Zero-Day: 3 in-the-wild 0-days patched in the last two days:
* CVE-2022-2856 in Chrome discovered by twitter.com/ashl3y_shen & twitter.com/0xbadcafe1 of Google TAG
* CVE-2022-32893 in Safari
* CVE-2022-32894 in iOS/macOS kernel
https://docs.google.com/spreadsheets/u/0/d/1lkNJ0uQwbeC1ZTRrxdtuPLCIl7mlUreoKfSIgajnSyY/htmlview#gid=1662223764
* CVE-2022-2856 in Chrome discovered by twitter.com/ashl3y_shen & twitter.com/0xbadcafe1 of Google TAG
* CVE-2022-32893 in Safari
* CVE-2022-32894 in iOS/macOS kernel
https://docs.google.com/spreadsheets/u/0/d/1lkNJ0uQwbeC1ZTRrxdtuPLCIl7mlUreoKfSIgajnSyY/htmlview#gid=1662223764
DPRK state-sponsored actors are using cryptographically signed MacOS (Apple 🍎) executables to impersonate coinbase and lure potential jobseekers in installing their spyware.
FBI claims responsibility for taking down rf.ws (RaidForums darknet marketplace).
On 31st Jan, the owner of RF, a citizen of Portugal 🇵🇹 was detained in United Kingdom 🇬🇧
https://youtu.be/Sl9S0XZJgw0
On 31st Jan, the owner of RF, a citizen of Portugal 🇵🇹 was detained in United Kingdom 🇬🇧
https://youtu.be/Sl9S0XZJgw0
YouTube
#1 Hacker Forum: Pwned By FBI
Altium 👉 https://www.altium.com/yt/seytonic
Follow me on INSTA: https://www.instagram.com/jhonti/
0:00 Intro
0:48 The Rise Of RaidForums
3:00 'Humble' Beginnings
4:08 Omni Is Not Very Clever
5:06 Scamming The FBI
6:31 The RaidForums Honeypot
7:44 Omni…
Follow me on INSTA: https://www.instagram.com/jhonti/
0:00 Intro
0:48 The Rise Of RaidForums
3:00 'Humble' Beginnings
4:08 Omni Is Not Very Clever
5:06 Scamming The FBI
6:31 The RaidForums Honeypot
7:44 Omni…
Browser-Powered Desync Attacks: A New Frontier in HTTP Request Smuggling.
https://portswigger.net/research/browser-powered-desync-attacks
https://portswigger.net/research/browser-powered-desync-attacks
PortSwigger Research
Browser-Powered Desync Attacks: A New Frontier in HTTP Request Smuggling
The recent rise of HTTP Request Smuggling has seen a flood of critical findings enabling near-complete compromise of numerous major websites. However, the threat has been confined to attacker-accessib
Zero-Day: Zero-click LPE exploit (CVE-2022-32893) for iOS 16 Beta 7 currently on sale. Selling price - €2,500,000.
Source: Yalu Jailbreak
Source: Yalu Jailbreak
State sponsored and supported Cyber-Crime: Documents appear to show that Israeli 🇮🇱 spyware company Intellexa sold a full suite of services around a zero-day affecting both Android and iOS ecosystems.
https://twitter.com/vxunderground/status/1562550443712352256
https://www.darkreading.com/vulnerabilities-threats/receipt-8m-ios-zero-day-sale-dark-web
https://twitter.com/vxunderground/status/1562550443712352256
https://www.darkreading.com/vulnerabilities-threats/receipt-8m-ios-zero-day-sale-dark-web
X (formerly Twitter)
vx-underground (@vxunderground) on X
Leaked documents online show the purchase (and documentation of) an $8,000,000 iOS Remote Code Execution 0day exploit
Excellent piece of work by investigative journalist Raphael from Rueters on India 🇮🇳 based mercenary hackers used to target lawyers, firms to gain competitive advantage.
https://www.reuters.com/investigates/special-report/usa-hackers-litigation/
https://www.reuters.com/investigates/special-report/usa-hackers-litigation/
Reuters
How mercenary hackers sway litigation battles
A trove of thousands of emails uncovered by Reuters reveals Indian cyber mercenaries hacking parties involved in lawsuits around the world – showing how hired spies have become the secret weapon of litigants seeking an edge.
Zero-Day: Microsoft found and shared a critical one-click exploit in the Android TikTok app.
https://www.microsoft.com/security/blog/2022/08/31/vulnerability-in-tiktok-android-app-could-lead-to-one-click-account-hijacking/
https://alternativeto.net/news/2022/9/microsoft-found-and-shared-a-critical-one-click-exploit-in-the-android-tiktok-app/
https://www.microsoft.com/security/blog/2022/08/31/vulnerability-in-tiktok-android-app-could-lead-to-one-click-account-hijacking/
https://alternativeto.net/news/2022/9/microsoft-found-and-shared-a-critical-one-click-exploit-in-the-android-tiktok-app/
Microsoft News
Vulnerability in TikTok Android app could lead to one-click account hijacking
Microsoft discovered a high-severity vulnerability in the TikTok Android application, now identified as CVE-2022-28799 and fixed by TikTok, which could have allowed attackers to compromise users' accounts with a single click.
Malware developer backdoors own malware to steal data from other hackers.
https://www.bleepingcomputer.com/news/security/dev-backdoors-own-malware-to-steal-data-from-other-hackers/amp/
https://www.bleepingcomputer.com/news/security/dev-backdoors-own-malware-to-steal-data-from-other-hackers/amp/
BleepingComputer
Dev backdoors own malware to steal data from other hackers
Cybercriminals using Prynt Stealer to collect data from victims are being swindled by the malware developer, who also receives a copy of the info over Telegram messaging service.
Zero-Day: Thread on CVE-2022-36804 Atlassian Bitbucket Command Injection Vulnerability.
https://twitter.com/_0xf4n9x_/status/1572052954538192901
https://twitter.com/_0xf4n9x_/status/1572052954538192901
SSRF in Functional Administrative Support Tool pdf generator.
Vulnerable Software: Functional Administrative Support Tool (FAST) v1.0.
https://hackerone.com/reports/1628209
Vulnerable Software: Functional Administrative Support Tool (FAST) v1.0.
https://hackerone.com/reports/1628209
HackerOne
U.S. Dept Of Defense disclosed on HackerOne: SSRF in Functional...
## Summary:
I found that it is possible to inject a javascript payload during the PDF form creation process, which is then executed by the checklist application server.
## Vulnerable Software:...
I found that it is possible to inject a javascript payload during the PDF form creation process, which is then executed by the checklist application server.
## Vulnerable Software:...
Tool 🔧 VirusTotalC2: Abusing VirusTotal API to host our C2 traffic, usefull for bypassing blocking firewall rules if VirusTotal is in the target white list.
https://github.com/D1rkMtr/VirusTotalC2
https://github.com/D1rkMtr/VirusTotalC2