{"vulnerability": "CVE-2017-0199", "sightings": [{"uuid": "a112d36b-d3c3-401f-a74e-965711e8372d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2017-0199", "type": "seen", "source": "MISP/590973fc-fde0-4011-ae32-1fe2bce2ab96", "content": "", "creation_timestamp": "2017-06-09T08:50:53.000000Z"}, {"uuid": "9453160d-b58e-4ce9-8fb4-c2f980b68c1b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2017-0199", "type": "seen", "source": "MISP/59380d29-0bc0-472f-9019-64c8ac12042b", "content": "", "creation_timestamp": "2017-06-07T15:36:16.000000Z"}, {"uuid": "f44a1329-8e31-4855-a82a-7f53e9c5fe1a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2017-0199", "type": "seen", "source": "MISP/595a1543-e8fc-40d1-a1be-4bc6ac12042b", "content": "", "creation_timestamp": "2017-07-03T10:16:30.000000Z"}, {"uuid": "3c4ec112-65c4-4b3e-85de-8a1b01ad7df4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2017-0199", "type": "seen", "source": "MISP/5970b085-61c4-42da-a7c8-45f0ac12042b", "content": "", "creation_timestamp": "2017-07-21T07:37:15.000000Z"}, {"uuid": "df167b7f-ecf3-4d05-a89b-540f12f1390b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2017-0199", "type": "seen", "source": "MISP/59a6a303-f490-41d7-a593-2f3bac12042b", "content": "", "creation_timestamp": "2017-08-30T12:30:13.000000Z"}, {"uuid": "2cf4410f-8d58-43ba-a752-dec35e5d813f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2017-0199", "type": "seen", "source": "MISP/5ace0cf8-de70-4e7b-85bf-7a34ac12042b", "content": "", "creation_timestamp": "2018-04-11T13:44:34.000000Z"}, {"uuid": "fffc1252-9421-4294-8a8d-385e063deef2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2017-0199", "type": "seen", "source": "MISP/58ed2c42-04f0-44b7-baa4-9f1f02de0b81", "content": "", "creation_timestamp": "2017-04-11T19:29:18.000000Z"}, {"uuid": "6da2473f-1b09-4de4-8c53-f3fc7dd43bb6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2017-0199", "type": "seen", "source": "MISP/58ef76f2-fcc4-450f-9e5e-339995ca48b7", "content": "", "creation_timestamp": "2017-04-13T13:18:34.000000Z"}, {"uuid": "611f2500-6659-488c-8d24-c4ad47d1f088", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2017-0199", "type": "seen", "source": "MISP/58ef7b1d-b30c-4d1c-a4e8-0d8695ca48b7", "content": "", "creation_timestamp": "2017-04-13T13:20:34.000000Z"}, {"uuid": "c39458f7-fc63-4e7c-ac33-9f4af519e60e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2017-0199", "type": "seen", "source": "MISP/58ef7b0a-f484-4981-ac16-334295ca48b7", "content": "", "creation_timestamp": "2017-04-13T13:20:14.000000Z"}, {"uuid": "5c9252e9-af93-4779-84dc-600b417a3448", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2017-0199", "type": "seen", "source": "MISP/58ef7b39-4ec4-402c-8eeb-612295ca48b7", "content": "", "creation_timestamp": "2017-04-13T13:21:08.000000Z"}, {"uuid": "db0e7322-c054-41c7-b127-fff29d517ba0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2017-0199", "type": "seen", "source": "MISP/592e5f00-de4c-4ded-b492-5136bce2ab96", "content": "", "creation_timestamp": "2017-05-31T06:14:53.000000Z"}, {"uuid": "f91dc3cd-8d83-40da-bff9-c3f35f43724d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2017-0199", "type": "seen", "source": "MISP/59496390-0cf4-4bf9-a93a-e1c402de0b81", "content": "", "creation_timestamp": "2017-06-20T18:05:09.000000Z"}, {"uuid": "ea10d1eb-f833-4e47-b89c-2b14781c5867", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2017-0199", "type": "seen", "source": "MISP/595270cf-76fc-4651-a51f-24b8d5d09a03", "content": "", "creation_timestamp": "2017-06-27T14:56:17.000000Z"}, {"uuid": "a533519c-d986-40e2-8aa9-284c11714cd7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2017-0199", "type": "seen", "source": "MISP/5c5a3840-8034-4084-83cc-1a000a021402", "content": "", "creation_timestamp": "2019-02-06T01:32:38.000000Z"}, {"uuid": "0815d274-7e1a-44f7-994c-1461935ca9a9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2017-0199", "type": "seen", "source": "MISP/5c4b49ca-8a70-4b9b-838c-630b0a021402", "content": "", "creation_timestamp": "2019-01-25T17:43:03.000000Z"}, {"uuid": "b17e80c7-f746-4dd2-8e27-4511ebbe0a83", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2017-0199", "type": "seen", "source": "MISP/59d68cfe-723c-4b5e-b737-fbfd02de0b81", "content": "", "creation_timestamp": "2017-10-05T19:59:52.000000Z"}, {"uuid": "85957c9b-a74e-43a5-b399-a06652553f69", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2017-0199", "type": "seen", "source": "MISP/5aa29460-e1c4-4662-bfe3-1d939f590eb0", "content": "", "creation_timestamp": "2018-03-09T14:15:12.000000Z"}, {"uuid": "3199c4ec-f0d6-4992-ad09-7c378c98ab37", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2017-0199", "type": "seen", "source": "MISP/5aa98d8a-3cac-42f0-b224-45d09f590eb0", "content": "", "creation_timestamp": "2018-03-14T21:04:26.000000Z"}, {"uuid": "07b59954-5b65-45ee-9734-5f93c542b259", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2017-0199", "type": "seen", "source": "https://infosec.exchange/users/screaminggoat/statuses/113447803211968237", "content": "", "creation_timestamp": "2024-11-08T14:28:19.374516Z"}, {"uuid": "a90fff14-f067-4cab-a14f-8c2500b24d26", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2017-0199", "type": "seen", "source": "MISP/5aafa3d9-cf3c-49fe-9c4e-2e52ac100a5a", "content": "", "creation_timestamp": "2018-03-20T06:51:02.000000Z"}, {"uuid": "11ef94b8-a83f-432e-b1e1-e14ea845bf39", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2017-0199", "type": "seen", "source": "MISP/5aba062a-8118-4885-afe0-469402de0b81", "content": "", "creation_timestamp": "2018-03-27T09:03:25.000000Z"}, {"uuid": "186040d5-40fe-43d3-b2a3-53ac2aa1d7ee", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2017-0199", "type": "seen", "source": "MISP/5bc5fbce-03d0-49d2-8123-66110a021402", "content": "", "creation_timestamp": "2018-10-16T15:09:42.000000Z"}, {"uuid": "e842e9a4-d974-4e40-ad18-68f463711588", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2017-0199", "type": "seen", "source": "MISP/5b0e8584-be08-4d00-b069-159195ca48b7", "content": "", "creation_timestamp": "2018-05-30T11:13:18.000000Z"}, {"uuid": "0c23249b-cf4d-4826-a7bb-59022f7cb99e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2017-0199", "type": "seen", "source": "MISP/5c4acb8c-9bc4-45ea-83be-6a65ac12042b", "content": "", "creation_timestamp": "2019-01-30T11:07:50.000000Z"}, {"uuid": "15ae4c98-352d-40fe-a3e6-c14600424d3f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2017-0199", "type": "seen", "source": "MISP/5b61a496-b034-4321-9406-e0330acd0835", "content": "", "creation_timestamp": "2018-08-01T12:22:29.000000Z"}, {"uuid": "cff9cf61-cc82-4dae-a353-e322dc54bd24", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2017-0199", "type": "seen", "source": "MISP/5b6c4d84-7e08-4cb5-a654-244a0a950b0c", "content": "", "creation_timestamp": "2018-08-14T15:11:05.000000Z"}, {"uuid": "28ae9972-cb95-41a0-9f99-d4ed6d22db7f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2017-0199", "type": "seen", "source": "MISP/5b7bd11a-4300-4fff-8847-4ef6950d210f", "content": "", "creation_timestamp": "2018-08-21T09:36:54.000000Z"}, {"uuid": "5bd24e13-8f12-42a3-b445-970a4d8e2d19", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2017-0199", "type": "seen", "source": "MISP/5afbda67-9d80-4bcf-ae91-33feac100a5a", "content": "", "creation_timestamp": "2018-05-16T07:15:47.000000Z"}, {"uuid": "1f4080d5-ae36-4567-95a2-c431ad32aca9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2017-0199", "type": "seen", "source": "MISP/5b6c27c8-a044-4aa6-81c1-085fac12042b", "content": "", "creation_timestamp": "2018-08-09T11:48:57.000000Z"}, {"uuid": "d3bac0b2-ffc6-4d19-a805-9ab2263596b5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2017-0199", "type": "seen", "source": "MISP/5c543c87-503c-4622-a292-0aa6ac12042b", "content": "", "creation_timestamp": "2019-02-01T12:53:41.000000Z"}, {"uuid": "c798f621-44f5-4b0b-aff3-29712c8bfed7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2017-0199", "type": "seen", "source": "MISP/5d77e80b-1c90-4b74-9945-4753950d210f", "content": "", "creation_timestamp": "2019-09-10T18:17:11.000000Z"}, {"uuid": "ab1311c7-67dc-4df1-bb3b-072b25140d43", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2017-0199", "type": "seen", "source": "MISP/5e2181f9-b5a8-40e2-9b9b-64c70a3b4631", "content": "", "creation_timestamp": "2020-01-17T09:47:07.000000Z"}, {"uuid": "65307d44-274a-4182-84b0-46d381c94a8d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2017-0199", "type": "seen", "source": "MISP/a491671f-55fb-4909-8604-7f7d0b8ff92d", "content": "", "creation_timestamp": "2020-08-19T08:32:12.000000Z"}, {"uuid": "4b991b15-a744-4089-aeaf-1b097000c12d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2017-0199", "type": "seen", "source": "MISP/36b8470b-ace9-416e-9994-ca272e4e6f1e", "content": "", "creation_timestamp": "2020-11-06T15:42:22.000000Z"}, {"uuid": "84c18a82-bae0-4ac5-bd52-313d043f436d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2017-0199", "type": "seen", "source": "MISP/5e0f3a94-d4a8-4159-b7a2-1c7e0a3b4631", "content": "", "creation_timestamp": "2020-01-03T13:07:31.000000Z"}, {"uuid": "b5578f42-193d-4809-b5cc-338100a1c8cc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2017-0199", "type": "seen", "source": "MISP/8c44b315-a146-4e13-baac-996ba98bbf40", "content": "", "creation_timestamp": "2021-02-15T21:21:45.000000Z"}, {"uuid": "b1663e13-a815-4d4e-835b-f4b24b6f0823", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2017-0199", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2021-11-20T09:53:52.000000Z"}, {"uuid": "748d8789-da48-44cd-8062-896a80061370", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2017-0199", "type": "seen", "source": "MISP/aaef44e8-30e4-4ef5-abab-fecb28a147c1", "content": "", "creation_timestamp": "2020-10-09T16:41:28.000000Z"}, {"uuid": "d0da786e-ef49-4d2e-ace3-3e69f8140484", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2017-0199", "type": "seen", "source": "MISP/885b4fef-3960-4a59-9f38-8c08366f6ae1", "content": "", "creation_timestamp": "2020-10-09T14:12:42.000000Z"}, {"uuid": "9fc4cc14-6e31-47cb-a5ee-25c79d078f5f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2017-0199", "type": "seen", "source": "MISP/dafdcebe-cdf8-42a7-a2e9-9405f936abb1", "content": "", "creation_timestamp": "2020-10-09T13:25:39.000000Z"}, {"uuid": "03efe273-ea2b-4b91-818e-c918abfc910a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2017-0199", "type": "seen", "source": "MISP/f5030aca-7d5a-43a4-ae03-8f4ac8e85422", "content": "", "creation_timestamp": "2021-11-08T08:58:19.000000Z"}, {"uuid": "193c7ad2-f7ae-4636-ae99-8d970926c88d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2017-0199", "type": "seen", "source": "MISP/f60cd330-b6cc-422a-919b-3c5b6ab7e55c", "content": "", "creation_timestamp": "2020-10-09T13:50:34.000000Z"}, {"uuid": "606e3ecb-3832-4a10-ab4c-eb0408233044", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2017-0199", "type": "seen", "source": "MISP/08e861ce-ced5-4ea9-8cbc-af8028d5177e", "content": "", "creation_timestamp": "2020-10-09T14:19:10.000000Z"}, {"uuid": "b354d382-a804-43dd-be50-c31479d96278", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2017-0199", "type": "seen", "source": "MISP/0b0f374b-39b1-4229-891b-2defd31fe736", "content": "", "creation_timestamp": "2020-10-09T15:53:01.000000Z"}, {"uuid": "289b9cf7-4bdc-4d6e-9167-17829e3b6aa2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2017-0199", "type": "seen", "source": "MISP/96e562e3-3d31-4ace-8dcc-593280420a99", "content": "", "creation_timestamp": "2020-10-09T15:23:34.000000Z"}, {"uuid": "e5bdf0e0-b7b7-4992-8b42-5ed94e45589e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2017-0199", "type": "seen", "source": "MISP/03b0cb58-41dc-4c53-9ae1-ea9291a3d4c7", "content": "", "creation_timestamp": "2020-10-09T17:07:09.000000Z"}, {"uuid": "90c98051-1d7a-496f-9d11-8e1c8f3b37ec", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2017-0199", "type": "seen", "source": "MISP/0cbad1e3-4b6d-413f-a234-8939127e7112", "content": "", "creation_timestamp": "2020-10-09T13:51:49.000000Z"}, {"uuid": "b227dcc9-b660-4378-92d6-6bfa03c75fe5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2017-0199", "type": "seen", "source": "MISP/7019f4eb-ac5b-491e-b14a-4b322c7c6cb0", "content": "", "creation_timestamp": "2020-10-09T17:12:23.000000Z"}, {"uuid": "98f53bd5-b714-4642-b3f3-8315d85a1327", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2017-0199", "type": "seen", "source": "MISP/db68256f-ce41-4497-86a1-c209f9a5035a", "content": "", "creation_timestamp": "2020-10-09T15:48:05.000000Z"}, {"uuid": "c09bc956-bc12-4ec3-8221-96cde45bb058", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2017-0199", "type": "seen", "source": "MISP/041ef968-10e6-42e4-90d0-979e27a602c2", "content": "", "creation_timestamp": "2020-10-09T15:21:09.000000Z"}, {"uuid": "afc7bd80-7506-4fdf-b872-7784630aa126", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2017-0199", "type": "seen", "source": "MISP/7be1b70f-0f74-4e54-9a75-441653b92cab", "content": "", "creation_timestamp": "2020-10-09T16:16:48.000000Z"}, {"uuid": "6332bf29-dfce-49fb-9460-d72bf17c3bef", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2017-0199", "type": "seen", "source": "MISP/b1c3e469-ece9-4bbb-8975-676e0fc60552", "content": "", "creation_timestamp": "2020-10-09T16:14:54.000000Z"}, {"uuid": "4a714cd1-9205-4c15-98fd-1a584a5abeb7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2017-0199", "type": "seen", "source": "MISP/ea635c19-8b53-4526-bba7-0ae0e8530ac9", "content": "", "creation_timestamp": "2020-10-09T15:56:05.000000Z"}, {"uuid": "f4c2377f-1028-448b-bf42-f6cc5181c7c5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2017-0199", "type": "seen", "source": "MISP/f1b31e3b-033e-4e0f-91b1-ac34f900a53f", "content": "", "creation_timestamp": "2020-10-09T14:10:16.000000Z"}, {"uuid": "6cd595e2-17f5-4dc0-a1af-6bce1d896d81", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2017-0199", "type": "seen", "source": "MISP/21b8cf94-f9f1-467a-9b17-5328dd7dcdf3", "content": "", "creation_timestamp": "2020-10-09T16:35:58.000000Z"}, {"uuid": "081753ec-b733-4a32-ba83-70e3456e5d3a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2017-0199", "type": "seen", "source": "MISP/88b33d4a-94d0-487b-9760-1070a6ce091d", "content": "", "creation_timestamp": "2020-10-09T15:22:03.000000Z"}, {"uuid": "79570b0b-9a93-49da-8e3b-eb94d08d33a1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2017-0199", "type": "seen", "source": "MISP/73a746cd-9f07-49e6-842e-82fc9ea4625f", "content": "", "creation_timestamp": "2020-10-09T16:38:05.000000Z"}, {"uuid": "88bb7bdf-bd88-45a3-be26-bfdb56dc5978", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2017-0199", "type": "seen", "source": "MISP/99b48bc1-2bed-47b9-97a7-bf720e31f91d", "content": "", "creation_timestamp": "2020-10-09T14:09:49.000000Z"}, {"uuid": "65dbe09e-b902-49e1-99e4-8b04a0072647", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2017-0199", "type": "seen", "source": "MISP/bbcfe22e-7729-4a90-a0b6-10323fcaf75a", "content": "", "creation_timestamp": "2020-10-09T15:59:10.000000Z"}, {"uuid": "f3794e7a-7521-4a4b-b83f-442e47243460", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2017-0199", "type": "seen", "source": "MISP/7eea93d6-d22a-47bc-b549-07662fe7a68d", "content": "", "creation_timestamp": "2020-10-09T16:14:06.000000Z"}, {"uuid": "5be1c1e2-31a7-4dd2-b9be-5fe69f3e36fb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2017-0199", "type": "seen", "source": "MISP/2cf17798-4dc4-480f-8ee6-b3fabaeb570d", "content": "", "creation_timestamp": "2020-10-09T14:33:23.000000Z"}, {"uuid": "6ffe7c77-d512-48d1-8a76-7e29cd6e1012", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2017-0199", "type": "seen", "source": "MISP/686724b9-8fa4-43ac-b20b-c2598629c6d4", "content": "", "creation_timestamp": "2020-10-09T15:49:27.000000Z"}, {"uuid": "58700a58-d62f-4f84-805f-2e82dd5c748f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2017-0199", "type": "seen", "source": "MISP/c6bbcc2c-7ce4-4de9-bee7-051cc4574c58", "content": "", "creation_timestamp": "2020-10-09T15:48:55.000000Z"}, {"uuid": "84722d63-5150-42cb-9e8b-0064afbb1e83", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2017-0199", "type": "seen", "source": "MISP/292c8ff0-f4d9-40b6-ac72-e44392d6cc31", "content": "", "creation_timestamp": "2020-10-09T16:31:53.000000Z"}, {"uuid": "88755f31-0390-4914-be3b-570986ff76b7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2017-0199", "type": "seen", "source": "MISP/f1b590ae-f141-4547-9b92-7edcabe8fcae", "content": "", "creation_timestamp": "2020-10-09T16:31:49.000000Z"}, {"uuid": "8efdc38e-af1d-4401-8122-01f24c399e98", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2017-0199", "type": "seen", "source": "MISP/0264baf8-cabb-4965-b54d-a793c07d93f8", "content": "", "creation_timestamp": "2020-10-09T16:01:47.000000Z"}, {"uuid": "ba3aa772-354d-4262-a5e5-27f2217de16c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2017-0199", "type": "seen", "source": "MISP/6df7f6a8-b3e4-4f13-a902-da3aa6a4b157", "content": "", "creation_timestamp": "2020-10-09T16:00:12.000000Z"}, {"uuid": "483f194a-98b8-4604-9d10-2ef447f56bcb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2017-0199", "type": "seen", "source": "MISP/17b3de1e-f775-4518-b6ce-87c5b49a3eaa", "content": "", "creation_timestamp": "2020-10-09T17:15:38.000000Z"}, {"uuid": "a5b4b590-193c-42c7-9b4d-a23bd7a0753c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2017-0199", "type": "seen", "source": "MISP/3eece7fb-11c4-4dc8-b867-fbdbf63b4ebd", "content": "", "creation_timestamp": "2020-10-09T17:15:36.000000Z"}, {"uuid": "ce95112a-47e9-49ba-9ea4-506f6dbe994b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2017-0199", "type": "seen", "source": "MISP/803e25db-f6ef-4b81-8d64-8cc433d8e205", "content": "", "creation_timestamp": "2020-10-09T15:58:19.000000Z"}, {"uuid": "de22d452-8bdf-42aa-82a2-7e68e1d0de30", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2017-0199", "type": "seen", "source": "MISP/3c5c6bf8-4c3d-48de-8eb3-49f0d290a01a", "content": "", "creation_timestamp": "2020-10-09T16:26:28.000000Z"}, {"uuid": "424bb1e3-7e3f-4043-93ed-5fc0f2787851", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2017-0199", "type": "seen", "source": "MISP/1980a496-40fa-44cd-afc4-c0ddabcd7d8d", "content": "", "creation_timestamp": "2020-10-09T16:41:25.000000Z"}, {"uuid": "bce87163-4a24-4021-b661-c60282ec3fbc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2017-0199", "type": "seen", "source": "MISP/95fee874-878d-4481-8ad2-9fca8b472df2", "content": "", "creation_timestamp": "2020-10-09T15:04:48.000000Z"}, {"uuid": "1a277307-b956-425a-9e9d-0268db285aa5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2017-0199", "type": "seen", "source": "MISP/10387610-5211-4738-83c5-643e43c8e266", "content": "", "creation_timestamp": "2020-10-09T16:41:14.000000Z"}, {"uuid": "067ed97b-0069-45d7-b6b9-3c50d005b198", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2017-0199", "type": "seen", "source": "MISP/7ea48e81-db85-4da4-9cc0-7a43192e04de", "content": "", "creation_timestamp": "2020-10-09T16:21:59.000000Z"}, {"uuid": "8345b1d3-8a9b-4ad4-b573-068f79b41cb5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2017-0199", "type": "seen", "source": "MISP/ae666a55-60a8-484e-8f9a-172fa9383af0", "content": "", "creation_timestamp": "2020-10-09T16:42:02.000000Z"}, {"uuid": "cc2f60f9-1bda-49e6-a9a8-0caa4f17035d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2017-0199", "type": "seen", "source": "MISP/2d64a81c-c54e-4e79-a40f-2087060216c8", "content": "", "creation_timestamp": "2020-10-09T17:16:22.000000Z"}, {"uuid": "5f4193f9-6b73-4123-9504-9fd3faeca135", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2017-0199", "type": "seen", "source": "MISP/e765eda5-d29b-40c3-93fb-8693afc6dc22", "content": "", "creation_timestamp": "2020-10-09T17:16:20.000000Z"}, {"uuid": "5cb0d619-8be3-49c2-9c92-ba99224c9546", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2017-0199", "type": "seen", "source": "MISP/95a79609-8f3c-4e02-92d0-bbb831100ab0", "content": "", "creation_timestamp": "2020-10-09T16:57:40.000000Z"}, {"uuid": "568bccbb-9fb0-4079-8bdf-21f9800151f6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2017-0199", "type": "seen", "source": "MISP/588851f1-fa7d-4cdb-920a-7e75a12ae5a1", "content": "", "creation_timestamp": "2020-10-09T16:22:34.000000Z"}, {"uuid": "a7b8d453-4420-40fe-b920-74bf97ba0b29", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2017-0199", "type": "seen", "source": "MISP/e96623d5-839c-4ab2-85d1-6ea13820aa47", "content": "", "creation_timestamp": "2020-10-09T17:13:01.000000Z"}, {"uuid": "a1b800c1-048c-47e6-af35-cc457626e306", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2017-0199", "type": "seen", "source": "MISP/5c445295-a3ae-4516-b22c-64ede15fa196", "content": "", "creation_timestamp": "2021-01-05T08:45:23.000000Z"}, {"uuid": "48351687-9ce7-48b9-becb-1f36af74eced", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2017-0199", "type": "seen", "source": "MISP/2556c694-e331-407e-b838-465645d3efdd", "content": "", "creation_timestamp": "2020-10-09T16:54:51.000000Z"}, {"uuid": "1d7ab2f5-87cc-497b-a87b-a662920fdc9a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2017-0199", "type": "seen", "source": "MISP/63ddead6-4b82-414c-ad8e-c516b950b446", "content": "", "creation_timestamp": "2021-10-25T22:32:43.000000Z"}, {"uuid": "6e1c43d5-63b9-45fe-91e9-6672d14ae9a7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2017-0199", "type": "seen", "source": "MISP/66a76374-5da8-4ff7-8113-64700a0a2864", "content": "", "creation_timestamp": "2024-07-29T09:51:25.000000Z"}, {"uuid": "78037d27-7a20-4974-8d2c-a170b18114cc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2017-0199", "type": "seen", "source": "MISP/ae102ba0-f797-4201-b557-0fb163a9e03f", "content": "", "creation_timestamp": "2024-09-12T14:37:09.000000Z"}, {"uuid": "e5b794b9-6eca-4ad3-a857-20c26539eda5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2017-0199", "type": "seen", "source": "MISP/3c9fa790-f4b2-44e5-bd3c-593bd7113bef", "content": "", "creation_timestamp": "2024-02-28T11:10:03.000000Z"}, {"uuid": "447c696a-e0ac-4a55-859a-994bcfb70ed1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2017-0199", "type": "seen", "source": "https://infosec.exchange/users/screaminggoat/statuses/113584080222922612", "content": "", "creation_timestamp": "2024-12-02T16:05:21.795133Z"}, {"uuid": "f71346b9-9178-4149-a62e-4251ce8026af", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2017-0199", "type": "exploited", "source": "https://www.exploit-db.com/exploits/41934", "content": "", "creation_timestamp": "2017-04-25T00:00:00.000000Z"}, {"uuid": "6605ba97-c26d-4160-afba-6b56dbb5e71a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2017-0199", "type": "seen", "source": "https://feedsin.space/feed/CISAKevBot/items/2970992", "content": "", "creation_timestamp": "2024-12-24T20:22:46.108274Z"}, {"uuid": "e64eae85-ef7d-4340-8050-73fe52331f8d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2017-0199", "type": "seen", "source": "https://bsky.app/profile/malware-traffic-analysis.net/post/3lfh6pqaxls24", "content": "", "creation_timestamp": "2025-01-11T07:29:22.847958Z"}, {"uuid": "7cb9f693-2140-410e-8da9-7509a07a1741", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2017-0199", "type": "seen", "source": "https://bsky.app/profile/malware-traffic-analysis.net/post/3lfh733udms24", "content": "", "creation_timestamp": "2025-01-11T07:35:43.668633Z"}, {"uuid": "d24926a4-a5fc-447f-9295-250d7c503fad", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2017-0199", "type": "seen", "source": "https://bsky.app/profile/infosec.skyfleet.blue/post/3lfhnmxnw5y23", "content": "", "creation_timestamp": "2025-01-11T11:56:13.837181Z"}, {"uuid": "def70b11-b1a6-47fa-b9a2-588689bdcb0c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2017-0199", "type": "seen", "source": "https://bsky.app/profile/tmjintel.bsky.social/post/3lfn4cdbhpl2m", "content": "", "creation_timestamp": "2025-01-13T16:02:01.618237Z"}, {"uuid": "8ad00afb-de4e-4a14-bb3a-3c3d25ca0b2e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2017-0199", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-06T03:13:43.000000Z"}, {"uuid": "0e2cbca6-7d7a-437d-b2c5-fbbb24b63105", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2017-0199", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-23T04:09:51.000000Z"}, {"uuid": "f8926539-592d-48c8-9fad-53fd34fd641e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2017-0199", "type": "seen", "source": "https://poliverso.org/objects/0477a01e-9d1c9d9f-675cdbc3d8f48478", "content": "", "creation_timestamp": "2025-03-01T00:19:16.460359Z"}, {"uuid": "949b6d1c-5e2a-41e3-91cc-c47df4305348", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2017-0199", "type": "seen", "source": "MISP/a491671f-55fb-4909-8604-7f7d0b8ff92d", "content": "", "creation_timestamp": "2025-05-30T22:36:10.000000Z"}, {"uuid": "c66edb36-aa3c-4817-a1b6-9df112225f62", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2017-0199", "type": "seen", "source": "MISP/eaf683f7-dcd0-4e0e-8170-317e2b3863f6", "content": "", "creation_timestamp": "2025-02-22T20:59:27.000000Z"}, {"uuid": "0dd0a8c5-982e-42f7-8c18-e1d18f59d6df", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2017-0199", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2025-02-23T02:09:39.000000Z"}, {"uuid": "798a318a-c1fe-46dd-9499-0f3fda4f5add", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2017-0199", "type": "seen", "source": "https://infosec.exchange/users/cR0w/statuses/114177834211479036", "content": "", "creation_timestamp": "2025-03-17T12:44:48.469508Z"}, {"uuid": "6ca42aff-edbf-4724-af26-e0130a32d5f7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2017-0199", "type": "seen", "source": "https://infosec.exchange/users/k3ym0/statuses/114659974093386460", "content": "", "creation_timestamp": "2025-06-10T16:27:58.778700Z"}, {"uuid": "9d10efcc-5054-4d26-a0dd-8c347cc1726d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2017-0199", "type": "seen", "source": "https://bsky.app/profile/infosec.skyfleet.blue/post/3lr5hddl5pb2d", "content": "", "creation_timestamp": "2025-06-09T03:39:10.547671Z"}, {"uuid": "bbf4210f-06d4-4c88-a54c-d2579b39d4b4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2017-0199", "type": "seen", "source": "https://threatintel.cc/2025/09/17/revengehotels-a-new-wave-of.html", "content": "", "creation_timestamp": "2025-09-17T09:17:56.000000Z"}, {"uuid": "514f8420-1bca-4b6e-be9e-4794e4f384c1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2017-0199", "type": "seen", "source": "MISP/f2f8e507-f238-4713-9f27-cff06453335e", "content": "", "creation_timestamp": "2025-07-01T09:52:54.000000Z"}, {"uuid": "ca2d2755-2dd6-4ec3-8515-ea0b1c1db710", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2017-0199", "type": "seen", "source": "https://poliverso.org/objects/0477a01e-50f1a5f6-768cfe71f5758dad", "content": "", "creation_timestamp": "2025-05-30T12:09:25.663603Z"}, {"uuid": "adc5455e-277b-46ec-9ee9-b4f2d058dba3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2017-0199", "type": "seen", "source": "https://bsky.app/profile/securityrss.bsky.social/post/3lpovenznnd2f", "content": "", "creation_timestamp": "2025-05-21T15:15:20.286686Z"}, {"uuid": "5feafdf5-c4f3-462d-bfd1-c45d392bdd0c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2017-0199", "type": "seen", "source": "https://poliverso.org/objects/0477a01e-5996e413-521accfb6cd2622e", "content": "", "creation_timestamp": "2025-08-27T14:01:54.867290Z"}, {"uuid": "62159178-a913-4d86-8244-7aa85ed61e46", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2017-0199", "type": "seen", "source": "https://gist.github.com/jamisond123-del/ebf4a4e5ddb4376143b76d3d0b78133f", "content": "", "creation_timestamp": "2025-09-16T00:12:25.000000Z"}, {"uuid": "c6b4fee9-81dd-4c83-b194-1cc17ff98176", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2017-0199", "type": "seen", "source": "MISP/30fbcc04-7a88-4766-981e-53bf1377d2ca", "content": "", "creation_timestamp": "2025-08-26T11:23:43.000000Z"}, {"uuid": "865ca5ce-9304-486e-8126-2072f1055433", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2017-0199", "type": "seen", "source": "https://poliverso.org/objects/0477a01e-be4c6ae6-41d04d89fb236f71", "content": "", "creation_timestamp": "2025-08-30T10:23:39.084804Z"}, {"uuid": "45d39932-9627-4415-8d77-4dcd63b4096c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2017-0199", "type": "seen", "source": "MISP/ab0b745f-bbd5-338e-8b92-97dd0c757e9d", "content": "", "creation_timestamp": "2025-08-31T03:00:53.000000Z"}, {"uuid": "6bf537a8-a210-48d1-8be0-80e8acb3ea70", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2017-0199", "type": "seen", "source": "MISP/f2f8e507-f238-4713-9f27-cff06453335e", "content": "", "creation_timestamp": "2025-09-01T18:51:57.000000Z"}, {"uuid": "a11b704a-b5af-4644-8d7b-d6d65dca0aa3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2017-0199", "type": "seen", "source": "MISP/3445a876-cced-4346-bf37-e276ba39cff4", "content": "", "creation_timestamp": "2025-09-02T18:30:14.000000Z"}, {"uuid": "baed91b1-086b-435c-bfb6-3bd21c1d78d1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2017-0199", "type": "seen", "source": "https://poliverso.org/objects/0477a01e-1fdfda19-2805a58255f192e9", "content": "", "creation_timestamp": "2026-03-06T10:29:25.865814Z"}, {"uuid": "c68fb65f-f0fc-428a-a24d-e1d9df854701", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2017-0199", "type": "seen", "source": "https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/fileformat/office_word_hta.rb", "content": "", "creation_timestamp": "2018-05-29T15:50:33.000000Z"}, {"uuid": "d6b2659d-9b0a-4278-bca0-046522f3a125", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2017-0199", "type": "seen", "source": "https://poliverso.org/objects/0477a01e-c39acbe0-91886c343547fcce", "content": "", "creation_timestamp": "2025-12-05T12:35:57.961922Z"}, {"uuid": "ef9be4bc-a31b-403e-847c-29bf5a9ce71d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2017-0199", "type": "seen", "source": "MISP/e2a7af1d-bcfe-4708-8516-3090d4bd2533", "content": "", "creation_timestamp": "2025-12-31T22:47:04.000000Z"}, {"uuid": "cce1e71f-80da-4c1a-8ac4-76c4d0cfe478", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2017-0199", "type": "seen", "source": "https://gist.github.com/Rudi256/36dc9e64a9be769ff07308d6c3d0a813", "content": "", "creation_timestamp": "2026-03-06T11:21:18.000000Z"}, {"uuid": "2315c5d7-7e53-419b-a6ab-8adbe93d290c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "af0120d0-3dac-4a6a-974b-a9f33d2a9846", "vulnerability": "CVE-2017-0199", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/a6b05d78-d447-4f28-a751-e3141f077dd2", "content": "", "creation_timestamp": "2026-02-02T12:28:54.689184Z"}, {"uuid": "ac0b205c-a139-4a70-8541-4e16473a202c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2017-0199", "type": "exploited", "source": "https://t.me/HackingInsights/12989", "content": "\u200aFileless Remcos RAT Campaign Leverages CVE-2017-0199 Flaw\n\nhttps://securityonline.info/fileless-remcos-rat-campaign-leverages-cve-2017-0199-flaw/", "creation_timestamp": "2024-09-14T02:49:30.000000Z"}, {"uuid": "d54304e0-3ae9-4675-9d13-f7aeff3c7298", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2017-0199", "type": "seen", "source": "https://t.me/itsec_news/4881", "content": "\u200b\u26a1\ufe0f9 \u043f\u043b\u0430\u0433\u0438\u043d\u043e\u0432 \u0445\u0430\u043e\u0441\u0430: SmokeLoader \u0440\u0430\u0437\u0440\u0443\u0448\u0430\u0435\u0442 \u0437\u0430\u0449\u0438\u0442\u0443 \u0431\u0438\u0437\u043d\u0435\u0441\u0430\n\n\ud83d\udcac \u0412 \u0441\u0435\u043d\u0442\u044f\u0431\u0440\u0435 2024 \u0433\u043e\u0434\u0430 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 FortiGuard Labs \u0432\u044b\u044f\u0432\u0438\u043b\u0438 \u0430\u0442\u0430\u043a\u0443 \u0441 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435\u043c \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u043e\u0439 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u044b SmokeLoader \u043d\u0430 \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0438 \u0432 \u0422\u0430\u0439\u0432\u0430\u043d\u0435. \u041f\u043e\u0434 \u0443\u0434\u0430\u0440 \u043f\u043e\u043f\u0430\u043b\u0438 \u043e\u0440\u0433\u0430\u043d\u0438\u0437\u0430\u0446\u0438\u0438 \u0438\u0437 \u0441\u0444\u0435\u0440\u044b \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0441\u0442\u0432\u0430, \u0437\u0434\u0440\u0430\u0432\u043e\u043e\u0445\u0440\u0430\u043d\u0435\u043d\u0438\u044f, IT \u0438 \u0434\u0440\u0443\u0433\u0438\u0445 \u043e\u0442\u0440\u0430\u0441\u043b\u0435\u0439. SmokeLoader \u0438\u0437\u0432\u0435\u0441\u0442\u0435\u043d \u0441\u0432\u043e\u0435\u0439 \u0433\u0438\u0431\u043a\u043e\u0441\u0442\u044c\u044e: \u043e\u043d \u043c\u043e\u0436\u0435\u0442 \u0437\u0430\u0433\u0440\u0443\u0436\u0430\u0442\u044c \u0434\u043e\u043f\u043e\u043b\u043d\u0438\u0442\u0435\u043b\u044c\u043d\u043e\u0435 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u043e\u0435 \u041f\u041e \u0438\u043b\u0438 \u0441\u0430\u043c \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0442\u044c \u0441\u043b\u043e\u0436\u043d\u044b\u0435 \u0430\u0442\u0430\u043a\u0438 \u0431\u043b\u0430\u0433\u043e\u0434\u0430\u0440\u044f \u043c\u043e\u0434\u0443\u043b\u044c\u043d\u043e\u0439 \u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u0435.\n\n\u0410\u0442\u0430\u043a\u0430 \u043d\u0430\u0447\u0438\u043d\u0430\u043b\u0430\u0441\u044c \u0441 \u0444\u0438\u0448\u0438\u043d\u0433\u043e\u0432\u044b\u0445 \u043f\u0438\u0441\u0435\u043c. \u0417\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u043e\u0442\u043f\u0440\u0430\u0432\u043b\u044f\u043b\u0438 \u0441\u043e\u043e\u0431\u0449\u0435\u043d\u0438\u044f \u0441 \u0432\u043b\u043e\u0436\u0435\u043d\u043d\u044b\u043c \u0444\u0430\u0439\u043b\u043e\u043c, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u0432\u044b\u0434\u0430\u0432\u0430\u043b\u0438 \u0437\u0430 \u043a\u043e\u043c\u043c\u0435\u0440\u0447\u0435\u0441\u043a\u043e\u0435 \u043f\u0440\u0435\u0434\u043b\u043e\u0436\u0435\u043d\u0438\u0435. \u041f\u0438\u0441\u044c\u043c\u0430 \u0432\u044b\u0433\u043b\u044f\u0434\u0435\u043b\u0438 \u043f\u0440\u0430\u0432\u0434\u043e\u043f\u043e\u0434\u043e\u0431\u043d\u043e, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044f \u043c\u0435\u0441\u0442\u043d\u044b\u0435 \u0432\u044b\u0440\u0430\u0436\u0435\u043d\u0438\u044f, \u043d\u043e \u0438\u043c\u0435\u043b\u0438 \u043f\u0440\u0438\u0437\u043d\u0430\u043a\u0438 \u043c\u0430\u0441\u0441\u043e\u0432\u043e\u0439 \u0440\u0430\u0441\u0441\u044b\u043b\u043a\u0438: \u043e\u0434\u0438\u043d\u0430\u043a\u043e\u0432\u043e\u0435 \u0438\u043c\u044f \u043f\u043e\u043b\u0443\u0447\u0430\u0442\u0435\u043b\u044f \u0432 \u0440\u0430\u0437\u043d\u044b\u0445 \u043f\u0438\u0441\u044c\u043c\u0430\u0445 \u0438 \u043e\u0442\u043b\u0438\u0447\u0438\u044f \u0432 \u043e\u0444\u043e\u0440\u043c\u043b\u0435\u043d\u0438\u0438 \u043f\u043e\u0434\u043f\u0438\u0441\u0438 \u0438 \u043a\u043e\u043d\u0442\u0430\u043a\u0442\u043d\u043e\u0439 \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438.\n\n\u0414\u043b\u044f \u0437\u0430\u0440\u0430\u0436\u0435\u043d\u0438\u044f \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b\u0438\u0441\u044c \u0434\u0432\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 Microsoft Office. \u041f\u0435\u0440\u0432\u0430\u044f, CVE-2017-0199 (\u043e\u0446\u0435\u043d\u043a\u0430 CVSS: 7.8), \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u043b\u0430 \u0430\u0432\u0442\u043e\u043c\u0430\u0442\u0438\u0447\u0435\u0441\u043a\u0438 \u0437\u0430\u0433\u0440\u0443\u0436\u0430\u0442\u044c \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0439 \u0444\u0430\u0439\u043b \u043f\u0440\u0438 \u043e\u0442\u043a\u0440\u044b\u0442\u0438\u0438 \u0434\u043e\u043a\u0443\u043c\u0435\u043d\u0442\u0430. \u0412\u0442\u043e\u0440\u0430\u044f, CVE-2017-11882 (\u043e\u0446\u0435\u043d\u043a\u0430 CVSS: 7.8), \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u043b\u0430 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u0437\u0430\u043f\u0443\u0441\u043a\u0430\u0442\u044c \u043a\u043e\u0434 \u043d\u0430 \u043a\u043e\u043c\u043f\u044c\u044e\u0442\u0435\u0440\u0435 \u0436\u0435\u0440\u0442\u0432\u044b \u0447\u0435\u0440\u0435\u0437 \u0432\u0441\u0442\u0440\u043e\u0435\u043d\u043d\u044b\u0439 \u0440\u0435\u0434\u0430\u043a\u0442\u043e\u0440 \u0444\u043e\u0440\u043c\u0443\u043b. \u0421\u043e\u0432\u043e\u043a\u0443\u043f\u043d\u043e\u0441\u0442\u044c \u0434\u0430\u043d\u043d\u044b\u0445 \u043e\u0448\u0438\u0431\u043e\u043a \u0441\u0434\u0435\u043b\u0430\u043b\u0430 \u0430\u0442\u0430\u043a\u0443 \u044d\u0444\u0444\u0435\u043a\u0442\u0438\u0432\u043d\u043e\u0439 \u0438 \u0442\u0440\u0443\u0434\u043d\u043e\u0439 \u0434\u043b\u044f \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0438\u044f.\n\n\u0421\u043b\u0435\u0434\u0443\u044e\u0449\u0438\u0439 \u044d\u0442\u0430\u043f \u0430\u0442\u0430\u043a\u0438 \u0432\u043a\u043b\u044e\u0447\u0430\u043b \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 HTA-\u0444\u0430\u0439\u043b\u043e\u0432 \u0441 \u0437\u0430\u043a\u043e\u0434\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u043c\u0438 \u0441\u043a\u0440\u0438\u043f\u0442\u0430\u043c\u0438, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0440\u0430\u0441\u0448\u0438\u0444\u0440\u043e\u0432\u044b\u0432\u0430\u043b\u0438 \u043a\u043e\u043c\u0430\u043d\u0434\u044b \u0438 \u0437\u0430\u043f\u0443\u0441\u043a\u0430\u043b\u0438 PowerShell, \u0447\u0442\u043e\u0431\u044b \u0437\u0430\u0433\u0440\u0443\u0437\u0438\u0442\u044c \u043d\u043e\u0432\u044b\u0439 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0439 \u043a\u043e\u043c\u043f\u043e\u043d\u0435\u043d\u0442 \u2014 AndeLoader. \u042d\u0442\u043e\u0442 \u0437\u0430\u0433\u0440\u0443\u0437\u0447\u0438\u043a \u0440\u0430\u0441\u0448\u0438\u0444\u0440\u043e\u0432\u044b\u0432\u0430\u043b \u0434\u0430\u043d\u043d\u044b\u0435, \u0437\u0430\u043a\u043e\u0434\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0435 \u0432 \u0438\u0437\u043e\u0431\u0440\u0430\u0436\u0435\u043d\u0438\u0438, \u0438 \u0438\u0437\u0432\u043b\u0435\u043a\u0430\u043b \u043e\u0441\u043d\u043e\u0432\u043d\u043e\u0439 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0439 \u043c\u043e\u0434\u0443\u043b\u044c.\n\nSmokeLoader \u043f\u0440\u0438\u043c\u0435\u043d\u044f\u043b 9 \u0440\u0430\u0437\u043d\u044b\u0445 \u043f\u043b\u0430\u0433\u0438\u043d\u043e\u0432 \u0434\u043b\u044f \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u0441\u0432\u043e\u0438\u0445 \u0437\u0430\u0434\u0430\u0447. \u0421\u0440\u0435\u0434\u0438 \u043d\u0438\u0445 \u0431\u044b\u043b\u0438 \u043c\u043e\u0434\u0443\u043b\u0438, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043f\u043e\u0445\u0438\u0449\u0430\u043b\u0438 \u043f\u0430\u0440\u043e\u043b\u0438, \u0434\u0430\u043d\u043d\u044b\u0435 \u0438\u0437 \u0431\u0440\u0430\u0443\u0437\u0435\u0440\u043e\u0432, \u043f\u043e\u0447\u0442\u043e\u0432\u044b\u0445 \u043a\u043b\u0438\u0435\u043d\u0442\u043e\u0432 \u0438 FTP-\u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c. \u041d\u0430\u043f\u0440\u0438\u043c\u0435\u0440, \u043e\u0434\u0438\u043d \u0438\u0437 \u043f\u043b\u0430\u0433\u0438\u043d\u043e\u0432 \u043f\u0435\u0440\u0435\u0445\u0432\u0430\u0442\u044b\u0432\u0430\u043b \u043d\u0430\u0436\u0430\u0442\u0438\u044f \u043a\u043b\u0430\u0432\u0438\u0448 (\u043a\u0435\u0439\u043b\u043e\u0433\u0433\u0438\u043d\u0433) \u0438 \u0434\u0430\u043d\u043d\u044b\u0435 \u0438\u0437 \u0431\u0443\u0444\u0435\u0440\u0430 \u043e\u0431\u043c\u0435\u043d\u0430, \u0434\u0440\u0443\u0433\u043e\u0439 \u0443\u0434\u0430\u043b\u044f\u043b cookie-\u0444\u0430\u0439\u043b\u044b \u0432 \u0431\u0440\u0430\u0443\u0437\u0435\u0440\u0430\u0445, \u0447\u0442\u043e\u0431\u044b \u0437\u0430\u0441\u0442\u0430\u0432\u0438\u0442\u044c \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f \u043f\u043e\u0432\u0442\u043e\u0440\u043d\u043e \u0432\u0432\u043e\u0434\u0438\u0442\u044c \u043f\u0430\u0440\u043e\u043b\u0438. \u041f\u043b\u0430\u0433\u0438\u043d\u044b \u0442\u0430\u043a\u0436\u0435 \u0441\u043e\u0431\u0438\u0440\u0430\u043b\u0438 \u0434\u0430\u043d\u043d\u044b\u0435 \u0438\u0437 Firefox, Chrome, Outlook, Thunderbird \u0438 FileZilla, \u0438 \u043f\u0435\u0440\u0435\u0434\u0430\u0432\u0430\u043b\u0438 \u0438\u0445 \u043d\u0430 \u0441\u0435\u0440\u0432\u0435\u0440 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u043e\u0432.\n\n\u041a\u0430\u0436\u0434\u044b\u0439 \u043f\u043b\u0430\u0433\u0438\u043d \u0431\u044b\u043b \u043d\u0430\u0441\u0442\u0440\u043e\u0435\u043d \u043d\u0430 \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435 \u043e\u043f\u0440\u0435\u0434\u0435\u043b\u0451\u043d\u043d\u044b\u0445 \u0437\u0430\u0434\u0430\u0447. \u041d\u0435\u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043c\u043e\u0434\u0443\u043b\u0438 \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u0430\u0434\u0430\u043f\u0442\u0438\u0440\u043e\u0432\u0430\u043b\u0438\u0441\u044c \u0434\u043b\u044f \u0440\u0430\u0431\u043e\u0442\u044b \u0441 \u0431\u0440\u0430\u0443\u0437\u0435\u0440\u0430\u043c\u0438, \u0443\u0434\u0430\u043b\u044f\u044f \u0434\u0430\u043d\u043d\u044b\u0435 \u0438\u043b\u0438 \u0434\u043e\u0431\u0430\u0432\u043b\u044f\u044f \u043f\u0435\u0440\u0435\u0445\u0432\u0430\u0442\u0447\u0438\u043a\u0438 \u0434\u043b\u044f \u0441\u0431\u043e\u0440\u0430 \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438. \u041e\u0441\u043e\u0431\u0443\u044e \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u044c \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u043b\u044f\u043b\u0430 \u0441\u043f\u043e\u0441\u043e\u0431\u043d\u043e\u0441\u0442\u044c \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u044b \u0441\u043e\u0445\u0440\u0430\u043d\u044f\u0442\u044c \u0441\u0432\u043e\u0451 \u043f\u0440\u0438\u0441\u0443\u0442\u0441\u0442\u0432\u0438\u0435 \u043d\u0430 \u0437\u0430\u0440\u0430\u0436\u0451\u043d\u043d\u043e\u043c \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0435. \u041e\u0434\u0438\u043d \u0438\u0437 \u043c\u043e\u0434\u0443\u043b\u0435\u0439 \u0430\u0432\u0442\u043e\u043c\u0430\u0442\u0438\u0447\u0435\u0441\u043a\u0438 \u0437\u0430\u043f\u0443\u0441\u043a\u0430\u043b\u0441\u044f \u043f\u0440\u0438 \u0432\u043a\u043b\u044e\u0447\u0435\u043d\u0438\u0438 \u043a\u043e\u043c\u043f\u044c\u044e\u0442\u0435\u0440\u0430, \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0438\u0432\u0430\u044f \u0445\u0430\u043a\u0435\u0440\u0430\u043c \u043f\u043e\u0441\u0442\u043e\u044f\u043d\u043d\u044b\u0439 \u0434\u043e\u0441\u0442\u0443\u043f.\n\n\u0410\u043d\u0430\u043b\u0438\u0442\u0438\u043a\u0438 \u043f\u043e\u0434\u0447\u0435\u0440\u043a\u0438\u0432\u0430\u044e\u0442, \u0447\u0442\u043e SmokeLoader \u2014 \u044d\u0442\u043e \u0441\u043b\u043e\u0436\u043d\u044b\u0439 \u0438\u043d\u0441\u0442\u0440\u0443\u043c\u0435\u043d\u0442, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u043c\u043e\u0436\u0435\u0442 \u0430\u0434\u0430\u043f\u0442\u0438\u0440\u043e\u0432\u0430\u0442\u044c\u0441\u044f \u043f\u043e\u0434 \u0440\u0430\u0437\u043d\u044b\u0435 \u0441\u0446\u0435\u043d\u0430\u0440\u0438\u0438 \u0430\u0442\u0430\u043a. \u0412 \u0434\u0430\u043d\u043d\u043e\u043c \u0441\u043b\u0443\u0447\u0430\u0435 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441 \u043f\u043e\u043a\u0430\u0437\u0430\u043b, \u043a\u0430\u043a \u043c\u043e\u0434\u0443\u043b\u0438 \u043c\u043e\u0433\u0443\u0442 \u0431\u044b\u0442\u044c \u044d\u0444\u0444\u0435\u043a\u0442\u0438\u0432\u043d\u0435\u0435, \u0447\u0435\u043c \u0433\u043e\u0442\u043e\u0432\u044b\u0435 \u0432\u0438\u0440\u0443\u0441\u044b. \u0414\u043b\u044f \u0437\u0430\u0449\u0438\u0442\u044b \u043e\u0442 \u0442\u0430\u043a\u0438\u0445 \u0443\u0433\u0440\u043e\u0437 Fortinet \u0441\u043e\u0432\u0435\u0442\u0443\u0435\u0442 \u043e\u0431\u043d\u043e\u0432\u043b\u044f\u0442\u044c \u0441\u0438\u0441\u0442\u0435\u043c\u044b \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u0430\u043d\u0442\u0438\u0432\u0438\u0440\u0443\u0441 \u0438 \u043e\u0431\u0443\u0447\u0430\u0442\u044c \u0441\u043e\u0442\u0440\u0443\u0434\u043d\u0438\u043a\u043e\u0432, \u0447\u0442\u043e\u0431\u044b \u0432\u043e\u0432\u0440\u0435\u043c\u044f \u0440\u0430\u0441\u043f\u043e\u0437\u043d\u0430\u0432\u0430\u0442\u044c \u0444\u0438\u0448\u0438\u043d\u0433\u043e\u0432\u044b\u0435 \u0430\u0442\u0430\u043a\u0438.\n\n\ud83d\udd14 ITsec NEWS", "creation_timestamp": "2024-12-03T19:09:55.000000Z"}, {"uuid": "4b07ff88-7cc9-43a5-a443-3910c9b62b34", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2017-0199", "type": "seen", "source": "https://t.me/kasperskyb2b/2103", "content": "\u2755 \u0422\u0435\u043d\u0434\u0435\u043d\u0446\u0438\u0438 \u0432 \u043f\u0440\u0430\u043a\u0442\u0438\u0447\u0435\u0441\u043a\u043e\u0439 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439: \u041e\u0421 Linux \u0441\u0442\u0430\u043b\u0430 \u0441\u043b\u0438\u0448\u043a\u043e\u043c \u043f\u043e\u043f\u0443\u043b\u044f\u0440\u043d\u0430 \n\n\u042d\u043a\u0441\u043f\u0435\u0440\u0442\u044b \u00ab\u041b\u0430\u0431\u043e\u0440\u0430\u0442\u043e\u0440\u0438\u0438 \u041a\u0430\u0441\u043f\u0435\u0440\u0441\u043a\u043e\u0433\u043e\u00bb \u043f\u0440\u043e\u0430\u043d\u0430\u043b\u0438\u0437\u0438\u0440\u043e\u0432\u0430\u043b\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043f\u0440\u0438\u043c\u0435\u043d\u044f\u043b\u0438\u0441\u044c \u0432 \u0440\u0435\u0430\u043b\u044c\u043d\u044b\u0445 \u043a\u0438\u0431\u0435\u0440\u0430\u0442\u0430\u043a\u0430\u0445 \u0432 4 \u043a\u0432\u0430\u0440\u0442\u0430\u043b\u0435 2025 \u0433\u043e\u0434\u0430.  \u041a\u0430\u043a \u043e\u0431\u044b\u0447\u043d\u043e, \u043a\u0430\u0440\u0442\u0438\u043d\u0430 \u0441\u0438\u043b\u044c\u043d\u043e \u0440\u0430\u0437\u043b\u0438\u0447\u0430\u0435\u0442\u0441\u044f \u0434\u043b\u044f \u0446\u0435\u043b\u0435\u0432\u044b\u0445 \u0438 \u0448\u0438\u0440\u043e\u043a\u043e\u0437\u0430\u0445\u0432\u0430\u0442\u043d\u044b\u0445 \u0430\u0442\u0430\u043a, \u043d\u043e \u0438 \u0442\u0430\u043c, \u0438 \u0442\u0430\u043c \u043d\u0435\u0441\u043a\u0443\u0447\u043d\u043e. \n\n\u041d\u0435\u0438\u0437\u0431\u0438\u0440\u0430\u0442\u0435\u043b\u044c\u043d\u044b\u0435 \u0430\u0442\u0430\u043a\u0438:\n\ud83d\udfe3 \u043a\u043e\u0441\u043c\u0438\u0447\u0435\u0441\u043a\u0438\u0439 \u0440\u043e\u0441\u0442 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u043d\u0430 \u0441\u0435\u043c\u0435\u0439\u0441\u0442\u0432\u0435 \u041e\u0421 *nix \u2014 \u043f\u043e\u043b\u043e\u0432\u0438\u043d\u0430 \u0432\u0441\u0435\u0445 \u0430\u0442\u0430\u043a \u0437\u0430 2025 \u0433\u043e\u0434 \u043f\u0440\u0438\u0448\u043b\u0430\u0441\u044c \u043d\u0430 4 \u043a\u0432\u0430\u0440\u0442\u0430\u043b. \u041e\u0431\u0443\u0441\u043b\u043e\u0432\u043b\u0435\u043d\u043e \u043d\u0435 \u0442\u043e\u043b\u044c\u043a\u043e \u0430\u0442\u0430\u043a\u0430\u043c\u0438 \u043d\u0430 \u0441\u0435\u0440\u0432\u0435\u0440\u044b, \u043d\u043e \u0438 \u043f\u043e\u043f\u0443\u043b\u044f\u0440\u0438\u0437\u0430\u0446\u0438\u0435\u0439 Linux \u0434\u043b\u044f \u0434\u0435\u0441\u043a\u0442\u043e\u043f\u043e\u0432;\n\ud83d\udfe3\u043f\u043e\u0434\u0432\u0435\u0440\u0433\u0430\u044e\u0442\u0441\u044f \u0430\u0442\u0430\u043a\u0435 \u0432 \u043e\u0441\u043d\u043e\u0432\u043d\u043e\u043c \u0434\u0440\u0435\u0432\u043d\u0438\u0435 \u0434\u0435\u0444\u0435\u043a\u0442\u044b Linux, \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u043d\u0435 \u043e\u0431\u043d\u043e\u0432\u043b\u044f\u044e\u0442\u0441\u044f: \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c Dirty Pipe, \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 Netfilter. \u042d\u0442\u043e CVE-2022-0847, CVE-2019-13272, CVE-2021-22555, CVE-2023-32233;\n\ud83d\udfe3 \u0434\u043b\u044f \u041e\u0421 Windows \u0442\u0435\u043c\u043f\u044b \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0441\u043d\u0438\u0437\u0438\u043b\u0438\u0441\u044c \u0434\u043e \u0441\u0430\u043c\u043e\u0433\u043e \u043d\u0438\u0437\u043a\u043e\u0433\u043e \u0443\u0440\u043e\u0432\u043d\u044f \u0432 2025 \u0433\u043e\u0434\u0443, \u043d\u043e \u043e\u043d\u0438 \u0432\u0441\u0451 \u0440\u0430\u0432\u043d\u043e \u043f\u0440\u0435\u0432\u044b\u0448\u0430\u044e\u0442 \u043d\u0430\u0447\u0430\u043b\u043e 2024-\u0433\u043e;\n\ud83d\udfe3 \u0434\u043e\u043c\u0438\u043d\u0438\u0440\u0443\u044e\u0442 \u0442\u0430\u043a\u0436\u0435 \u0434\u0440\u0435\u0432\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438: CVE-2017-11882 \u0438 CVE-2018-0802 \u0432 \u043a\u043e\u043c\u043f\u043e\u043d\u0435\u043d\u0442\u0435 Equation Editor \u0438\u0437 \u043f\u0430\u043a\u0435\u0442\u0430 \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u0439 Microsoft Office, CVE-2017-0199 \u0432 Microsoft Office \u0438 WordPad.\n\n\u041a\u0430\u043a \u0432 \u0446\u0435\u043b\u0435\u0432\u044b\u0445, \u0442\u0430\u043a \u0438 \u043c\u0430\u0441\u0441\u043e\u0432\u044b\u0445 \u0430\u0442\u0430\u043a\u0430\u0445, \u0433\u043e\u0440\u0430\u0437\u0434\u043e \u0430\u043a\u0442\u0438\u0432\u043d\u0435\u0435 \u0446\u0435\u043b\u044f\u0442\u0441\u044f \u0432 \u0434\u0435\u0444\u0435\u043a\u0442\u044b \u0430\u0440\u0445\u0438\u0432\u0430\u0442\u043e\u0440\u043e\u0432. \u0412 2025 \u0433\u043e\u0434\u0443 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u043f\u0440\u0438\u043c\u0435\u043d\u044f\u043b\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 WinRAR (CVE-2023-38831, CVE-2025-6218 \u0438 -8088) \u0438 7-Zip (CVE-2025-11001).\n\n\u0426\u0435\u043b\u0435\u0432\u044b\u0435 \u0430\u0442\u0430\u043a\u0438:\n\ud83d\udfe3 \u0432 \u043e\u0441\u043d\u043e\u0432\u043d\u043e\u043c \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u044e\u0442 \u0441\u0432\u0435\u0436\u0438\u0435 \u0434\u0435\u0444\u0435\u043a\u0442\u044b \u0437\u0430 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0438\u0435 \u043f\u043e\u043b\u0433\u043e\u0434\u0430;\n\ud83d\udfe3 \u0441 \u0433\u0438\u0433\u0430\u043d\u0442\u0441\u043a\u0438\u043c \u043e\u0442\u0440\u044b\u0432\u043e\u043c \u0434\u043e\u043c\u0438\u043d\u0438\u0440\u0443\u0435\u0442 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f React4shell, \u0432 \u0442\u0440\u043e\u0439\u043a\u0435 \u043b\u0438\u0434\u0435\u0440\u043e\u0432 \u0442\u0430\u043a\u0436\u0435 CVE-2025-61882 \u0432 Oracle E-Business Suite \u0438 CVE-2025-8088 \u0432 WinRAR;\n\ud83d\udfe3 \u043c\u043d\u043e\u0433\u0438\u0435 CVE \u0432\u0435\u0440\u043e\u044f\u0442\u043d\u043e \u0437\u0430\u043a\u0440\u0435\u043f\u044f\u0442\u0441\u044f \u0432 \u0445\u0438\u0442-\u043f\u0430\u0440\u0430\u0434\u0435 \u043d\u0430\u0434\u043e\u043b\u0433\u043e, \u0434\u043b\u044f \u0438\u0445 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0442\u0440\u0435\u0431\u0443\u044e\u0442\u0441\u044f \u0441\u0435\u0440\u044c\u0451\u0437\u043d\u044b\u0435 \u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u043d\u044b\u0435 \u0438\u0437\u043c\u0435\u043d\u0435\u043d\u0438\u044f \u0432 \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u0445 \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u044f\u0445 \u0438 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044c\u0441\u043a\u043e\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u0435;\n\ud83d\udfe3 \u043f\u043e\u0441\u043b\u0435 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0447\u0430\u0449\u0435 \u0432\u0441\u0435\u0433\u043e \u0440\u0430\u0437\u0432\u043e\u0440\u0430\u0447\u0438\u0432\u0430\u044e\u0442 \u0438\u043c\u043f\u043b\u0430\u043d\u0442\u044b \u043d\u0430 \u0431\u0430\u0437\u0435 \u0438\u043d\u0441\u0442\u0440\u0443\u043c\u0435\u043d\u0442\u043e\u0432 Silver, Mythic, Havoc \u0438 Metasploit.\n\n\ud83d\udccc \u0412 \u043f\u043e\u043b\u043d\u043e\u043c \u043e\u0442\u0447\u0451\u0442\u0435 \u043d\u0430 \u0441\u0430\u0439\u0442\u0435 Securelist \u044d\u0442\u0438 \u0442\u0435\u043d\u0434\u0435\u043d\u0446\u0438\u0438 \u0440\u0430\u0437\u043e\u0431\u0440\u0430\u043d\u044b \u0431\u043e\u043b\u0435\u0435 \u043f\u043e\u0434\u0440\u043e\u0431\u043d\u043e, \u043f\u043e\u043a\u0430\u0437\u0430\u043d\u044b \u0441\u0432\u044f\u0437\u0438 \u043a\u043e\u043d\u043a\u0440\u0435\u0442\u043d\u044b\u0445 \u0430\u0442\u0430\u043a\u0443\u044e\u0449\u0438\u0445 \u0438\u043d\u0441\u0442\u0440\u0443\u043c\u0435\u043d\u0442\u043e\u0432 \u0441 \u043f\u043e\u043f\u0443\u043b\u044f\u0440\u043d\u044b\u043c\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044f\u043c\u0438, \u0430 \u0442\u0430\u043a\u0436\u0435 \u043e\u043f\u0438\u0441\u0430\u043d\u044b \u043d\u0430\u0438\u0431\u043e\u043b\u0435\u0435 \u043f\u0440\u0438\u043c\u0435\u0447\u0430\u0442\u0435\u043b\u044c\u043d\u044b\u0435 \u0438 \u0432\u0430\u0436\u043d\u044b\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 2025 \u0433\u043e\u0434\u0430. \n\n#\u0441\u0442\u0430\u0442\u0438\u0441\u0442\u0438\u043a\u0430 #\u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 @\u041f2\u0422", "creation_timestamp": "2026-03-10T14:02:31.000000Z"}, {"uuid": "7f4c7e4a-be3d-4a17-ab4c-c08955be1332", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2017-0199", "type": "exploited", "source": "https://t.me/S_E_Reborn/5910", "content": "\u0420\u0435\u0441\u0435\u0440\u0447\u0435\u0440\u044b \u0438\u0437 \u041b\u0430\u0431\u043e\u0440\u0430\u0442\u043e\u0440\u0438\u0438 \u041a\u0430\u0441\u043f\u0435\u0440\u0441\u043a\u043e\u0433\u043e \u0440\u0430\u0441\u043a\u0440\u044b\u0432\u0430\u044e\u0442 \u043d\u043e\u0432\u0443\u044e \u0432\u043e\u043b\u043d\u0443 \u0430\u0442\u0430\u043a RevengeHotels \u0441 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435\u043c LLM \u0438 VenomRAT, \u0447\u0430\u0441\u0442\u043d\u043e\u0439 \u0432\u0435\u0440\u0441\u0438\u0438 QuasarRAT \u0441 \u043e\u0442\u043a\u0440\u044b\u0442\u044b\u043c \u0438\u0441\u0445\u043e\u0434\u043d\u044b\u043c \u043a\u043e\u0434\u043e\u043c.\n\n\u0413\u0440\u0443\u043f\u043f\u0430, \u0442\u0430\u043a\u0436\u0435 \u0438\u0437\u0432\u0435\u0441\u0442\u043d\u0430\u044f \u043a\u0430\u043a TA558, \u0434\u0435\u0439\u0441\u0442\u0432\u0443\u0435\u0442 \u0441 2015 \u0433\u043e\u0434\u0430 \u0438 \u0437\u0430\u043d\u0438\u043c\u0430\u0435\u0442\u0441\u044f \u043a\u0440\u0430\u0436\u0435\u0439 \u0434\u0430\u043d\u043d\u044b\u0445 \u043a\u0440\u0435\u0434\u0438\u0442\u043d\u044b\u0445 \u043a\u0430\u0440\u0442 \u0433\u043e\u0441\u0442\u0435\u0439 \u043e\u0442\u0435\u043b\u0435\u0439 \u0438 \u043f\u0443\u0442\u0435\u0448\u0435\u0441\u0442\u0432\u0435\u043d\u043d\u0438\u043a\u043e\u0432.\n\n\u041e\u0441\u043d\u043e\u0432\u043d\u043e\u0439 \u043c\u0435\u0442\u043e\u0434 \u0440\u0430\u0431\u043e\u0442\u044b \u0437\u0430\u043a\u043b\u044e\u0447\u0430\u0435\u0442\u0441\u044f \u0432 \u043e\u0442\u043f\u0440\u0430\u0432\u043a\u0435 \u044d\u043b\u0435\u043a\u0442\u0440\u043e\u043d\u043d\u044b\u0445 \u043f\u0438\u0441\u0435\u043c \u0441 \u0444\u0438\u0448\u0438\u043d\u0433\u043e\u0432\u044b\u043c\u0438 \u0441\u0441\u044b\u043b\u043a\u0430\u043c\u0438, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043f\u0435\u0440\u0435\u043d\u0430\u043f\u0440\u0430\u0432\u043b\u044f\u044e\u0442 \u0436\u0435\u0440\u0442\u0432 \u043d\u0430 \u0432\u0435\u0431-\u0441\u0430\u0439\u0442\u044b, \u0438\u043c\u0438\u0442\u0438\u0440\u0443\u044e\u0449\u0438\u0435 \u0445\u0440\u0430\u043d\u0438\u043b\u0438\u0449\u0430 \u0434\u043e\u043a\u0443\u043c\u0435\u043d\u0442\u043e\u0432 \u0438 \u0437\u0430\u0433\u0440\u0443\u0436\u0430\u044e\u0449\u0438\u0435 \u0444\u0430\u0439\u043b\u044b \u0441\u043a\u0440\u0438\u043f\u0442\u043e\u0432 \u0434\u043b\u044f \u0437\u0430\u0440\u0430\u0436\u0435\u043d\u0438\u044f \u0446\u0435\u043b\u0435\u0432\u044b\u0445 \u043a\u043e\u043c\u043f\u044c\u044e\u0442\u0435\u0440\u043e\u0432.\n\n\u0412 \u043a\u043e\u043d\u0435\u0447\u043d\u043e\u043c \u0438\u0442\u043e\u0433\u0435 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u0430\u044f \u043d\u0430\u0433\u0440\u0443\u0437\u043a\u0430 \u0432\u043a\u043b\u044e\u0447\u0430\u0435\u0442 \u0432 \u0441\u0435\u0431\u044f \u0440\u0430\u0437\u043b\u0438\u0447\u043d\u044b\u0435 RAT, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0442 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u043e\u0441\u0443\u0449\u0435\u0441\u0442\u0432\u043b\u044f\u0442\u044c \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0435 \u0441\u043a\u043e\u043c\u043f\u0440\u043e\u043c\u0435\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u043c\u0438 \u0441\u0438\u0441\u0442\u0435\u043c\u0430\u043c\u0438, \u043a\u0440\u0430\u0436\u0443 \u043a\u043e\u043d\u0444\u0438\u0434\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u044b\u0445 \u0434\u0430\u043d\u043d\u044b\u0445, \u0430 \u0442\u0430\u043a\u0436\u0435 \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0442\u044c \u0434\u0440\u0443\u0433\u0438\u0435 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0435 \u0434\u0435\u0439\u0441\u0442\u0432\u0438\u044f.\n\n\u0412 \u043f\u0440\u0435\u0434\u044b\u0434\u0443\u0449\u0438\u0445 \u043a\u0430\u043c\u043f\u0430\u043d\u0438\u044f\u0445\u00a0\u0433\u0440\u0443\u043f\u043f\u0430 \u0437\u0430\u0434\u0435\u0439\u0441\u0442\u0432\u043e\u0432\u0430\u043b\u0430 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0435 \u044d\u043b\u0435\u043a\u0442\u0440\u043e\u043d\u043d\u044b\u0435 \u043f\u0438\u0441\u044c\u043c\u0430 \u0441 \u0432\u043b\u043e\u0436\u0435\u043d\u043d\u044b\u043c\u0438 \u0434\u043e\u043a\u0443\u043c\u0435\u043d\u0442\u0430\u043c\u0438 Word, Excel \u0438\u043b\u0438 PDF.\n\n\u041d\u0435\u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0438\u0437 \u043d\u0438\u0445 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u043e\u0432\u0430\u043b\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c\u00a0CVE-2017-0199, \u0437\u0430\u0433\u0440\u0443\u0436\u0430\u044f \u0441\u043a\u0440\u0438\u043f\u0442\u044b VBS \u0438\u043b\u0438 PowerShell \u0434\u043b\u044f \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043a\u0438 \u043c\u043e\u0434\u0438\u0444\u0438\u0446\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0445 \u0432\u0435\u0440\u0441\u0438\u0439 \u0440\u0430\u0437\u043b\u0438\u0447\u043d\u044b\u0445 \u0441\u0435\u043c\u0435\u0439\u0441\u0442\u0432 RAT, \u0442\u0430\u043a\u0438\u0445 \u043a\u0430\u043a RevengeRAT, NanoCoreRAT, NjRAT, 888 RAT \u0438 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u043e\u0433\u043e \u041f\u041e ProCC.\n\n\u042d\u0442\u0438 \u043a\u0430\u043c\u043f\u0430\u043d\u0438\u0438 \u0437\u0430\u0442\u0440\u043e\u043d\u0443\u043b\u0438 \u043e\u0442\u0435\u043b\u0438 \u0432\u043e \u043c\u043d\u043e\u0433\u0438\u0445 \u0441\u0442\u0440\u0430\u043d\u0430\u0445 \u041b\u0430\u0442\u0438\u043d\u0441\u043a\u043e\u0439 \u0410\u043c\u0435\u0440\u0438\u043a\u0438, \u0432\u043a\u043b\u044e\u0447\u0430\u044f \u0411\u0440\u0430\u0437\u0438\u043b\u0438\u044e, \u0410\u0440\u0433\u0435\u043d\u0442\u0438\u043d\u0443, \u0427\u0438\u043b\u0438 \u0438 \u041c\u0435\u043a\u0441\u0438\u043a\u0443, \u0430 \u0442\u0430\u043a\u0436\u0435 \u0441\u043b\u0443\u0436\u0431\u044b \u0440\u0435\u0433\u0438\u0441\u0442\u0440\u0430\u0446\u0438\u0438 \u0438 \u043e\u0431\u0441\u043b\u0443\u0436\u0438\u0432\u0430\u043d\u0438\u044f \u0433\u043e\u0441\u0442\u0435\u0439 \u043f\u043e \u0432\u0441\u0435\u043c\u0443 \u043c\u0438\u0440\u0443, \u043e\u0441\u043e\u0431\u0435\u043d\u043d\u043e \u0432 \u0420\u043e\u0441\u0441\u0438\u0438, \u0411\u0435\u043b\u0430\u0440\u0443\u0441\u0438, \u0422\u0443\u0440\u0446\u0438\u0438 \u0438 \u0434\u0440\u0443\u0433\u0438\u0445 \u0441\u0442\u0440\u0430\u043d\u0430\u0445.\n\n\u041f\u043e\u0437\u0436\u0435 RevengeHotels \u0440\u0430\u0441\u0448\u0438\u0440\u0438\u043b\u0430 \u0441\u0432\u043e\u0439 \u0430\u0440\u0441\u0435\u043d\u0430\u043b, \u0434\u043e\u0431\u0430\u0432\u0438\u0432 XWorm - RAT \u0441 \u043a\u043e\u043c\u0430\u043d\u0434\u0430\u043c\u0438 \u0434\u043b\u044f \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f, \u043a\u0440\u0430\u0436\u0438 \u0434\u0430\u043d\u043d\u044b\u0445 \u0438 \u0441\u043e\u0445\u0440\u0430\u043d\u0435\u043d\u0438\u044f \u0430\u043a\u0442\u0438\u0432\u043d\u043e\u0441\u0442\u0438, \u0441\u0440\u0435\u0434\u0438 \u043f\u0440\u043e\u0447\u0435\u0433\u043e.\n\n\u0412 \u0445\u043e\u0434\u0435 \u0440\u0430\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u043d\u0438\u044f \u043a\u0430\u043c\u043f\u0430\u043d\u0438\u0438 \u043f\u043e \u0440\u0430\u0441\u043f\u0440\u043e\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044e XWorm \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u041b\u041a \u0432\u044b\u044f\u0432\u0438\u043b\u0438 \u0434\u043e\u0441\u0442\u043e\u0432\u0435\u0440\u043d\u044b\u0435 \u043f\u0440\u0438\u0437\u043d\u0430\u043a\u0438 \u0442\u043e\u0433\u043e, \u0447\u0442\u043e RevengeHotels \u0442\u0430\u043a\u0436\u0435 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b\u0430 RAT-\u0438\u043d\u0441\u0442\u0440\u0443\u043c\u0435\u043d\u0442 DesckVBRAT \u0432 \u0441\u0432\u043e\u0438\u0445 \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u044f\u0445.\n\n\u041b\u0435\u0442\u043e\u043c 2025 \u0433\u043e\u0434\u0430 \u0432 \u043f\u043e\u043b\u0435 \u0437\u0440\u0435\u043d\u0438\u044f \u041b\u041a \u043f\u043e\u043f\u0430\u043b\u0438 \u043d\u043e\u0432\u044b\u0435 \u043a\u0430\u043c\u043f\u0430\u043d\u0438\u0438, \u043d\u0430\u0446\u0435\u043b\u0435\u043d\u043d\u044b\u0435 \u043d\u0430 \u0442\u043e\u0442 \u0436\u0435 \u0441\u0435\u043a\u0442\u043e\u0440 \u0441 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435\u043c \u0432\u0441\u0451 \u0431\u043e\u043b\u0435\u0435 \u0441\u043b\u043e\u0436\u043d\u044b\u0445 \u0438\u043c\u043f\u043b\u0430\u043d\u0442\u043e\u0432 \u0438 \u0438\u043d\u0441\u0442\u0440\u0443\u043c\u0435\u043d\u0442\u043e\u0432.\n\n\u0417\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u043f\u0440\u043e\u0434\u043e\u043b\u0436\u0430\u044e\u0442 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u0444\u0438\u0448\u0438\u043d\u0433\u043e\u0432\u044b\u0435 \u043f\u0438\u0441\u044c\u043c\u0430 \u0441 \u0442\u0435\u043c\u0430\u043c\u0438 \u0441\u0447\u0435\u0442\u043e\u0432-\u0444\u0430\u043a\u0442\u0443\u0440 \u0434\u043b\u044f \u0434\u043e\u0441\u0442\u0430\u0432\u043a\u0438 \u0438\u043c\u043f\u043b\u0430\u043d\u0442\u043e\u0432 VenomRAT \u0447\u0435\u0440\u0435\u0437 \u0437\u0430\u0433\u0440\u0443\u0437\u0447\u0438\u043a\u0438 JavaScript \u0438 PowerShell.\n\n\u0417\u043d\u0430\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u0430\u044f \u0447\u0430\u0441\u0442\u044c \u0438\u0441\u0445\u043e\u0434\u043d\u043e\u0433\u043e \u043a\u043e\u0434\u0430 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u0430 \u0438 \u0437\u0430\u0433\u0440\u0443\u0437\u0447\u0438\u043a\u0430 \u0432 \u044d\u0442\u043e\u0439 \u043a\u0430\u043c\u043f\u0430\u043d\u0438\u0438, \u043f\u043e-\u0432\u0438\u0434\u0438\u043c\u043e\u043c\u0443, \u0441\u0433\u0435\u043d\u0435\u0440\u0438\u0440\u043e\u0432\u0430\u043d\u0430 LLM-\u0430\u0433\u0435\u043d\u0442\u0430\u043c\u0438. \u0422\u0430\u043a \u0447\u0442\u043e  \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u0442\u0435\u043f\u0435\u0440\u044c \u0430\u043a\u0442\u0438\u0432\u043d\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0442 \u0418\u0418 \u0434\u043b\u044f \u0441\u043e\u0432\u0435\u0440\u0448\u0435\u043d\u0441\u0442\u0432\u043e\u0432\u0430\u043d\u0438\u044f \u0441\u0432\u043e\u0438\u0445 \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e\u0441\u0442\u0435\u0439.\n\n\u041e\u0441\u043d\u043e\u0432\u043d\u044b\u043c\u0438 \u0446\u0435\u043b\u044f\u043c\u0438 \u043d\u043e\u0432\u044b\u0445 \u0430\u0442\u0430\u043a \u044f\u0432\u043b\u044f\u044e\u0442\u0441\u044f \u0431\u0440\u0430\u0437\u0438\u043b\u044c\u0441\u043a\u0438\u0439 \u0433\u043e\u0441\u0442\u0438\u043d\u0438\u043d\u0438\u0447\u043d\u044b\u0439 \u0441\u0435\u043a\u0442\u043e\u0440, \u043d\u043e \u0442\u0430\u043a\u0436\u0435 \u043c\u043e\u0436\u0435\u0442 \u0432\u043a\u043b\u044e\u0447\u0430\u0442\u044c \u0446\u0435\u043b\u0438 \u0432 \u0438\u0441\u043f\u0430\u043d\u043e\u044f\u0437\u044b\u0447\u043d\u044b\u0445 \u0441\u0442\u0440\u0430\u043d\u0430\u0445 \u0438\u043b\u0438 \u0440\u0435\u0433\u0438\u043e\u043d\u0430\u0445.\n\n\u0411\u043b\u0430\u0433\u043e\u0434\u0430\u0440\u044f \u0432\u0441\u0435\u0441\u0442\u043e\u0440\u043e\u043d\u043d\u0435\u043c\u0443 \u0430\u043d\u0430\u043b\u0438\u0437\u0443 \u0441\u0445\u0435\u043c \u0430\u0442\u0430\u043a \u0438 TTPs \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u041b\u041a \u0441 \u0432\u044b\u0441\u043e\u043a\u043e\u0439 \u0441\u0442\u0435\u043f\u0435\u043d\u044c\u044e \u0443\u0432\u0435\u0440\u0435\u043d\u043d\u043e\u0441\u0442\u0438 \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u0438\u043b\u0438, \u0447\u0442\u043e \u043e\u0442\u0432\u0435\u0442\u0441\u0442\u0432\u0435\u043d\u043d\u044b\u043c \u0437\u0430 \u043d\u0438\u0445 \u0434\u0435\u0439\u0441\u0442\u0432\u0438\u0442\u0435\u043b\u044c\u043d\u043e \u044f\u0432\u043b\u044f\u0435\u0442\u0441\u044f RevengeHotels.\n\n\u0412 \u0446\u0435\u043b\u043e\u043c, \u043a\u0430\u043a \u043e\u0442\u043c\u0435\u0447\u0430\u044e\u0442 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438, \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e \u0430\u0433\u0435\u043d\u0442\u043e\u0432 LLM \u0433\u0440\u0443\u043f\u043f\u0430 \u0441\u043c\u043e\u0433\u043b\u0430 \u0441\u043e\u0437\u0434\u0430\u0432\u0430\u0442\u044c \u0438 \u043c\u043e\u0434\u0438\u0444\u0438\u0446\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u0444\u0438\u0448\u0438\u043d\u0433\u043e\u0432\u044b\u0435 \u043f\u0440\u0438\u043c\u0430\u043d\u043a\u0438, \u0440\u0430\u0441\u0448\u0438\u0440\u044f\u044f \u0441\u0432\u043e\u0438 \u0430\u0442\u0430\u043a\u0438 \u043d\u0430 \u043d\u043e\u0432\u044b\u0435 \u0440\u0435\u0433\u0438\u043e\u043d\u044b.\n\n\u0418, \u0435\u0441\u043b\u0438 \u0432\u0435\u0431-\u0441\u0430\u0439\u0442\u044b, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u043c\u044b\u0435 \u0434\u043b\u044f \u044d\u0442\u0438\u0445 \u0430\u0442\u0430\u043a, \u0438 \u043d\u0430\u0447\u0430\u043b\u044c\u043d\u0430\u044f \u043f\u043e\u043b\u0435\u0437\u043d\u0430\u044f \u043d\u0430\u0433\u0440\u0443\u0437\u043a\u0430 \u043f\u043e\u0441\u0442\u043e\u044f\u043d\u043d\u043e \u043c\u0435\u043d\u044f\u044e\u0442\u0441\u044f, \u0442\u043e \u043a\u043e\u043d\u0435\u0447\u043d\u0430\u044f \u0446\u0435\u043b\u044c \u043e\u0441\u0442\u0430\u0451\u0442\u0441\u044f \u043f\u0440\u0435\u0436\u043d\u0435\u0439: \u0432\u043d\u0435\u0434\u0440\u0435\u043d\u0438\u0435 RAT.\n\n\u0422\u0435\u0445\u043d\u0438\u0447\u0435\u0441\u043a\u0438\u0439 \u0440\u0430\u0437\u0431\u043e\u0440 \u0430\u0442\u0430\u043a \u0438 \u0438\u043d\u0441\u0442\u0440\u0443\u043c\u0435\u043d\u0442\u0430\u0440\u0438\u044f, \u0430 \u0442\u0430\u043a\u0436\u0435 IOCs - \u0432 \u043e\u0442\u0447\u0435\u0442\u0435.", "creation_timestamp": "2025-09-18T15:57:50.000000Z"}, {"uuid": "651cd64e-a64b-4b94-9025-9ad4f48c7225", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2017-0199", "type": "seen", "source": "https://t.me/true_secator/7978", "content": "\u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u0438\u0437 \u041b\u0430\u0431\u043e\u0440\u0430\u0442\u043e\u0440\u0438\u0438 \u041a\u0430\u0441\u043f\u0435\u0440\u0441\u043a\u043e\u0433\u043e \u0432 \u0441\u0432\u043e\u0435\u043c \u043d\u043e\u0432\u043e\u043c \u043e\u0442\u0447\u0435\u0442\u0435 \u043a\u043e\u043d\u0441\u0442\u0430\u0442\u0438\u0440\u0443\u044e\u0442, \u0447\u0442\u043e 4 \u043a\u0432\u0430\u0440\u0442\u0430\u043b 2025 \u0441\u0442\u0430\u043b \u043e\u0434\u043d\u0438\u043c \u0438\u0437 \u0441\u0430\u043c\u044b\u0445 \u043d\u0430\u0441\u044b\u0449\u0435\u043d\u043d\u044b\u0445 \u043f\u043e \u043a\u043e\u043b\u0438\u0447\u0435\u0441\u0442\u0432\u0443 \u0440\u0430\u0441\u043a\u0440\u044b\u0442\u0438\u0439 \u0433\u0440\u043e\u043c\u043a\u0438\u0445 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0431\u044b\u043b\u0438 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u044b \u0432 \u043f\u043e\u043f\u0443\u043b\u044f\u0440\u043d\u044b\u0445 \u0431\u0438\u0431\u043b\u0438\u043e\u0442\u0435\u043a\u0430\u0445 \u0438 \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u044f\u0445.\n\n\u0410\u043d\u0430\u043b\u0438\u0437\u0438\u0440\u0443\u044f \u0442\u0435\u043d\u0434\u0435\u043d\u0446\u0438\u0438 \u0432 \u043f\u0440\u0430\u043a\u0442\u0438\u0447\u0435\u0441\u043a\u043e\u0439 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439, \u0432 \u041b\u041a \u043e\u0442\u043c\u0435\u0442\u0438\u043b\u0438, \u0447\u0442\u043e \u0432 \u044d\u0442\u043e\u043c \u043f\u043b\u0430\u043d\u0435 \u041e\u0421 Linux \u0441\u0442\u0430\u043b\u0430 \u0441\u043b\u0438\u0448\u043a\u043e\u043c \u043f\u043e\u043f\u0443\u043b\u044f\u0440\u043d\u0430. \u041d\u0430 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0438\u0439 \u043a\u0432\u0430\u0440\u0442\u0430\u043b \u0433\u043e\u0434\u0430 \u043f\u0440\u0438\u0448\u043b\u043e\u0441\u044c \u0431\u043e\u043b\u0435\u0435 \u043f\u043e\u043b\u043e\u0432\u0438\u043d\u044b \u0432\u0441\u0435\u0445 \u0430\u0442\u0430\u043a \u0441 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430\u043c\u0438 \u0434\u043b\u044f Linux \u043e\u0442 \u0441\u0443\u043c\u043c\u0430\u0440\u043d\u044b\u0445 \u0433\u043e\u0434\u043e\u0432\u044b\u0445 \u043f\u043e\u043a\u0430\u0437\u0430\u0442\u0435\u043b\u0435\u0439.\u00a0\n\n\u0412 \u043f\u0435\u0440\u0432\u0443\u044e \u043e\u0447\u0435\u0440\u0435\u0434\u044c, \u043f\u0440\u0438\u0447\u0438\u043d\u043e\u0439 \u0442\u0430\u043a\u043e\u0433\u043e \u0432\u0441\u043f\u043b\u0435\u0441\u043a\u0430 \u0441\u0442\u0430\u043b\u043e \u0431\u044b\u0441\u0442\u0440\u043e\u0440\u0430\u0441\u0442\u0443\u0449\u0435\u0435 \u043a\u043e\u043b\u0438\u0447\u0435\u0441\u0442\u0432\u043e \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044c\u0441\u043a\u0438\u0445 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432 \u043f\u043e\u0434 \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0435\u043c Linux.\n\n\u041a\u0430\u043a \u043e\u0431\u044b\u0447\u043d\u043e, \u043a\u0430\u0440\u0442\u0438\u043d\u0430 \u0442\u0430\u043a\u0436\u0435 \u0441\u0438\u043b\u044c\u043d\u043e \u0440\u0430\u0437\u043b\u0438\u0447\u0430\u0435\u0442\u0441\u044f \u0434\u043b\u044f \u0446\u0435\u043b\u0435\u0432\u044b\u0445 \u0438 \u0448\u0438\u0440\u043e\u043a\u043e\u0437\u0430\u0445\u0432\u0430\u0442\u043d\u044b\u0445 \u0430\u0442\u0430\u043a. \u0412 \u043e\u0431\u043e\u0438\u0445 \u0441\u043b\u0443\u0447\u0430\u044f\u0445 - \u0434\u0438\u043d\u0430\u043c\u0438\u043a\u0430 \u0437\u043d\u0430\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u0430.