PwnKit: Local Privilege Escalation Vulnerability Discovered in polkit’s pkexec (CVE-2021-4034)

Memory corruption vulnerability in polkit’s pkexec, a SUID-root program that is installed by default on every major Linux distribution. This easily exploited vulnerability allows any unprivileged user to gain full root privileges on a vulnerable host by exploiting this vulnerability in its default configuration.

PoC

https://blog.qualys.com/vulnerabilities-threat-research/2022/01/25/pwnkit-local-privilege-escalation-vulnerability-discovered-in-polkits-pkexec-cve-2021-4034

Ransoms Demanded for Hijacked Instagram Accounts

An extensive phishing campaign has targeted corporate Instagram accounts since approximately August 2021. The threat actors demand ransoms from the victims to restore access..

How it works:

https://www.secureworks.com/blog/ransoms-demanded-for-hijacked-instagram-accounts

Hacking the Apple Webcam (again)

https://www.ryanpickren.com/safari-uxss

TrickBot Bolsters Layered Defenses to Prevent Injection Research

PoC

https://securityintelligence.com/posts/trickbot-bolsters-layered-defenses-prevent-injection/

Apple released Safari patch:
https://support.apple.com/en-us/HT213058

CVE-2022-0185 – What does the newest kernel exploit mean for Kubernetes users and how to detect it?

https://www.armosec.io/blog/cve-2022-0185-kubernetes-users/

Exploit

This repo contains demo exploits for CVE-2022-0185

https://github.com/Crusaders-of-Rust/CVE-2022-0185

SonicWall SMA-100 Unauth RCE Exploit (CVE-2021-20038)

https://github.com/jbaines-r7/badblood

Active Directory Certificate Services (AD CS): weaponizing the ESC7 attack

New vectors in different engagements throughout the last months, mainly to escalate and keep the acquired privileges. In this context, the techniques labeled as ESC1 and ESC8 were the most used, being the attacks most well documented on the internet due to their effectiveness.

https://www.blackarrow.net/adcs-weaponizing-esc7-attack/

News: Анонс нового анонса сервиса Sys-Admin BLD

Yo! Всем приветы! Ближайший месяц планирую сделать апдейт Сервиса Sys-Admin BLD

Напомню, что с недавних пор к набору сервисов BLD “Black-Box”, BLD “Open” прибавился BLD+

В рамках проекта BLD+ планирую сделать апдейт BLD с добавлением новых фич.функциональности итак текущий BLD из себя представляет:
- Main если хотите Core - стек всего BLD и несет в себе прежде всего блокировку малвари, рамсовари, фишинга и рекламы
- Добавится Main+Children/Family - Удобно будет блокировать всякую шляпу у детей, типа сайтов порно и игр типа ROBLOX
- Добавится Main+Office - Удобно для корпоратов и офисов, здесь будет блокировка всяких сайтов типа - знакомств
- Добавится Main+Children+Office -  Включает все из вышеприведенного, полезно может быть для учебных учреждений

Как это будет рбаотать, на сайт добавится специальный конструктор, где пользователь сам себе выберет или создаст нужный DoH профиль, который будет иметь примерный вид:
- https://bld.sys-adm.in/children
или
- https://bld.sys-adm.in/all

Скопирует, вставит в браузер или роутер. Done!

P.S. О самом проекте можно прочитать и подключить здесь - https://lab.sys-adm.in/

NEW THREAT CAMPAIGN IDENTIFIED: ASYNCRAT INTRODUCES A NEW DELIVERY TECHNIQUE

Through a simple email phishing tactic with an html attachment, threat attackers are delivering AsyncRAT (a remote access trojan) designed to remotely monitor and control its infected computers through a secure, encrypted connection:

https://blog.morphisec.com/asyncrat-new-delivery-technique-new-threat-campaign

Linux kernel: use-after-free of user namespace on shm and mqueue destruction

Exploiting this issue for privilege escalation requires the availability
of unprivileged user namespaces.

https://www.openwall.com/lists/oss-security/2022/01/29/1

/ North Korea’s Lazarus APT leverages Windows Update client, GitHub in latest campaign

https://blog.malwarebytes.com/threat-intelligence/2022/01/north-koreas-lazarus-apt-leverages-windows-update-client-github-in-latest-campaign/

/ Abusing Microsoft Office Using Malicious Web Archive Files

https://www.netskope.com/blog/abusing-microsoft-office-using-malicious-web-archive-files

/ Critical Vulnerability Fixed In Essential Addons for Elementor Plugin (WordPress)

https://patchstack.com/articles/critical-vulnerability-fixed-in-essential-addons-for-elementor-plugin/

/ In January 2021, PwC observed a phishing page that prompted an investigation into a new threat actor we now call ‘White Tur’

https://www.pwc.com/gx/en/issues/cybersecurity/cyber-threat-intelligence/threat-actor-of-in-tur-est.html

/ BotenaGo strikes again - malware source code uploaded to GitHub

https://cybersecurity.att.com/blogs/labs-research/botenago-strike-again-malware-source-code-uploaded-to-github

/ An In-Depth Look At The 23 High-Impact Vulnerabilities

..
Today, we are announcing the discovery of 23 high-impact vulnerabilities in one of the major Independent BIOS Developers (IBV) software:

https://www.binarly.io/posts/An_In_Depth_Look_at_the_23_High_Impact_Vulnerabilities/index.html

/ StrifeWater RAT: Iranian APT Moses Staff Adds New Trojan to Ransomware Operations

https://www.cybereason.com/blog/strifewater-rat-iranian-apt-moses-staff-adds-new-trojan-to-ransomware-operations

Ядовитый CSV

https://www.bleepingcomputer.com/news/security/malicious-csv-text-files-used-to-install-bazarbackdoor-malware/

/ New PowerShell Backdoor for Espionage

https://www.cybereason.com/blog/powerless-trojan-iranian-apt-phosphorus-adds-new-powershell-backdoor-for-espionage

/ Critical Vulnerabilities in Trend Micro Deep Security Agent for Linux

https://www.modzero.com/advisories/MZ-21-02-Trendmicro.txt

/ Local privilege escalation vulnerability fixed in ESET products for Windows

https://support.eset.com/en/ca8223-local-privilege-escalation-vulnerability-fixed-in-eset-products-for-windows

City of Dallas - Data Loss Report

https://dallascityhall.com/departments/ciservices/Pages/Report-on-Data-Loss.aspx

I love such reports, if you have links of data losses / breaches, will send links to me please)

P.S. Thx for the link dear subscriber ✌️