitHub.
NativeDump
NativeDump allows to dump the lsass process using only NTAPIs generating a Minidump file with only the streams needed to be parsed by tools like Mimikatz or Pypykatz (SystemInfo, ModuleList and Memory64List Streams).
https://github.com/ricardojoserf/NativeDump
NativeDump allows to dump the lsass process using only NTAPIs generating a Minidump file with only the streams needed to be parsed by tools like Mimikatz or Pypykatz (SystemInfo, ModuleList and Memory64List Streams).
https://github.com/ricardojoserf/NativeDump
CVE-2023-48788: Fortinet FortiClient EMS SQL Injection Deep Dive
https://www.horizon3.ai/attack-research/attack-blogs/cve-2023-48788-fortinet-forticlientems-sql-injection-deep-dive/
https://www.horizon3.ai/attack-research/attack-blogs/cve-2023-48788-fortinet-forticlientems-sql-injection-deep-dive/
Horizon3.ai
CVE-2023-48788: Fortinet FortiClient EMS SQL Injection Deep Dive
CVE-2023-48788 Fortinet FortiClient EMS SQL Injection Deep-Dive and Indicators of Compromise. This blog details the SQL injection which allows an unauthenticated attacker to access the FortiClient EMS server as SYSTEM to execute arbitrary commands.
Pingora
Pingora is a Rust framework to build fast, reliable and programmable networked systems from CF
https://github.com/cloudflare/pingora
Pingora is a Rust framework to build fast, reliable and programmable networked systems from CF
https://github.com/cloudflare/pingora
GitHub
GitHub - cloudflare/pingora: A library for building fast, reliable and evolvable network services.
A library for building fast, reliable and evolvable network services. - cloudflare/pingora
Ramsomware 2023-2024 review
Cybercriminal ramsom Russia attacks review:
https://www.facct.ru/blog/ransomware-2023-2024/
Cybercriminal ramsom Russia attacks review:
https://www.facct.ru/blog/ransomware-2023-2024/
F6
Очень грязные дела: обзор преступных групп вымогателей, атаковавших Россию в 2023-2024 году - F6
Эксперты F6 проанализировали активные преступные группы вымогателей, атаковавших российские компании в 2023-2024 гг.
/ Vulnerabilities Identified in LG WebOS
WebOS versions 4 through 7 running on LG TVs. These vulnerabilities let us gain root access on the TV after bypassing the authorization mechanism. Although the vulnerable service is intended for LAN access only, so.. Internet-connected devices, identified over 91,000 devices:
https://www.bitdefender.com/blog/labs/vulnerabilities-identified-in-lg-webos/
WebOS versions 4 through 7 running on LG TVs. These vulnerabilities let us gain root access on the TV after bypassing the authorization mechanism. Although the vulnerable service is intended for LAN access only, so.. Internet-connected devices, identified over 91,000 devices:
https://www.bitdefender.com/blog/labs/vulnerabilities-identified-in-lg-webos/
Bitdefender Labs
Vulnerabilities Identified in LG WebOS
As the creator of the world’s first smart home cybersecurity hub, Bitdefender regularly audits popular IoT hardware for vulnerabilities.
/ Unauthenticated attacker can execute arbitrary code via FortiClientLinux
[FortiClient Linux] Remote Code Execution due to dangerous nodejs configuration. Official advisory:
https://www.fortiguard.com/psirt/FG-IR-23-087
[FortiClient Linux] Remote Code Execution due to dangerous nodejs configuration. Official advisory:
https://www.fortiguard.com/psirt/FG-IR-23-087
FortiGuard Labs
PSIRT | FortiGuard Labs
None