\n\n\u0412 \u0441\u043b\u0443\u0447\u0430\u0435 \u043d\u0435\u0438\u0437\u0431\u0438\u0440\u0430\u0442\u0435\u043b\u044c\u043d\u044b\u0445 \u0430\u0442\u0430\u043a:\n- \u043f\u043e\u0434 \u043f\u0440\u0438\u0446\u0435\u043b\u043e\u043c \u0432 \u043e\u0441\u043d\u043e\u0432\u043d\u043e\u043c \u0441\u0442\u0430\u0440\u044b\u0435 \u0434\u0435\u0444\u0435\u043a\u0442\u044b Linux, \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u043d\u0435 \u043e\u0431\u043d\u043e\u0432\u043b\u044f\u044e\u0442\u0441\u044f: \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c Dirty Pipe, \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 Netfilter (CVE-2022-0847, CVE-2019-13272, CVE-2021-22555, CVE-2023-32233);\n- \u0434\u043b\u044f \u041e\u0421 Windows \u0442\u0435\u043c\u043f\u044b \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0441\u043d\u0438\u0437\u0438\u043b\u0438\u0441\u044c \u0434\u043e \u0441\u0430\u043c\u043e\u0433\u043e \u043d\u0438\u0437\u043a\u043e\u0433\u043e \u0443\u0440\u043e\u0432\u043d\u044f \u0432 2025 \u0433\u043e\u0434\u0443, \u043d\u043e \u043e\u043d\u0438 \u0432\u0441\u0451 \u0440\u0430\u0432\u043d\u043e \u043f\u0440\u0435\u0432\u044b\u0448\u0430\u044e\u0442 \u043d\u0430\u0447\u0430\u043b\u043e 2024-\u0433\u043e, \u0434\u043e\u043c\u0438\u043d\u0438\u0440\u0443\u044e\u0442 \u0442\u0430\u043a\u0436\u0435 \u0443\u0441\u0442\u0430\u0440\u0435\u0432\u0448\u0438\u0435 CVE-2017-11882 \u0438 CVE-2018-0802 \u0432 \u043a\u043e\u043c\u043f\u043e\u043d\u0435\u043d\u0442\u0435 Equation Editor \u0438\u0437 Microsoft Office, CVE-2017-0199 \u0432 Microsoft Office \u0438 WordPad.\n\n\u041a\u0430\u043a \u0432 \u0446\u0435\u043b\u0435\u0432\u044b\u0445, \u0442\u0430\u043a \u0438 \u043c\u0430\u0441\u0441\u043e\u0432\u044b\u0445 \u0430\u0442\u0430\u043a\u0430\u0445, \u0433\u043e\u0440\u0430\u0437\u0434\u043e \u0430\u043a\u0442\u0438\u0432\u043d\u0435\u0435 \u043f\u043e\u0434 \u0443\u0434\u0430\u0440 \u043f\u043e\u043f\u0430\u0434\u0430\u044e\u0442 \u0432 \u043e\u0448\u0438\u0431\u043a\u0438 \u0432 \u0430\u0440\u0445\u0438\u0432\u0430\u0442\u043e\u0440\u0430\u0445. \u0412 2025 \u0433\u043e\u0434\u0443 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u043f\u0440\u0438\u043c\u0435\u043d\u044f\u043b\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 WinRAR (CVE-2023-38831, CVE-2025-6218 \u0438 -8088) \u0438 7-Zip (CVE-2025-11001).\n\n\u041f\u043e \u0447\u0430\u0441\u0442\u0438 \u0446\u0435\u043b\u0435\u0432\u044b\u0445 \u0430\u0442\u0430\u043a:\n- \u0432 \u043e\u0441\u043d\u043e\u0432\u043d\u043e\u043c \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u044e\u0442 \u0441\u0432\u0435\u0436\u0438\u0435 \u0434\u0435\u0444\u0435\u043a\u0442\u044b \u0437\u0430 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0438\u0435 \u043f\u043e\u043b\u0433\u043e\u0434\u0430;\n- \u0441 \u0433\u0438\u0433\u0430\u043d\u0442\u0441\u043a\u0438\u043c \u043e\u0442\u0440\u044b\u0432\u043e\u043c \u0434\u043e\u043c\u0438\u043d\u0438\u0440\u0443\u0435\u0442 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f React4shell, \u0442\u0430\u043a\u0436\u0435 \u0432 \u0442\u0440\u043e\u0439\u043a\u0435 \u043b\u0438\u0434\u0435\u0440\u043e\u0432 \u0442\u0430\u043a\u0436\u0435 CVE-2025-61882 \u0432 Oracle E-Business Suite \u0438 CVE-2025-8088 \u0432 WinRAR;\n- \u043c\u043d\u043e\u0433\u0438\u0435 CVE \u0432\u0435\u0440\u043e\u044f\u0442\u043d\u043e \u043e\u0441\u0442\u0430\u043d\u0443\u0442\u0441\u044f \u0432 \u0440\u0435\u0439\u0442\u0438\u043d\u0433\u0435 \u043d\u0430\u0434\u043e\u043b\u0433\u043e, \u0434\u043b\u044f \u0438\u0445 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0442\u0440\u0435\u0431\u0443\u044e\u0442\u0441\u044f \u0441\u0435\u0440\u044c\u0451\u0437\u043d\u044b\u0435 \u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u043d\u044b\u0435 \u0438\u0437\u043c\u0435\u043d\u0435\u043d\u0438\u044f \u0432 \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u0445 \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u044f\u0445 \u0438 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044c\u0441\u043a\u043e\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u0435;\n- \u043f\u043e\u0441\u043b\u0435 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0447\u0430\u0449\u0435 \u0432\u0441\u0435\u0433\u043e \u0440\u0430\u0437\u0432\u043e\u0440\u0430\u0447\u0438\u0432\u0430\u044e\u0442 \u0438\u043c\u043f\u043b\u0430\u043d\u0442\u044b \u043d\u0430 \u0431\u0430\u0437\u0435 \u0438\u043d\u0441\u0442\u0440\u0443\u043c\u0435\u043d\u0442\u043e\u0432 Silver, Mythic, Havoc \u0438 Metasploit.\n\n\u041f\u043e\u0434\u0440\u043e\u0431\u043d\u0430\u044f \u0438\u043d\u0444\u043e\u0433\u0440\u0430\u0444\u0438\u043a\u0430, \u0441\u0442\u0430\u0442\u0438\u0441\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0435 \u043f\u043e\u043a\u0430\u0437\u0430\u0442\u0435\u043b\u0438 \u0438 \u0440\u0430\u0437\u0431\u043e\u0440 \u043d\u0430\u0438\u0431\u043e\u043b\u0435\u0435 \u043f\u0440\u0438\u043c\u0435\u0447\u0430\u0442\u0435\u043b\u044c\u043d\u044b\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 - \u0432 \u043e\u0442\u0447\u0435\u0442\u0435 \u041b\u041a.", "creation_timestamp": "2026-03-10T15:26:05.000000Z"}, {"uuid": "fba2ac79-53f8-4c80-92c4-12828031791d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2017-0199", "type": "exploited", "source": "https://t.me/webamoozir/1701", "content": "\u0628\u0647\u0631\u0647 \u062c\u0648\u06cc\u06cc \u062c\u0627\u0633\u0648\u0633\u0627\u0646 \u0686\u06cc\u0646\u06cc \u0627\u0632 \u0622\u0633\u06cc\u0628 \u067e\u0630\u06cc\u0631\u06cc \u0631\u0648\u0632-\u0635\u0641\u0631\u0645 \u062f\u0631 \u0645\u0627\u06cc\u06a9\u0631\u0648\u0633\u0627\u0641\u062a\n@webamoozir\n\u067e\u0698\u0648\u0647\u0634\u06af\u0631\u0627\u0646 \u0627\u0645\u0646\u06cc\u062a \u062f\u0631 \u067e\u0631\u0648\u0641 \u067e\u0648\u06cc\u0646\u062a \u06af\u0632\u0627\u0631\u0634 \u062f\u0627\u062f\u0647\u0627\u0646\u062f \u06a9\u0647 \u06af\u0631\u0648\u0647 \u0631\u062e\u0646\u0647\u06af\u0631 \u0686\u06cc\u0646\u06cc \u0627\u0632 \u0622\u0633\u06cc\u0628 \u067e\u0630\u06cc\u0631\u06cc \u0631\u0648\u0632-\u0635\u0641\u0631\u0645 \u062f\u0631 \u0645\u0627\u06cc\u06a9\u0631\u0648\u0633\u0627\u0641\u062a \u06a9\u0647 \u0628\u0647 \u062a\u0627\u0632\u06af\u06cc \u0648\u0635\u0644\u0647 \u0646\u06cc\u0632 \u0634\u062f\u0647 \u0628\u0648\u062f\u060c \u0628\u0647\u0631\u0647 \u062c\u0648\u06cc\u06cc \u06a9\u0631\u062f\u0647\u0627\u0646\u062f \u0648 \u0628\u0647 \u0634\u0631\u06a9\u062a \u0647\u0627\u06cc \u0641\u0639\u0627\u0644 \u062f\u0631 \u062d\u0648\u0632\u0647 \u0645\u0627\u0644\u06cc \u062d\u0645\u0644\u0647 \u06a9\u0631\u062f\u0647\u0627\u0646\u062f. \u067e\u0698\u0648\u0647\u0634\u06af\u0631\u0627\u0646 \u0628\u0631 \u0627\u06cc\u0646 \u0628\u0627\u0648\u0631\u0646\u062f \u06a9\u0647 \u06af\u0631\u0648\u0647 \u0631\u062e\u0646\u0647 TA459\u060c \u062f\u0633\u062a \u06a9\u0645 \u0627\u0632 \u0633\u0627\u0644 \u06f2\u06f0\u06f1\u06f3 \u0645\u06cc\u0644\u0627\u062f\u06cc \u062f\u0631 \u06a9\u0627\u0631 \u0628\u0648\u062f\u0647 \u0627\u0633\u062a \u0648 \u0639\u0645\u0644\u06cc\u0627\u062a \u0648\u06cc\u0631\u0627\u0646\u06af\u0631\u0634 \u0631\u0627 \u0627\u0632 \u062f\u0631\u0648\u0646 \u0686\u06cc\u0646 \u0627\u0646\u062c\u0627\u0645 \u0645\u06cc \u062f\u0647\u062f \u0648 \u06af\u0648\u06cc\u0627 \u062f\u0631 \u062d\u0645\u0644\u0647\u0647\u0627\u06cc\u0634 \u0628\u0647 \u0631\u0648\u0633\u06cc\u0647 \u0648 \u06a9\u0634\u0648\u0631\u0647\u0627\u06cc \u062f\u06cc\u06af\u0631 \u0647\u0645\u0633\u0627\u06cc\u0647\u060c \u0627\u0632 \u0628\u062f\u0627\u0641\u0632\u0627\u0631\u0647\u0627\u06cc\u06cc \u0645\u0627\u0646\u0646\u062f: NetTraveler\u060c PlugX\u060c Saker\u060c Netbot\u060c DarkStRat \u0648 ZeroT \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0645\u06cc \u06a9\u0646\u062f. \u067e\u0698\u0648\u0647\u0634\u06af\u0631\u0627\u0646 \u06cc\u0627\u062f\u0634\u062f\u0647 \u0628\u0647 \u062a\u0627\u0632\u06af\u06cc \u062a\u0648\u0627\u0646\u0633\u062a\u0647\u0627\u0646\u062f \u06a9\u0647 \u062d\u0645\u0644\u0647\u0647\u0627\u06cc \u0627\u06cc\u0646 \u06af\u0631\u0648\u0647 \u0631\u0627 \u0628\u0647 \u0633\u0627\u0632\u0645\u0627\u0646 \u0647\u0627\u06cc \u0646\u0638\u0627\u0645\u06cc \u0648 \u0647\u0648\u0627\u0641\u0636\u0627 \u062f\u0631 \u0631\u0648\u0633\u06cc\u0647 \u0648 \u0628\u0644\u0627\u0631\u0648\u0633 \u0634\u0646\u0627\u0633\u0627\u06cc\u06cc \u06a9\u0646\u0646\u062f. \u062f\u0631\u06f2\u06f0 \u0622\u0648\u0631\u06cc\u0644 \u0646\u06cc\u0632 \u067e\u0698\u0648\u0647\u0634\u06af\u0631\u0627\u0646\u060c \u06a9\u0645\u067e\u06cc\u0646 \u062c\u0627\u0633\u0648\u0633\u06cc\u0627\u06cc \u0631\u0627 \u0634\u0646\u0627\u0633\u0627\u06cc\u06cc \u06a9\u0631\u062f\u0646\u062f \u06a9\u0647 \u0628\u0647 \u0645\u0624\u0633\u0633\u0647\u0647\u0627\u06cc \u0645\u0627\u0644\u06cc \u062f\u0631 \u0631\u0648\u0633\u06cc\u0647 \u0648 \u06a9\u0634\u0648\u0631\u0647\u0627\u06cc \u0647\u0645\u0633\u0627\u06cc\u0647 \u062d\u0645\u0644\u0647 \u06a9\u0631\u062f\u0647 \u0628\u0648\u062f. \u067e\u0698\u0648\u0647\u0634\u06af\u0631\u0627\u0646 \u0645\u06cc \u0627\u0646\u062f\u06cc\u0634\u0646\u062f \u06a9\u0647 \u0627\u06cc\u0646 \u06a9\u0645\u067e\u06cc\u0646\u060c \u0647\u0645\u0627\u0646\u0646\u062f \u06a9\u0645\u067e\u06cc\u0646 \u062c\u0627\u0633\u0648\u0633\u06cc \u0627\u0633\u062a \u06a9\u0647 \u062f\u0631 \u0633\u0627\u0644 \u06f2\u06f0\u06f1\u06f5 \u0645\u06cc\u0644\u0627\u062f\u06cc \u0628\u0647 \u0631\u0627\u0647 \u0627\u0641\u062a\u0627\u062f\u0647 \u0628\u0648\u062f. \u0627\u06cc\u0646 \u06af\u0631\u0648\u0647 \u0631\u062e\u0646\u0647 \u062f\u0631 \u062d\u0645\u0644\u0647\u0647\u0627\u06cc \u062e\u0648\u062f\u060c \u0631\u0627\u06cc\u0627\u0646\u0627\u0645\u0647 \u0647\u0627\u06cc \u0641\u06cc\u0634\u06cc\u0646\u06af \u0628\u0631\u0627\u06cc \u0642\u0631\u0628\u0627\u0646\u06cc\u0627\u0646 \u0645\u06cc \u0641\u0631\u0633\u062a\u062f \u06a9\u0647 \u062f\u0631 \u0622\u0646\u0647\u0627\u060c \u067e\u0631\u0648\u0646\u062f\u0647 \u0648\u06cc\u0631\u0627\u0646\u06af\u0631 \u0645\u0627\u06cc\u06a9\u0631\u0648\u0633\u0627\u0641\u062a \u0648\u0631\u062f \u067e\u06cc\u0648\u0633\u062a \u0634\u062f\u0647 \u0627\u0633\u062a \u062a\u0627 \u0627\u0632 \u0622\u0633\u06cc\u0628 \u067e\u0630\u06cc\u0631\u06cc\u0627\u06cc\u060c \u0628\u0627 \u0634\u0646\u0627\u0633\u0647: CVE-2017-0199 \u06a9\u0647 \u06cc\u06a9 \u0622\u0633\u06cc\u0628 \u067e\u0630\u06cc\u0631\u06cc \u0627\u062c\u0631\u0627\u06cc \u06a9\u062f \u0627\u0632 \u0631\u0627\u0647 \u062f\u0648\u0631 \u0627\u0633\u062a\u060c \u0628\u0647\u0631\u0647 \u062c\u0648\u06cc\u06cc \u06a9\u0646\u062f. \u0645\u0647\u0627\u062c\u0645\u0627\u0646 \u0628\u0647\u0631\u0647 \u062c\u0648\u06cc\u06cc \u0627\u0632 \u0627\u06cc\u0646 \u0622\u0633\u06cc\u0628 \u067e\u0630\u06cc\u0631\u06cc \u0631\u0627 \u062f\u0631\u0633\u062a \u0686\u0646\u062f \u0631\u0648\u0632 \u067e\u0633 \u0627\u0632 \u0627\u06cc\u0646\u06a9\u0647 \u0645\u0627\u06cc\u06a9\u0631\u0648\u0633\u0627\u0641\u062a \u0628\u0631\u0627\u06cc \u0622\u0646 \u0648\u0635\u0644\u0647 \u0645\u0646\u062a\u0634\u0631 \u06a9\u0631\u062f\u060c \u0622\u063a\u0627\u0632 \u06a9\u0631\u062f\u0647 \u0627\u0646\u062f.\n\n\u0645\u0646\u0628\u0639: http://www.securityweek.com", "creation_timestamp": "2017-05-03T19:15:03.000000Z"}, {"uuid": "e789cf96-7bb2-4fe9-a630-1dcab1548fc0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2017-0199", "type": "published-proof-of-concept", "source": "https://t.me/true_secator/7436", "content": "\u0420\u0435\u0441\u0435\u0440\u0447\u0435\u0440\u044b \u0438\u0437 \u041b\u0430\u0431\u043e\u0440\u0430\u0442\u043e\u0440\u0438\u0438 \u041a\u0430\u0441\u043f\u0435\u0440\u0441\u043a\u043e\u0433\u043e \u0440\u0430\u0441\u043a\u0440\u044b\u0432\u0430\u044e\u0442 \u043d\u043e\u0432\u0443\u044e \u0432\u043e\u043b\u043d\u0443 \u0430\u0442\u0430\u043a RevengeHotels \u0441 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435\u043c LLM \u0438 VenomRAT, \u0447\u0430\u0441\u0442\u043d\u043e\u0439 \u0432\u0435\u0440\u0441\u0438\u0438 QuasarRAT \u0441 \u043e\u0442\u043a\u0440\u044b\u0442\u044b\u043c \u0438\u0441\u0445\u043e\u0434\u043d\u044b\u043c \u043a\u043e\u0434\u043e\u043c.\n\n\u0413\u0440\u0443\u043f\u043f\u0430, \u0442\u0430\u043a\u0436\u0435 \u0438\u0437\u0432\u0435\u0441\u0442\u043d\u0430\u044f \u043a\u0430\u043a TA558, \u0434\u0435\u0439\u0441\u0442\u0432\u0443\u0435\u0442 \u0441 2015 \u0433\u043e\u0434\u0430 \u0438 \u0437\u0430\u043d\u0438\u043c\u0430\u0435\u0442\u0441\u044f \u043a\u0440\u0430\u0436\u0435\u0439 \u0434\u0430\u043d\u043d\u044b\u0445 \u043a\u0440\u0435\u0434\u0438\u0442\u043d\u044b\u0445 \u043a\u0430\u0440\u0442 \u0433\u043e\u0441\u0442\u0435\u0439 \u043e\u0442\u0435\u043b\u0435\u0439 \u0438 \u043f\u0443\u0442\u0435\u0448\u0435\u0441\u0442\u0432\u0435\u043d\u043d\u0438\u043a\u043e\u0432.\n\n\u041e\u0441\u043d\u043e\u0432\u043d\u043e\u0439 \u043c\u0435\u0442\u043e\u0434 \u0440\u0430\u0431\u043e\u0442\u044b \u0437\u0430\u043a\u043b\u044e\u0447\u0430\u0435\u0442\u0441\u044f \u0432 \u043e\u0442\u043f\u0440\u0430\u0432\u043a\u0435 \u044d\u043b\u0435\u043a\u0442\u0440\u043e\u043d\u043d\u044b\u0445 \u043f\u0438\u0441\u0435\u043c \u0441 \u0444\u0438\u0448\u0438\u043d\u0433\u043e\u0432\u044b\u043c\u0438 \u0441\u0441\u044b\u043b\u043a\u0430\u043c\u0438, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043f\u0435\u0440\u0435\u043d\u0430\u043f\u0440\u0430\u0432\u043b\u044f\u044e\u0442 \u0436\u0435\u0440\u0442\u0432 \u043d\u0430 \u0432\u0435\u0431-\u0441\u0430\u0439\u0442\u044b, \u0438\u043c\u0438\u0442\u0438\u0440\u0443\u044e\u0449\u0438\u0435 \u0445\u0440\u0430\u043d\u0438\u043b\u0438\u0449\u0430 \u0434\u043e\u043a\u0443\u043c\u0435\u043d\u0442\u043e\u0432 \u0438 \u0437\u0430\u0433\u0440\u0443\u0436\u0430\u044e\u0449\u0438\u0435 \u0444\u0430\u0439\u043b\u044b \u0441\u043a\u0440\u0438\u043f\u0442\u043e\u0432 \u0434\u043b\u044f \u0437\u0430\u0440\u0430\u0436\u0435\u043d\u0438\u044f \u0446\u0435\u043b\u0435\u0432\u044b\u0445 \u043a\u043e\u043c\u043f\u044c\u044e\u0442\u0435\u0440\u043e\u0432.\n\n\u0412 \u043a\u043e\u043d\u0435\u0447\u043d\u043e\u043c \u0438\u0442\u043e\u0433\u0435 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u0430\u044f \u043d\u0430\u0433\u0440\u0443\u0437\u043a\u0430 \u0432\u043a\u043b\u044e\u0447\u0430\u0435\u0442 \u0432 \u0441\u0435\u0431\u044f \u0440\u0430\u0437\u043b\u0438\u0447\u043d\u044b\u0435 RAT, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0442 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u043e\u0441\u0443\u0449\u0435\u0441\u0442\u0432\u043b\u044f\u0442\u044c \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0435 \u0441\u043a\u043e\u043c\u043f\u0440\u043e\u043c\u0435\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u043c\u0438 \u0441\u0438\u0441\u0442\u0435\u043c\u0430\u043c\u0438, \u043a\u0440\u0430\u0436\u0443 \u043a\u043e\u043d\u0444\u0438\u0434\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u044b\u0445 \u0434\u0430\u043d\u043d\u044b\u0445, \u0430 \u0442\u0430\u043a\u0436\u0435 \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0442\u044c \u0434\u0440\u0443\u0433\u0438\u0435 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0435 \u0434\u0435\u0439\u0441\u0442\u0432\u0438\u044f.\n\n\u0412 \u043f\u0440\u0435\u0434\u044b\u0434\u0443\u0449\u0438\u0445 \u043a\u0430\u043c\u043f\u0430\u043d\u0438\u044f\u0445\u00a0\u0433\u0440\u0443\u043f\u043f\u0430 \u0437\u0430\u0434\u0435\u0439\u0441\u0442\u0432\u043e\u0432\u0430\u043b\u0430 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0435 \u044d\u043b\u0435\u043a\u0442\u0440\u043e\u043d\u043d\u044b\u0435 \u043f\u0438\u0441\u044c\u043c\u0430 \u0441 \u0432\u043b\u043e\u0436\u0435\u043d\u043d\u044b\u043c\u0438 \u0434\u043e\u043a\u0443\u043c\u0435\u043d\u0442\u0430\u043c\u0438 Word, Excel \u0438\u043b\u0438 PDF.\n\n\u041d\u0435\u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0438\u0437 \u043d\u0438\u0445 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u043e\u0432\u0430\u043b\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c\u00a0CVE-2017-0199, \u0437\u0430\u0433\u0440\u0443\u0436\u0430\u044f \u0441\u043a\u0440\u0438\u043f\u0442\u044b VBS \u0438\u043b\u0438 PowerShell \u0434\u043b\u044f \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043a\u0438 \u043c\u043e\u0434\u0438\u0444\u0438\u0446\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0445 \u0432\u0435\u0440\u0441\u0438\u0439 \u0440\u0430\u0437\u043b\u0438\u0447\u043d\u044b\u0445 \u0441\u0435\u043c\u0435\u0439\u0441\u0442\u0432 RAT, \u0442\u0430\u043a\u0438\u0445 \u043a\u0430\u043a RevengeRAT, NanoCoreRAT, NjRAT, 888 RAT \u0438 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u043e\u0433\u043e \u041f\u041e ProCC.\n\n\u042d\u0442\u0438 \u043a\u0430\u043c\u043f\u0430\u043d\u0438\u0438 \u0437\u0430\u0442\u0440\u043e\u043d\u0443\u043b\u0438 \u043e\u0442\u0435\u043b\u0438 \u0432\u043e \u043c\u043d\u043e\u0433\u0438\u0445 \u0441\u0442\u0440\u0430\u043d\u0430\u0445 \u041b\u0430\u0442\u0438\u043d\u0441\u043a\u043e\u0439 \u0410\u043c\u0435\u0440\u0438\u043a\u0438, \u0432\u043a\u043b\u044e\u0447\u0430\u044f \u0411\u0440\u0430\u0437\u0438\u043b\u0438\u044e, \u0410\u0440\u0433\u0435\u043d\u0442\u0438\u043d\u0443, \u0427\u0438\u043b\u0438 \u0438 \u041c\u0435\u043a\u0441\u0438\u043a\u0443, \u0430 \u0442\u0430\u043a\u0436\u0435 \u0441\u043b\u0443\u0436\u0431\u044b \u0440\u0435\u0433\u0438\u0441\u0442\u0440\u0430\u0446\u0438\u0438 \u0438 \u043e\u0431\u0441\u043b\u0443\u0436\u0438\u0432\u0430\u043d\u0438\u044f \u0433\u043e\u0441\u0442\u0435\u0439 \u043f\u043e \u0432\u0441\u0435\u043c\u0443 \u043c\u0438\u0440\u0443, \u043e\u0441\u043e\u0431\u0435\u043d\u043d\u043e \u0432 \u0420\u043e\u0441\u0441\u0438\u0438, \u0411\u0435\u043b\u0430\u0440\u0443\u0441\u0438, \u0422\u0443\u0440\u0446\u0438\u0438 \u0438 \u0434\u0440\u0443\u0433\u0438\u0445 \u0441\u0442\u0440\u0430\u043d\u0430\u0445.\n\n\u041f\u043e\u0437\u0436\u0435 RevengeHotels \u0440\u0430\u0441\u0448\u0438\u0440\u0438\u043b\u0430 \u0441\u0432\u043e\u0439 \u0430\u0440\u0441\u0435\u043d\u0430\u043b, \u0434\u043e\u0431\u0430\u0432\u0438\u0432 XWorm - RAT \u0441 \u043a\u043e\u043c\u0430\u043d\u0434\u0430\u043c\u0438 \u0434\u043b\u044f \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f, \u043a\u0440\u0430\u0436\u0438 \u0434\u0430\u043d\u043d\u044b\u0445 \u0438 \u0441\u043e\u0445\u0440\u0430\u043d\u0435\u043d\u0438\u044f \u0430\u043a\u0442\u0438\u0432\u043d\u043e\u0441\u0442\u0438, \u0441\u0440\u0435\u0434\u0438 \u043f\u0440\u043e\u0447\u0435\u0433\u043e.\n\n\u0412 \u0445\u043e\u0434\u0435 \u0440\u0430\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u043d\u0438\u044f \u043a\u0430\u043c\u043f\u0430\u043d\u0438\u0438 \u043f\u043e \u0440\u0430\u0441\u043f\u0440\u043e\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044e XWorm \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u041b\u041a \u0432\u044b\u044f\u0432\u0438\u043b\u0438 \u0434\u043e\u0441\u0442\u043e\u0432\u0435\u0440\u043d\u044b\u0435 \u043f\u0440\u0438\u0437\u043d\u0430\u043a\u0438 \u0442\u043e\u0433\u043e, \u0447\u0442\u043e RevengeHotels \u0442\u0430\u043a\u0436\u0435 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b\u0430 RAT-\u0438\u043d\u0441\u0442\u0440\u0443\u043c\u0435\u043d\u0442 DesckVBRAT \u0432 \u0441\u0432\u043e\u0438\u0445 \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u044f\u0445.\n\n\u041b\u0435\u0442\u043e\u043c 2025 \u0433\u043e\u0434\u0430 \u0432 \u043f\u043e\u043b\u0435 \u0437\u0440\u0435\u043d\u0438\u044f \u041b\u041a \u043f\u043e\u043f\u0430\u043b\u0438 \u043d\u043e\u0432\u044b\u0435 \u043a\u0430\u043c\u043f\u0430\u043d\u0438\u0438, \u043d\u0430\u0446\u0435\u043b\u0435\u043d\u043d\u044b\u0435 \u043d\u0430 \u0442\u043e\u0442 \u0436\u0435 \u0441\u0435\u043a\u0442\u043e\u0440 \u0441 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435\u043c \u0432\u0441\u0451 \u0431\u043e\u043b\u0435\u0435 \u0441\u043b\u043e\u0436\u043d\u044b\u0445 \u0438\u043c\u043f\u043b\u0430\u043d\u0442\u043e\u0432 \u0438 \u0438\u043d\u0441\u0442\u0440\u0443\u043c\u0435\u043d\u0442\u043e\u0432.\n\n\u0417\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u043f\u0440\u043e\u0434\u043e\u043b\u0436\u0430\u044e\u0442 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u0444\u0438\u0448\u0438\u043d\u0433\u043e\u0432\u044b\u0435 \u043f\u0438\u0441\u044c\u043c\u0430 \u0441 \u0442\u0435\u043c\u0430\u043c\u0438 \u0441\u0447\u0435\u0442\u043e\u0432-\u0444\u0430\u043a\u0442\u0443\u0440 \u0434\u043b\u044f \u0434\u043e\u0441\u0442\u0430\u0432\u043a\u0438 \u0438\u043c\u043f\u043b\u0430\u043d\u0442\u043e\u0432 VenomRAT \u0447\u0435\u0440\u0435\u0437 \u0437\u0430\u0433\u0440\u0443\u0437\u0447\u0438\u043a\u0438 JavaScript \u0438 PowerShell.\n\n\u0417\u043d\u0430\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u0430\u044f \u0447\u0430\u0441\u0442\u044c \u0438\u0441\u0445\u043e\u0434\u043d\u043e\u0433\u043e \u043a\u043e\u0434\u0430 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u0430 \u0438 \u0437\u0430\u0433\u0440\u0443\u0437\u0447\u0438\u043a\u0430 \u0432 \u044d\u0442\u043e\u0439 \u043a\u0430\u043c\u043f\u0430\u043d\u0438\u0438, \u043f\u043e-\u0432\u0438\u0434\u0438\u043c\u043e\u043c\u0443, \u0441\u0433\u0435\u043d\u0435\u0440\u0438\u0440\u043e\u0432\u0430\u043d\u0430 LLM-\u0430\u0433\u0435\u043d\u0442\u0430\u043c\u0438. \u0422\u0430\u043a \u0447\u0442\u043e  \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u0442\u0435\u043f\u0435\u0440\u044c \u0430\u043a\u0442\u0438\u0432\u043d\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0442 \u0418\u0418 \u0434\u043b\u044f \u0441\u043e\u0432\u0435\u0440\u0448\u0435\u043d\u0441\u0442\u0432\u043e\u0432\u0430\u043d\u0438\u044f \u0441\u0432\u043e\u0438\u0445 \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e\u0441\u0442\u0435\u0439.\n\n\u041e\u0441\u043d\u043e\u0432\u043d\u044b\u043c\u0438 \u0446\u0435\u043b\u044f\u043c\u0438 \u043d\u043e\u0432\u044b\u0445 \u0430\u0442\u0430\u043a \u044f\u0432\u043b\u044f\u044e\u0442\u0441\u044f \u0431\u0440\u0430\u0437\u0438\u043b\u044c\u0441\u043a\u0438\u0439 \u0433\u043e\u0441\u0442\u0438\u043d\u0438\u043d\u0438\u0447\u043d\u044b\u0439 \u0441\u0435\u043a\u0442\u043e\u0440, \u043d\u043e \u0442\u0430\u043a\u0436\u0435 \u043c\u043e\u0436\u0435\u0442 \u0432\u043a\u043b\u044e\u0447\u0430\u0442\u044c \u0446\u0435\u043b\u0438 \u0432 \u0438\u0441\u043f\u0430\u043d\u043e\u044f\u0437\u044b\u0447\u043d\u044b\u0445 \u0441\u0442\u0440\u0430\u043d\u0430\u0445 \u0438\u043b\u0438 \u0440\u0435\u0433\u0438\u043e\u043d\u0430\u0445.\n\n\u0411\u043b\u0430\u0433\u043e\u0434\u0430\u0440\u044f \u0432\u0441\u0435\u0441\u0442\u043e\u0440\u043e\u043d\u043d\u0435\u043c\u0443 \u0430\u043d\u0430\u043b\u0438\u0437\u0443 \u0441\u0445\u0435\u043c \u0430\u0442\u0430\u043a \u0438 TTPs \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u041b\u041a \u0441 \u0432\u044b\u0441\u043e\u043a\u043e\u0439 \u0441\u0442\u0435\u043f\u0435\u043d\u044c\u044e \u0443\u0432\u0435\u0440\u0435\u043d\u043d\u043e\u0441\u0442\u0438 \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u0438\u043b\u0438, \u0447\u0442\u043e \u043e\u0442\u0432\u0435\u0442\u0441\u0442\u0432\u0435\u043d\u043d\u044b\u043c \u0437\u0430 \u043d\u0438\u0445 \u0434\u0435\u0439\u0441\u0442\u0432\u0438\u0442\u0435\u043b\u044c\u043d\u043e \u044f\u0432\u043b\u044f\u0435\u0442\u0441\u044f RevengeHotels.