GeekCode


Гео и язык канала: Индия, Английский
Категория: Технологии


🍁Cyber Security ❤️
🍁Hacking Resources 👨‍💻
Providing knowledge to people's🥀
Nobody gets smaller by sharing knowledge
You can also share your knowledge with us...🙂🙂
📰Promotion/Query - @geekcodevipbot

Связанные каналы

Гео и язык канала
Индия, Английский
Категория
Технологии
Статистика
Фильтр публикаций






@geekcode 📌




🌐 Google's AI agent helped find a vulnerability in SQLite before the official update

Google Project Zero showed the results of a new approach to finding vulnerabilities in popular software using large language models (LLM). As part of the experimental project 👁 "Big Sleep" 🤖, their AI agent was able to find a vulnerability in the SQLite DBMS, causing considerable interest among information security specialists.

The problem was discovered in 👨‍💻 stack buffer underflow in SQLite. The vulnerability was quickly fixed by the developers in October 2024 before the new update was released to the public.

@geekcode 📌




😈 0day in Telegram: how one click can compromise your device

ESET researchers have discovered a zero-day exploit targeting Telegram for Android. An exploit called EvilVideo appeared for sale on an underground forum on June 6, 2024. Attackers used this vulnerability to distribute malicious files through Telegram channels, groups and chats, disguising them as multimedia files.

— The vulnerability allowed sending malicious files that looked like videos in unprotected versions of Telegram for Android (10.14.4 and older). The exploit was found on the XSS forum, where a seller demonstrated its work in a public Telegram channel. This allowed the researchers to obtain the malicious file and test it.


It also turned out that the seller of the exploit offered a cryptor service for Android, making malicious files invisible to antiviruses. This service has been advertised on the same XSS forum since January 2024.

#0day #Telegram

@geekcode 😈


Видео недоступно для предпросмотра
Смотреть в Telegram


Репост из: Cyber Agents
CrowdStrike's recent update has led to major disruptions for businesses worldwide, causing Windows workstations to crash.

This incident affects businesses across various sectors, from airlines to hospitals.

Read : https://thehackernews.com/2024/07/faulty-crowdstrike-update-crashes.html

@cyberagents




😈 50 Methods For Lsass Dump.

Without going too deep into theory, Local Security Authority Subsystem Service (also known as LSASS) is a process (executable file C:\Windows\System32\lsass.exe) responsible for managing various authentication subsystems of the #Windows OS. Among his tasks: checking the “creds” of local and domain accounts during various scenarios of requesting access to the system, generating security tokens for active user sessions, working with Security Support Providers (SSP), etc.


This article introduces 50 methods for extracting authentication data from LSASS memory:

https://redteamrecipe.com/50-methods-for-lsass-dumprtc0002

#Pentest #AD

@geekcode 🕵️‍♂️




Monitor file system changes using fsmon
▪️supports Linux, iOS, OS X, Android
▪️identify when are binaries loaded (root)
▪️get dropped payloads (root)
▪️identify when are which files opened at app's runtime (db, txt, log, temp...) (non-root)

https://www.mobile-hacker.com/2024/06/24/monitoring-android-file-system-with-fsmon/

@geekcode




Репост из: Cyber Agents
😈 Hacker IntelBroker claims to have stolen Apple source codes

IntelBroker on BreachForums claimed to have stolen the source code for several internal tools from Apple.

🔍 According to the report, “Apple.com suffered a data breach in June 2024,” which led to the disclosure of information. IntelBroker claims that as a result it has obtained the source code for the following internal company tools: AppleConnect-SSO, Apple-HWE-Confluence-Advanced and AppleMacroPlugin.

Little is known about Apple-HWE-Confluence-Advanced and AppleMacroPlugin. But AppleConnect-SSO is an authentication system that allows you to access certain applications on the Apple network. This system is known to be integrated with the Directory Services database to provide secure access to internal resources.


@cyberagents




🤓WhatWeb - WhatWeb's next generation web scanner identifies websites.
Its purpose is to answer the question: “What kind of website is this?”

WhatWeb recognizes web technologies including content management systems (CMS), blogging platforms, statistical/analytics packages, JavaScript libraries, web servers, and embedded devices. WhatWeb has over 1,800 plugins, each of which recognizes something different .


WhatWeb also identifies version numbers, email addresses, account IDs, web platform modules, SQL errors, and more.

🔗GitHub

@geekcode







Показано 20 последних публикаций.

893

подписчиков
Статистика канала
Популярное в канале