BRAKTOOTH: Causing Havoc on Bluetooth Link Manager.
https://asset-group.github.io/disclosures/braktooth/
https://asset-group.github.io/disclosures/braktooth/
Internet Explorer: Incorrect JIT optimization in jscript9.dll leading to memory corruption
https://bugs.chromium.org/p/project-zero/issues/detail?id=2188
https://bugs.chromium.org/p/project-zero/issues/detail?id=2188
This media is not supported in your browser
VIEW IN TELEGRAM
CVE-2021-40444; a Half-Click exploit.
CVE-2021-39115: Template Injection in Email Templates leads to code execution on Jira Service Management Server.
https://github.com/PetrusViet/CVE-2021-39115
https://github.com/PetrusViet/CVE-2021-39115
GitHub
GitHub - PetrusViet/CVE-2021-39115: Template Injection in Email Templates leads to code execution on Jira Service Management Server
Template Injection in Email Templates leads to code execution on Jira Service Management Server - PetrusViet/CVE-2021-39115
Facebook shields millions of "VIP users" from the companyโs standard content moderation practices in a program called "XCheck," according to internal documents obtained by the WSJ.
Critical encryption vulnerability found in secure communications platform Matrix.
https://portswigger.net/daily-swig/critical-encryption-vulnerability-found-in-secure-communications-platform-matrix
https://portswigger.net/daily-swig/critical-encryption-vulnerability-found-in-secure-communications-platform-matrix
The Daily Swig | Cybersecurity news and views
Critical encryption vulnerability found in secure communications platform Matrix
Implementation bug discovered in certain clients and libraries
cKure Red
Israel ๐ฎ๐ฑ: A tale of state sponsored cyber terrorism and crime, for financial gains; all in the name of spreading peace โ How NSO Group came into existence and how it goes access to someone's device illegally to anyone who is willing to pay. A good pieceโฆ
A consortium of journalists gained access to a leak of more than 50,000 phone numbers entered into a system used for targeting by Pegasus, a sophisticated spyware product made by the Israel ๐ฎ๐ฑ sponsored company NSO Group. Governments around the world paid the company vast sums of money to gain access to Pegasus and let them use it to attack their targets.
https://cdn.occrp.org/projects/project-p
https://cdn.occrp.org/projects/project-p
OCCRP
Who's on the List? โ The Pegasus Project | OCCRP
Search the data and learn more about the people around the world who were selected for targeting by NSO Group spyware.
cKure Red
CVE-2021-40444 PoC https://github.com/lockedbyte/CVE-2021-40444
Fully Weaponized CVE-2021-40444
Malicious docx generator to exploit CVE-2021-40444 (Microsoft Office Word Remote Code Execution), works with arbitrary DLL files.
https://github.com/klezVirus/CVE-2021-40444
Malicious docx generator to exploit CVE-2021-40444 (Microsoft Office Word Remote Code Execution), works with arbitrary DLL files.
https://github.com/klezVirus/CVE-2021-40444
GitHub
GitHub - klezVirus/CVE-2021-40444: CVE-2021-40444 - Fully Weaponized Microsoft Office Word RCE Exploit
CVE-2021-40444 - Fully Weaponized Microsoft Office Word RCE Exploit - klezVirus/CVE-2021-40444
BDREvilDecryptor.exe
9.3 MB
Bitdefender Offers Free Universal Decryptor for REvil/Sodinokibi Ransomware
https://www.bitdefender.com/blog/labs/bitdefender-offers-free-universal-decryptor-for-revil-sodinokibi-ransomware
https://www.bitdefender.com/blog/labs/bitdefender-offers-free-universal-decryptor-for-revil-sodinokibi-ransomware
Cyber-Attack by India ๐ฎ๐ณ on Pakistan ๐ต๐ฐ and China ๐จ๐ณ as Windows Zero-Day(s) made by United States ๐บ๐ธ company used in spy campaign.
India apparently leaked the Zeroday details and were used by rogue hacking units of South Korea ๐ฐ๐ท (non-state sponsored).
https://www.forbes.com/sites/thomasbrewster/2021/09/17/exodus-american-tech-helped-india-spy-on-china/
India apparently leaked the Zeroday details and were used by rogue hacking units of South Korea ๐ฐ๐ท (non-state sponsored).
https://www.forbes.com/sites/thomasbrewster/2021/09/17/exodus-american-tech-helped-india-spy-on-china/
Forbes
Exclusive: An American Company Fears Its Windows Hacks Helped India Spy On China And Pakistan
Texas-based Exodus Intelligence says it had to cut ties with India after its research into Windows security was weaponized to attack China and Pakistan. Itโs now looking into whether or not its valuable code leaked to other nations.
iOS 15 iCloud Private Relay Vulnerability Identified.
https://fingerprintjs.com/blog/ios15-icloud-private-relay-vulnerability/
https://fingerprintjs.com/blog/ios15-icloud-private-relay-vulnerability/
Fingerprint
iOS 15 iCloud Private Relay Vulnerability Identified
Learn more about this vulnerability in Appleโs new iCloud Private Relay service and how you can prevent your data from being leaked.
Latest FinFisher spyware upgrades 'particularly worrying,' says Kaspersky.
Eight-month analysis finds four-layer obfuscation, two-stage loader, and a new UEFI attack
https://go.theregister.com/feed/www.theregister.com/2021/09/28/kasperky_finfisher_spyware_report/
Eight-month analysis finds four-layer obfuscation, two-stage loader, and a new UEFI attack
https://go.theregister.com/feed/www.theregister.com/2021/09/28/kasperky_finfisher_spyware_report/
The Register
Latest FinFisher spyware upgrades 'particularly worrying,' says Kaspersky
Eight-month analysis finds four-layer obfuscation, two-stage loader, and a new UEFI attack
โ One of the android devices used to administer this channel was accessed remotely, a few hours ago by an unknown entity.
No modifications to data were noticed on the device.
No modifications to data were noticed on the device.
๐ง Tool: TrevorC2 - Command and Control via Legitimate Behavior over HTTP
https://github.com/trustedsec/trevorc2
https://github.com/trustedsec/trevorc2
GitHub
GitHub - trustedsec/trevorc2: TrevorC2 is a legitimate website (browsable) that tunnels client/server communications for covertโฆ
TrevorC2 is a legitimate website (browsable) that tunnels client/server communications for covert command execution. - trustedsec/trevorc2