ar
Feedback
İbrahim BALOĞLU - Siber Güvenlik Paylaşımları

İbrahim BALOĞLU - Siber Güvenlik Paylaşımları

الذهاب إلى القناة على Telegram

Mevcut grup, Siber Güvenlik alanında paylaşımlar yapmak için oluşturulmuştur.

إظهار المزيد
1 074
المشتركون
-224 ساعات
-37 أيام
+1030 أيام

جاري تحميل البيانات...

جذب المشتركين
يوليو '26
يوليو '26
+6
في 0 قنوات
يونيو '26
+29
في 0 قنوات
Get PRO
مايو '26
+57
في 0 قنوات
Get PRO
أبريل '26
+65
في 0 قنوات
Get PRO
مارس '26
+45
في 0 قنوات
Get PRO
فبراير '26
+38
في 1 قنوات
Get PRO
يناير '26
+46
في 0 قنوات
Get PRO
ديسمبر '25
+30
في 0 قنوات
Get PRO
نوفمبر '250
في 0 قنوات
Get PRO
أكتوبر '250
في 0 قنوات
Get PRO
سبتمبر '250
في 0 قنوات
Get PRO
أغسطس '250
في 0 قنوات
Get PRO
يوليو '250
في 0 قنوات
Get PRO
يونيو '250
في 0 قنوات
Get PRO
مايو '250
في 0 قنوات
Get PRO
أبريل '250
في 0 قنوات
Get PRO
مارس '250
في 0 قنوات
Get PRO
فبراير '250
في 0 قنوات
Get PRO
يناير '250
في 0 قنوات
Get PRO
ديسمبر '240
في 0 قنوات
Get PRO
نوفمبر '24
+88
في 0 قنوات
Get PRO
أكتوبر '24
+129
في 0 قنوات
Get PRO
سبتمبر '24
+53
في 0 قنوات
Get PRO
أغسطس '24
+48
في 0 قنوات
Get PRO
يوليو '24
+54
في 0 قنوات
Get PRO
يونيو '24
+46
في 0 قنوات
Get PRO
مايو '24
+53
في 0 قنوات
Get PRO
أبريل '24
+48
في 0 قنوات
Get PRO
مارس '24
+68
في 0 قنوات
Get PRO
فبراير '24
+83
في 0 قنوات
Get PRO
يناير '24
+70
في 0 قنوات
Get PRO
ديسمبر '23
+264
في 0 قنوات
التاريخ
نمو المشتركين
الإشارات
القنوات
05 يوليو+1
04 يوليو+1
03 يوليو+2
02 يوليو+1
01 يوليو+1
منشورات القناة
#Analytics #Threat_Research An analytical review of the main cybersecurity events (June 27 - July 04, 2026) 1⃣  Bad Epoll (CVE-2026-46242) https://github.com/J-jaeyoung/bad-epoll // race-condition UaF in the Linux kernel's epoll subsystem 2⃣  Mitigated API authentication bypass for python*org download metadata https://blog.python.org/2026/06/mitigated-api-bypass-for-download-metadata-python-dot-org 3⃣ Exploits for 23 unpatched vulnerabilities in FFmpeg, VLC, Firefox, Docker, PHP, OpenVPN, nmap, libssh2, nghttp2, and 7zip have been disclosed https://github.com/bikini/exploitarium 4⃣  Beware of the license manager: how a Schneider Electric software vulnerability puts industrial facilities at risk https://securelist.com/tr/schneider-electric-cve-2024-2658-vulnerability/120436 5⃣  Apple Hide My Email Vulnerability https://www.404media.co/apple-hide-my-email-vulnerability-reveals-peoples-real-email-addresses 6⃣  DNS Tricks to Load Malware into Cloned Repository https://0din.ai/blog/clone-this-repo-and-i-own-your-machine 7⃣  Google Gemini CLI Vulnerability https://github.com/advisories/GHSA-jj69-4grx-fqj5 // CVE-2026-12537 8⃣ Apache MINA Deserialization Bypass to RCE https://blog.securelayer7.net/cve-2026-42779-apache-mina-deserialization-rce // CVE-2026-42779 affects Apache MINA versions 2.1.0 - 2.1.11 and 2.2.0 - 2.2.6

