Apple released multiple security patches for they products

https://support.apple.com/en-us/HT201222

Note: today doh.sys-adm.in will be changed to bld.sys-adm.in (IP 109.234.39.72)

up: Done! ✅

/ Kali Linux 2022.2 Release

This release has various impressive updates:

https://www.kali.org/blog/kali-linux-2022-2-release/

/ Exploiting a Use-After-Free for code execution in every version of Python 3

PoC:

https://pwn.win/2022/05/11/python-buffered-reader.html

/ Windows 11 KB5013943 is crashing PCs with BSOD, antivirus firm Sophos warns

https://www.windowslatest.com/2022/05/15/windows-11-kb5013943-is-crashing-devices-with-bsod-antivirus-firm-sophos-warns/

/ Vulnerability Spotlight: Multiple memory corruption vulnerabilities in NVIDIA GPU driver

https://blog.talosintelligence.com/2022/05/vuln-spotlight-nvidia-driver-memory.html

/ Interactive Phishing: Using Chatbot-like Web Applications to Harvest Information

https://www.trustwave.com/media/18693/capture3.png

/ Rise in XorDdos: A deeper look at the stealthy DDoS malware targeting Linux devices

https://www.microsoft.com/security/blog/2022/05/19/rise-in-xorddos-a-deeper-look-at-the-stealthy-ddos-malware-targeting-linux-devices/

/ CVE-2022-1729: race condition in Linux perf subsystem leads to local privilege escalation

https://www.openwall.com/lists/oss-security/2022/05/20/2

/ Cisco IOS XR Software Health Check Open Port Vulnerability

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxr-redis-ABJyE5xK#fs

/ Note: BLD DNS server 135.125.204.230 set to maintenance mode up to ~10 minutes

up: done ✅

/ Azure DNS Private Resolver

Is a new service that enables customers to query Azure DNS private zones from an on-premises environment and vice versa without deploying VM-based DNS servers. This new service is fully-managed in Azure and in public preview:

https://www.infoq.com/news/2022/05/azure-dns-private-resolver/

/ Malware Campaign Targets InfoSec Community: Threat Actor Uses Fake Proof Of Concept To Deliver Cobalt-Strike Beacon

It is a something new :

https://blog.cyble.com/2022/05/20/malware-campaign-targets-infosec-community-threat-actor-uses-fake-proof-of-concept-to-deliver-cobalt-strike-beacon/

/ New Research Paper: Pre-hijacking Attacks on Web User Accounts

https://msrc-blog.microsoft.com/2022/05/23/pre-hijacking-attacks/

/ New Linux-Based Ransomware Cheerscrypt Targets ESXi Devices

Cheerscrypt, a new ransomware family, that has been targeting a customer’s ESXi server used to manage VMware files.

In the past, ESXi servers were also attacked by other known ransomware families such as LockBit, Hive, and RansomEXX as an efficient way to infect many computers with ransomware

- Link to PoC article

Ads by Microsoft on DuckDuckGo Private Search

https://help.duckduckgo.com/duckduckgo-help-pages/company/ads-by-microsoft-on-duckduckgo-private-search/

/ Serious security vulnerability in Tails 5.0

https://tails.boum.org/security/prototype_pollution/index.en.html

Сегодня. Продолжение. Астана. BurgerShop, в 18:00.

1. SCAM STORIES 🌀 Morty
2. Трюки обхода AV-движков в разработке малварей. Примеры шифрования шеллкода 🌀 catv
3. 2G GSM, 4G LTE, 5G NR 🌀 novitoll
4. Attacking software developers 🌀 Thatskriptkid

Бесплатно, без записи, без стрима.

P.S. Парням докладчикам - удачи ✊ Присутствущим понимания, терпения, внимания. 😉

/ Zero to hero: save your org from cyber-attack with a zero trust model

simple conceptual

https://specopssoft.com/blog/zero-trust-model-save-your-org-from-cyber-attack/

/ POC for CVE-2022-22972 affecting VMware Workspace ONE, vIDM, and vRealize Automation 7.6.

https://github.com/horizon3ai/CVE-2022-22972

/ High-severity vulnerabilities in a mobile framework owned by mce Systems

mce Systems used by multiple large mobile service providers in pre-installed Android System apps that potentially exposed users to remote (albeit complex) or local attacks..:

http://www.microsoft.com/security/blog/2022/05/27/android-apps-with-millions-of-downloads-exposed-to-high-severity-vulnerabilities/