Zero-Day: A vulnerability in Polkit's pkexec component identified as CVE-2021-4034 (PwnKit) is present in the default configuration of all major Linux distributions and can be exploited to gain full root privileges on the system, researchers warn today.

https://blog.qualys.com/vulnerabilities-threat-research/2022/01/25/pwnkit-local-privilege-escalation-vulnerability-discovered-in-polkits-pkexec-cve-2021-4034

https://www.bleepingcomputer.com/news/security/linux-system-service-bug-gives-root-on-all-major-distros-exploit-released/

CVE-2021-39675, is present in the mobile OS's System component, and can be abused to achieve remote escalation of privilege without the user needing to do anything at all, and "with no additional execution privileges needed," as Google puts it.

https://source.android.com/security/bulletin/2022-02-01

Change management: https://android.googlesource.com/platform/system/nfc/+/fef77a189022aa7ac53136e582a1444b1d2ef5f0%5E%21/#F0

Reference: https://www.theregister.com/2022/02/09/android_security_bulletin/

One-liner Bug Bounty Tactics.

https://github.com/dwisiswant0/awesome-oneliner-bugbounty

Data-Leak from United States 🇺🇸 as Federal Bureau of Investigation (FBI) revealed that the BlackByte ransomware group has breached the networks of at least three organizations from US critical infrastructure sectors in the last three months.

https://www.cisa.gov/critical-infrastructure-sectors

https://www.bleepingcomputer.com/news/security/fbi-blackbyte-ransomware-breached-us-critical-infrastructure/

#OSINT #Photo Всех с началом трудовой недели. Сегодня я поговорю с вами об источниках исследования фотографий в целях идентификации лиц и объектов на снимке, а также получения его метаданных и многом другом:

├Jeffrey's (Metadata Viewer)
├pic2map (Metadata Viewer)
├exiftool (Metadata Viewer)
├search4faces (Find Face)
├findclone (Find Face)
├yandex (Find Face)
├@findfacerobot (Find Face)
├@Quick_OSINT_bot (Find Face)
├@ssb_russian_probiv_bot (Find Face)
├eyeofgod (Find Face)
├azure (Find Face)
├betaface (Find Face)
├pictriev (Find Face)
├quiz (Find Face)
├allaboutbirds (Object Ident.)
├plantnet (Object Ident.)
├peakfinder (Object Ident.)
├forensics (Photo Forensic)
├sherloq (Photo Forensic)
├ballistics (Photo Forensic)
├descarteslabs (Factchecking)
├mapchecking (Factchecking)
├suncalc (Factchecking)
├fotorobot (Modelling)
├3Dface (Modelling)
├cameratrace (Camera Trace)
├stolencamerafinder (Camera Trace)
├depix (Photo Enhancer)
├upscaler (Photo Enhancer)
└myheritage (Photo Enhancer)

@tomhunter

🔧 Toolset for OSINT of photos / picture files.

A Modern Ninja: Evasive Trickbot Attacks Customers of 60 High-Profile Companies.

https://research.checkpoint.com/2022/a-modern-ninja-evasive-trickbot-attacks-customers-of-60-high-profile-companies/

Data-Leak: A new leak, 18,000 records of Swiss bank accounts holding more than $100 billion in assets are called #SuisseSecrets.

The leak will come from the investigative journalists consortium OCCRP.

Waiting for the next "PanamaPaper" v.2.0.

Researchers from China's 🇨🇳 Pangu Lab have disclosed details of a "top-tier" backdoor put to use by the Equation Group, an advanced persistent threat (APT) with alleged ties to the cyber-warfare intelligence-gathering unit of the U.S. National Security Agency (NSA).

https://www.pangulab.cn/en/post/the_bvp47_a_top-tier_backdoor_of_us_nsa_equation_group/

https://thehackernews.com/2022/02/chinese-experts-uncover-details-of.html

Cyber-War by Russia 🇷🇺: Samples of the destructive MBR wiper targeting Ukraine 🇺🇦

Samples: https://samples.vx-underground.org/APTs/2022/2022.02.23(2)/

CVE-2022-21971: Uninitialized pointer free in prauthproviders.

https://github.com/0vercl0k/CVE-2022-21971

Re-ReBreakCaptcha: Breaking Google’s ReCaptcha v2 using.. Google.. Again – East-Ee Security (By Yair Mizrahi).

https://east-ee.com/2022/02/28/1367/

Verbatim viz
Anonymous!

"We successfully staged a cyber attack against the Belarusian railway infrastructure, designed to halt Russian military movements. Trains stopped in Minsk, Orsha, and Osipovichi

The railway system uses Windows XP. "
Russia 🇷🇺 vs Ukraine 🇺🇦 Cyber-War

https://twitter.com/AnonUkraine_/status/1498251582760267776

⚠️ Leaked stolen Nvidia cert can sign Windows malware.

An Nvidia code-signing certificate was among the mountain of files stolen and leaked online by criminals who ransacked the GPU giant's internal systems.

https://go.theregister.com/feed/www.theregister.com/2022/03/05/nvidia_stolen_certificate/

Malware now using stolen NVIDIA code signing certificates.

According to samples uploaded to the VirusTotal malware scanning service, the stolen certificates were used to sign various malware and hacking tools, such as Cobalt Strike beacons, Mimikatz, backdoors, and remote access trojans.

https://www.bleepingcomputer.com/news/security/malware-now-using-stolen-nvidia-code-signing-certificates/

There are active credentials being harvested via Stealer malware.

The undermentioned is a list of government sites affected.

https://docs.google.com/spreadsheets/u/0/d/1KC615oNu1GJN4hymAR1Hxe1M46WG_FW4UMmHWbD3y3s/htmlview

🔧 Tool: Ligolo; reverse tunneling made easy for pentesters, by pentesters.

https://github.com/sysdream/ligolo

A lock with many keys: Spoofing DNSSEC-signed domains in 8.8.8.8.

https://www.sidnlabs.nl/en/news-and-blogs/a-lock-with-many-keys-spoofing-dnssec-signed-domains-in-8-8-8-8

An ancient guide to all warfare. By Sun Tzu.

● I had heard about it as a child and read it once I was trained as a hacker. I can say; it makes sense.