\n\n\u0412 \u0446\u0435\u043b\u043e\u043c, \u043a\u0430\u043a \u043e\u0442\u043c\u0435\u0447\u0430\u044e\u0442 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438, \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e \u0430\u0433\u0435\u043d\u0442\u043e\u0432 LLM \u0433\u0440\u0443\u043f\u043f\u0430 \u0441\u043c\u043e\u0433\u043b\u0430 \u0441\u043e\u0437\u0434\u0430\u0432\u0430\u0442\u044c \u0438 \u043c\u043e\u0434\u0438\u0444\u0438\u0446\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u0444\u0438\u0448\u0438\u043d\u0433\u043e\u0432\u044b\u0435 \u043f\u0440\u0438\u043c\u0430\u043d\u043a\u0438, \u0440\u0430\u0441\u0448\u0438\u0440\u044f\u044f \u0441\u0432\u043e\u0438 \u0430\u0442\u0430\u043a\u0438 \u043d\u0430 \u043d\u043e\u0432\u044b\u0435 \u0440\u0435\u0433\u0438\u043e\u043d\u044b.\n\n\u0418, \u0435\u0441\u043b\u0438 \u0432\u0435\u0431-\u0441\u0430\u0439\u0442\u044b, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u043c\u044b\u0435 \u0434\u043b\u044f \u044d\u0442\u0438\u0445 \u0430\u0442\u0430\u043a, \u0438 \u043d\u0430\u0447\u0430\u043b\u044c\u043d\u0430\u044f \u043f\u043e\u043b\u0435\u0437\u043d\u0430\u044f \u043d\u0430\u0433\u0440\u0443\u0437\u043a\u0430 \u043f\u043e\u0441\u0442\u043e\u044f\u043d\u043d\u043e \u043c\u0435\u043d\u044f\u044e\u0442\u0441\u044f, \u0442\u043e \u043a\u043e\u043d\u0435\u0447\u043d\u0430\u044f \u0446\u0435\u043b\u044c \u043e\u0441\u0442\u0430\u0451\u0442\u0441\u044f \u043f\u0440\u0435\u0436\u043d\u0435\u0439: \u0432\u043d\u0435\u0434\u0440\u0435\u043d\u0438\u0435 RAT.\n\n\u0422\u0435\u0445\u043d\u0438\u0447\u0435\u0441\u043a\u0438\u0439 \u0440\u0430\u0437\u0431\u043e\u0440 \u0430\u0442\u0430\u043a \u0438 \u0438\u043d\u0441\u0442\u0440\u0443\u043c\u0435\u043d\u0442\u0430\u0440\u0438\u044f, \u0430 \u0442\u0430\u043a\u0436\u0435 IOCs - \u0432 \u043e\u0442\u0447\u0435\u0442\u0435.", "creation_timestamp": "2025-09-18T12:50:06.000000Z"}, {"uuid": "910e4898-7909-4b40-96c0-1bb33ba64ebc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2017-0199", "type": "exploited", "source": "https://t.me/alexmakus/1226", "content": "\u0410\u0433\u0430, \u0430 \u0432\u043e\u0442 \u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c, \u0447\u0435\u0440\u0435\u0437 \u043a\u043e\u0442\u043e\u0440\u0443\u044e \u0440\u0430\u0441\u043f\u0440\u043e\u0441\u0442\u0440\u0430\u043d\u044f\u0435\u0442\u0441\u044f Petya.A https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0199", "creation_timestamp": "2017-06-27T16:57:35.000000Z"}, {"uuid": "adf02a76-5dd1-4e2a-96e4-60e5432edc57", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2017-0199", "type": "published-proof-of-concept", "source": "https://t.me/ics_cert/693", "content": "\u06af\u0631\u0648\u0647 Group-IB APT \u0635\u0648\u0631\u062a\u06cc \u062a\u06cc\u0631\u0647 \u0631\u0627 \u06a9\u0634\u0641 \u06a9\u0631\u062f \u06a9\u0647 \u062f\u0631 \u062d\u0645\u0644\u0627\u062a \u0628\u0647 \u0633\u0627\u0632\u0645\u0627\u0646\u200c\u0647\u0627\u06cc \u062f\u0648\u0644\u062a\u06cc \u0648 \u062a\u0623\u0633\u06cc\u0633\u0627\u062a \u0646\u0638\u0627\u0645\u06cc \u062f\u0631 \u0645\u0646\u0637\u0642\u0647 \u0622\u0633\u06cc\u0627 \u0648 \u0627\u0642\u06cc\u0627\u0646\u0648\u0633\u06cc\u0647 \u0628\u0627 \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0627\u0632 \u0628\u062f\u0627\u0641\u0632\u0627\u0631 \u0648\u06cc\u0698\u0647 \u0628\u0631\u0627\u06cc \u0633\u0631\u0642\u062a \u0627\u0637\u0644\u0627\u0639\u0627\u062a \u062f\u0633\u062a \u062f\u0627\u0634\u062a.\n\nART \u0642\u0628\u0644\u0627\u064b \u062a\u062d\u062a \u0631\u0627\u062f\u0627\u0631 \u0645\u062d\u0642\u0642\u0627\u0646 \u0686\u06cc\u0646\u06cc \u0627\u0632 \u0622\u0632\u0645\u0627\u06cc\u0634\u06af\u0627\u0647 \u0634\u06a9\u0627\u0631 Anheng \u0642\u0631\u0627\u0631 \u06af\u0631\u0641\u062a\u0647 \u0627\u0633\u062a \u06a9\u0647 \u0627\u06cc\u0646 \u06af\u0631\u0648\u0647 \u0631\u0627 \u0628\u0647 \u0639\u0646\u0648\u0627\u0646 \u06af\u0631\u0648\u0647 Saaiwc \u062f\u0646\u0628\u0627\u0644 \u0645\u06cc \u06a9\u0646\u0646\u062f. \u0627\u06cc\u0646 \u06af\u0632\u0627\u0631\u0634 \u0632\u0646\u062c\u06cc\u0631\u0647\u200c\u0627\u06cc \u0627\u0632 \u062d\u0645\u0644\u0627\u062a \u0631\u0627 \u062a\u0648\u0635\u06cc\u0641 \u0645\u06cc\u200c\u06a9\u0646\u062f \u06a9\u0647 \u06cc\u06a9\u06cc \u0627\u0632 \u0622\u0646\u0647\u0627 \u0628\u0627 \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0627\u0632 \u06cc\u06a9 \u0627\u0644\u06af\u0648\u06cc \u0645\u0627\u06cc\u06a9\u0631\u0648\u0633\u0627\u0641\u062a \u0622\u0641\u06cc\u0633 \u0628\u0627 \u0645\u0627\u06a9\u0631\u0648\u0647\u0627\u06cc \u0645\u062e\u0631\u0628 \u0628\u0631\u0627\u06cc \u0633\u0648\u0621 \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0627\u0632 CVE-2017-0199 \u0642\u062f\u06cc\u0645\u06cc \u0648 \u062e\u0637\u0631\u0646\u0627\u06a9 \u0627\u062c\u0631\u0627 \u0634\u062f\u0647 \u0627\u0633\u062a.\n\n\u06af\u0631\u0648\u0647 Group-IB \u0627\u0634\u0627\u0631\u0647 \u06a9\u0631\u062f \u06a9\u0647 Dark Pink \u062f\u0627\u0631\u0627\u06cc TTP \u0647\u0627\u06cc \u0645\u0646\u062d\u0635\u0631 \u0628\u0647 \u0641\u0631\u062f \u0627\u0633\u062a \u0648 \u06cc\u06a9 \u062c\u0639\u0628\u0647 \u0627\u0628\u0632\u0627\u0631 \u0633\u0641\u0627\u0631\u0634\u06cc \u06a9\u0647 \u062f\u0631 \u062d\u0645\u0644\u0627\u062a \u06cc\u0627\u0641\u062a \u0645\u06cc \u0634\u0648\u062f \u0645\u06cc \u062a\u0648\u0627\u0646\u062f \u0628\u0631\u0627\u06cc \u0633\u0631\u0642\u062a \u0627\u0637\u0644\u0627\u0639\u0627\u062a \u0648 \u062a\u0648\u0632\u06cc\u0639 \u0628\u062f\u0627\u0641\u0632\u0627\u0631 \u0627\u0632 \u0637\u0631\u06cc\u0642 \u062f\u0631\u0627\u06cc\u0648\u0647\u0627\u06cc USB \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0634\u0648\u062f.\n\n\u0645\u0647\u0627\u062c\u0645 \u0627\u0632 \u0628\u0627\u0631\u06af\u0630\u0627\u0631\u06cc DLL \u0645\u0646\u062a\u0634\u0631\u0646\u0634\u062f\u0647 \u0648 \u0631\u0648\u0634\u200c\u0647\u0627\u06cc \u0631\u0627\u0647\u200c\u0627\u0646\u062f\u0627\u0632\u06cc \u0631\u0648\u06cc\u062f\u0627\u062f \u0628\u0631\u0627\u06cc \u0627\u0633\u062a\u062e\u0631\u0627\u062c \u0628\u0627\u0631\u0647\u0627\u06cc \u0631\u0648\u06cc \u0633\u06cc\u0633\u062a\u0645\u200c\u0647\u0627\u06cc \u0642\u0631\u0628\u0627\u0646\u06cc \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0645\u06cc\u200c\u06a9\u0646\u062f.\n\n\u0647\u062f\u0641 \u0645\u0647\u0627\u062c\u0645 \u0633\u0631\u0642\u062a \u0627\u0637\u0644\u0627\u0639\u0627\u062a \u0627\u0632 \u0645\u0631\u0648\u0631\u06af\u0631\u0647\u0627\u060c \u062f\u0633\u062a\u0631\u0633\u06cc \u0628\u0647 \u067e\u06cc\u0627\u0645\u200c\u0631\u0633\u0627\u0646\u200c\u0647\u0627\u06cc \u0641\u0648\u0631\u06cc\u060c \u0627\u0633\u062a\u062e\u0631\u0627\u062c \u0627\u0633\u0646\u0627\u062f \u0648 \u0631\u0647\u06af\u06cc\u0631\u06cc \u0627\u0637\u0644\u0627\u0639\u0627\u062a \u0635\u0648\u062a\u06cc \u0627\u0632 \u0645\u06cc\u06a9\u0631\u0648\u0641\u0648\u0646 \u062f\u0633\u062a\u06af\u0627\u0647 \u0622\u0644\u0648\u062f\u0647 \u0627\u0633\u062a.\n\n\u0628\u0647 \u06af\u0641\u062a\u0647 \u0645\u062d\u0642\u0642\u0627\u0646\u060c \u0627\u0632 \u0698\u0648\u0626\u0646 \u062a\u0627 \u062f\u0633\u0627\u0645\u0628\u0631 2022\u060c Dark Pink \u0645\u0648\u0641\u0642 \u0628\u0647 \u0627\u062c\u0631\u0627\u06cc \u062d\u062f\u0627\u0642\u0644 \u0647\u0641\u062a \u062d\u0645\u0644\u0647 \u0645\u0648\u0641\u0642\u06cc\u062a \u0622\u0645\u06cc\u0632 \u0634\u062f\u0647 \u0627\u0633\u062a.\n\n\u06cc\u06a9 \u0646\u0645\u0648\u0646\u0647 \u0627\u0648\u0644\u06cc\u0647 \u062d\u0645\u0644\u0647\u060c \u0627\u06cc\u0645\u06cc\u0644\u200c\u0647\u0627\u06cc \u0641\u06cc\u0634\u06cc\u0646\u06af \u0645\u0631\u0628\u0648\u0637 \u0628\u0647 \u0627\u0633\u062a\u062e\u062f\u0627\u0645 \u0627\u0633\u062a \u06a9\u0647 \u0642\u0631\u0628\u0627\u0646\u06cc \u0631\u0627 \u0641\u0631\u06cc\u0628 \u0645\u06cc\u200c\u062f\u0647\u062f \u062a\u0627 \u0641\u0627\u06cc\u0644 \u062a\u0635\u0648\u06cc\u0631\u06cc ISO \u0645\u062e\u0631\u0628 \u0631\u0627 \u062f\u0627\u0646\u0644\u0648\u062f \u06a9\u0646\u062f.\n\n\u0627\u0645\u0627 \u0627\u0646\u0648\u0627\u0639 \u062f\u06cc\u06af\u0631\u06cc \u0627\u0632 \u0632\u0646\u062c\u06cc\u0631\u0647 \u062d\u0645\u0644\u0627\u062a \u0646\u06cc\u0632 \u0634\u0646\u0627\u0633\u0627\u06cc\u06cc \u0634\u062f\u0646\u062f. \u0628\u0647 \u0648\u06cc\u0698\u0647\u060c \u0628\u0627\u0632\u06cc\u06af\u0631 \u0647\u0645\u0686\u0646\u06cc\u0646 \u0627\u0632 \u06cc\u06a9 \u0641\u0627\u06cc\u0644 ISO \u0628\u0627 \u06cc\u06a9 \u0633\u0646\u062f \u0641\u0631\u06cc\u0628\u0646\u062f\u0647\u060c \u06cc\u06a9 \u0641\u0627\u06cc\u0644 \u0627\u062c\u0631\u0627\u06cc\u06cc \u0627\u0645\u0636\u0627 \u0634\u062f\u0647 \u0648 \u06cc\u06a9 DLL \u0645\u062e\u0631\u0628 \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u06a9\u0631\u062f \u06a9\u0647 \u0645\u0646\u062c\u0631 \u0628\u0647 \u0627\u0633\u062a\u0642\u0631\u0627\u0631 \u06cc\u06a9\u06cc \u0627\u0632 \u062f\u0648 \u062f\u0632\u062f \u0633\u0641\u0627\u0631\u0634\u06cc \u0627\u0632 \u0637\u0631\u06cc\u0642 \u0628\u0627\u0631\u06af\u0630\u0627\u0631\u06cc \u062c\u0627\u0646\u0628\u06cc DLL \u0634\u062f.\n\nCucky \u0648 Ctealer \u0646\u0631\u0645 \u0627\u0641\u0632\u0627\u0631\u0647\u0627\u06cc \u0645\u062e\u0635\u0648\u0635 \u0633\u0631\u0642\u062a \u0627\u0637\u0644\u0627\u0639\u0627\u062a \u0647\u0633\u062a\u0646\u062f \u06a9\u0647 \u0628\u0647 \u062a\u0631\u062a\u06cc\u0628 \u0628\u0627 \u062f\u0627\u062a \u0646\u062a \u0648 \u0633\u06cc \u067e\u0644\u0627\u0633 \u067e\u0644\u0627\u0633 \u0646\u0648\u0634\u062a\u0647 \u0634\u062f\u0647 \u0627\u0646\u062f \u0648 \u0628\u0627 \u0647\u062f\u0641 \u0627\u0633\u062a\u062e\u0631\u0627\u062c \u0631\u0645\u0632\u0647\u0627\u06cc \u0639\u0628\u0648\u0631\u060c \u062a\u0627\u0631\u06cc\u062e\u0686\u0647 \u0645\u0631\u0648\u0631\u060c \u0648\u0631\u0648\u062f \u0628\u0647 \u0633\u06cc\u0633\u062a\u0645 \u0630\u062e\u06cc\u0631\u0647 \u0634\u062f\u0647 \u0648 \u06a9\u0648\u06a9\u06cc \u0647\u0627 \u0627\u0632 \u062a\u0645\u0627\u0645 \u0645\u0631\u0648\u0631\u06af\u0631\u0647\u0627\u06cc \u0648\u0628 \u0634\u0646\u0627\u062e\u062a\u0647 \u0634\u062f\u0647 \u0647\u0633\u062a\u0646\u062f.\n\n\u0645\u0631\u062d\u0644\u0647 \u0628\u0639\u062f\u06cc \u0628\u0627\u0632\u0646\u0634\u0627\u0646\u06cc \u0627\u06cc\u0645\u067e\u0644\u0646\u062a \u0631\u062c\u06cc\u0633\u062a\u0631\u06cc \u0628\u0647 \u0646\u0627\u0645 TelePowerBot \u0628\u0648\u062f \u06a9\u0647 \u0627\u0632 \u0637\u0631\u06cc\u0642 \u06cc\u06a9 \u0627\u0633\u06a9\u0631\u06cc\u067e\u062a \u062f\u0631 \u0647\u0646\u06af\u0627\u0645 \u0628\u0648\u062a \u0633\u06cc\u0633\u062a\u0645 \u0631\u0627\u0647 \u0627\u0646\u062f\u0627\u0632\u06cc \u0645\u06cc \u0634\u0648\u062f \u0648 \u0628\u0647 \u06a9\u0627\u0646\u0627\u0644 \u062a\u0644\u06af\u0631\u0627\u0645 \u0645\u062a\u0635\u0644 \u0645\u06cc \u0634\u0648\u062f \u0648 \u0627\u0632 \u0622\u0646\u062c\u0627 \u062f\u0633\u062a\u0648\u0631\u0627\u062a PowerShell \u0631\u0627 \u0628\u0631\u0627\u06cc \u0627\u062c\u0631\u0627 \u062f\u0631\u06cc\u0627\u0641\u062a \u0645\u06cc \u06a9\u0646\u062f.\n\n\u0628\u0647 \u0637\u0648\u0631 \u0645\u0639\u0645\u0648\u0644\u060c \u062f\u0633\u062a\u0648\u0631\u0627\u062a \u0628\u0647 \u0634\u0645\u0627 \u0627\u0645\u06a9\u0627\u0646 \u0645\u06cc \u062f\u0647\u0646\u062f \u0627\u0628\u0632\u0627\u0631\u0647\u0627\u06cc \u06a9\u0646\u0633\u0648\u0644 \u0633\u0627\u062f\u0647 \u06cc\u0627 \u0627\u0633\u06a9\u0631\u06cc\u067e\u062a \u0647\u0627\u06cc \u067e\u06cc\u0686\u06cc\u062f\u0647 PowerShell \u0631\u0627 \u0627\u062c\u0631\u0627 \u06a9\u0646\u06cc\u062f \u06a9\u0647 \u0646\u0627\u0648\u0628\u0631\u06cc \u062c\u0627\u0646\u0628\u06cc \u0631\u0627 \u0627\u0632 \u0637\u0631\u06cc\u0642 \u062f\u0631\u0627\u06cc\u0648\u0647\u0627\u06cc USB \u0642\u0627\u0628\u0644 \u062c\u0627\u0628\u062c\u0627\u06cc\u06cc \u0641\u0631\u0627\u0647\u0645 \u0645\u06cc \u06a9\u0646\u062f.\n\n\u06af\u0632\u06cc\u0646\u0647 \u062f\u06cc\u06af\u0631 \u0634\u0627\u0645\u0644 \u06cc\u06a9 \u0633\u0646\u062f \u0645\u0627\u06cc\u06a9\u0631\u0648\u0633\u0627\u0641\u062a \u0622\u0641\u06cc\u0633 (.DOC) \u062f\u0631 \u062f\u0627\u062e\u0644 \u06cc\u06a9 \u0641\u0627\u06cc\u0644 ISO \u0628\u0648\u062f \u06a9\u0647 \u0648\u0642\u062a\u06cc \u0627\u0632 GitHub \u0628\u0627\u0632 \u0634\u062f\u060c \u06cc\u06a9 \u0627\u0644\u06af\u0648 \u0628\u0627 \u06cc\u06a9 \u0645\u0627\u06a9\u0631\u0648 \u0645\u062e\u0631\u0628 \u06a9\u0647 TelePowerBot \u0631\u0627 \u062f\u0627\u0646\u0644\u0648\u062f \u06a9\u0631\u062f\u0647 \u0648 \u062a\u063a\u06cc\u06cc\u0631\u0627\u062a\u06cc \u062f\u0631 \u0631\u062c\u06cc\u0633\u062a\u0631\u06cc \u0648\u06cc\u0646\u062f\u0648\u0632 \u0627\u06cc\u062c\u0627\u062f \u06a9\u0631\u062f\u060c \u0628\u0627\u0632\u06cc\u0627\u0628\u06cc \u06a9\u0631\u062f.\n\n\u0632\u0646\u062c\u06cc\u0631\u0647 \u0633\u0648\u0645 \u062d\u0645\u0644\u0627\u062a\u060c \u06a9\u0647 \u062f\u0631 \u062f\u0633\u0627\u0645\u0628\u0631 2022 \u0627\u0646\u062c\u0627\u0645 \u0634\u062f\u060c \u0645\u0634\u0627\u0628\u0647 \u0627\u0648\u0644\u06cc\u0646 \u0628\u0648\u062f. \u0628\u0627 \u0627\u06cc\u0646 \u062d\u0627\u0644\u060c \u0628\u0647 \u062c\u0627\u06cc TelePowerBot\u060c \u0628\u062f\u0627\u0641\u0632\u0627\u0631 \u0648\u06cc\u0698\u0647 \u062f\u06cc\u06af\u0631\u06cc \u0628\u0627\u0631\u06af\u0630\u0627\u0631\u06cc \u0634\u062f \u06a9\u0647 \u0645\u062d\u0642\u0642\u0627\u0646 \u0622\u0646 \u0631\u0627 KamiKakaBot \u0645\u06cc \u0646\u0627\u0645\u0646\u062f \u06a9\u0647 \u0628\u0631\u0627\u06cc \u0627\u062c\u0631\u0627\u06cc \u062f\u0633\u062a\u0648\u0631\u0627\u062a \u0637\u0631\u0627\u062d\u06cc \u0634\u062f\u0647 \u0627\u0633\u062a.\n\nKamiKakaBot \u06cc\u06a9 \u0646\u0633\u062e\u0647 \u062f\u0627\u062a \u0646\u062a \u0627\u0632 TelePowerBot \u0627\u0633\u062a \u06a9\u0647 \u0642\u0627\u0628\u0644\u06cc\u062a \u0633\u0631\u0642\u062a \u0627\u0637\u0644\u0627\u0639\u0627\u062a \u0631\u0627 \u0646\u06cc\u0632 \u062f\u0627\u0631\u062f \u0648 \u062f\u0627\u062f\u0647 \u0647\u0627\u06cc \u0630\u062e\u06cc\u0631\u0647 \u0634\u062f\u0647 \u062f\u0631 \u0645\u0631\u0648\u0631\u06af\u0631\u0647\u0627\u06cc Chrome \u0648 Firefox \u0631\u0627 \u0647\u062f\u0641 \u0642\u0631\u0627\u0631 \u0645\u06cc \u062f\u0647\u062f.\n\n\u0639\u0644\u0627\u0648\u0647 \u0628\u0631 \u0627\u06cc\u0646\u060c Dark Pink \u0627\u0632 \u06cc\u06a9 \u0627\u0633\u06a9\u0631\u06cc\u067e\u062a\u06cc \u0646\u06cc\u0632 \u0628\u0631\u0627\u06cc \u0636\u0628\u0637 \u0635\u062f\u0627 \u0627\u0632 \u0637\u0631\u06cc\u0642 \u0645\u06cc\u06a9\u0631\u0648\u0641\u0648\u0646 \u062f\u0631 \u0641\u0627\u0635\u0644\u0647 \u0632\u0645\u0627\u0646\u06cc \u06cc\u06a9 \u062f\u0642\u06cc\u0642\u0647 \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u06a9\u0631\u062f. \u062f\u0627\u062f\u0647 \u0647\u0627 \u0628\u0647 \u0639\u0646\u0648\u0627\u0646 \u06cc\u06a9 \u0622\u0631\u0634\u06cc\u0648 ZIP \u062f\u0631 \u06cc\u06a9 \u067e\u0648\u0634\u0647 \u0645\u0648\u0642\u062a \u0648\u06cc\u0646\u062f\u0648\u0632 \u0630\u062e\u06cc\u0631\u0647 \u0645\u06cc \u0634\u0648\u0646\u062f \u0648 \u0633\u067e\u0633 \u0627\u0632 \u0637\u0631\u06cc\u0642 \u0631\u0628\u0627\u062a \u062a\u0644\u06af\u0631\u0627\u0645 \u0645\u0646\u062a\u0642\u0644 \u0645\u06cc \u0634\u0648\u0646\u062f.\n\n\u0639\u0644\u0627\u0648\u0647 \u0628\u0631 \u0627\u06cc\u0646\u060c \u0645\u0647\u0627\u062c\u0645 \u0627\u0632 \u0627\u0628\u0632\u0627\u0631 \u0648\u06cc\u0698\u0647 ZMsg \u0628\u0631\u0627\u06cc \u0627\u0633\u062a\u062e\u0631\u0627\u062c \u0627\u0637\u0644\u0627\u0639\u0627\u062a \u0627\u0632 \u067e\u06cc\u0627\u0645 \u0631\u0633\u0627\u0646 \u0647\u0627 \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0645\u06cc \u06a9\u0646\u062f \u06a9\u0647 \u0645\u06a9\u0627\u062a\u0628\u0627\u062a Viber\u060c Telegram \u0648 Zalo \u0631\u0627 \u0645\u06cc \u062f\u0632\u062f\u062f.\n\n\u0646\u062a\u0627\u06cc\u062c \u062a\u062c\u0632\u06cc\u0647 \u0648 \u062a\u062d\u0644\u06cc\u0644 \u0641\u0639\u0627\u0644\u06cc\u062a Dark Pink \u0628\u0647 Group-IB \u0627\u062c\u0627\u0632\u0647 \u062f\u0627\u062f \u062a\u0627 \u0628\u0647 \u0627\u062d\u062a\u0645\u0627\u0644 \u0632\u06cc\u0627\u062f \u0645\u0648\u0641\u0642\u06cc\u062a \u0647\u0641\u062a \u062d\u0645\u0644\u0647 \u0631\u0627 \u0627\u0639\u0644\u0627\u0645 \u06a9\u0646\u062f\u060c \u0627\u0645\u0627 \u0645\u062d\u0642\u0642\u0627\u0646 \u0645\u0639\u062a\u0642\u062f\u0646\u062f \u06a9\u0647 \u0645\u06cc\u200c\u062a\u0648\u0627\u0646\u062f \u0628\u0633\u06cc\u0627\u0631 \u0628\u06cc\u0634\u062a\u0631 \u0628\u0627\u0634\u062f.\n\n\ud83d\udc6e\u200d\u2640\ufe0f\ud83d\udc6e\u200d\u2640\ufe0f \u0628\u0627\u0632\u0646\u0634\u0631 \u0645\u0637\u0627\u0644\u0628 \u0627\u06cc\u0646 \u06a9\u0627\u0646\u0627\u0644 \u0635\u0631\u0641\u0627 \u0628\u0627 \u0630\u06a9\u0631 \u0645\u0646\u0628\u0639 \u0648 \u0622\u062f\u0631\u0633 \u06a9\u0627\u0645\u0644 \u06a9\u0627\u0646\u0627\u0644 \u0645\u062c\u0627\u0632 \u0645\u06cc\u0628\u0627\u0634\u062f.\n\n\ud83c\udfed\u0648\u0628\u0633\u0627\u06cc\u062a \u0648 \u06a9\u0627\u0646\u0627\u0644 \u062a\u062e\u0635\u0635\u06cc \u0627\u0645\u0646\u06cc\u062a \u0632\u06cc\u0631\u0633\u0627\u062e\u062a\u0647\u0627\u06cc \u0627\u062a\u0648\u0645\u0627\u0633\u06cc\u0648\u0646 \u0648 \u06a9\u0646\u062a\u0631\u0644 \u0635\u0646\u0639\u062a\u06cc\n\n\u0627\u062f\u0645\u06cc\u0646:\nhttps://t.me/pedram_kiani\n\u06a9\u0627\u0646\u0627\u0644 \u062a\u0644\u06af\u0631\u0627\u0645:\nhttps://t.me/ics_cert\n\u062a\u0648\u06cc\u06cc\u062a\u0631:\nhttps://twitter.com/icscerti", "creation_timestamp": "2023-01-27T19:02:57.000000Z"}, {"uuid": "456e1c5a-1145-4615-a938-14ae6721bf74", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2017-0199", "type": "exploited", "source": "https://t.me/BleepingComputer/1070", "content": "The Week in Ransomware - April 28th 2017 -\n\nWas a good week as not a lot of news when it comes to ransomware. Some more in-dev crap and nothing really new this week. The biggest news is that Cerber is now being distributed via MALSPAM that utilizes CVE-2017-0199\u00a0in the attached DOC files. [...]\n\nhttps://www.bleepingcomputer.com/news/security/the-week-in-ransomware-april-28th-2017-/", "creation_timestamp": "2017-04-28T22:17:06.000000Z"}, {"uuid": "ae2ba9c3-522f-4b9e-8fe7-f83ab8ccb2ea", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2017-0199", "type": "exploited", "source": "https://t.me/BleepingComputer/999", "content": "Recent Microsoft 0-Day Used for Cyber-Espionage and Mundane Malware Distribution\n\nThe saga of CVE-2017-0199, a recently patched zero-day vulnerability affecting Microsoft Office and WordPad, just got a little stranger yesterday after cyber-security firm FireEye revealed the vulnerability was used by both cyber-criminals pushing mundane malware, and also by state-sponsored cyber-espionage groups. [...]\n\nhttps://www.bleepingcomputer.com/news/security/recent-microsoft-0-day-used-for-cyber-espionage-and-mundane-malware-distribution/", "creation_timestamp": "2017-04-13T12:02:35.000000Z"}, {"uuid": "d60bca7e-b235-4de7-87b9-40e820ee876a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2017-0199", "type": "seen", "source": "https://t.me/true_secator/7370", "content": "\u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u0438\u0437 \u041b\u0430\u0431\u043e\u0440\u0430\u0442\u043e\u0440\u0438\u0438 \u041a\u0430\u0441\u043f\u0435\u0440\u0441\u043a\u043e\u0433\u043e \u043f\u0440\u043e\u0434\u043e\u043b\u0436\u0430\u044e\u0442 \u0433\u043e\u0442\u043e\u0432\u0438\u0442\u044c \u0430\u043d\u0430\u043b\u0438\u0442\u0438\u043a\u0443 \u043f\u043e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044f\u043c, \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u0438\u0432 \u0441\u043e\u043e\u0442\u0432\u0435\u0442\u0441\u0442\u0432\u0443\u044e\u0449\u0438\u0439 \u043e\u0442\u0447\u0435\u0442 \u0437\u0430 2 \u043a\u0432\u0430\u0440\u0442\u0430\u043b 2025 \u0433\u043e\u0434\u0430.\n\n\u0420\u0435\u0433\u0438\u0441\u0442\u0440\u0430\u0446\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044f\u043c \u0432\u043e \u0432\u0442\u043e\u0440\u043e\u043c \u043a\u0432\u0430\u0440\u0442\u0430\u043b\u0435 2025 \u0433\u043e\u0434\u0430 \u043e\u043a\u0430\u0437\u0430\u043b\u0430\u0441\u044c \u0432\u0435\u0441\u044c\u043c\u0430 \u0434\u0438\u043d\u0430\u043c\u0438\u0447\u043d\u043e\u0439.\n\n\u041e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043d\u043d\u044b\u0435 \u043e\u0448\u0438\u0431\u043a\u0438 \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u044e\u0442 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u044c \u043f\u0440\u0430\u043a\u0442\u0438\u0447\u0435\u0441\u043a\u0438 \u0432\u0441\u0435\u0445 \u043f\u043e\u0434\u0441\u0438\u0441\u0442\u0435\u043c \u043a\u043e\u043c\u043f\u044c\u044e\u0442\u0435\u0440\u0430: UEFI, \u0434\u0440\u0430\u0439\u0432\u0435\u0440\u043e\u0432, \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c, \u0431\u0440\u0430\u0443\u0437\u0435\u0440\u043e\u0432, \u0430 \u0442\u0430\u043a\u0436\u0435 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044c\u0441\u043a\u0438\u0445 \u0438 \u0432\u0435\u0431-\u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u0439. \n\n\u0421\u043e\u0433\u043b\u0430\u0441\u043d\u043e \u043d\u0430\u0448\u0435\u043c\u0443 \u0430\u043d\u0430\u043b\u0438\u0437\u0443, \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438, \u043a\u0430\u043a \u0438 \u0432 \u043f\u0440\u0435\u0434\u044b\u0434\u0443\u0449\u0438\u0435 \u043f\u0435\u0440\u0438\u043e\u0434\u044b,\u00a0\u043f\u0440\u043e\u0434\u043e\u043b\u0436\u0430\u044e\u0442 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 \u0440\u0435\u0430\u043b\u044c\u043d\u044b\u0445 \u0430\u0442\u0430\u043a\u0430\u0445 \u0434\u043b\u044f \u043f\u043e\u043b\u0443\u0447\u0435\u043d\u0438\u044f \u0434\u043e\u0441\u0442\u0443\u043f\u0430 \u043a \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044c\u0441\u043a\u0438\u043c \u0441\u0438\u0441\u0442\u0435\u043c\u0430\u043c.\n\n\u0412\u043e \u0432\u0442\u043e\u0440\u043e\u043c \u043a\u0432\u0430\u0440\u0442\u0430\u043b\u0435 2025 \u0433\u043e\u0434\u0430, \u043a\u0430\u043a \u0438 \u043f\u0440\u0435\u0436\u0434\u0435, \u043d\u0430\u0438\u0431\u043e\u043b\u0435\u0435 \u0440\u0430\u0441\u043f\u0440\u043e\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u043d\u044b\u043c\u0438 \u0430\u0442\u0430\u043a\u0430\u043c\u0438 \u0431\u044b\u043b\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u0435 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u044b Microsoft Office, \u0441\u043e\u0434\u0435\u0440\u0436\u0430\u0449\u0438\u0435 \u043d\u0435\u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043d\u044b\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438.\n\n\u0420\u0435\u0448\u0435\u043d\u0438\u044f \u041b\u0430\u0431\u043e\u0440\u0430\u0442\u043e\u0440\u0438\u0438 \u041a\u0430\u0441\u043f\u0435\u0440\u0441\u043a\u043e\u0433\u043e \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u043b\u0438 \u0437\u0430\u0434\u0435\u0442\u0435\u043a\u0442\u0438\u0442\u044c \u043d\u0430\u0438\u0431\u043e\u043b\u044c\u0448\u0435\u0435 \u043a\u043e\u043b\u0438\u0447\u0435\u0441\u0442\u0432\u043e \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u043e\u0432 \u043d\u0430 \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u0435 Windows \u0434\u043b\u044f \u0441\u043b\u0435\u0434\u0443\u044e\u0449\u0438\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439: CVE-2018-0802 (RCE\u0432 \u043a\u043e\u043c\u043f\u043e\u043d\u0435\u043d\u0442\u0435 Equation Editor), CVE-2017-11882 (\u0435\u0449\u0435 \u043e\u0434\u043d\u0430 RCE \u0432 \u0440\u0435\u0434\u0430\u043a\u0442\u043e\u0440\u0435 \u0444\u043e\u0440\u043c\u0443\u043b), CVE-2017-0199 (\u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 Microsoft Office \u0438 WordPad, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0430\u044f \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u044c \u043d\u0430\u0434 \u0441\u0438\u0441\u0442\u0435\u043c\u043e\u0439).\n\n\u0414\u0430\u043b\u0435\u0435 \u0441\u043b\u0435\u0434\u0443\u044e\u0442 \u043d\u0435 \u043c\u0435\u043d\u0435\u0435 \u043f\u043e\u043f\u0443\u043b\u044f\u0440\u043d\u044b\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 WinRAR \u0438 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u044b \u0434\u043b\u044f \u043a\u0440\u0430\u0436\u0438 \u0443\u0447\u0451\u0442\u043d\u044b\u0445 \u0434\u0430\u043d\u043d\u044b\u0445 NetNTLM \u0432 \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u043e\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u0435 Windows: CVE-2023-38831 (\u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 WinRAR), CVE-2025-24071 (\u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043f\u0440\u043e\u0432\u043e\u0434\u043d\u0438\u043a\u0430 Windows) \u0438 CVE-2024-35250 (\u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432\u00a0ks.sys).\n\n\u0414\u043b\u044f \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u043e\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u044b Linux \u043d\u0430\u0438\u0431\u043e\u043b\u0435\u0435 \u0447\u0430\u0441\u0442\u043e \u0444\u0438\u043a\u0441\u0438\u0440\u043e\u0432\u0430\u043b\u0438\u0441\u044c \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u044b \u0434\u043b\u044f \u0441\u043b\u0435\u0434\u0443\u044e\u0449\u0438\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439: CVE-2022-0847 (\u0442\u0430\u043a\u0436\u0435 \u0438\u0437\u0432\u0435\u0441\u0442\u043d\u0430\u044f \u043a\u0430\u043a Dirty Pipe), CVE-2019-13272 (EoP-\u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c, \u0432\u044b\u0437\u0432\u0430\u043d\u043d\u0430\u044f \u043d\u0435\u043f\u0440\u0430\u0432\u0438\u043b\u044c\u043d\u043e\u0439 \u043e\u0431\u0440\u0430\u0431\u043e\u0442\u043a\u043e\u0439 \u043d\u0430\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u043d\u0438\u044f \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439) \u0438 CVE-2021-22555 (\u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043f\u0435\u0440\u0435\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u043a\u0443\u0447\u0438 \u0432 \u043f\u043e\u0434\u0441\u0438\u0441\u0442\u0435\u043c\u0435 \u044f\u0434\u0440\u0430 Netfilter).\n\n\u0412\u043e \u0432\u0442\u043e\u0440\u043e\u043c \u043a\u0432\u0430\u0440\u0442\u0430\u043b\u0435 2025 \u0433\u043e\u0434\u0430 \u043c\u044b \u043e\u0442\u043c\u0435\u0442\u0438\u043b\u0438, \u0447\u0442\u043e \u0440\u0430\u0441\u043f\u0440\u0435\u0434\u0435\u043b\u0435\u043d\u0438\u0435 \u043e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043d\u043d\u044b\u0445 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u043e\u0432 \u043f\u043e \u0442\u0438\u043f\u0430\u043c \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f \u043f\u0440\u043e\u0434\u043e\u043b\u0436\u0438\u043b\u043e \u0442\u0435\u043d\u0434\u0435\u043d\u0446\u0438\u0438 \u043f\u0440\u043e\u0448\u043b\u043e\u0433\u043e \u0433\u043e\u0434\u0430.\n\n\u041a\u0440\u043e\u043c\u0435 \u0442\u043e\u0433\u043e, \u0432 \u043e\u0442\u0447\u0435\u0442\u0435 \u0442\u0430\u043a\u0436\u0435 \u043e\u043f\u0438\u0441\u044b\u0432\u0430\u044e\u0442\u0441\u044f \u0438\u0437\u0432\u0435\u0441\u0442\u043d\u044b\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u043d\u044b\u0435 \u0432 \u043f\u043e\u043f\u0443\u043b\u044f\u0440\u043d\u044b\u0445 \u0444\u0440\u0435\u0439\u043c\u0432\u043e\u0440\u043a\u0430\u0445 C2 (Sliver, Metasploit, Havoc \u0438 Brute Ratel C4) \u0432 \u043f\u0435\u0440\u0432\u043e\u0439 \u043f\u043e\u043b\u043e\u0432\u0438\u043d\u0435 2025 \u0433\u043e\u0434\u0430.\n\n\u041f\u043e\u0441\u043b\u0435 \u0438\u0437\u0443\u0447\u0435\u043d\u0438\u044f \u043e\u0442\u043a\u0440\u044b\u0442\u044b\u0445 \u0438\u0441\u0442\u043e\u0447\u043d\u0438\u043a\u043e\u0432 \u0438 \u0430\u043d\u0430\u043b\u0438\u0437\u0430 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0445 \u043e\u0431\u0440\u0430\u0437\u0446\u043e\u0432 \u0430\u0433\u0435\u043d\u0442\u043e\u0432 C2, \u0432 \u041b\u041a \u043e\u0442\u043c\u0435\u0442\u0438\u043b\u0438 \u0432 APT-\u0430\u0442\u0430\u043a\u0430\u0445 \u0441 \u0443\u0447\u0430\u0441\u0442\u0438\u0435\u043c \u0443\u043f\u043e\u043c\u044f\u043d\u0443\u0442\u044b\u0445 \u0432\u044b\u0448\u0435 \u0444\u0440\u0435\u0439\u043c\u0432\u043e\u0440\u043a\u043e\u0432 C2 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b\u0438\u0441\u044c \u0441\u043b\u0435\u0434\u0443\u044e\u0449\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438:\n\n- CVE-2025-31324 \u0432 SAP NetWeaver Visual Composer Metadata Uploader: \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u0435 \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435 \u043a\u043e\u0434\u0430 \u0438 \u0438\u043c\u0435\u0435\u0442 \u043e\u0446\u0435\u043d\u043a\u0443 CVSS 10,0.\n\n- CVE-2024-1709 \u0432 ConnectWise ScreenConnect 23.9.7: \u043c\u043e\u0436\u0435\u0442 \u043f\u0440\u0438\u0432\u0435\u0441\u0442\u0438 \u043a \u043e\u0431\u0445\u043e\u0434\u0443 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438, \u0442\u0430\u043a\u0436\u0435 \u0438\u043c\u0435\u0435\u0442 \u043e\u0446\u0435\u043d\u043a\u0443 CVSS 10,0.\n\n- CVE-2024-31839, XSS-\u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 \u0438\u043d\u0441\u0442\u0440\u0443\u043c\u0435\u043d\u0442\u0435 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u0433\u043e \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u044f CHAOS v5.0.1: \u043f\u0440\u0438\u0432\u043e\u0434\u0438\u0442 \u043a EoP.\n\n- CVE-2024-30850, RCE-\u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 CHAOS v5.0.1: \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u043e\u0431\u043e\u0439\u0442\u0438 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u044e.\n\n- CVE-2025-33053: \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c, \u0432\u044b\u0437\u0432\u0430\u043d\u043d\u0430\u044f \u043d\u0435\u043f\u0440\u0430\u0432\u0438\u043b\u044c\u043d\u043e\u0439 \u043e\u0431\u0440\u0430\u0431\u043e\u0442\u043a\u043e\u0439 \u043f\u0430\u0440\u0430\u043c\u0435\u0442\u0440\u043e\u0432 \u0440\u0430\u0431\u043e\u0447\u0435\u0433\u043e \u043a\u0430\u0442\u0430\u043b\u043e\u0433\u0430 \u0434\u043b\u044f LNK-\u0444\u0430\u0439\u043b\u043e\u0432 \u0432 Windows: \u043f\u0440\u0438\u0432\u043e\u0434\u0438\u0442 \u043a \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u043c\u0443 \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044e \u043a\u043e\u0434\u0430.\n\n\u0427\u0435\u0442\u043a\u0430\u044f \u0438\u043d\u0444\u043e\u0433\u0440\u0430\u0444\u0438\u043a\u0430, \u043a\u0432\u0430\u0440\u0442\u0430\u043b\u044c\u043d\u044b\u0439 TOP 10 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439\u00a0\u0438 \u0440\u0430\u0437\u0431\u043e\u0440 \u043d\u0430\u0438\u0431\u043e\u043b\u0435\u0435 \u0437\u043d\u0430\u0447\u0438\u043c\u044b\u0445 \u043f\u0440\u043e\u0431\u043b\u0435\u043c, \u043e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043d\u043d\u044b\u0445 \u0432\u043e \u0432\u0442\u043e\u0440\u043e\u043c \u043a\u0432\u0430\u0440\u0442\u0430\u043b\u0435 2025 \u0433\u043e\u0434\u0430 - \u0432 \u043e\u0442\u0447\u0435\u0442\u0435.", "creation_timestamp": "2025-08-27T15:30:05.000000Z"}, {"uuid": "16dad2c4-dbcf-4abe-8b95-ccc0825c7da4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2017-0199", "type": "published-proof-of-concept", "source": "https://t.me/Torchik_Rus/982", "content": "\u042d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 CVE-2017-0199 \u0432 Microsoft Word - https://blackdiver.net/it/security-it/4472", "creation_timestamp": "2017-06-11T04:32:43.000000Z"}, {"uuid": "285d2b0a-dc77-4425-a672-ba64bdc643b7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2017-0199", "type": "seen", "source": "https://t.me/true_secator/7103", "content": "\u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u041b\u0430\u0431\u043e\u0440\u0430\u0442\u043e\u0440\u0438\u0438 \u041a\u0430\u0441\u043f\u0435\u0440\u0441\u043a\u043e\u0433\u043e \u043f\u0440\u043e\u0434\u043e\u043b\u0436\u0430\u044e\u0442 \u0431\u043e\u043c\u0431\u0438\u0442\u044c \u043e\u0442\u0447\u0435\u0442\u0430\u043c\u0438, \u043d\u0430 \u044d\u0442\u043e\u0442 \u0440\u0430\u0437 \u043f\u043e\u0434\u043e\u0433\u043d\u0430\u043b\u0438 \u0430\u043d\u0430\u043b\u0438\u0442\u0438\u043a\u0443 \u043f\u043e \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430\u043c \u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044f\u043c \u0437\u0430 \u043f\u0435\u0440\u0432\u044b\u0439 \u043a\u0432\u0430\u0440\u0442\u0430\u043b 2025 \u0433\u043e\u0434\u0430.\n\n\u0412 \u043f\u0435\u0440\u0432\u043e\u043c \u043a\u0432\u0430\u0440\u0442\u0430\u043b\u0435 2025 \u0433\u043e\u0434\u0430 \u043f\u0440\u043e\u0434\u043e\u043b\u0436\u0430\u043b\u0430\u0441\u044c \u043f\u0443\u0431\u043b\u0438\u043a\u0430\u0446\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439, \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u043d\u044b\u0445 \u0438 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043d\u044b\u0445 \u0432 2024 \u0433\u043e\u0434\u0443, \u0442\u0430\u043a \u043a\u0430\u043a \u043d\u0435\u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u0440\u0430\u043d\u0435\u0435 \u043d\u0435 \u043c\u043e\u0433\u043b\u0438 \u043e\u0431\u043d\u0430\u0440\u043e\u0434\u043e\u0432\u0430\u0442\u044c \u043f\u043e\u0434\u0440\u043e\u0431\u043d\u043e\u0441\u0442\u0438.\n\n\u0412 \u0446\u0435\u043b\u043e\u043c \u043f\u043e\u043a\u0430\u0437\u0430\u0442\u0435\u043b\u0438 \u043a\u0432\u0430\u0440\u0442\u0430\u043b\u0430 \u0434\u0435\u043c\u043e\u043d\u0441\u0442\u0440\u0438\u0440\u0443\u044e\u0442 \u0434\u043e\u0441\u0442\u0430\u0442\u043e\u0447\u043d\u043e \u0431\u043e\u043b\u044c\u0448\u043e\u0435 \u043a\u043e\u043b\u0438\u0447\u0435\u0441\u0442\u0432\u043e \u0437\u0430\u0440\u0435\u0433\u0438\u0441\u0442\u0440\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439, \u043f\u0440\u0438 \u044d\u0442\u043e\u043c \u0434\u0438\u043d\u0430\u043c\u0438\u043a\u0430 \u0438\u0445 \u0440\u0435\u0433\u0438\u0441\u0442\u0440\u0430\u0446\u0438\u0438 \u0432\u043e \u043c\u043d\u043e\u0433\u043e\u043c \u043f\u043e\u0432\u0442\u043e\u0440\u044f\u0435\u0442 \u043f\u0440\u0435\u0434\u044b\u0434\u0443\u0449\u0438\u0435 \u0433\u043e\u0434\u044b.\n\n\u0412 \u0446\u0435\u043b\u043e\u043c \u043c\u043d\u043e\u0433\u0438\u0435 CWE \u0438\u0437 TOP 10 \u0434\u043b\u044f \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u044b\u0445 \u0440\u0435\u0448\u0435\u043d\u0438\u0439 Microsoft \u0438 \u044f\u0434\u0440\u0430 Linux \u0441\u043e\u0432\u043f\u0430\u0434\u0430\u044e\u0442 \u0438\u043b\u0438 \u044f\u0432\u043b\u044f\u044e\u0442\u0441\u044f \u0430\u043d\u0430\u043b\u043e\u0433\u0438\u0447\u043d\u044b\u043c\u0438, \u0430 \u0437\u043d\u0430\u0447\u0438\u0442, \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043e\u0441\u043d\u043e\u0432\u0430\u043d\u044b \u043d\u0430 \u0441\u0445\u043e\u0436\u0438\u0445 \u043f\u0440\u0438\u043d\u0446\u0438\u043f\u0430\u0445, \u0447\u0442\u043e \u043f\u0440\u0438\u0432\u043e\u0434\u0438\u0442 \u0447\u0430\u0441\u0442\u043e \u043a \u00ab\u043f\u043e\u0440\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u044e\u00bb \u043c\u0435\u0445\u0430\u043d\u0438\u0437\u043c\u043e\u0432 \u0430\u0442\u0430\u043a \u0434\u043b\u044f Linux \u043d\u0430 Windows \u0438 \u043d\u0430\u043e\u0431\u043e\u0440\u043e\u0442.\n\n\u0412 \u043f\u0435\u0440\u0432\u043e\u043c \u043a\u0432\u0430\u0440\u0442\u0430\u043b\u0435 2025 \u0433\u043e\u0434\u0430 \u043a\u043e\u043b\u0438\u0447\u0435\u0441\u0442\u0432\u043e \u0430\u0442\u0430\u043a \u0441 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430\u043c\u0438 \u0434\u043b\u044f \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u044b Windows \u0432\u044b\u0440\u043e\u0441\u043b\u043e \u043f\u043e \u0441\u0440\u0430\u0432\u043d\u0435\u043d\u0438\u044e \u0441 \u0430\u043d\u0430\u043b\u043e\u0433\u0438\u0447\u043d\u044b\u043c \u043f\u0435\u0440\u0438\u043e\u0434\u043e\u043c \u043f\u0440\u043e\u0448\u043b\u043e\u0433\u043e \u0433\u043e\u0434\u0430.\n\n\u041a\u0430\u043a \u0438 \u043f\u0440\u0435\u0436\u0434\u0435, \u043b\u044c\u0432\u0438\u043d\u0430\u044f \u0434\u043e\u043b\u044f \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u043d\u044b\u0445 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u043e\u0432 \u0431\u044b\u043b\u0430 \u043d\u0430\u0446\u0435\u043b\u0435\u043d\u0430 \u043d\u0430 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u044b Microsoft Office.\n\n\u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u043e\u0442\u043c\u0435\u0447\u0430\u044e\u0442, \u0447\u0442\u043e \u0447\u0430\u0449\u0435 \u0438\u0445 \u0440\u0435\u0448\u0435\u043d\u0438\u044f \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u044b \u0434\u043b\u044f \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u044b Windows \u043a \u0441\u043b\u0435\u0434\u0443\u044e\u0449\u0438\u043c \u0441\u0442\u0430\u0440\u044b\u043c \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044f\u043c: CVE-2018-0802, CVE-2017-11882 (\u043e\u0431\u0435 RCE \u0432 Equation Editor), CVE-2017-0199 (Microsoft Office \u0438 WordPad).\n\n\u0412\u0441\u0435 \u0442\u0440\u0438 \u043e\u0441\u0442\u0430\u0432\u0430\u043b\u0438\u0441\u044c \u0441\u0430\u043c\u044b\u043c\u0438 \u0440\u0430\u0441\u043f\u0440\u043e\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u043d\u044b\u043c\u0438 \u043d\u0430 \u043f\u0440\u043e\u0442\u044f\u0436\u0435\u043d\u0438\u0438 2024 \u0433\u043e\u0434\u0430, \u0438 \u043c\u044b \u043f\u0440\u0435\u0434\u043f\u043e\u043b\u0430\u0433\u0430\u0435\u043c, \u0447\u0442\u043e \u0442\u0430\u043a\u0430\u044f \u0442\u0435\u043d\u0434\u0435\u043d\u0446\u0438\u044f \u0441\u043e\u0445\u0440\u0430\u043d\u0438\u0442\u0441\u044f \u0438 \u0432 \u0434\u0430\u043b\u044c\u043d\u0435\u0439\u0448\u0435\u043c.\n\n\u0417\u0430 \u043d\u0438\u043c\u0438 \u0441\u043b\u0435\u0434\u0443\u044e\u0442 \u043d\u0435 \u043c\u0435\u043d\u0435\u0435 \u043f\u043e\u043f\u0443\u043b\u044f\u0440\u043d\u044b\u0435 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u044b \u0432 WinRAR \u0438 \u0432 \u0441\u0430\u043c\u043e\u0439 \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u043e\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u0435 Windows: CVE-2023-38831 (WinRAR), CVE-2024-35250 (\u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0434\u0440\u0430\u0439\u0432\u0435\u0440\u0430\u00a0ks.sys) \u0438 CVE-2022-3699 (\u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0434\u0440\u0430\u0439\u0432\u0435\u0440\u0430 Lenovo Diagnostics).\n\n\u0414\u043b\u044f \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u043e\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u044b Linux \u0431\u043e\u043b\u044c\u0448\u0435 \u0432\u0441\u0435\u0433\u043e \u0431\u044b\u043b\u043e \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u043e \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u043e\u0432 \u043a \u0441\u043b\u0435\u0434\u0443\u044e\u0449\u0438\u043c \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044f\u043c: CVE-2022-0847 (Dirty Pipe), CVE-2019-13272 (\u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043d\u0435\u043a\u043e\u0440\u0440\u0435\u043a\u0442\u043d\u043e\u0439 \u043e\u0431\u0440\u0430\u0431\u043e\u0442\u043a\u0438 \u043d\u0430\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u043d\u0438\u044f \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439) \u0438 CVE-2021-3156 (\u043f\u0435\u0440\u0435\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435 \u043a\u0443\u0447\u0438 \u0432 \u0443\u0442\u0438\u043b\u0438\u0442\u0435\u00a0sudo).\n\n\u0412 \u043f\u0435\u0440\u0432\u043e\u043c \u043a\u0432\u0430\u0440\u0442\u0430\u043b\u0435 2025 \u0433\u043e\u0434\u0430 \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u044b\u0435 \u0441\u0438\u0441\u0442\u0435\u043c\u044b, \u043a\u0430\u043a \u0441\u0430\u043c\u043e\u0435 \u0441\u043b\u043e\u0436\u043d\u043e\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0435 \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u0435, \u043f\u0440\u043e\u0434\u043e\u043b\u0436\u0430\u044e\u0442 \u043b\u0438\u0434\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u043f\u043e \u043a\u043e\u043b\u0438\u0447\u0435\u0441\u0442\u0432\u0443 \u043e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043d\u043d\u044b\u0445 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u043e\u0432.\n\n\u041a\u0440\u043e\u043c\u0435 \u0442\u043e\u0433\u043e, \u0444\u0438\u043a\u0441\u0438\u0440\u0443\u0435\u0442\u0441\u044f \u0441\u0442\u0430\u0431\u0438\u043b\u044c\u043d\u044b\u0439 \u0440\u043e\u0441\u0442 \u0447\u0438\u0441\u043b\u0430 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u043e\u0432 \u043a \u0431\u0440\u0430\u0443\u0437\u0435\u0440\u0430\u043c - \u044d\u0442\u0430 \u0442\u0435\u043d\u0434\u0435\u043d\u0446\u0438\u044f \u0441\u043e\u0445\u0440\u0430\u043d\u044f\u043b\u0430\u0441\u044c \u0438 \u043d\u0430 \u043f\u0440\u043e\u0442\u044f\u0436\u0435\u043d\u0438\u0438 \u0432\u0441\u0435\u0433\u043e \u043f\u0440\u043e\u0448\u043b\u043e\u0433\u043e \u0433\u043e\u0434\u0430.\n\n\u0422\u0430\u043a\u0436\u0435 \u0443\u0432\u0435\u043b\u0438\u0447\u0438\u043b\u0430\u0441\u044c \u0434\u043e\u043b\u044f \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u043e\u0432 \u043a \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044f\u043c \u0432 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u0430\u0445 Microsoft Office.\n\n\u0418\u0437\u0443\u0447\u0438\u0432 \u0434\u0430\u043d\u043d\u044b\u0435 \u043e\u0431 \u0430\u0442\u0430\u043a\u0430\u0445 APT, \u0432 \u041b\u041a \u0432\u044b\u0434\u0435\u043b\u0438\u043b\u0438 \u0441\u043b\u0435\u0434\u0443\u044e\u0449\u0438\u0435 \u043d\u0430\u0438\u0431\u043e\u043b\u0435\u0435 \u0447\u0430\u0441\u0442\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0432\u0448\u0438\u0435\u0441\u044f \u0432 \u043f\u0435\u0440\u0432\u043e\u043c \u043a\u0432\u0430\u0440\u0442\u0430\u043b\u0435 2025 \u0433\u043e\u0434\u0430: CVE-2025-0282, CVE-2024-21887 \u0438 CVE-2025-0283 (Ivanti Connect Secure), CVE-2020-1472 (Netlogon Windows), CVE-2023-46805 (Ivanti ICS), CVE-2023-48788 (Fortinet) \u0438 \u0434\u0440.\n\n\u041e\u0442\u043c\u0435\u0442\u0438\u043c, \u0447\u0442\u043e \u0432 TOP 10 \u0432\u0435\u0440\u043d\u0443\u043b\u0430\u0441\u044c \u0438\u0437\u0432\u0435\u0441\u0442\u043d\u0430\u044f \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0430\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c Zerologon, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0430\u044f \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u043b\u0435\u0440\u0443 \u0434\u043e\u043c\u0435\u043d\u0430.\n\n\u0412 \u043a\u0430\u0447\u0435\u0441\u0442\u0432\u0435 \u043d\u0430\u0438\u0431\u043e\u043b\u0435\u0435 \u0438\u043d\u0442\u0435\u0440\u0435\u0441\u043d\u044b\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0431\u044b\u043b\u0438 \u043e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043d\u044b \u0432 \u043f\u0435\u0440\u0432\u043e\u043c \u043a\u0432\u0430\u0440\u0442\u0430\u043b\u0435 2025 \u0433\u043e\u0434\u0430 \u0440\u0435\u0441\u0435\u0440\u0447\u0435\u0440\u044b \u041b\u041a \u0432\u044b\u0434\u0435\u043b\u0438\u043b\u0438: \n\n- ZDI-CAN-25373: \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043d\u0430\u0440\u0443\u0448\u0435\u043d\u0438\u044f \u043e\u0442\u043e\u0431\u0440\u0430\u0436\u0435\u043d\u0438\u044f \u043f\u0430\u0440\u0430\u043c\u0435\u0442\u0440\u043e\u0432 lnk-\u0444\u0430\u0439\u043b\u043e\u0432 \u0432 \u041e\u0421 Windows;\n\n- CVE-2025-21333: \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043f\u0435\u0440\u0435\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u0431\u0443\u0444\u0435\u0440\u0430 \u0432 \u043a\u0443\u0447\u0435 \u0432 \u0434\u0440\u0430\u0439\u0432\u0435\u0440\u0435 vkrnlintvsp.sys;\n\n- CVE-2025-24071: \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0443\u0442\u0435\u0447\u043a\u0438 NetNTLM-\u0445\u044d\u0448\u0430 \u0432 \u0438\u043d\u0434\u0435\u043a\u0441\u0430\u0442\u043e\u0440\u0435 \u0444\u0430\u0439\u043b\u043e\u0432\u043e\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u044b.\n\n\u041f\u043e\u0434\u0440\u043e\u0431\u043d\u0430\u044f \u0441\u0442\u0430\u0442\u0438\u0441\u0442\u0438\u043a\u0430 \u0438 \u0438\u043d\u0444\u043e\u0433\u0440\u0430\u0444\u0438\u043a\u0430 - \u0432 \u043e\u0442\u0447\u0435\u0442\u0435.", "creation_timestamp": "2025-06-04T18:00:07.000000Z"}, {"uuid": "f4826080-c5b3-4415-983b-c462a4555bf9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2017-0199", "type": "seen", "source": "https://t.me/is_n3ws/34", "content": "\u200c\u041a\u043e\u043c\u0430\u043d\u0434\u0430 Recorded Future \u043f\u0440\u043e\u0448\u0435\u0440\u0441\u0442\u0438\u043b\u0430 \u0440\u0435\u043f\u043e\u0437\u0438\u0442\u043e\u0440\u0438\u0438, \u0434\u0430\u0440\u043a\u0432\u0435\u0431 \u0438 \u0441\u043e\u0441\u0442\u0430\u0432\u0438\u043b\u0430 \u0441\u043f\u0438\u0441\u043e\u043a \u043d\u0430\u0438\u0431\u043e\u043b\u0435\u0435 \u0447\u0430\u0441\u0442\u043e \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u0435\u043c\u044b\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u043f\u043e \u0433\u043e\u0434\u0430\u043c.\u00a0\n\n\n\u200b\u200bCVE-2018-15982\nis a use-after-free in the Flash\u2019s file package com.adobe.tvsdk.mediacore.metadata that can be exploited to deliver and execute malicious code on a victim\u2019s computer. Exploit vector: rtf document with flash object.\n\nCVE-2018-8174\nWindows VBScript Engine Remote Code Execution Vulnerability. Exploit vector:\u00a0 An attacker could embed an ActiveX control marked \"safe for initialization\" in an application or Microsoft Office document.\n\nCVE-2017-11882\nVulnerability in an older version of the Office Equation Editor. Exploit vector: RTF file downloads and runs multiple scripts of different types (VBScript, PowerShell, PHP, others) to download the payload.\n\nCVE-2018-4878\nFlash Player vulnerability. Exploit vector: The Excel file carrying an embedded SWF file with the exploit.\n\nCVE-2019-0752\nA remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer. Exploit vector: In a web-based attack scenario, an attacker could host a specially crafted website that is designed to exploit the vulnerability through Internet Explorer and then convince a user to view the website. An attacker could also embed an ActiveX control marked \"safe for initialization\" in an application or Microsoft Office document that hosts the IE rendering engine.\n\nCVE-2017-0199\nMS Office zero-day vulnerability. Exploit vector: Microsoft Word RTF (Rich Text Format) document.\n\nCVE-2015-2419\nJScript 9 in Microsoft Internet Explorer 10 and 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka \"JScript9 Memory Corruption Vulnerability.\"\n\nCVE-2018-20250\nWinRAR vulnerability that allows attackers to extract a malicious executable to one of the Windows Startup folder to be executed every time the system is booted.\n\nCVE-2017-8750\nA remote code execution vulnerability exists in the way that Microsoft browsers access objects in memory.\u00a0 Exploit vector: An attacker could host a specially crafted website that is designed to exploit the vulnerability through Microsoft browsers.\n\nCVE-2012-0158\nA buffer overflow vulnerability in the\u00a0 ListView / TreeView ActiveX controls in the MSCOMCTL.OCX library. The malicious code can be triggered by a specially crafted DOC or RTF file for MS Office versions 2003, 2007 and 2010.\n\nhttps://www.helpnetsecurity.com/2020/02/06/most-exploited-vulnerabilities-2019/", "creation_timestamp": "2020-02-07T07:05:41.000000Z"}, {"uuid": "0fe2b850-51f2-4eaa-85ea-80c149c45308", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2017-0199", "type": "exploited", "source": "https://t.me/alexmakus/1227", "content": "\u041f\u043e\u0445\u043e\u0436\u0435, \u0447\u0442\u043e \u043d\u043e\u0432\u044b\u0439 \u043f\u043e\u0434\u0432\u0438\u0434 Petya.A, \u0440\u0430\u0437\u0433\u0443\u043b\u0438\u0432\u0430\u044e\u0449\u0438\u0439 \u0441\u0435\u0433\u043e\u0434\u043d\u044f \u2014\u00a0\u044d\u0442\u043e \u043a\u043e\u043c\u0431\u0438\u043d\u0430\u0446\u0438\u044f CVE-2017-0199 (\u043d\u0430 \u043a\u043e\u0442\u043e\u0440\u0443\u044e \u044f \u0434\u0430\u0432\u0430\u043b \u0441\u0441\u044b\u043b\u043a\u0443 \u0432\u044b\u0448\u0435) \u0438 MS17-010 (https://technet.microsoft.com/en-us/library/security/ms17-010.aspx, \u043e\u043d\u0430 \u0436\u0435 \u2014\u00a0ETERNALBLUE, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u043d\u0430\u044f \u0432 Wcry \u043f\u043e \u0440\u0435\u0437\u0443\u043b\u044c\u0442\u0430\u0442\u0430\u043c \u0443\u0442\u0435\u0447\u043a\u0438 \u0447\u0435\u0440\u0435\u0437 ShadowBrokers). \u0423\u043d\u0438\u0432\u0435\u0440\u0441\u0430\u043b\u044c\u043d\u044b\u0439 \u0441\u043e\u0432\u0435\u0442 \u2014\u00a0\u0410\u041f\u0414\u0415\u0419\u0422, \u0410\u041f\u0414\u0415\u0419\u0422, \u0410\u041f\u0414\u0415\u0419\u0422!", "creation_timestamp": "2017-06-27T17:11:58.000000Z"}, {"uuid": "da622ed2-7d93-49e8-955e-f1b8a7fee9dd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2017-0199", "type": "seen", "source": "Telegram/IjV0YtrTBT_EjDP9vpZar7Uxo2OuV2-kjU1JTV0Z6Vcp0bIi", "content": "", "creation_timestamp": "2025-02-14T10:03:10.000000Z"}, {"uuid": "7ef2e75a-5280-4aae-b236-208a9a98ed96", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2017-0199", "type": "seen", "source": "https://t.me/Exploitationn/2412", "content": "0-day Exploit cve-2017-0199\n------------------------------------------\nMicrosoft Office RTF doucment \n\nTargeting > Windows 10\nBy: DIAZ aka Pendekar1337\n\nThread: Coming soon :)", "creation_timestamp": "2023-05-03T17:10:49.000000Z"}, {"uuid": "cdad9750-2be4-4489-9797-11650ad56fbc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2017-0199", "type": "published-proof-of-concept", "source": "https://t.me/BABATATASASA/5004", "content": "YouTube : https://youtu.be/8DeZ350YxM4\nForum : https://dragonforce.io/threads/0-day-exploit-cve-2017-0199-2023.15907/", "creation_timestamp": "2023-05-12T16:07:26.000000Z"}, {"uuid": "18b4a416-d0c3-4240-95f9-df17f0a7f255", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2017-0199", "type": "exploited", "source": "https://t.me/BABATATASASA/7135", "content": "Beginner Guide to Classic Cryptography\nWiFi Exploitation with WifiPhisher\n4 Ways to Capture NTLM Hashes in Network\nPenetration Testing Lab Setup:Cloud Computing\nPenetration Testing Lab Setup: Memcached\nPenetration Testing Lab Setup: Microsocks\nPenetration Testing Lab Setup: Squid Proxy\nPost Exploitation in VMware Files with Meterpreter\nLab Setup for VOIP Penetration Testing\nUnderstanding Guide to ICMP Protocol with Wireshark\nTelnet Pivoting through Meterpreter\nSSH Pivoting using Meterpreter\nVNC Pivoting through Meterpreter\nVNC tunnelling over SSH\nFTP Pivoting through RDP\nRDP Pivoting with Metasploit\nFTP Penetration Testing on Windows (Port 21)\nFTP Penetration Testing in Ubuntu (Port 21)\nSSH Penetration Testing (Port 22)\nPenetration Testing on Telnet (Port 23)\nSMTP Pentest Lab Setup in Ubuntu (Port 25)\nNetBIOS and SMB Penetration Testing on Windows (Port 135-139,445)\nPenetration Testing on MYSQL (Port 3306)\nRemote Desktop Penetration Testing (Port 3389)\nMySQL Penetration Testing with Nmap\n4 ways to SMTP Enumeration\nHow to secure Ubuntu Server using Google Authenticator\n4 Ways to DNS Enumeration\nUnderstanding Log Analysis of Web Server\n3 ways to scan Eternal Blue Vulnerability in Remote PC\nBeginner Guide to Meterpreter (Part 1)\nBypass UAC Protection of Remote Windows 10 PC (Via FodHelper Registry Key)\nBypass Admin access through guest Account in windows 10\nHack Legal Notice Caption of Remote PC\nExploit Windows PC using EternalBlue SMB Remote Windows Kernel Pool Corruption\nCreate SSL Certified Meterpreter Payload using MPM\nEmbedded Backdoor with Image using FakeImageExploiter\nExploit Windows 10 PC with Microsoft RTF File (CVE-2017-0199)\nExploit Windows 7 PC using Torrent File\nDump Cleartext Password in Linux PC using MimiPenguin\nStealing Windows Credentials of Remote PC with MS Office Document\nBypass Windows Login Password using Android Phone with DriveDroid\nHow to Delete Firewall Log in Remote PC using Metasploit\nHow to Enable and Monitor Firewall Log in Windows PC\nRun OS Command against Multiple Session in Metasploit\nHiding Shell with Prepend Migrate using Msfvenom\nCapture VNC Session of Remote PC using Msfvenom\nPenetration Testing in Metasploitable 3 with SMB and Tomcat\nExploitation of Metasploitable 3 using Glassfish Service\nManual Penetration Testing in Metasploitable 3\nHack Metasploitable 3 using Mysql Service Exploitation\nPerform DOS Attack on Metasploitable 3\nHack Metasploitable 3 using SMB Service Exploitation\nMetasploitable 3 Exploitation using Brute forcing SSH\nHack Metasploitable 3 using Elasticsearch Exploit\nFTP Service Exploitation in Metasploitable 3\nGet Meterpreter Session of Locked PC Remotely (Remote Desktop Enabled)\nHack Locked PC in Network using Metasploit\nHack ALL Linux Kernel using Dirtycow Exploit (Privilege Escalation)\nComprehensive Guide on Metasploitable 2\nFun with Metasploit Payloads\nHack Remote Windows PC using Office OLE Multiple DLL Hijack Vulnerabilities\nHow to Detect Meterpreter in Your PC\nPenetration Testing in Active Directory using Metasploit (Part 2)\nHack Remote Windows PC using DLL Files (SMB Delivery Exploit)\nHack Remote Windows 10 PC using TheFatRat\nFirewall Pentest Lab Setup with pfsense in VMware\nPenetration Testing in Windows Server Active Directory using Metasploit (Part 1)\nCapture VNC Session of Remote Windows PC by Payloads Injection\nHack Remote PC using Malicious MS Office Documents\nHack Remote Windows PC using Regsvr32.exe (.sct) Application Whitelisting Bypass Server\nWifi Penetration Testing using Gerix Wifi Cracker\nHack Remote PC using Microsoft Office Files (Macro Payloads)\nHack Locked Workstation Password in Clear Text\nHow to Detect Sniffer on Your Network\nHow to Create Botnet for D-Dos Attack with UFONet\nHack your Network through Android Phone using cSploit\nSetup Firewall Pentest Lab using Clear OS", "creation_timestamp": "2024-09-26T14:32:31.000000Z"}, {"uuid": "c5776676-a314-4990-b15f-5e0504757f98", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2017-0199", "type": "published-proof-of-concept", "source": "Telegram/JyVCo-XBS-1P8WmwmxkSQbEXyOb2qHf5aAkCx5Iwow16GFGz", "content": "", "creation_timestamp": "2024-12-04T14:07:30.000000Z"}, {"uuid": "6dd29ddb-856f-48b1-8461-9737da522931", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2017-0199", "type": "published-proof-of-concept", "source": "https://t.me/SynixCyberCrimeMy/503", "content": "YouTube : https://youtu.be/8DeZ350YxM4\nForum : https://dragonforce.io/threads/0-day-exploit-cve-2017-0199-2023.15907/", "creation_timestamp": "2023-05-18T16:08:58.000000Z"}, {"uuid": "fbe2e25c-69fb-4bad-bbd6-69c85f66fb1a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2017-0199", "type": "seen", "source": "https://t.me/SynixCyberCrimeMy/487", "content": "0-day Exploit cve-2017-0199\n------------------------------------------\nMicrosoft Office RTF doucment \n\nTargeting > Windows 10\nBy: DIAZ aka Pendekar1337\n\nThread: Coming soon :)", "creation_timestamp": "2023-05-03T17:06:25.000000Z"}, {"uuid": "c842a41c-df87-438f-a8f4-8f16f74438a7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2017-0199", "type": "seen", "source": "https://t.me/Exploitationn/531", "content": "0-day Exploit cve-2017-0199\n------------------------------------------\nMicrosoft Office RTF doucment \n\nTargeting > Windows 10\nBy: DIAZ aka Pendekar1337\n\nThread: Coming soon :)", "creation_timestamp": "2023-05-03T17:10:49.000000Z"}, {"uuid": "3fe8d3e2-b150-4bbf-971d-7c156f8301b9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2017-0199", "type": "exploited", "source": "https://t.me/true_secator/6124", "content": "\u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u0438\u0437 \u041b\u0430\u0431\u043e\u0440\u0430\u0442\u043e\u0440\u0438\u0438 \u041a\u0430\u0441\u043f\u0435\u0440\u0441\u043a\u043e\u0433\u043e \u0432\u044b\u043a\u0430\u0442\u0438\u043b\u0438 \u0430\u043d\u0430\u043b\u0438\u0442\u0438\u043a\u0443 \u043f\u043e \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430\u043c \u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044f\u043c \u0437\u0430 \u0432\u0442\u043e\u0440\u043e\u0439 \u043a\u0432\u0430\u0440\u0442\u0430\u043b 2024 \u0433\u043e\u0434\u0430, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u043e\u043a\u0430\u0437\u0430\u043b\u0441\u044f \u043d\u0430\u0441\u044b\u0449\u0435\u043d\u043d\u044b\u043c \u0441 \u0442\u043e\u0447\u043a\u0438 \u0437\u0440\u0435\u043d\u0438\u044f \u043d\u043e\u0432\u044b\u0445 \u043e\u0448\u0438\u0431\u043e\u043a \u0438 \u043c\u0435\u0442\u043e\u0434\u043e\u0432 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u0439 \u0438 \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c.\n\n\u0412 \u043d\u043e\u0432\u043e\u043c \u043e\u0442\u0447\u0435\u0442\u0435 \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u043b\u0435\u043d\u0430 \u0441\u0442\u0430\u0442\u0438\u0441\u0442\u0438\u043a\u0430 \u043f\u0443\u0431\u043b\u0438\u043a\u0430\u0446\u0438\u0439 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u043d\u0438\u0439, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043c\u043e\u0433\u0443\u0442 \u0431\u044b\u0442\u044c \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u044b \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c\u0438 \u0434\u043b\u044f \u0430\u0442\u0430\u043a \u043d\u0430 \u0441\u0438\u0441\u0442\u0435\u043c\u044b, \u0430 \u0442\u0430\u043a\u0436\u0435 \u0441\u0442\u0430\u0442\u0438\u0441\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0435 \u0441\u0440\u0435\u0437\u044b \u043f\u043e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044f\u043c.\n\n\u041e\u0431\u0449\u0435\u0435 \u0447\u0438\u0441\u043b\u043e \u0437\u0430\u0440\u0435\u0433\u0438\u0441\u0442\u0440\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u043f\u0440\u0435\u0432\u044b\u0441\u0438\u043b\u043e \u043f\u043e\u043a\u0430\u0437\u0430\u0442\u0435\u043b\u0438 \u0437\u0430 \u0430\u043d\u0430\u043b\u043e\u0433\u0438\u0447\u043d\u044b\u0439 \u043f\u0435\u0440\u0438\u043e\u0434 \u043f\u0440\u0435\u0434\u044b\u0434\u0443\u0449\u0435\u0433\u043e \u0433\u043e\u0434\u0430, \u0441\u043e\u043e\u0442\u0432\u0435\u0442\u0441\u0442\u0432\u0443\u044f \u0434\u0438\u043d\u0430\u043c\u0438\u043a\u0435 \u043f\u0440\u043e\u0448\u043b\u043e\u0433\u043e \u043a\u0432\u0430\u0440\u0442\u0430\u043b\u0430.\n\n\u0414\u043e\u043b\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0441 PoC \u0438 \u043e\u0442\u043d\u043e\u0441\u044f\u0449\u0438\u0445\u0441\u044f \u043a \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u043c \u043d\u0435\u0437\u043d\u0430\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e \u0441\u043d\u0438\u0437\u0438\u043b\u0430\u0441\u044c \u043e\u0442\u043d\u043e\u0441\u0438\u0442\u0435\u043b\u044c\u043d\u043e 2023 \u0433\u043e\u0434\u0430. \u041f\u0440\u0438 \u044d\u0442\u043e\u043c \u043f\u043e \u0442\u0438\u043f\u0443 \u043f\u043e\u0434\u0430\u0432\u043b\u044f\u044e\u0449\u0435\u0435 \u0431\u043e\u043b\u044c\u0448\u0438\u043d\u0441\u0442\u0432\u043e \u043a\u043b\u0430\u0441\u0441\u0438\u0444\u0438\u0446\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0445 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u043e\u0442\u0441\u0442\u043e\u044f\u0442\u0441\u044f \u043a \u0432\u0435\u0431-\u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u044f\u043c.\n\n\u0422\u0430\u043a\u0438\u0435 \u043e\u0448\u0438\u0431\u043a\u0438 \u044f\u0432\u043b\u044f\u044e\u0442\u0441\u044f \u043d\u0430\u0438\u0431\u043e\u043b\u0435\u0435 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u043c\u0438, \u0442\u0430\u043a \u043a\u0430\u043a \u043a \u0447\u0438\u0441\u043b\u0443 \u0432\u0435\u0431-\u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u0439 \u043e\u0442\u043d\u043e\u0441\u0438\u0442\u0441\u044f \u041f\u041e \u0441 \u0434\u043e\u0441\u0442\u0443\u043f\u043e\u043c \u043a \u0447\u0443\u0432\u0441\u0442\u0432\u0438\u0442\u0435\u043b\u044c\u043d\u044b\u043c \u0434\u0430\u043d\u043d\u044b\u043c: \u0441\u0438\u0441\u0442\u0435\u043c\u044b \u043e\u0431\u043c\u0435\u043d\u0430 \u0444\u0430\u0439\u043b\u0430\u043c\u0438, \u043a\u043e\u043d\u0441\u043e\u043b\u0438 \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0434\u043e\u0441\u0442\u0443\u043f\u043e\u043c \u0447\u0435\u0440\u0435\u0437 VPN, \u0430 \u0442\u0430\u043a\u0436\u0435 \u043e\u0431\u043b\u0430\u0447\u043d\u044b\u043c\u0438 \u0438 IoT-\u0441\u0438\u0441\u0442\u0435\u043c\u0430\u043c\u0438.\n\n\u0421\u043e\u0433\u043b\u0430\u0441\u043d\u043e \u0434\u0430\u043d\u043d\u044b\u0445 \u0442\u0435\u043b\u0435\u043c\u0435\u0442\u0440\u0438\u0438 \u041b\u041a, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u043e\u0432 \u0434\u043b\u044f Windows \u043f\u0440\u043e\u0434\u043e\u043b\u0436\u0430\u0435\u0442 \u0440\u0430\u0441\u0442\u0438 \u0432 \u043f\u0435\u0440\u0432\u0443\u044e \u043e\u0447\u0435\u0440\u0435\u0434\u044c \u0437\u0430 \u0441\u0447\u0435\u0442 \u0444\u0438\u0448\u0438\u043d\u0433\u043e\u0432\u044b\u0445 \u0440\u0430\u0441\u0441\u044b\u043b\u043e\u043a \u0438 \u043f\u043e\u043f\u044b\u0442\u043e\u043a \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u043f\u0435\u0440\u0432\u043e\u043d\u0430\u0447\u0430\u043b\u044c\u043d\u044b\u0439 \u0434\u043e\u0441\u0442\u0443\u043f \u0432 \u0441\u0438\u0441\u0442\u0435\u043c\u044b \u043f\u0443\u0442\u0435\u043c \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439.\n\n\u041a \u043d\u0430\u0438\u0431\u043e\u043b\u0435\u0435 \u043f\u043e\u043f\u0443\u043b\u044f\u0440\u043d\u044b\u043c \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430\u043c \u0434\u043b\u044f \u044d\u0442\u043e\u0439 \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u044b \u043e\u0442\u043d\u043e\u0441\u044f\u0442\u0441\u044f \u0442\u0435, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0442 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u043e\u0432 Microsoft Office (CVE-2018-0802, CVE-2017-11882\u00a0, CVE-2017-0199\u00a0 \u0438 CVE-2021-40444\u00a0).\n\n\u041d\u0430\u0431\u0438\u0440\u0430\u044e\u0449\u0430\u044f \u043f\u043e\u043f\u0443\u043b\u044f\u0440\u043d\u043e\u0441\u0442\u044c \u0432 \u043a\u043e\u0440\u043f\u043e\u0440\u0430\u0442\u0438\u0432\u043d\u043e\u043c \u0441\u0435\u0433\u043c\u0435\u043d\u0442\u0435 \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u0430 Linux \u0442\u0430\u043a\u0436\u0435 \u043f\u043e\u043a\u0430\u0437\u044b\u0432\u0430\u0435\u0442 \u0440\u043e\u0441\u0442, \u043e\u0434\u043d\u0430\u043a\u043e \u0432 \u043f\u0440\u043e\u0442\u0438\u0432\u043e\u0432\u0435\u0441 Windows \u043e\u0441\u043d\u043e\u0432\u043d\u044b\u0435 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u044b \u043d\u0430\u0446\u0435\u043b\u0435\u043d\u044b \u043d\u0430 \u044f\u0434\u0440\u043e (CVE-2022-0847, CVE-2023-2640 \u0438 CVE-2021-4034), \u043f\u0440\u0435\u0438\u043c\u0443\u0449\u0435\u0441\u0442\u0432\u0435\u043d\u043d\u043e \u0440\u0435\u0430\u043b\u0438\u0437\u0443\u044f EoP.\n\n\u0422\u043e\u043f-10 \u0440\u0430\u0441\u043f\u0440\u043e\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u043d\u044b\u0445 \u0432 APT-\u0430\u0442\u0430\u043a\u0430\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0437\u043d\u0430\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e \u0438\u0437\u043c\u0435\u043d\u0438\u043b\u0441\u044f \u043e\u0442\u043d\u043e\u0441\u0438\u0442\u0435\u043b\u044c\u043d\u043e\u00a0\u043f\u0435\u0440\u0432\u043e\u0433\u043e \u043a\u0432\u0430\u0440\u0442\u0430\u043b\u0430, \u043d\u043e \u0447\u0430\u0449\u0435 \u0432\u0441\u0435\u0433\u043e \u0434\u043b\u044f \u0434\u043e\u0441\u0442\u0443\u043f\u0430 \u0432\u043e \u0432\u043d\u0443\u0442\u0440\u0435\u043d\u043d\u0438\u0435 \u0441\u0435\u0442\u0438 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u043e\u0432\u0430\u043b\u0438 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u044b\u0435 \u0438 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e-\u0430\u043f\u043f\u0430\u0440\u0430\u0442\u043d\u044b\u0435 \u0440\u0435\u0448\u0435\u043d\u0438\u044f \u0442\u0435\u0445 \u0436\u0435 \u0442\u0438\u043f\u043e\u0432: \u0441\u0435\u0440\u0432\u0438\u0441\u044b \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u0433\u043e \u0434\u043e\u0441\u0442\u0443\u043f\u0430, \u043c\u0435\u0445\u0430\u043d\u0438\u0437\u043c\u044b \u0440\u0430\u0437\u0433\u0440\u0430\u043d\u0438\u0447\u0435\u043d\u0438\u044f \u0434\u043e\u0441\u0442\u0443\u043f\u0430 \u0438 \u043e\u0444\u0438\u0441\u043d\u044b\u0435 \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u044f.\n\n\u0411\u043e\u043b\u044c\u0448\u043e\u0435 \u0440\u0430\u0441\u043f\u0440\u043e\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u0435 \u043f\u043e\u043b\u0443\u0447\u0438\u043b\u0438 \u0430\u0442\u0430\u043a\u0438 \u0441 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435\u043c Bring You Own Vulnerable Driver (BYOVD). \u041f\u0440\u0438\u0447\u0435\u043c \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043d\u0435\u043e\u0431\u044f\u0437\u0430\u0442\u0435\u043b\u044c\u043d\u043e \u0434\u043e\u043b\u0436\u043d\u0430 \u0431\u044b\u0442\u044c \u0441\u0432\u0435\u0436\u0435\u0439, \u043f\u043e\u0441\u043a\u043e\u043b\u044c\u043a\u0443 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u0441\u0430\u043c\u0438 \u0434\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u044e\u0442 \u043d\u0435\u043f\u0440\u043e\u043f\u0430\u0442\u0447\u0435\u043d\u043d\u044b\u0435 \u0434\u0440\u0430\u0439\u0432\u0435\u0440\u044b \u0432 \u0441\u0438\u0441\u0442\u0435\u043c\u0443.\n\n2023 \u0433\u043e\u0434 \u0441\u0442\u0430\u043b \u0441\u0430\u043c\u044b\u043c \u0431\u043e\u0433\u0430\u0442\u044b\u043c \u043d\u0430 \u043f\u0443\u0431\u043b\u0438\u043a\u0430\u0446\u0438\u0438 \u0438\u043d\u0441\u0442\u0440\u0443\u043c\u0435\u043d\u0442\u043e\u0432 \u0434\u043b\u044f \u0430\u0442\u0430\u043a \u043f\u043e\u0441\u0440\u0435\u0434\u0441\u0442\u0432\u043e\u043c BYOVD. \u041f\u0440\u0438 \u044d\u0442\u043e\u043c \u0437\u0430 \u043f\u0435\u0440\u0432\u0443\u044e \u043f\u043e\u043b\u043e\u0432\u0438\u043d\u0443 2024-\u0433\u043e \u0438\u0445 \u043e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043b\u0438 \u0431\u043e\u043b\u044c\u0448\u0435, \u0447\u0435\u043c \u0437\u0430 2021 \u0438 2022 \u0433\u043e\u0434\u044b, \u0432\u043c\u0435\u0441\u0442\u0435 \u0432\u0437\u044f\u0442\u044b\u0435. \u0412\u0442\u043e\u0440\u043e\u0439 \u043a\u0432\u0430\u0440\u0442\u0430\u043b \u0442\u0430\u043a\u0436\u0435 \u043e\u0442\u043c\u0435\u0442\u0438\u043b\u0441\u044f \u0440\u043e\u0441\u0442\u043e\u043c \u043f\u043e\u043a\u0430\u0437\u0430\u0442\u0435\u043b\u044f.\n\n\u041d\u0430\u0433\u043b\u044f\u0434\u043d\u0430\u044f \u0438\u043d\u0444\u043e\u0433\u0440\u0430\u0444\u0438\u043a\u0430 \u0438 \u043d\u0430\u0438\u0431\u043e\u043b\u0435\u0435 \u0438\u043d\u0442\u0435\u0440\u0435\u0441\u043d\u044b\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0431\u044b\u043b\u0438 \u0437\u0430\u0440\u0435\u0433\u0438\u0441\u0442\u0440\u0438\u0440\u043e\u0432\u0430\u043d\u044b \u0432\u043e \u0432\u0442\u043e\u0440\u043e\u043c \u043a\u0432\u0430\u0440\u0442\u0430\u043b\u0435 2024 \u0433\u043e\u0434\u0430 \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u043b\u0435\u043d\u044b \u0432 \u043e\u0442\u0447\u0435\u0442\u0435.", "creation_timestamp": "2024-08-22T19:40:05.000000Z"}, {"uuid": "a7d6058e-dd66-4a63-b172-fda096f599a0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2017-0199", "type": "seen", "source": "https://t.me/true_secator/6507", "content": "Fortinet \u0441\u043e\u043e\u0431\u0449\u0430\u0435\u0442 \u043e \u0432\u043e\u0437\u0432\u0440\u0430\u0449\u0435\u043d\u0438\u0438 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u043e\u0433\u043e \u041f\u041e SmokeLoader, \u043a\u043e\u0442\u043e\u0440\u043e\u0435 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b\u043e\u0441\u044c \u0432 \u0437\u0430\u043c\u0435\u0447\u0435\u043d\u043d\u043e\u0439 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u044f\u043c\u0438 \u0444\u0438\u0448\u0438\u043d\u0433\u043e\u0432\u043e\u0439 \u043a\u0430\u043c\u043f\u0430\u043d\u0438\u0438, \u043d\u0430\u0446\u0435\u043b\u0435\u043d\u043d\u043e\u0439 \u043d\u0430 \u0442\u0430\u0439\u0432\u0430\u043d\u044c\u0441\u043a\u0438\u0435 \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0438 \u0432 \u0441\u0444\u0435\u0440\u0435 IT, \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0441\u0442\u0432\u0430 \u0438 \u0437\u0434\u0440\u0430\u0432\u043e\u043e\u0445\u0440\u0430\u043d\u0435\u043d\u0438\u044f.\n\nSmokeLoader \u0432\u043f\u0435\u0440\u0432\u044b\u0435 \u0437\u0430\u0441\u0432\u0435\u0442\u0438\u043b\u0441\u044f \u043d\u0430 \u0445\u0430\u043a\u0435\u0440\u0441\u043a\u0438\u0445 \u0444\u043e\u0440\u0443\u043c\u0430\u0445 \u0435\u0449\u0435 \u0432 2011 \u0433\u043e\u0434\u0443, \u0445\u043e\u0440\u043e\u0448\u043e \u0438\u0437\u0432\u0435\u0441\u0442\u0435\u043d \u0441\u0432\u043e\u0435\u0439 \u0443\u043d\u0438\u0432\u0435\u0440\u0441\u0430\u043b\u044c\u043d\u043e\u0441\u0442\u044c\u044e \u0438 \u043f\u0435\u0440\u0435\u0434\u043e\u0432\u044b\u043c\u0438 \u043c\u0435\u0442\u043e\u0434\u0430\u043c\u0438 \u0443\u043a\u043b\u043e\u043d\u0435\u043d\u0438\u044f, \u0430 \u0435\u0433\u043e \u043c\u043e\u0434\u0443\u043b\u044c\u043d\u0430\u044f \u043a\u043e\u043d\u0441\u0442\u0440\u0443\u043a\u0446\u0438\u044f \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0435\u043c\u0443 \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0442\u044c \u0448\u0438\u0440\u043e\u043a\u0438\u0439 \u0441\u043f\u0435\u043a\u0442\u0440 \u0430\u0442\u0430\u043a: \u043e\u0442 \u043a\u0440\u0430\u0436\u0438 \u0434\u0430\u043d\u043d\u044b\u0445 \u0434\u043e \u043c\u0430\u0439\u043d\u0438\u043d\u0433\u0430 \u043a\u0440\u0438\u043f\u0442\u044b.\n\n\u041d\u0435\u0441\u043c\u043e\u0442\u0440\u044f \u043d\u0430 \u0442\u043e, \u0447\u0442\u043e SmokeLoader, \u0432 \u043f\u0435\u0440\u0432\u0443\u044e \u043e\u0447\u0435\u0440\u0435\u0434\u044c, \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0435\u0442 \u0444\u0443\u043d\u043a\u0446\u0438\u044e \u0437\u0430\u0433\u0440\u0443\u0437\u0447\u0438\u043a\u0430 \u0434\u043b\u044f \u0434\u043e\u0441\u0442\u0430\u0432\u043a\u0438 \u0434\u0440\u0443\u0433\u043e\u0433\u043e \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u043e\u0433\u043e \u041f\u041e, \u0432 \u0434\u0430\u043d\u043d\u043e\u043c \u0441\u043b\u0443\u0447\u0430\u0435 \u043e\u043d \u0440\u0435\u0430\u043b\u0438\u0437\u0443\u0435\u0442 \u0441\u0430\u043c\u0443 \u0430\u0442\u0430\u043a\u0443, \u0437\u0430\u0433\u0440\u0443\u0436\u0430\u044f \u043f\u043b\u0430\u0433\u0438\u043d\u044b \u0441\u043e \u0441\u0432\u043e\u0435\u0433\u043e \u0441\u0435\u0440\u0432\u0435\u0440\u0430 \u04212.