Trend Micro's Web Based scanner for CVE-2021-44228 aka Log4Shell.

log4j-tester.trendmicro.com

Pegasus vs. Predator as Dissident’s Doubly-Infected iPhone Reveals Cytrox Mercenary Spyware from a startup in Macedonia 🇲🇰 an apparent competition with the state sponsored crimeware (lets call it so) of Israel 🇮🇱

A citizen-lab report.

https://citizenlab.ca/2021/12/pegasus-vs-predator-dissidents-doubly-infected-iphone-reveals-cytrox-mercenary-spyware/

CVE-2021-44228 aka Log4shell summarized.

https://m.youtube.com/watch?v=w2F67LbEtnk

🔧 Tool: Mariana Trench; a security focused static analysis platform targeting Android.

https://github.com/facebook/mariana-trench

Data-Leak: State sponsored Cyber-Crime syndicate from India 🇮🇳 using Tek Fog: An App With BJP (the ruling party); Footprints for Cyber Troops to Automate Hate, Manipulate Trends.

https://thewire.in/tekfog/en/1.html

An interesting thread on SquirrelWaffle, Qakbot and Emotet using the same C2 servers linked to hundreds of websites from India 🇮🇳

https://twitter.com/1ZRR4H/status/1485413045975330822

Zero-Day: A vulnerability in Polkit's pkexec component identified as CVE-2021-4034 (PwnKit) is present in the default configuration of all major Linux distributions and can be exploited to gain full root privileges on the system, researchers warn today.

https://blog.qualys.com/vulnerabilities-threat-research/2022/01/25/pwnkit-local-privilege-escalation-vulnerability-discovered-in-polkits-pkexec-cve-2021-4034

https://www.bleepingcomputer.com/news/security/linux-system-service-bug-gives-root-on-all-major-distros-exploit-released/

CVE-2021-39675, is present in the mobile OS's System component, and can be abused to achieve remote escalation of privilege without the user needing to do anything at all, and "with no additional execution privileges needed," as Google puts it.

https://source.android.com/security/bulletin/2022-02-01

Change management: https://android.googlesource.com/platform/system/nfc/+/fef77a189022aa7ac53136e582a1444b1d2ef5f0%5E%21/#F0

Reference: https://www.theregister.com/2022/02/09/android_security_bulletin/

One-liner Bug Bounty Tactics.

https://github.com/dwisiswant0/awesome-oneliner-bugbounty

Data-Leak from United States 🇺🇸 as Federal Bureau of Investigation (FBI) revealed that the BlackByte ransomware group has breached the networks of at least three organizations from US critical infrastructure sectors in the last three months.

https://www.cisa.gov/critical-infrastructure-sectors

https://www.bleepingcomputer.com/news/security/fbi-blackbyte-ransomware-breached-us-critical-infrastructure/

#OSINT #Photo Всех с началом трудовой недели. Сегодня я поговорю с вами об источниках исследования фотографий в целях идентификации лиц и объектов на снимке, а также получения его метаданных и многом другом:

├Jeffrey's (Metadata Viewer)
├pic2map (Metadata Viewer)
├exiftool (Metadata Viewer)
├search4faces (Find Face)
├findclone (Find Face)
├yandex (Find Face)
├@findfacerobot (Find Face)
├@Quick_OSINT_bot (Find Face)
├@ssb_russian_probiv_bot (Find Face)
├eyeofgod (Find Face)
├azure (Find Face)
├betaface (Find Face)
├pictriev (Find Face)
├quiz (Find Face)
├allaboutbirds (Object Ident.)
├plantnet (Object Ident.)
├peakfinder (Object Ident.)
├forensics (Photo Forensic)
├sherloq (Photo Forensic)
├ballistics (Photo Forensic)
├descarteslabs (Factchecking)
├mapchecking (Factchecking)
├suncalc (Factchecking)
├fotorobot (Modelling)
├3Dface (Modelling)
├cameratrace (Camera Trace)
├stolencamerafinder (Camera Trace)
├depix (Photo Enhancer)
├upscaler (Photo Enhancer)
└myheritage (Photo Enhancer)

@tomhunter

🔧 Toolset for OSINT of photos / picture files.

A Modern Ninja: Evasive Trickbot Attacks Customers of 60 High-Profile Companies.

https://research.checkpoint.com/2022/a-modern-ninja-evasive-trickbot-attacks-customers-of-60-high-profile-companies/

Data-Leak: A new leak, 18,000 records of Swiss bank accounts holding more than $100 billion in assets are called #SuisseSecrets.

The leak will come from the investigative journalists consortium OCCRP.

Waiting for the next "PanamaPaper" v.2.0.

Researchers from China's 🇨🇳 Pangu Lab have disclosed details of a "top-tier" backdoor put to use by the Equation Group, an advanced persistent threat (APT) with alleged ties to the cyber-warfare intelligence-gathering unit of the U.S. National Security Agency (NSA).

https://www.pangulab.cn/en/post/the_bvp47_a_top-tier_backdoor_of_us_nsa_equation_group/

https://thehackernews.com/2022/02/chinese-experts-uncover-details-of.html

Cyber-War by Russia 🇷🇺: Samples of the destructive MBR wiper targeting Ukraine 🇺🇦

Samples: https://samples.vx-underground.org/APTs/2022/2022.02.23(2)/

CVE-2022-21971: Uninitialized pointer free in prauthproviders.

https://github.com/0vercl0k/CVE-2022-21971

Re-ReBreakCaptcha: Breaking Google’s ReCaptcha v2 using.. Google.. Again – East-Ee Security (By Yair Mizrahi).

https://east-ee.com/2022/02/28/1367/