{"uuid": "8eb41f62-ed3c-4722-ba61-1bd94637e64f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-28655", "type": "published-proof-of-concept", "source": "https://t.me/dilagrafie/2167", "content": "Cybersecurity news -\ud835\udddb\ud835\uddee\ud835\uddf0\ud835\uddf8\ud835\uddf2\ud835\uddff\ud835\ude00 \ud835\uddd9\ud835\uddee\ud835\uddf0\ud835\ude01\ud835\uddfc\ud835\uddff\ud835\ude06 #Pentesting \n\n\u200aPlay ransomware claims attack on German hotel chain H-Hotels\n\nhttps://www.bleepingcomputer.com/news/security/play-ransomware-claims-attack-on-german-hotel-chain-h-hotels/\n\n\u200aCVE-2021-28655: Apache Zeppelin arbitrary file deletion vulnerability\n\nhttps://securityonline.info/cve-2021-28655-apache-zeppelin-arbitrary-file-deletion/\n\n\u200aHavoc: modern and malleable post-exploitation command and control framework\n\nhttps://securityonline.info/havoc-modern-and-malleable-post-exploitation-command-and-control-framework/\n\n\u200aHacked Ring Cams Used to Record Swatting Victims\n\nhttps://krebsonsecurity.com/2022/12/hacked-ring-cams-used-to-record-swatting-victims/\n\nEDR evasion with hardware breakpoints\n\nhttps://cymulate.com/blog/blindside-a-new-technique-for-edr-evasion-with-hardware-breakpoints\n\nPort knocking from the scratch\n\nhttps://antonio-cooler.gitbook.io/coolervoid-tavern/port-knocking-from-the-scratch\n\nDay 3 \u2014 Next Level Font Obfuscation\n\nhttps://medium.com/@doctoreww/day-3-next-level-font-obfuscation-7a6cd978c7a5\n\nGatekeeper\u2019s Achilles heel: Unearthing a macOS vulnerability\n\nhttps://www.microsoft.com/en-us/security/blog/2022/12/19/gatekeepers-achilles-heel-unearthing-a-macos-vulnerability\n\nMeshyJSON: A TP-Link tdpServer JSON Stack Overflow.\n\nhttps://research.nccgroup.com/2022/12/19/meshyjson-a-tp-link-tdpserver-json-stack-overflow\n\n\u200b\u200bSentinelSneak: Malicious PyPI module poses as security software development kit\n\nhttps://blog.reversinglabs.com/blog/sentinelsneak-malicious-pypi-module-poses-as-security-sdk\n\n\u200b\u200bFontuscator\n\nA way to use fonts to obfuscate text. See the demo below for an example.\n\nhttps://github.com/DoctorEww/Fontuscator\n\nDemo:\nhttps://doctoreww.github.io/Fontuscator/\n\n\ud835\udddb\ud835\uddee\ud835\uddf0\ud835\uddf8\ud835\uddf2\ud835\uddff\ud835\ude00 \ud835\uddd9\ud835\uddee\ud835\uddf0\ud835\ude01\ud835\uddfc\ud835\uddff\ud835\ude06\nwww.ghostclan.org", "creation_timestamp": "2022-12-24T02:43:41.000000Z"}