2
#Whitepaper "Capturing the Click: Process-Based Detection of Malicious Link Interactions", Apr. 2026. // Web links remain one of the most reliably abused vectors in phishing attacks. However, defenders continue to depend on network-based monitoring and post-execution detection that activate only after an account has been compromised. This research validates the browser command-line flags used by Chrome, Edge, Firefox as parameters in process-creation events, capturing both the clicked URL and the parent application, document, or script that delivered it
666
3
lost data ? hold my beer
lost data ? hold my beer
682
4
#AppSec #Threat_Research PixelSmash - Critical FFmpeg Vulnerability https://jfrog.com/blog/pixelsmash-critical-ffmpeg-vulnerability-turns-media-files-into-weapons // CVE-2026-8461 - critical vulnerability in FFmpeg's MagicYUV decoder leads to RCE via a crafted media file
660
5
#Malware_analysis 1⃣ Interlock and Rhysida within the ransomware ecosystem https://www.ibm.com/think/x-force/interlock-and-rhysida-within-the-ransonware-ecosystem 2⃣ Preliminary analysis of AUR malware https://ioctl.fail/preliminary-analysis-of-aur-malware 3⃣ Analysis of APT37 NarwhalRAT https://www.genians.co.kr/en/blog/threat_intelligence/narwhalrat
661
6
#NetSec #AppSec 1⃣ Squidbleed (CVE-2026-47729) https://blog.calif.io/p/squidbleed-cve-2026-47729 // Heartbleed-style heap buffer overread in Squid Proxy's FTP parser that leaks internal memory, including HTTP request data, due to a C bug when parsing missing filenames 2⃣ Chaining Security Bugs in Discuz! X5.0: from Race Condition to Pre-Auth RCE https://karmainsecurity.com/chaining-bugs-in-discuz-from-race-condition-to-rce // A chain of vulns in Discuz! X5.0 enables unauthenticated access to RCE through AI-assisted CAPTCHA bypass, database race conditions, token reuse, and LFI exploits, culminating in persistent OS command execution 3⃣ CVE-2026-0826: Critical unauthenticated stack buffer overflow in HP Poly VVX and Trio VoIP Phones https://www.rapid7.com/blog/post/ve-cve-2026-0826-critical-unauthenticated-stack-buffer-overflow-hp-poly-vvx-trio-voip-phones-fixed // Vulnerable: VVX 150, 250, 350, and 450, as well as Trio IP Conference series (Trio 8800, 8500, 8300)
628
7
#NetSec #Red_Team_Tactics 1⃣ Windows fileless latteral movement technique https://github.com/synacktiv/DCOMIllusionist 2⃣ Check Point Remote Access VPN IKEv1 Authentication Bypass (CVE-2026-50751) https://labs.watchtowr.com/marking-your-own-homework-check-point-remote-access-vpn-ikev1-authentication-bypass-cve-2026-50751 3⃣ A 27-Year-Old Authentication Bypass in OpenBSD's PPP Stack https://blog.argus-systems.ai/blog/openbsd-pap-27-year-auth-bypass.html 4⃣ Using WinGet to proxy execution and evade detection https://ipurple.team/2026/06/09/winget
710
8
#DFIR 1⃣ A deep technical analysis of Windows input pipelines, security telemetry, and why PuTTY, WinSCP, MySQL, SSH, and SFTP passwords may leak into system memory https://hexderef.com/windows-11-passwords-in-memory-lsass-ctfmon-analysis 2⃣ Aether - Windows memory-forensics and threat hunting tool https://github.com/0xsp-SRD/aether
896
9
#AppSec #Threat_Research 1⃣ Click Or Trick (CVE-2025-59199): Escaping the Sandbox with Windows URIs https://www.safebreach.com/blog/click-or-trick-cve-2025-59199-escaping-the-sandbox-with-windows-uris 2⃣ Adobe Acrobat Reader Escript.api UAF RCE https://blog.exodusintel.com/2026/06/01/adobe-acrobat-reader-escript-api-use-after-free-remote-code-execution 3⃣ Exploiting Windows Defender's Remediation Workflow for LPE https://blog.calif.io/p/redsun-exploiting-windows-defenders
872
10
Linux LPE Toolkit * Multi ARCH набор для повышения привилегий в Linux, 19 готовыми и компилируемыми во время выполнения экспл
Linux LPE Toolkit * Multi ARCH набор для повышения привилегий в Linux, 19 готовыми и компилируемыми во время выполнения эксплойтов. Автоматически определяет версию ядра, фильтрует патченные эксплойты, пробует каждый до root. * Download
687
11
Hidden HTTP/2 Bomb * FOR nginx, Apache httpd, Microsoft IIS, Envoy, Cloudflare Pingora * WriteUP + LABs + PoCs
Hidden HTTP/2 Bomb * FOR nginx, Apache httpd, Microsoft IIS, Envoy, Cloudflare Pingora * WriteUP + LABs + PoCs
605
12
#NetSec #Threat_Research 1⃣ Exploitation of KnowledgeDeliver via ViewState Deserialization Vulnerability // CVE-2026-5426 enabled RCE via shared ASPNET machine keys, leading to web shells, privilege escalation, and malware deployment, with mitigation requiring key rotation and vigilant monitoring 2⃣ Laravel Lang Packages Compromised // Laravel Lang packages were compromised with an RCE backdoor across hundreds of versions, exposing cloud, CI/CD, and developer secrets 3⃣ Google API keys keep working after you delete them // When you delete a Google API key, it says it’s immediately deleted. Our testing says ~23 min. During that window, an attacker with a leaked key keeps access to your data and enabled APIs 4⃣ Unauthenticated InfoLeak to Full Admin Compromise on ZTE ZXHN H168N // CVE-2021-21735 - critical flaw in ZTE routers allowing unauthenticated access to sensitive configuration data, enabling full device compromise and WLAN takeover 5⃣ Critical heap buffer overflow in 7-Zip // CVE-2026-48095
