خانم کیم زتر :
درباره خبر هلندیها امروز در مورد استاکسنت منتشر کردند، اینجا خبر اصلی سال ۲۰۱۹ که من با روزنامهنگار هلندی نوشتم راهنمایی میکنم که یک مامور هلندی استاکسنت را به تاسیسات در ایران معرفی کرده است. آن زمان ما هویت مامور را نمیدانستیم.
https://news.yahoo.com/revealed-how-a-secret-dutch-mole-aided-the-us-israeli-stuxnet-cyber-attack-on-iran-160026018.html?guccounter=1&guce_referrer=aHR0cHM6Ly90LmNvLw&guce_referrer_sig=AQAAAHsT8ARqlyra6mZk8pBxHtLzjNV3VmhgrBBxgA6jWF8h5m6n9DklIykIENvP0GySBuEhnTFKAyykhu5DctXyBlKzbAU4Gf8JPFFCQHmiPP4iRVktiRgnNTiWJQKjiTDEXEwOUsnAFfqG1Hovgz6juXrSbcWGH3kwuuQ6tUDGkprI
https://twitter.com/KimZetter/status/1744408361838530651?t=rB9zQiObslZVb0vQ01JtmQ&s=19
درباره خبر هلندیها امروز در مورد استاکسنت منتشر کردند، اینجا خبر اصلی سال ۲۰۱۹ که من با روزنامهنگار هلندی نوشتم راهنمایی میکنم که یک مامور هلندی استاکسنت را به تاسیسات در ایران معرفی کرده است. آن زمان ما هویت مامور را نمیدانستیم.
https://news.yahoo.com/revealed-how-a-secret-dutch-mole-aided-the-us-israeli-stuxnet-cyber-attack-on-iran-160026018.html?guccounter=1&guce_referrer=aHR0cHM6Ly90LmNvLw&guce_referrer_sig=AQAAAHsT8ARqlyra6mZk8pBxHtLzjNV3VmhgrBBxgA6jWF8h5m6n9DklIykIENvP0GySBuEhnTFKAyykhu5DctXyBlKzbAU4Gf8JPFFCQHmiPP4iRVktiRgnNTiWJQKjiTDEXEwOUsnAFfqG1Hovgz6juXrSbcWGH3kwuuQ6tUDGkprI
https://twitter.com/KimZetter/status/1744408361838530651?t=rB9zQiObslZVb0vQ01JtmQ&s=19
Yahoo News
Revealed: How a secret Dutch mole aided the U.S.-Israeli Stuxnet cyberattack on Iran
For years, an enduring mystery has surrounded the Stuxnet virus attack that targeted Iran’s nuclear program: How did the U.S. and Israel get their malware onto computer systems at the highly secured uranium-enrichment plant?
ردتیم وظیفه اش مشخص شبیه سازی حمله بر اساس پلتفورمها و APT گروههای منطبق
https://mitre-attack.github.io/attack-navigator/
اصل شبیه سازی تاکتیک تکنیک ها و انواع procedure های مرتبط به تکنیک هاست اگر ناقص انجام بشه نتیجه کار ناقصه یعنی هنوز گپ وجود داره
https://mitre-attack.github.io/attack-navigator/
اصل شبیه سازی تاکتیک تکنیک ها و انواع procedure های مرتبط به تکنیک هاست اگر ناقص انجام بشه نتیجه کار ناقصه یعنی هنوز گپ وجود داره
گزارش زیرساخت APT گروهها در 2023
https://www.recordedfuture.com/2023-adversary-infrastructure-report
https://www.recordedfuture.com/2023-adversary-infrastructure-report
آرشیو سمپل APT ها
https://vx-underground.org/APTs/Yearly%20Archives
https://vx-underground.org/APTs/Yearly%20Archives
Windows Kerberos Security Feature Bypass Vulnerability
CVE-2024-20674
The authentication feature could be bypassed as this vulnerability allows impersonation.
