■■□□□ Cyber-Attack: Non-state actors from Bangladesh and Sudan are launching attacks against Israel and its allies (incl. UAE).

They were able to take-down at least two government websites this weekend.

● mod.gov.ae (https://check-host.net/check-report/ff922fakef)

● moei.gov.ae (https://check-host.net/check-report/ff93a14k6d3)

■■■■□ Israel government torpedoed Morocco spyware deal - and caused NSO's competitor QuaDream to shut down.

https://www.haaretz.com/israel-news/security-aviation/2023-05-22/ty-article/.premium/israel-torpedoed-morocco-spyware-deal-and-nso-competitor-quadream-shut-down/00000188-425a-d805-a7c9-dbdbd7f50000

■□□□□ That actor shifts attention out of UAE for a while back to Israel.

The Cyber Attacks so far have not garnered anything significant other than service outage for a while.

■■■■□ Windows: From DA to EA with ESC5.

https://posts.specterops.io/from-da-to-ea-with-esc5-f9f045aa105c

■■■□□ CVE 2023 25690 Proof of concept - mod_proxy vulnerable configuration on Apache HTTP Server versions 2.4.0 - 2.4.55 leads to HTTP Request Smuggling vulnerability.

https://github.com/dhmosfunk/CVE-2023-25690-POC

■■□□□ Exploiting Windows on ARM RDP Client (CVE-2023-24905).

https://cyolo.io/blog/dll-hijacking-strikes-back-exploiting-windows-on-arm-rdp-client-cve-2023-24905/

■□□□□ Indian local news site taken down by Indonesian hackers. The attack is part on ongoing cyber activity against anti-muslim state.

https://swarajtv24.com/

Information shared via Telegram channel of 'Hacktivist Indonesia'

CVE-2022-3723 Exploit PoC: Type confusion in V8 in Google Chrome prior to 107.0.5304.87 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

● @ckure has not verified the authenticity of the exploit.

■■■□□ GitLab asks users to update critical flaw.

https://www.bleepingcomputer.com/news/security/gitlab-strongly-recommends-patching-max-severity-flaw-asap/

■■■■■ CVE-2023-28771

https://attackerkb.com/topics/N3i8dxpFKS/cve-2023-28771/rapid7-analysis

■■□□□ Massive Cyber Attack on UAE Banking Sector: Mysterious Team Bangladesh Claims to Hit First Abu Dhabi Bank.

Attack type: Distributed Denial of Service

https://thecyberexpress.com/cyber-attack-on-uae-banking-sector-adcb-nbf/amp/

■■□□□ UAE (opUAE update): ENOC services down as Sudan based hackers target the country.

Redeeming points via Yes app (owned by ENOC) disabled amid attacks.

■■□□□ Impacket Cheatsheet For Penetration Testers
Attribution link.
https://latesthackingnews.com/2023/05/22/impacket-cheatsheet-for-penetration-testers/

https://latesthackingnews.com/2023/05/22/impacket-cheatsheet-for-penetration-testers/

⚠️ ‘Despicable’ iPhone Hacks In Armenia Find NSO Spyware ‘In Active Warzone’.

For the first time, the Israeli company’s spyware has been used in a conflict zone, according to researchers.

In mid-2021, Apple sent a warning to Anna Naghdalyan, then a spokesperson for Armenia’s foreign affairs agency, that her iPhone had possibly been hacked by a foreign government.

https://www.forbes.com/sites/thomasbrewster/2023/05/25/iphone-hacks-in-armenia-show-nso-spyware-in-warzone/?sh=4b76625f1a56

■■□□□ Cybercrime: Zyxel Firewalls Hacked by Mirai Botnet.

https://www.securityweek.com/zyxel-firewalls-hacked-by-mirai-botnet-via-recently-patched-vulnerability/

■■■■□ AI enabled bug bounty.

How ChatGPT helped me find a bug?

https://abhishekgk.medium.com/how-chatgpt-helped-me-find-a-bug-b5a3795c722

■■■□□ Data-Leak from Indonesia as newtons police records hit darknet's 🌑 exposed forums.

● ckure has not verified the data and this post is based on speculation.

■□□□□ Data-Leak from Japan 🗾 as https://www.mlit.go.jp/en/ data alleged is posted online.

As per attacker, records contain employee names and emails in csv format.

The actor has credentials for the administrative panel on the site.

● Never underestimate the power of weak credentials.

● After quite some time @ckure has integrated its alerting systems with https://exposed.vc for news and updates.