756
13
#Analytics #Threat_Research An analytical review of the main cybersecurity events for the week (May 16-23, 2026) 1⃣ GRO Frag - seventh Copy Fail vulnerability that grants root privileges to Linux // Affected: Linux 6.0+ (unprivileged, requires io_uring) 2⃣ Cisco Secure Workload Unauthorized API Access Vulnerability CVE-2026-20223 // Affects Cisco Secure Workload Cluster Software on SaaS and on-prem deployments, regardless of device configuration 3⃣ Anonymous SQLI in Drupal Core (CVE-2026-9082) // PostgreSQL-specific SQLi in Drupal core allows anonymous users to execute malicious queries via JSON endpoints, fixed by resetting array keys before SQL translation 4⃣ Flipper One Project // Isn't an upgrade to Flipper Zero - it's a completely different project with its own goals.. 5⃣ Critical security flaws in Google Cloud's internal APIs // CVE-2026-2031 6⃣ DirtyDecrypt is another Copy Fail vulnerability that grants root privileges on Linux // A prototype exploit is available 7⃣ ModuleJail for locking unused Linux kernel modules // A single POSIX shell script that shrinks a Linux host's kernel-module attack surface by writing a modprobe.d blacklist 8⃣ Pwn2Own Berlin 2026: Day Three Results and Master of Pw // Day One / Two Results ]-> Analytical review (May 09-16, 2026)
773
14
CVE-2026-20182 Cisco Catalyst SD-WAN MetaSploit bypass module * CVE-2026-0300 PAN-OS 12.1, 11.2, 11.1, 10.2 RCE PoC * #networ
CVE-2026-20182 Cisco Catalyst SD-WAN MetaSploit bypass module * CVE-2026-0300 PAN-OS 12.1, 11.2, 11.1, 10.2 RCE PoC * #network
725
15
#AppSec #Threat_Research How an image could compromise your Mac: understanding an ExifTool vulnerability (CVE-2026-3102) https://securelist.com/exiftool-compromise-mac/119866 // critical RCE vulnerability in ExifTool ≤13.49 on macOS, exploitable via malicious image metadata
739
16
#DFIR #Tech_book #Blue_Team_Techniques "SIEM Use Case Engineering Playbook: 100 Detailed Use Cases for Rule Creation, Alert Design, Incident Grouping and SOC Response", 2026. // A 2026 SIEM use case must be more than a single event trigger. It should describe a realistic threat scenario, identify the logs required, define the building blocks, state the rule logic, generate a useful alert, create an incident when evidence is strong and guide the analyst towards containment or closure
795
17
#Tech_book #Cyber_Education "SOC Analyst Career Guide Become highly skilled in security tools, tactics, and techniques to jumpstart your SOC analyst career", 2025. // This book focuses on breaking into cybersecurity the right way, through grit, curiosity, and practical execution. Being a SOC analyst is not glamorous. It involves long hours, messy data, and living on the edge of someone else’s breach. Yet for those who thrive on chaos, who find purpose in connecting dots that others overlook, and who take satisfaction in stopping threats before anyone else even notices, this is where you belong
788
18
#Analytics #Threat_Research An analytical review of the main cybersecurity events for the week (May 02-09, 2026) 1⃣  Apache httpd http2 vulnerability // CVE-2026-23918: double free and possible RCE on early reset 2⃣  MorphKatz // Windows x64 polymorphic machine-code rewriter 3⃣  Chaining ISC DHCP Server Features for Unauthenticated Root RCE // A chain of ISC DHCP Server features enables unauthenticated remote root access via OMAPI manipulation and 'execute()' statements, bypassing traditional memory or logical bugs 4⃣  TrustFall: coding agent security flaw enables one-click RCE in Claude, Cursor, Gemini CLI and GitHub Copilot // Two PoC variants: poc/ is the 1-click developer machine variant (opens the OS calculator, works on all four CLIs, poc-ci-pipeline/ is the 0-click headless CI variant 5⃣  Wireshark 4.6.5 Released // Release notes + download page 6⃣  PCPJack: Cloud Worm Evicts TeamPCP and Steals Credentials at Scale // PCPJack targets exposed services including Docker, Kubernetes, Redis, MongoDB, RayML, and vulnerable web apps, enabling both external propagation and lateral movement inside victim environments 7⃣  Dropbear SSH 2026.90
711
19
CVE-2026-42945 RIFT - RCE NGINX * PoC
CVE-2026-42945 RIFT - RCE NGINX * PoC
633
20
#exploit #Mobile_security #Kernel_Security A 0-click exploit chain for the Pixel 10: When a Door Closes, a Window Opens.. https://projectzero.google/2026/05/pixel-10-exploit.html // Researchers developed a new exploit chain for Pixel 10, updating previous vulns found in Pixel 9, including Dolby and VPU driver issues. Dolby exploit was adapted for Pixel 10, but LPE link was replaced due to hardware driver differences, leading to the discovery of a critical VPU vulnerability
669