RedPacket Security

CVE-2021-1421

May 17, 2021 admin

A vulnerability in Cisco Enterprise NFV Infrastructure Software (NFVIS) could allow an authenticated, local attacker to perform a command injection attack on an affected device. The vulnerability is due to insufficient validation of user-supplied input to a configuration command. An attacker could exploit this vulnerability by including malicious input during the execution of this command. A successful exploit could allow a non-privileged attacker authenticated in the restricted CLI to execute arbitrary commands on the underlying operating system (OS) with root privileges.

Vulnerabilities

Android stalkerware, a danger for victims and stalkers

Vulnerabilities

CVE-2021-1421

CVE-2020-26999

CVE-2020-27001

CVE-2020-27002

CVE-2021-31616

CVE-2021-21232

News

Android stalkerware, a danger for victims and stalkers

Expert released PoC exploit code for Windows CVE-2021-31166 bug

Bitcoin down: 51% attack? No, put the blame on Elon Musk

Conti ransomware demanded $20M ransom to Ireland Health Service Executive

Data Breach

WedMeGood – 1,306,723 breached accounts

DriveSure – 3,675,099 breached accounts

ParkMobile – 20,949,825 breached accounts

Descomplica – 4,845,378 breached accounts

Tools

DFIR-O365RC – PowerShell Module For Office 365 And Azure AD Log Collection

Red-Kube – Red Team K8S Adversary Emulation Based On Kubectl

CIMplant – C# Port Of WMImplant Which Uses Either CIM Or WMI To Query Remote Systems

Httpx – A Fast And Multi-Purpose HTTP Toolkit Allows To Run Multiple Probers Using Retryablehttp Library, It Is Designed To Maintain The Result Reliability With Increased Threads

Hack The Box

Hack the box guide to: Phonebook

Hack the Box Guide To: Templated

Hack the Box: Emdee five for life

Hack The Box Walkthrough guide to: Delivery

Tutorials

Empire Dropbox C2 Listener

How To manually check CVE-2021-3156 | Sudo buffer overflow

Empire 3.7 and Starkiller 1.6

Kali and BC Security Partnership