Channel: cKure Red
Major cyber-attack on Israel 🇮🇱 by pro-Pslestine hacker groups amid ongoing extermination cum genocide of Muslims ☪️ and Christians ✝️ in Gaza and West-Bank Palestine 🇵🇸 by Israel.
The Eilat power station is pwned and apparently electricity in some areas has been affected by this ICS-SCADA hack.
The Eilat power station is pwned and apparently electricity in some areas has been affected by this ICS-SCADA hack.
Google Chrome V8 CVE-2024-0517 Out-of-Bounds Write Code Execution.
https://blog.exodusintel.com/2024/01/19/google-chrome-v8-cve-2024-0517-out-of-bounds-write-code-execution
https://blog.exodusintel.com/2024/01/19/google-chrome-v8-cve-2024-0517-out-of-bounds-write-code-execution
Exodus Intelligence
Google Chrome V8 CVE-2024-0517 Out-of-Bounds Write Code Execution - Exodus Intelligence
By Javier Jimenez and Vignesh Rao Overview In this blog post we take a look at a vulnerability that we found in Google Chrome’s V8 JavaScript engine a few months ago. This vulnerability was patched in a Chrome update on 16 January 2024 and assigned CVE-2024…
Malware reverse engineering for beginners.
Part 1: https://intezer.com/blog/malware-analysis/malware-reverse-engineering-beginners/
Part 2: https://intezer.com/blog/incident-response/malware-reverse-engineering-for-beginners-part-2/
Part 1: https://intezer.com/blog/malware-analysis/malware-reverse-engineering-beginners/
Part 2: https://intezer.com/blog/incident-response/malware-reverse-engineering-for-beginners-part-2/
Intezer
Malware Reverse Engineering for Beginners - Part 1: From 0x0
Reverse engineering is an integral part of malware analysis and research - get started learning this advanced skill to investigate malware.
¤ ARM Exploitation - Defeating DEP - executing mprotect()
https://blog.3or.de/arm-exploitation-defeating-dep-executing-mprotect
¤ ARM Exploitation - Defeating DEP - execute system()
https://blog.3or.de/arm-exploitation-defeating-dep-execute-system
¤ ARM Exploitation - Setup and Tools
https://blog.3or.de/arm-exploitation-setup-and-tools
¤ ARM Exploitation: Return oriented Programming (Building ROP Chains)
https://blog.3or.de/arm-exploitation-return-oriented-programming
https://blog.3or.de/arm-exploitation-defeating-dep-executing-mprotect
¤ ARM Exploitation - Defeating DEP - execute system()
https://blog.3or.de/arm-exploitation-defeating-dep-execute-system
¤ ARM Exploitation - Setup and Tools
https://blog.3or.de/arm-exploitation-setup-and-tools
¤ ARM Exploitation: Return oriented Programming (Building ROP Chains)
https://blog.3or.de/arm-exploitation-return-oriented-programming
Zero-Day: A team of researchers from IBM and the VU Amsterdam university in the Netherlands on Tuesday disclosed the details of a new type of data leakage attack impacting all major CPU makers, as well as some widely used software.
https://download.vusec.net/papers/ghostrace_sec24.pdf
https://www.securityweek.com/major-cpu-software-vendors-impacted-by-new-ghostrace-attack
https://download.vusec.net/papers/ghostrace_sec24.pdf
https://www.securityweek.com/major-cpu-software-vendors-impacted-by-new-ghostrace-attack
llamafile lets you distribute and run LLMs with a single file.
https://github.com/Mozilla-Ocho/llamafile
https://hacks.mozilla.org/2023/11/introducing-llamafile/
Usage: https://vt.tiktok.com/ZSFaBjUrK/
https://github.com/Mozilla-Ocho/llamafile
https://hacks.mozilla.org/2023/11/introducing-llamafile/
Usage: https://vt.tiktok.com/ZSFaBjUrK/
GitHub
GitHub - Mozilla-Ocho/llamafile: Distribute and run LLMs with a single file.
Distribute and run LLMs with a single file. Contribute to Mozilla-Ocho/llamafile development by creating an account on GitHub.
Security researchers have released a proof-of-concept (PoC) exploit for a critical vulnerability in Fortinet's FortiClient Enterprise Management Server (EMS) software, which is now actively exploited in attacks.
Tracked as CVE-2023-48788, this security flaw is an SQL injection in the DB2 Administration Server (DAS) component discovered and reported by the UK's National Cyber Security Centre (NCSC).
https://www.bleepingcomputer.com/news/security/exploit-released-for-fortinet-rce-bug-used-in-attacks-patch-now/
Tracked as CVE-2023-48788, this security flaw is an SQL injection in the DB2 Administration Server (DAS) component discovered and reported by the UK's National Cyber Security Centre (NCSC).
https://www.bleepingcomputer.com/news/security/exploit-released-for-fortinet-rce-bug-used-in-attacks-patch-now/
BleepingComputer
Exploit released for Fortinet RCE bug used in attacks, patch now
Security researchers have released a proof-of-concept (PoC) exploit for a critical vulnerability in Fortinet's FortiClient Enterprise Management Server (EMS) software, which is now actively exploited in attacks.
Chaining N-days to Compromise All: Part 1 — Chrome Renderer RCE.
https://blog.theori.io/chaining-n-days-to-compromise-all-part-1-chrome-renderer-rce-1afccf56721b
https://blog.theori.io/chaining-n-days-to-compromise-all-part-1-chrome-renderer-rce-1afccf56721b
Medium
Chaining N-days to Compromise All: Part 1 — Chrome Renderer RCE
This blog post is first of the series about the vulnerabilities used in our 1-day full chain exploit we demonstrated on X. In this blog…
Inside the failed attempt to backdoor SSH globally — that got caught by chance.
https://doublepulsar.com/inside-the-failed-attempt-to-backdoor-ssh-globally-that-got-caught-by-chance-bbfe628fafdd
https://doublepulsar.com/inside-the-failed-attempt-to-backdoor-ssh-globally-that-got-caught-by-chance-bbfe628fafdd
Medium
Inside the failed attempt to backdoor SSH globally — that got caught by chance
Why the threat actor rushed deployment.
Running 'cat' command to read a script is not safe. As a researcher points out. An interesting thread!
https://twitter.com/0xAsm0d3us/status/1774534241084445020
https://twitter.com/0xAsm0d3us/status/1774534241084445020
X (formerly Twitter)
Devansh (⚡, 🥷) (@0xAsm0d3us) on X
If you, like many, think relying just on `cat` command's output is enough to be sure about the integrity of a bash file. Think twice, you could get hacked. Read below 👇
Is the frequency of posts?
Final Results
66%
Good
22%
Less (increase the no. of posts)
12%
More (reduce the no. of posts)
HTML Embed Code: