There's some noise in the infosec vulnerability and blue team space about an alleged 9.9 CVE score impacting all GNU/Linux systems.

Due to lack of details, some users have expressed criticism on the severity of the exploit — with the infamous Heartbleed being a 7.5 CVE. Some expressed concern that the exploit is overhyped, or acting as marketing material for the researcher.

Others have noted that they believe the exploit is real and possess a genuine score of 9.9 but question the impact of effecting all GNU/Linux systems.

From what we've seen, nobody knows anything and everyone is just yappin. We'll see what happens when the details are released.

When we said users, we meant nerds on social media. Currently posting from the restroom at Apple Bees.

Today in internet stuff

- Sanctions against more TAs
- KIAs can get hacked somehow
- Linux RCE discussions everywhere
- More botnet tracking from people

We didn't read any of it

Summary of the Linux RCE 9.9 CVE

The vulnerability write up and disclosure is confusing. Initially the write up was scheduled for release in October. However, the write up and proof-of-concept was leaked onto Breached (???) which then resulted in the researcher / author to do an official write up (maybe?).

- Self described as 9.9, not officially declared 9.9
- Attacks CUPS

We haven't looked at it because we don't do exploit stuff and also Linux is for nerds

Edit: we're being told EvilSocket didn't define the vulnerability as a 9.9, someone else did (RedHat) and they went with it. No idea if that's true, we don't know whats real anymore because everyone is yappin.

We're going back to bed

ye I use Linux

Hello,

We're aware of a long standing issue where trying to extract vx-underground files with the default MacOS tooling fails.

We don't remember why, but it does.

Our proposed solution is introducing your device to thermite, or trying to a different tool.

Thanks,

Trying to use a different tool**.

Apologies — currently posting from Walgreens restroom.

This is misinformation.

This is actually Kitten Tempest. A financially motivated Threat Actor being monitored by Microsoft Threat Intelligence.

🚨BREAKING 🚨

Kitten Tempest has been observed enhancing it's TTPs.

> see cups vulnerability trending on xitter
> *click*
> nothing but arguing and name calling
> *scroll*
> printers not working on linux memes
> *scroll*

Anyway, we've got a large update coming soon. It's gonna be another big one, so hold onto your horses, or whatever they say.

Hacking is boring.

Wanna know what's fun? Browsing MSDN documentation at 2 o'clock in the morning, looking for APIs to potentially abuse in malware. It'll also probably never go in the wild and it'll go unappreciated for several months or even years.

That's where the fun is

x2 fun multiplied!

Bonus points is when someone heavily borrows from your code, or copy pastas, but markets it heavily on LinkedIn and gets nominated for an award and wins it.

It's about doing it for the love of the game — not the money, fame, and anime.

relaxing with some games on the new setup

A few years ago there was a person who got a scholarship for their contributions to open source software.

This person spent a majority of their time changing indentations and correcting typos. The university never reviewed the contributions.

We still think about it sometimes.

Our upcoming update to vx-underground is so large it may require a text file upload on Telegram, and an article written on Xitter.

Just writing all the additions will take time 😭😭😭

Thank you to everyone for the love and support on Telegram.

We've broken 40,000 subscribers. That's a lot.

We look forward to continually serving you with malware source code, samples, papers, news, and shitposts.

Love you

Update time.

It's so large I've gotta put it in a text file for Telegram

Hi,

If you like what we do (the free malware papers, samples, whatever) please consider being a monthly donor. Or do a 1 time donation. Or buy a shirt or something and scare your family.

Thanks,