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-20674
https://nvd.nist.gov/vuln/detail/CVE-2024-20674
سیستم عامل های آسیب پذیر:
Windows Server 2012 R2 (Server Core installation)
Windows Server 2012 R2
Windows Server 2012 (Server Core installation)
Windows Server 2012
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)
Windows Server 2008 R2 for x64-based Systems Service Pack 1
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)
Windows Server 2008 for x64-based Systems Service Pack 2
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)
Windows Server 2008 for 32-bit Systems Service Pack 2
Windows Server 2016 (Server Core installation)
Windows Server 2016
Windows 10 Version 1607 for x64-based Systems
Windows 10 Version 1607 for 32-bit Systems
Windows 10 for x64-based Systems
Windows 10 for 32-bit Systems
Windows Server 2022, 23H2 Edition (Server Core installation)
Windows 11 Version 23H2 for x64-based Systems
Windows 11 Version 23H2 for ARM64-based Systems
Windows 10 Version 22H2 for 32-bit Systems
Windows 10 Version 22H2 for ARM64-based Systems
Windows 10 Version 22H2 for x64-based Systems
Windows 11 Version 22H2 for x64-based Systems
Windows 11 Version 22H2 for ARM64-based Systems
Windows 10 Version 21H2 for x64-based Systems
Windows 10 Version 21H2 for ARM64-based Systems
Windows 10 Version 21H2 for 32-bit Systems
Windows 11 version 21H2 for ARM64-based Systems
Windows 11 version 21H2 for x64-based Systems
Windows Server 2022 (Server Core installation)
Windows Server 2022
Windows Server 2019 (Server Core installation)
Windows Server 2019
Windows 10 Version 1809 for ARM64-based Systems
Windows 10 Version 1809 for x64-based Systems
Windows 10 Version 1809 for 32-bit Systems
CVE-2024-20674
The authentication feature could be bypassed as this vulnerability allows impersonation.
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-20674
https://nvd.nist.gov/vuln/detail/CVE-2024-20674
سیستم عامل های آسیب پذیر:
Windows Server 2012 R2 (Server Core installation)
Windows Server 2012 R2
Windows Server 2012 (Server Core installation)
Windows Server 2012
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)
Windows Server 2008 R2 for x64-based Systems Service Pack 1
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)
Windows Server 2008 for x64-based Systems Service Pack 2
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)
Windows Server 2008 for 32-bit Systems Service Pack 2
Windows Server 2016 (Server Core installation)
Windows Server 2016
Windows 10 Version 1607 for x64-based Systems
Windows 10 Version 1607 for 32-bit Systems
Windows 10 for x64-based Systems
Windows 10 for 32-bit Systems
Windows Server 2022, 23H2 Edition (Server Core installation)
Windows 11 Version 23H2 for x64-based Systems
Windows 11 Version 23H2 for ARM64-based Systems
Windows 10 Version 22H2 for 32-bit Systems
Windows 10 Version 22H2 for ARM64-based Systems
Windows 10 Version 22H2 for x64-based Systems
Windows 11 Version 22H2 for x64-based Systems
Windows 11 Version 22H2 for ARM64-based Systems
Windows 10 Version 21H2 for x64-based Systems
Windows 10 Version 21H2 for ARM64-based Systems
Windows 10 Version 21H2 for 32-bit Systems
Windows 11 version 21H2 for ARM64-based Systems
Windows 11 version 21H2 for x64-based Systems
Windows Server 2022 (Server Core installation)
Windows Server 2022
Windows Server 2019 (Server Core installation)
Windows Server 2019
Windows 10 Version 1809 for ARM64-based Systems
Windows 10 Version 1809 for x64-based Systems
Windows 10 Version 1809 for 32-bit Systems
GitLab users, beware! Security updates released to address critical vulnerabilities (CVE-2023-7028 and CVE-2023-5356).
One of these could allow account takeover without user interaction.
https://thehackernews.com/2024/01/urgent-gitlab-releases-patch-for.html?m=1
One of these could allow account takeover without user interaction.
https://thehackernews.com/2024/01/urgent-gitlab-releases-patch-for.html?m=1
Forwarded from Peneter Tools
https://www.mdsec.co.uk/2024/01/cve-2024-20656-local-privilege-escalation-in-vsstandardcollectorservice150-service/
poc:
https://github.com/Wh04m1001/CVE-2024-20656
poc:
https://github.com/Wh04m1001/CVE-2024-20656
MDSec
CVE-2024-20656 - Local Privilege Escalation in the VSStandardCollectorService150 Service - MDSec
Overview Visual Studio is a complex and powerful IDE developed by Microsoft and comes with a lot of features that can be interesting from a red team perspective. During this...
Juniper warns of critical RCE bug in its firewalls and switches
https://www.bleepingcomputer.com/news/security/juniper-warns-of-critical-rce-bug-in-its-firewalls-and-switches/
https://www.bleepingcomputer.com/news/security/juniper-warns-of-critical-rce-bug-in-its-firewalls-and-switches/
Gitlab account takeover
https://news.1rj.ru/str/learnpentest/766
https://news.1rj.ru/str/learnpentest/766
Telegram
SoheilSec
GitLab users, beware! Security updates released to address critical vulnerabilities (CVE-2023-7028 and CVE-2023-5356).
One of these could allow account takeover without user interaction.
https://thehackernews.com/2024/01/urgent-gitlab-releases-patch-for.html?m=1
One of these could allow account takeover without user interaction.
https://thehackernews.com/2024/01/urgent-gitlab-releases-patch-for.html?m=1