╭──────────────────────────────────────────────────────────────────────────────╮ │ ■■■■■■■■■■■■■■■■■■■■■■■■■■■■■■■■■■■■■■■■■■■■■■■■■■■■■■■■■■■■■■■■■■■■■■■■■■■■ │ │2 0 2 0 ─────╷ ╷╷ ╷╭───╮╭───╮╭───╮╭───╮╷ ╷ ╷╭──╮0 3 0 3 │ │2 0 2 0 │ │ ││ ││ ││ ││ ││ ││ │ ││ ╰╮0 3 0 3 │ │2 0 2 0 │ │───╯│ ││ ──╮│ │ ──╯│ ││ │ ││ │0 3 0 3 │ │2 0 2 0 │ │ ││ ││ ││ ││ ││ ││ │ ││ │0 3 0 3 │ │2 0 2 0 ╵ ╵ ╵╰───╯╰───╯╰───╯╵ ╵╰───╯╰───╯╰───╯0 3 0 3 │ │ ■■■■■■■■■■■■■■■■■■■■■■■■■■■■■■■■■■■■■■■■■■■■■■■■■■■■■■■■■■■■■■■■■■■■■■■■■■■■ │ ╰──────────────────────────────────────────────────────────────────────────────╯ ▄▄ ▄ ▄▄▄▄ ▄ ▄ ▄▄▄▄ █▀██ █ █ █ █ ╭─ █ █ █▀▀ █ ██ ▀▀▀█ ────────────────────────────────────────────────────────╮ │ █ █ █▄▄▄ █▄██ ▄▄▄█ │ │ │ │○ Details of 10.6 million of MGM hotel guests posted on a hacking forum │ │○ DOD DISA discloses data breach │ │○ False warning of ‘radiological hazard' invades TV screens on Olympic │ │ Peninsula │ │○ Apple Just Demanded Santander And A $50 Billion US Intelligence │ │ Contractor Reveal How They Use iPhone Hacking Tech │ │○ Ghostcat bug impacts all Apache Tomcat versions released in the last │ │ 13 years │ │○ Coronavirus: Nasa images show China pollution clear amid slowdown │ │○ Republican mega-donor buys stake in Twitter, seeks to oust Jack Dorsey │ │○ A 'stalkerware' app leaked phone data from thousands of victims │ │○ Some streams got DMCA'd during Democrating Debates │ │○ Celeb Shout-Out App Cameo Exposes Private Videos and User Data │ │○ Amazon Pulled Over 1 Million Items Capitalizing on Coronavirus │ │○ Clearview AI's entire client list stolen in data breach │ │○ Youtube Accidentally Suspends lofi hip hop radio - beats to │ │ relax/study to │ │○ Assange lawyer claims congressman offered pardon on behalf of Trump in │ │ exchange for absolving Russia in WikiLeaks case │ │○ US Charges Two With Laundering $100M for North Korean Hackers │ │○ Critical MediaTek rootkit affecting millions of Android devices has │ │ been out in the open for months │ │○ Chinese security firm says CIA hacked Chinese targets for past 11 years │ │ │ ╰──────────────────────────────────────────────────────────────────────────────╯ ▄▄▄▄ ▄▄▄▄ ▄▄▄▄ ▄▄▄ ▄▄▄▄ ▄▄▄▄ ▄▄▄▄ ▄▄▄ ▄▄▄▄ █ █ █ █ █ █ ▀█ █ █ █ █ █ █ ▀█ █ ╭─ █ ▀█ █ █ █ █ █ █ █▀█▀ █▀▀ █▀▀█ █ █ ▀▀▀█ ─────────────────────────────╮ │ █▄▄█ █▄▄█ █▄▄█ █▄▄█ █ █ █▄▄▄ █ █ █▄▄█ ▄▄▄█ │ │ │ │○ Coronavirus (COVID-19) PSA for Startups │ │○ Linux kernel (3.x-5.x) use-after-free in the XFRM subsystem │ │○ Pwning VMware, Part 2: ZDI-19-421, a UHCI bug │ │○ A mysterious bug in the firmware of Google's Titan M chip │ │ (CVE-2019-9465) │ │○ Zip Files: History, Explanation and Implementation │ │○ Here's the File Clearview AI Has Been Keeping on Me, and Probably on │ │ You Too │ │○ snyff - Entomology 101 (Bug Hunting Presentation Slides) │ │○ Smithsonian Releases 2.8 Million Images Into Public Domain │ │○ Musicians Algorithmically Generate Every Possible Melody, Release Them │ │ to Public Domain │ │○ Exploring Anti-Debug Techniques in a crackme │ │ │ ╰──────────────────────────────────────────────────────────────────────────────╯ ▄▄▄▄ ▄▄▄▄ ▄▄▄▄ ▄▄▄▄ ▄ ▄ ▄▄▄▄ ▄▄▄▄ ▄▄▄▄ ▄▄▄▄ █ █ █ █ █ █ █ █ █ █ █ █ █ ╭─ █▀█▀ █▀▀ ▀▀▀█ █ █ █ █ █▀█▀ █ █▀▀ ▀▀▀█ ───────────────────────────────╮ │ █ █ █▄▄▄ ▄▄▄█ █▄▄█ █▄▄█ █ █ █▄▄▄ █▄▄▄ ▄▄▄█ │ │ │ │○ Submit a talk idea to the new Bugcrowd LevelUp conference │ │○ NYT: How to Dox Yourself on the Internet │ │○ Windows Privilege Escalation Guide │ │○ algorithm-visualizer: Interactive Online Platform that Visualizes │ │ Algorithms from Code │ │○ Advanced Persistence Threats: The Future of Kubernetes Attacks │ │○ Angular and AngularJS for Pentesters - Part 1 │ │○ Notes on SNAKE/EKANS ransomware │ │○ Finding Linux malware masquerading as a kernel thread │ │○ A collection of several IoT/firmware fuzzers. │ │○ milabs/stamina: (Linux Kernel) Stack Monitoring Tool │ │○ cling: an interactive C++ interpreter │ │○ Tweet at BBC Micro Bot, receive output │ │○ Checkpoint Evasion Techniques │ │ │ ╰──────────────────────────────────────────────────────────────────────────────╯ ▄▄▄▄ ▄ ▄ ▄▄▄▄ ▄▄▄▄ ▄▄▄▄ ▄▄▄▄ █ █ █ █ █ █ ▐▌ █ ╭─ █ █▀▀█ █▀▀ █▀▀█ ▐▌ ▀▀▀█ ──────────────────────────────────────────────╮ │ █▄▄▄ █ █ █▄▄▄ █ █ ▐▌ ▄▄▄█ │ │ │ │○ duasynt/xfrm_poc: Linux kernel XFRM UAF poc (3.x - 5.x kernels) │ │○ LPE and RCE in OpenSMTPD's default install (CVE-2020-8794) │ │○ COVID-19 Sequence Dump │ │○ Y4er/CVE-2020-2551: Weblogic IIOP deserialization RCE PoC │ │○ RCE for Intellian Satellite Controller (CVE-2020-7980) │ │○ A Eulogy for Patch-Gapping Chrome │ │○ silviocesare: Linux Kernel Stack Smashing │ │○ Cacti v1.2.8 authenticated Remote Code Execution (CVE-2020-8813) │ │○ CVE-2018-8611 – Diving into the Windows Kernel Transaction Manager │ │ (KTM) for fun and exploitation │ │○ Bypass Windows 10 User Group Policy (and more) with this One Weird │ │ Trick │ │○ Blue Team vs Red Team: how to run your encrypted ELF binary in memory │ │ and go undetected │ │ │ ╰──────────────────────────────────────────────────────────────────────────────╯ ▄▄▄▄ ▄▄▄▄ ▄▄▄▄ ▄▄▄▄ ▄▄▄▄ ▄ █ █ █ █ █ █ █ █ █ ╭─ ▀▀▀█ █▀▀█ █▀▀ █▀▀█ █▀█▀ █ ────────────────────────────────────────────────╮ │ ▄▄▄█ █ █ █ █ █ █ █ █ │ │ │ │ BANE │ │○ KnowBe4 Training Dork │ │○ "Ransomed" Kibana │ │○ Some network logs │ │ │ │ DOC │ │○ PersianGig Open Dir │ │○ Berkshire-Hathaway Media Group Open Dir │ │ │ │ HERMIT │ │○ Johnson & Johnson Production EU File Listing │ │○ Johnson & Johnson Dork │ │○ NERSC Let's Encrypt Certs │ │○ "Thanks" Email Dork │ │○ Tomcat new instance version dork │ │○ inurl:dynamic/login.html filetype:html │ │ │ │ ILYA │ │○ A dork and some scuffed sqli │ │ │ │ NOTDAN │ │○ Investigation into Twitter Device Fingerprinting │ │ │ │ PLAZMAZ │ │○ Long thread on tracking down a fake company │ │○ BitBucket Dork │ │○ Tetris on an S3 Bucket │ │○ Recipe API Script │ │○ Clearview AI .gov Dork │ │ │ │ SSHELL │ │○ Fortinet DDNS SMS Manager │ │ │ │ X0 │ │○ Some gross pdfs │ │ │ │ XEHLE │ │○ Scuffed McDonald's Phishing Page? │ │ │ │ YUU │ │○ "OvhBypass.py" - A beautiful mess (backdoored don't run) │ │○ Cloudflare Bypassed IP for pro^fessor^watc^hlist[dot]org │ │○ Pastebin spam │ │○ Web Proxy Auto-Discovery wpad.dat dork │ │ │ ╰──────────────────────────────────────────────────────────────────────────────╯