Data-Leak from Israel 🇮🇱 as threat actor from unknown origin has posted tens of GBs of leaked data from the ministry of defense, Israel.

All Windows versions impacted by new LPE zero-day vulnerability.

A public proof-of-concept (PoC) exploit and technical details for an unpatched Windows zero-day privilege elevation vulnerability has been disclosed that allows users to gain SYSTEM privileges under certain conditions.

https://www.bleepingcomputer.com/news/security/all-windows-versions-impacted-by-new-lpe-zero-day-vulnerability/

CVE-2021-42574

Researchers devised a new attack method called ‘Trojan Source’ that allows hide vulnerabilities into the source code of a software project.

https://www.trojansource.codes/

Details: https://securityaffairs.co/wordpress/124081/hacking/trojan-source-attack.html

CVE-2021-42574 - Code generator.

https://github.com/js-on/CVE-2021-42574

Signal Unveils How Far US Law Enforcement Will Go To Get Information About People.

https://signal.org/bigbrother/santaclara/

Pwn2own Austin, United States 🇺🇸 with ~750K USD 💵 rewarded in 2 days.

Day 1 results (21 Zero-Day bugs):
https://youtu.be/jAckZAL5Dos

Day 2 results (14 Zero-Day bugs):
https://youtu.be/V3Xoo8IK0-I

Russia 🇷🇺: Ukraine 🇺🇦 has doxed today five members of the Gamaredon APT, which it says it linked to the Sevastopol branch of the FSB in the Crimean Peninsula.

https://therecord.media/ukraine-discloses-identity-of-gamaredon-members-links-it-to-russias-fsb/

Apparently a zero-day exploit being circulated online that can takeover Instagram accounts.

The phishing link contains ig.me (a lookalike which is not owned by Instagram). The hack allows the attacker to takeover the victims account.

More details as they arrive.

Pwn2own Austin, United States 🇺🇸 with ~1.1M USD 💵 rewarded in 4 days with 61 Zero-Day vulnerabilities.

Day 1 results (21 Zero-Day bugs):
https://youtu.be/jAckZAL5Dos

Day 2 results (14 Zero-Day bugs):
https://youtu.be/V3Xoo8IK0-I

Day 3 results (14 Zero-Day bugs):
https://youtu.be/5ap_6F5hxwg

Day 4 results (12 Zero-Day bugs):
https://youtu.be/bURfbHHmMZI

The invisible JavaScript backdoor.

https://certitude.consulting/blog/en/invisible-backdoor/

CVE-2021-30869: Cyber-Attack by China 🇨🇳 as a macOS Zero-Day, exploited in watering hole attacks on users in Hong Kong 🇭🇰

Google revealed that threat actors recently exploited a zero-day vulnerability in macOS to deliver malware to users in Hong Kong.

https://blog.google/threat-analysis-group/how-we-protect-users-0-day-attacks/

Data-Leak: Breaking from Israel 🇮🇱 as Unit-8200 (the elite cyber espionage, intelligence agency) of the government is listed on the Moses Staff hacking group's website under breached organizations. If true, this could mean leakage of possible state secrets and international deals. This group is believed to be affiliated to Iran 🇮🇷, possibly state sponsored. Iran never denied these claims.

For reference purposes: Unit-8200 has 10K employees.

Sample data share by the Moses-Staff group.

Pakistan 🇵🇰 | Zero-Day | Cyber-War: The 32bit version of CVE-2021-1732 was recently uploaded to Virus Total from Pakistan. The 0-day exploit was used by Bitter APT and developed by the US-based offensive company Exodus Intelligence (aka “Moses”).

https://www.virustotal.com/gui/file/ee2d53303e2c5a2787dad11e3a0abce5ea0ff9a4219e963e69a4054a11efc628

Source: CP-Research

Watering hole incident | United Kingdom 🇬🇧 | Cyber-War: Advanced cyber warfare group hacked a popular UK new site 'Middle East Eye' that often posts content disapproved by GCC / Middle East countries. The site is blocked in many Middle Eastern nations.

The hacked site served malicious JavaScript that ran in systems of the visitors of the compromised site. The attack vector was based from a known criminal group; 'Candiru' which is declared 📜 criminal by the United States 🇺🇸 and is under sanctions. Candiru is another Cyber-Crime syndicate from Israel 🇮🇱 that operates under Israeli weapons control laws.

This attack apparently stems out from one of the customers of this state-sponsored criminal organisation.

https://www.vice.com/en/article/pkpbdm/hackers-compromised-middle-east-eye-news-website-to-hack-visitors-researchers-say

Details about Candiru sanctions: https://www.vice.com/en/article/dypzjq/us-sanctions-could-cut-off-nso-from-tech-it-relies-on

Revelation of Cyber-Attack by Iran 🇮🇷 at United States 🇺🇸 as FBI charges Iranian nationals with interfering in the 2020 U.S. presidential election.

https://www.fbi.gov/wanted/cyber/iranian-interference-in-2020-us-elections