Vidar spyware is now hidden in Microsoft help files

Updated: The malware is being spread through an interesting phishing tactic.

https://www.zdnet.com/article/vidar-spyware-is-now-hidden-in-microsoft-help-files/

☆ FORCEDENTRY: Sandbox Escape. A blog by Google's elite Project zero.

The article documents samples share by CitizenLab of the malware the Israel 🇮🇱 based state-sponsored Cyber-Crime syndicate 'NSO-Group' is infecting devices of people. Which often results in their death or harm to them or their relatives.

https://googleprojectzero.blogspot.com/2022/03/forcedentry-sandbox-escape.html

Deleted copy of Spring4Shell exploit code that triggered the infosec storm.

https://webcache.googleusercontent.com/search?q=cache:fMlVaoPj2YsJ:https://github.com/helloexp+&cd=1&hl=en&ct=clnk&gl=us

Pwning a Cisco RV340 with a 4 bug chain exploit as demonstrated in pwn2own competition.

https://blog.relyze.com/2022/04/pwning-cisco-rv340-with-4-bug-chain.html

spring-rce-poc

https://github.com/Retrospected/spring-rce-poc

Zero-Day in Nginx results in Remote Code Execution (RCE).

https://securityonline.info/nginx-zero-day-rce-vulnerability-alert/

🔧 Tool: A modern, simple TCP tunnel in Rust that exposes local ports to a remote server, bypassing standard NAT connection firewalls. That's all it does: no more, and no less.

https://github.com/ekzhang/bore

PoC: VMware CVE-2022-22954 Workspace ONE Access Freemarker Server-side Template Injection.

Originally mentioned here https://t.me/ckuRED/117 is the first public disclosure of the vulnerability

https://github.com/sherlocksecurity/VMware-CVE-2022-22954

Kernel RCE in FreeBSD via WiFi frames.

https://www.freebsd.org/security/advisories/FreeBSD-SA-22:07.wifi_meshid.asc

Also affects pfSense / OPNsense / etc.

New XSS vectors.

https://portswigger.net/research/new-xss-vectors

Capture SSL/TLS text content without CA cert by eBPF.

https://github.com/ehids/ecapture

CVE-2021-30737, @xerub's 2021 iOS ASN.1 Vulnerability.

https://googleprojectzero.blogspot.com/2022/04/cve-2021-30737-xerubs-2021-ios-asn1.html

Zero-Day in Java: A researcher has released proof-of-concept (PoC) code for a digital signature bypass vulnerability in Java.

CVE-2022-21449 Proof of Concept demonstrating its usage with a client running on a vulnerable Java version and a malicious TLS server.

https://github.com/khalednassar/CVE-2022-21449-TLS-PoC

New elevation of privilege Linux vulnerability : Nimbuspwn

https://www.microsoft.com/security/blog/2022/04/26/microsoft-finds-new-elevation-of-privilege-linux-vulnerability-nimbuspwn/

Israeli 🇮🇱 Pegasus Spyware — Untold — Chinese Engineering — Samples 1 & 2.

The Israel, unable to create a smart spyware copied code for the app from China 🇨🇳 based APT and purchased Zero-Day from a security researcher from rhe money 💰 of primarily United States' 🇺🇸 taxpayers.

https://jonathandata1.medium.com/pegasus-spyware-untold-chinese-engineering-samples-1-2-e5aba2a0b20b

● Telegram Messenger (as per my analysis) becomes the largest public collection of DarkWeb content, resources, breached data and similar.

Zero-Day: Critical F5 BIG-IP flaw allows device takeover (CVE-2022-1388).

https://www.helpnetsecurity.com/2022/05/05/cve-2022-1388/

Speed-Hack: WordPress sites getting hacked ‘within seconds’ of TLS certificates being issued.

https://portswigger.net/daily-swig/wordpress-sites-getting-hacked-within-seconds-of-tls-certificates-being-issued

An advanced threat actor has leaked data of multiple institutions, organizations, nation-states and civilians in varying forms (PII, documents, credentials and similar).

The data collage is huge and we (t.me/ckure) have received the copy.

Some leaks were previously public. However, some are either new or were previously unreported.

Well written from A to Z: Exploiting a Use-After-Free for code execution in every version of Python 3.

https://pwn.win/2022/05/11/python-buffered-reader.html

Multiple bugs chained to takeover Facebook Accounts which uses Gmail. ($42K)

https://ysamm.com/?p=763