\n\nSmokeLoader \u0441\u043f\u043e\u0441\u043e\u0431\u0435\u043d \u0434\u0435\u0442\u0435\u043a\u0442\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u0441\u0440\u0435\u0434\u044b \u0430\u043d\u0430\u043b\u0438\u0437\u0430, \u0433\u0435\u043d\u0435\u0440\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u043f\u043e\u0434\u0434\u0435\u043b\u044c\u043d\u044b\u0439 \u0441\u0435\u0442\u0435\u0432\u043e\u0439 \u0442\u0440\u0430\u0444\u0438\u043a \u0438 \u0441\u043a\u0440\u044b\u0432\u0430\u0442\u044c \u043a\u043e\u0434, \u0438\u0437\u0431\u0435\u0433\u0430\u044f \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0438\u044f \u0438 \u0437\u0430\u0442\u0440\u0443\u0434\u043d\u044f\u044f \u0430\u043d\u0430\u043b\u0438\u0437.\n\n\u041e\u043f\u0435\u0440\u0430\u0442\u043e\u0440\u044b \u044d\u0442\u043e\u0433\u043e \u0448\u0442\u0430\u043c\u043c\u0430 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u043e\u0433\u043e \u041f\u041e \u0432\u0435\u0434\u0443\u0442 \u043f\u043e\u0441\u0442\u043e\u044f\u043d\u043d\u0443\u044e \u0440\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u043a\u0443, \u0440\u0430\u0441\u0448\u0438\u0440\u044f\u044f \u0435\u0433\u043e \u0444\u0443\u043d\u043a\u0446\u0438\u043e\u043d\u0430\u043b, \u0432\u043d\u0435\u0434\u0440\u044f\u044f \u043d\u043e\u0432\u044b\u0435 \u0444\u0443\u043d\u043a\u0446\u0438\u0438 \u0438 \u043f\u0440\u0438\u043c\u0435\u043d\u044f\u044f \u043c\u0435\u0442\u043e\u0434\u044b \u043e\u0431\u0444\u0443\u0441\u043a\u0430\u0446\u0438\u0438 \u0434\u043b\u044f \u0437\u0430\u0442\u0440\u0443\u0434\u043d\u0435\u043d\u0438\u044f \u0430\u043d\u0430\u043b\u0438\u0437\u0430.\n\n\u0410\u043a\u0442\u0438\u0432\u043d\u043e\u0441\u0442\u044c SmokeLoader \u0437\u043d\u0430\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e \u0441\u043d\u0438\u0437\u0438\u043b\u0430\u0441\u044c \u043f\u043e\u0441\u043b\u0435\u00a0\u0438\u043d\u0438\u0446\u0438\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u0439 \u0432 \u043c\u0430\u0435 2024 \u0415\u0432\u0440\u043e\u043f\u043e\u043b\u043e\u043c \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u0438 Endgame, \u0432 \u0440\u0435\u0437\u0443\u043b\u044c\u0442\u0430\u0442\u0435 \u043a\u043e\u0442\u043e\u0440\u043e\u0439 \u0431\u044b\u043b\u0430 \u043d\u0435\u0439\u0442\u0440\u0430\u043b\u0438\u0437\u043e\u0432\u0430\u043d\u0430 \u0438\u043d\u0444\u0440\u0430\u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u0430 IcedID, SystemBC, PikaBot, SmokeLoader, Bumblebee \u0438 TrickBot.\n\n\u0422\u043e\u0433\u0434\u0430 \u0431\u044b\u043b\u043e \u0434\u0435\u043c\u043e\u043d\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u043e \u043e\u043a\u043e\u043b\u043e 1000 \u0434\u043e\u043c\u0435\u043d\u043e\u0432 C2, \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u044b\u0445 \u0441 SmokeLoader, \u0430 \u0431\u043e\u043b\u0435\u0435 50 000 \u0430\u043a\u0442\u0438\u0432\u043d\u044b\u0445 \u0437\u0430\u0440\u0430\u0436\u0435\u043d\u0438\u0439 \u0431\u044b\u043b\u0438 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e \u0437\u0430\u0447\u0438\u0449\u0435\u043d\u044b.\n\n\u0422\u0435\u043c \u043d\u0435 \u043c\u0435\u043d\u0435\u0435, \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u043e\u0435 \u041f\u041e \u043f\u0440\u043e\u0434\u043e\u043b\u0436\u0430\u0435\u0442 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c\u0441\u044f \u0433\u0440\u0443\u043f\u043f\u0430\u043c\u0438 \u0443\u0433\u0440\u043e\u0437 \u0434\u043b\u044f \u0440\u0430\u0441\u043f\u0440\u043e\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f \u043f\u043e\u043b\u0435\u0437\u043d\u044b\u0445 \u043d\u0430\u0433\u0440\u0443\u0437\u043e\u043a \u0447\u0435\u0440\u0435\u0437 \u043d\u043e\u0432\u0443\u044e \u0438\u043d\u0444\u0440\u0430\u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u0443 C2.\n\n\u041f\u043e \u0434\u0430\u043d\u043d\u044b\u043c\u00a0Zscaler, \u044d\u0442\u043e \u0432\u043e \u043c\u043d\u043e\u0433\u043e\u043c \u0441\u0432\u044f\u0437\u0430\u043d\u043e \u0441 \u043c\u043d\u043e\u0433\u043e\u0447\u0438\u0441\u043b\u0435\u043d\u043d\u044b\u043c\u0438 \u0432\u0437\u043b\u043e\u043c\u0430\u043d\u043d\u044b\u043c\u0438 \u0432\u0435\u0440\u0441\u0438\u044f\u043c\u0438, \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u044b\u043c\u0438 \u0432 \u0418\u043d\u0442\u0435\u0440\u043d\u0435\u0442.\n\n\u041d\u0430\u0447\u0430\u043b\u044c\u043d\u043e\u0439 \u0442\u043e\u0447\u043a\u043e\u0439 \u0446\u0435\u043f\u043e\u0447\u043a\u0438 \u0430\u0442\u0430\u043a, \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u043d\u043e\u0439 FortiGuard Labs, \u044f\u0432\u043b\u044f\u0435\u0442\u0441\u044f \u0444\u0438\u0448\u0438\u043d\u0433\u043e\u0432\u043e\u0435 \u043f\u0438\u0441\u044c\u043c\u043e \u0441 \u0432\u043b\u043e\u0436\u0435\u043d\u0438\u0435\u043c Microsoft Excel, \u043a\u043e\u0442\u043e\u0440\u043e\u0435 \u043f\u0440\u0438 \u0437\u0430\u043f\u0443\u0441\u043a\u0435 \u0440\u0435\u0430\u043b\u0438\u0437\u0443\u0435\u0442 \u043c\u043d\u043e\u0433\u043e\u043b\u0435\u0442\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0432 \u0442\u043e\u043c \u0447\u0438\u0441\u043b\u0435,\u00a0CVE-2017-0199\u00a0\u0438\u00a0CVE-2017-11882) \u0434\u043b\u044f \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043a\u0438 \u0437\u0430\u0433\u0440\u0443\u0437\u0447\u0438\u043a\u0430 Ande Loader, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u0437\u0430\u0442\u0435\u043c \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442\u0441\u044f \u0434\u043b\u044f \u0440\u0430\u0437\u0432\u0435\u0440\u0442\u044b\u0432\u0430\u043d\u0438\u044f SmokeLoader \u043d\u0430 \u0441\u043a\u043e\u043c\u043f\u0440\u043e\u043c\u0435\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u043c \u0445\u043e\u0441\u0442\u0435.\n\nSmokeLoader \u0432\u043a\u043b\u044e\u0447\u0430\u0435\u0442 \u0434\u0432\u0430 \u043a\u043e\u043c\u043f\u043e\u043d\u0435\u043d\u0442\u0430: stager \u0438 main module. \n\n\u0426\u0435\u043b\u044c\u044e stager \u044f\u0432\u043b\u044f\u0435\u0442\u0441\u044f \u0440\u0430\u0441\u0448\u0438\u0444\u0440\u043e\u0432\u043a\u0430, \u0440\u0430\u0441\u043f\u0430\u043a\u043e\u0432\u043a\u0430 \u0438 \u0432\u043d\u0435\u0434\u0440\u0435\u043d\u0438\u0435 main module \u0432 \u043f\u0440\u043e\u0446\u0435\u0441\u0441 explorer.exe. \u041f\u0440\u0438 \u044d\u0442\u043e\u043c main module \u043e\u0442\u0432\u0435\u0447\u0430\u0435\u0442 \u0437\u0430 \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u0435\u0440\u0441\u0438\u0441\u0442\u0435\u043d\u0442\u043d\u043e\u0441\u0442\u0438, \u0441\u0432\u044f\u0437\u044c \u0441 C2 \u0438 \u043e\u0431\u0440\u0430\u0431\u043e\u0442\u043a\u0443 \u043a\u043e\u043c\u0430\u043d\u0434.\n\n\u0412\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u0430\u044f \u041f\u041e \u043f\u043e\u0434\u0434\u0435\u0440\u0436\u0438\u0432\u0430\u0435\u0442 \u043d\u0435\u0441\u043a\u043e\u043b\u044c\u043a\u043e \u043f\u043b\u0430\u0433\u0438\u043d\u043e\u0432, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043c\u043e\u0433\u0443\u0442 \u043a\u0440\u0430\u0441\u0442\u044c \u0434\u0430\u043d\u043d\u044b\u0435 \u0434\u043b\u044f \u0432\u0445\u043e\u0434\u0430 \u0438 \u0443\u0447\u0435\u0442\u043d\u044b\u0435 \u0434\u0430\u043d\u043d\u044b\u0435 FTP, \u0430\u0434\u0440\u0435\u0441\u0430 \u044d\u043b\u0435\u043a\u0442\u0440\u043e\u043d\u043d\u043e\u0439 \u043f\u043e\u0447\u0442\u044b, \u0444\u0430\u0439\u043b\u044b cookie \u0438 \u0434\u0440\u0443\u0433\u0443\u044e \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044e \u0438\u0437 \u0431\u0440\u0430\u0443\u0437\u0435\u0440\u043e\u0432, Outlook, Thunderbird, FileZilla \u0438 WinSCP.\n\n\u0422\u0435\u0445\u043d\u0438\u0447\u0435\u0441\u043a\u0438\u0439 \u0440\u0430\u0437\u0431\u043e\u0440 \u0432\u0441\u0435\u0439 \u0446\u0435\u043f\u043e\u0447\u043a\u0438 \u0437\u0430\u0440\u0430\u0436\u0435\u043d\u0438\u044f, \u0430 \u0442\u0430\u043a\u0436\u0435 IOCs - \u0432 \u043e\u0442\u0447\u0435\u0442\u0435.", "creation_timestamp": "2024-12-04T18:30:05.000000Z"}, {"uuid": "f9e1aecd-79f2-4b49-ac25-57422f637643", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2017-0199", "type": "published-proof-of-concept", "source": "https://t.me/true_secator/6034", "content": "Blackberry \u0440\u0430\u0441\u043a\u0440\u044b\u0432\u0430\u0435\u0442 \u043d\u043e\u0432\u0443\u044e \u0438\u043d\u0444\u0440\u0430\u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u0443 \u0438 TTPs SideWinder, \u0432 \u0440\u0430\u043c\u043a\u0430\u0445 \u043a\u0430\u043c\u043f\u0430\u043d\u0438\u0438, \u043d\u0430\u0446\u0435\u043b\u0435\u043d\u043d\u043e\u0439 \u00a0\u043d\u0430 \u043f\u043e\u0440\u0442\u044b \u0438 \u043c\u043e\u0440\u0441\u043a\u0438\u0435 \u0441\u043e\u043e\u0440\u0443\u0436\u0435\u043d\u0438\u044f \u0432 \u0418\u043d\u0434\u0438\u0439\u0441\u043a\u043e\u043c \u043e\u043a\u0435\u0430\u043d\u0435 \u0438 \u0421\u0440\u0435\u0434\u0438\u0437\u0435\u043c\u043d\u043e\u043c \u043c\u043e\u0440\u0435.\n\n\u0418\u043d\u0434\u0438\u0439\u0441\u043a\u0430\u044f SideWinder APT (Razor Tiger, Rattlesnake \u0438 T-APT-04) \u0434\u0435\u0439\u0441\u0442\u0432\u0443\u0435\u0442 \u043f\u043e \u043a\u0440\u0430\u0439\u043d\u0435\u0439 \u043c\u0435\u0440\u0435 \u0441 2012 \u0438 \u0440\u0430\u043d\u0435\u0435 \u0431\u044b\u043b\u0430 \u0437\u0430\u043c\u0435\u0447\u0435\u043d\u0430 \u0432 \u043d\u0430\u043f\u0430\u0434\u0435\u043d\u0438\u044f\u0445 \u043d\u0430 \u0432\u043e\u0435\u043d\u043d\u044b\u0435, \u043f\u0440\u0430\u0432\u0438\u0442\u0435\u043b\u044c\u0441\u0442\u0432\u0435\u043d\u043d\u044b\u0435 \u0438 \u043a\u043e\u043c\u043c\u0435\u0440\u0447\u0435\u0441\u043a\u0438\u0435 \u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u044b \u041f\u0430\u043a\u0438\u0441\u0442\u0430\u043d\u0430, \u0410\u0444\u0433\u0430\u043d\u0438\u0441\u0442\u0430\u043d\u0430, \u041a\u0438\u0442\u0430\u044f \u0438 \u041d\u0435\u043f\u0430\u043b\u0430.\n\n\u0414\u043e\u043c\u0435\u043d\u044b \u0438 \u0434\u043e\u043a\u0443\u043c\u0435\u043d\u0442\u044b, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u043c\u044b\u0435 \u0441 \u0434\u043e\u0441\u0442\u0430\u0432\u043a\u043e\u0439 \u043f\u0435\u0440\u0432\u043e\u0433\u043e \u044d\u0442\u0430\u043f\u0430, \u043f\u043e\u0434\u0440\u0430\u0437\u0443\u043c\u0435\u0432\u0430\u044e\u0442 \u0442\u0430\u0440\u0433\u0435\u0442\u0438\u043d\u0433 \u043d\u0430 \u041f\u0430\u043a\u0438\u0441\u0442\u0430\u043d, \u0415\u0433\u0438\u043f\u0435\u0442 \u0438 \u0428\u0440\u0438-\u041b\u0430\u043d\u043a\u0443.\n\n\u041f\u0440\u0438 \u044d\u0442\u043e\u043c \u0441\u0443\u0431\u0434\u043e\u043c\u0435\u043d\u044b \u0432\u0442\u043e\u0440\u043e\u0433\u043e \u044d\u0442\u0430\u043f\u0430, \u0443\u043a\u0430\u0437\u044b\u0432\u0430\u044e\u0442 \u043d\u0430 \u0434\u043e\u043f\u043e\u043b\u043d\u0438\u0442\u0435\u043b\u044c\u043d\u044b\u0439 \u0442\u0430\u0440\u0433\u0435\u0442\u0438\u043d\u0433 \u0432 \u043e\u0442\u043d\u043e\u0448\u0435\u043d\u0438\u0438 \u0411\u0430\u043d\u0433\u043b\u0430\u0434\u0435\u0448, \u041c\u044c\u044f\u043d\u043c\u044b, \u041d\u0435\u043f\u0430\u043b\u0430 \u0438 \u041c\u0430\u043b\u044c\u0434\u0438\u0432.\n\n\u041e\u0441\u043d\u043e\u0432\u044b\u0432\u0430\u044f\u0441\u044c \u043d\u0430 \u043f\u0440\u0435\u0434\u044b\u0434\u0443\u0449\u0438\u0445 \u043d\u0430\u0431\u043b\u044e\u0434\u0435\u043d\u0438\u044f\u0445, \u0446\u0435\u043b\u044c\u044e \u044d\u0442\u043e\u0439 \u043d\u043e\u0432\u043e\u0439 \u043a\u0430\u043c\u043f\u0430\u043d\u0438\u0438 SideWinder, \u043f\u043e \u0432\u0441\u0435\u0439 \u0432\u0438\u0434\u0438\u043c\u043e\u0441\u0442\u0438, \u044f\u0432\u043b\u044f\u0435\u0442\u0441\u044f \u0448\u043f\u0438\u043e\u043d\u0430\u0436 \u0438 \u0441\u0431\u043e\u0440 \u0440\u0430\u0437\u0432\u0435\u0434\u044b\u0432\u0430\u0442\u0435\u043b\u044c\u043d\u043e\u0439 \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438.\n\nSideWinder \u0442\u0440\u0430\u0434\u0438\u0446\u0438\u043e\u043d\u043d\u043e \u0440\u0435\u0430\u043b\u0438\u0437\u0443\u0435\u0442 \u043c\u0435\u0442\u043e\u0434\u044b \u0446\u0435\u043b\u0435\u0432\u043e\u0433\u043e \u0444\u0438\u0448\u0438\u043d\u0433\u0430 \u044d\u043b\u0435\u043a\u0442\u0440\u043e\u043d\u043d\u043e\u0439 \u043f\u043e\u0447\u0442\u044b, \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0434\u043e\u043a\u0443\u043c\u0435\u043d\u0442\u043e\u0432 \u0438 \u0431\u043e\u043a\u043e\u0432\u043e\u0439 \u0437\u0430\u0433\u0440\u0443\u0437\u043a\u0438 DLL, \u0447\u0442\u043e\u0431\u044b \u0438\u0437\u0431\u0435\u0436\u0430\u0442\u044c \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0438\u044f \u0438 \u0434\u043e\u0441\u0442\u0430\u0432\u0438\u0442\u044c \u0446\u0435\u043b\u0435\u0432\u044b\u0435 \u0438\u043c\u043f\u043b\u0430\u043d\u0442\u044b.\n\n\u041e\u0431\u044b\u0447\u043d\u043e \u0436\u0435\u0440\u0442\u0432\u0430 \u0437\u0430\u0433\u0440\u0443\u0436\u0430\u0435\u0442 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0439 \u0434\u043e\u043a\u0443\u043c\u0435\u043d\u0442 \u0441 \u043e\u0447\u0435\u043d\u044c \u043f\u043e\u0432\u0435\u0440\u0445\u043d\u043e\u0441\u0442\u043d\u044b\u043c \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0438\u0435\u043c \u043d\u0430 VirusTotal \u0438 \u043e\u0442\u043a\u0440\u044b\u0432\u0430\u0435\u0442 \u0435\u0433\u043e, \u0437\u0430\u043f\u0443\u0441\u043a\u0430\u044f \u0441\u043b\u0435\u0434\u0443\u044e\u0449\u0438\u0439 \u044d\u0442\u0430\u043f \u0446\u0435\u043f\u043e\u0447\u043a\u0438 \u0437\u0430\u0440\u0430\u0436\u0435\u043d\u0438\u044f.\n\n\u0412\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0439 \u0434\u043e\u043a\u0443\u043c\u0435\u043d\u0442 \u043e\u0447\u0435\u043d\u044c \u0442\u0449\u0430\u0442\u0435\u043b\u044c\u043d\u043e \u043f\u043e\u0434\u0433\u043e\u0442\u043e\u0432\u043b\u0435\u043d, \u0447\u0442\u043e\u0431\u044b \u0432\u044b\u0434\u0430\u0442\u044c \u0435\u0433\u043e \u0437\u0430 \u0440\u0435\u0430\u043b\u044c\u043d\u044b\u0439 \u0434\u043e\u043a\u0443\u043c\u0435\u043d\u0442 \u043e\u0444\u0438\u0446\u0438\u0430\u043b\u044c\u043d\u043e\u0439 \u043e\u0440\u0433\u0430\u043d\u0438\u0437\u0430\u0446\u0438\u0438, \u0443\u0436\u0435 \u0438\u0437\u0432\u0435\u0441\u0442\u043d\u043e\u0439 \u0446\u0435\u043b\u0438.\n\n\u0412 \u043d\u043e\u0432\u043e\u0439 \u043a\u0430\u043c\u043f\u0430\u043d\u0438\u0438 \u0444\u0430\u043b\u044c\u0441\u0438\u0444\u0438\u0446\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0435 \u0434\u043e\u043a\u0443\u043c\u0435\u043d\u0442\u044b \u0431\u044b\u043b\u0438 \u0441\u0432\u044f\u0437\u0430\u043d\u044b \u0441 \u043a\u043e\u043d\u043a\u0440\u0435\u0442\u043d\u043e\u0439 \u0438\u043d\u0444\u0440\u0430\u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u043e\u0439 \u043f\u043e\u0440\u0442\u0430 \u0410\u043b\u0435\u043a\u0441\u0430\u043d\u0434\u0440\u0438\u044f \u0432 \u0421\u0440\u0435\u0434\u0438\u0437\u0435\u043c\u043d\u043e\u043c \u043c\u043e\u0440\u0435, \u0442\u0430\u043a\u0436\u0435 \u041f\u043e\u0440\u0442\u043e\u0432\u043e\u0435 \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0435 \u0432 \u041a\u0440\u0430\u0441\u043d\u043e\u043c \u043c\u043e\u0440\u0435.\n\n\u0412\u0441\u0435 \u0437\u0430\u043c\u0435\u0447\u0435\u043d\u043d\u044b\u0435 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0435 \u0434\u043e\u043a\u0443\u043c\u0435\u043d\u0442\u044b \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0442 \u0442\u0435\u0445\u043d\u0438\u043a\u0443 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u0433\u043e \u0432\u043d\u0435\u0434\u0440\u0435\u043d\u0438\u044f \u0448\u0430\u0431\u043b\u043e\u043d\u0430 (CVE-2017-0199) \u0434\u043b\u044f \u043f\u043e\u043b\u0443\u0447\u0435\u043d\u0438\u044f \u043d\u0430\u0447\u0430\u043b\u044c\u043d\u043e\u0433\u043e \u0434\u043e\u0441\u0442\u0443\u043f\u0430 \u043a \u0441\u0438\u0441\u0442\u0435\u043c\u0435 \u0446\u0435\u043b\u0438.\n\n\u0422\u0435\u043b\u043e \u0434\u043e\u043a\u0443\u043c\u0435\u043d\u0442\u0430, \u043e\u0442\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043d\u043e\u0433\u043e \u0432 \u0432\u0438\u0434\u0435 \u0444\u0438\u0448\u0438\u043d\u0433\u043e\u0432\u043e\u0433\u043e \u043f\u0438\u0441\u044c\u043c\u0430, \u0441\u043e\u0434\u0435\u0440\u0436\u0438\u0442 URL \u0432 \u0432\u0438\u0434\u0435 \u043e\u0431\u044b\u0447\u043d\u043e\u0433\u043e \u0442\u0435\u043a\u0441\u0442\u0430, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u0432\u0435\u0434\u0435\u0442 \u043d\u0430 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0439 \u0441\u0430\u0439\u0442, \u043e\u0442\u043a\u0443\u0434\u0430 \u0437\u0430\u0433\u0440\u0443\u0436\u0430\u0435\u0442\u0441\u044f \u0444\u0430\u0439\u043b \u0441\u043b\u0435\u0434\u0443\u044e\u0449\u0435\u0433\u043e \u044d\u0442\u0430\u043f\u0430.\n\n\u0414\u0430\u043b\u0435\u0435 \u0444\u0430\u0439\u043b \u0432 \u0444\u043e\u0440\u043c\u0430\u0442\u0435 RTF \u0437\u0430\u0433\u0440\u0443\u0436\u0430\u0435\u0442 \u0434\u043e\u043a\u0443\u043c\u0435\u043d\u0442, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2017-11882. \u041e\u043d \u0441\u043e\u0434\u0435\u0440\u0436\u0438\u0442 \u0448\u0435\u043b\u043b\u043a\u043e\u0434, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0435\u0442\u0441\u044f \u043f\u043e\u0441\u043b\u0435 \u043e\u0442\u043a\u0440\u044b\u0442\u0438\u044f \u0444\u0430\u0439\u043b\u0430.\n\n\u041f\u0440\u0438\u0447\u0435\u043c \u0432\u00a0\u043f\u0440\u0435\u0434\u044b\u0434\u0443\u0449\u0435\u0439 \u043a\u0430\u043c\u043f\u0430\u043d\u0438\u0438 SideWinder\u00a0\u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u0430\u044f \u041f\u041e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b\u0430 JavaScript, \u0441\u043a\u0440\u044b\u0442\u044b\u0439 \u0432 \u0444\u0430\u0439\u043b\u0435 RTF.\n\n\u0426\u0435\u043b\u044c\u044e \u0448\u0435\u043b\u043b-\u043a\u043e\u0434\u0430 \u044f\u0432\u043b\u044f\u0435\u0442\u0441\u044f \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0430 \u0441\u0438\u0441\u0442\u0435\u043c\u044b \u0436\u0435\u0440\u0442\u0432\u044b, \u0447\u0442\u043e\u0431\u044b \u0443\u0432\u0438\u0434\u0435\u0442\u044c, \u044f\u0432\u043b\u044f\u0435\u0442\u0441\u044f \u043b\u0438 \u0441\u0438\u0441\u0442\u0435\u043c\u0430 \u0440\u0435\u0430\u043b\u044c\u043d\u043e\u0439, \u0430 \u043d\u0435 \u0432\u0438\u0440\u0442\u0443\u0430\u043b\u044c\u043d\u043e\u0439 \u0441\u0440\u0435\u0434\u043e\u0439.\n\n\u041f\u043e\u0441\u043b\u0435 \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0438 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u0430 \u0440\u0430\u0441\u0448\u0438\u0444\u0440\u043e\u0432\u044b\u0432\u0430\u0435\u0442 \u0438 \u0437\u0430\u043f\u0443\u0441\u043a\u0430\u0435\u0442 \u043d\u0435\u0431\u043e\u043b\u044c\u0448\u043e\u0439 \u043a\u043e\u0434 JavaScript, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u0433\u0440\u0443\u0437\u0438\u0442 \u0441\u043b\u0435\u0434\u0443\u044e\u0449\u0438\u0439 \u044d\u0442\u0430\u043f \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u0441 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u0433\u043e \u0441\u0435\u0440\u0432\u0435\u0440\u0430 - \u0442\u0430\u043a\u0436\u0435 \u043a\u043e\u0434\u043e\u043c JavaScript (\u043d\u043e \u0437\u0430\u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u043e\u0431\u0440\u0430\u0437\u0446\u044b \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0435\u0433\u043e \u044d\u0442\u0430\u043f\u0430 \u043d\u0435 \u0443\u0434\u0430\u043b\u043e\u0441\u044c).\n\n\u041f\u043e\u0434\u0440\u043e\u0431\u043d\u044b\u0439 \u0440\u0430\u0437\u0431\u043e\u0440 \u043f\u043e \u0438\u043d\u0444\u0440\u0430\u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u0435 \u04212 \u0441 \u0433\u0435\u043e\u0442\u0430\u0440\u0433\u0435\u0442\u0438\u0440\u0432\u043e\u0430\u043d\u0438\u0435\u043c, \u0430 \u0442\u0430\u043a\u0436\u0435 \u0438\u043d\u0434\u0438\u043a\u0430\u0442\u043e\u0440\u044b \u043a\u043e\u043c\u043f\u0440\u043e\u043c\u0435\u0442\u0430\u0446\u0438\u0438 - \u0432 \u043e\u0442\u0447\u0435\u0442\u0435.", "creation_timestamp": "2024-07-29T20:00:07.000000Z"}, {"uuid": "a3391b58-4c43-4692-a638-66e8b20d029b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2017-0199", "type": "published-proof-of-concept", "source": "https://t.me/true_secator/3929", "content": "Group-IB\u00a0\u0440\u0430\u0441\u0447\u0435\u0445\u043b\u0438\u043b\u0430 Dark Pink APT, \u043f\u0440\u0438\u0447\u0430\u0441\u0442\u043d\u0443\u044e \u043a \u0430\u0442\u0430\u043a\u0430\u043c \u043d\u0430 \u043f\u0440\u0430\u0432\u0438\u0442\u0435\u043b\u044c\u0441\u0442\u0432\u0435\u043d\u043d\u044b\u0435 \u0443\u0447\u0440\u0435\u0436\u0434\u0435\u043d\u0438\u044f \u0438 \u0432\u043e\u0435\u043d\u043d\u044b\u0435 \u043e\u0431\u044a\u0435\u043a\u0442\u044b \u0432 \u0410\u0437\u0438\u0430\u0442\u0441\u043a\u043e-\u0422\u0438\u0445\u043e\u043e\u043a\u0435\u0430\u043d\u0441\u043a\u043e\u043c \u0440\u0435\u0433\u0438\u043e\u043d\u0435 \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u044c\u043d\u043e\u0433\u043e \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u043e\u0433\u043e \u041f\u041e \u0434\u043b\u044f \u043a\u0440\u0430\u0436\u0438 \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438.\n\n\u0420\u0430\u043d\u0435\u0435 \u0410\u0420\u0422 \u0443\u0436\u0435 \u043f\u043e\u043f\u0430\u0434\u0430\u043b\u0430 \u0432 \u043f\u043e\u043b\u0435 \u0437\u0440\u0435\u043d\u0438\u044f \u043a\u0438\u0442\u0430\u0439\u0441\u043a\u0438\u0445 \u0440\u0435\u0441\u0435\u0440\u0447\u0435\u0440\u043e\u0432 \u0438\u0437 Anheng Hunting Labs, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u044e\u0442 \u0433\u0440\u0443\u043f\u043f\u0438\u0440\u043e\u0432\u043a\u0443 \u043a\u0430\u043a Saaiwc Group. \u0412 \u043e\u0442\u0447\u0435\u0442\u0435\u00a0\u043e\u043f\u0438\u0441\u044b\u0432\u0430\u044e\u0442\u0441\u044f \u043d\u0435\u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0446\u0435\u043f\u043e\u0447\u043a\u0438 \u0430\u0442\u0430\u043a, \u043e\u0434\u043d\u0430 \u0438\u0437 \u043a\u043e\u0442\u043e\u0440\u044b\u0445 \u0440\u0435\u0430\u043b\u0438\u0437\u043e\u0432\u0430\u043d\u0430 \u043d\u0430 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0438 \u0448\u0430\u0431\u043b\u043e\u043d\u0430 Microsoft Office \u0441 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u043c \u043c\u0430\u043a\u0440\u043e\u0441\u043e\u0432 \u0434\u043b\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0441\u0442\u0430\u0440\u043e\u0439 \u0438 \u043e\u043f\u0430\u0441\u043d\u043e\u0439 CVE-2017-0199.\n\nGroup-IB \u043e\u0442\u043c\u0435\u0442\u0438\u043b\u0430, \u0447\u0442\u043e Dark Pink \u0441\u0432\u043e\u0439\u0441\u0442\u0432\u0435\u043d\u043d\u044b \u0443\u043d\u0438\u043a\u0430\u043b\u044c\u043d\u044b\u0435 TTP, \u0430 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u043d\u044b\u0439 \u0432 \u0430\u0442\u0430\u043a\u0430\u0445 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044c\u0441\u043a\u0438\u0439 \u043d\u0430\u0431\u043e\u0440 \u0438\u043d\u0441\u0442\u0440\u0443\u043c\u0435\u043d\u0442\u043e\u0432 \u043c\u043e\u0436\u0435\u0442 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c\u0441\u044f \u0434\u043b\u044f \u043a\u0440\u0430\u0436\u0438 \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438 \u0438 \u0440\u0430\u0441\u043f\u0440\u043e\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0445 \u041f\u041e \u0447\u0435\u0440\u0435\u0437 USB-\u043d\u0430\u043a\u043e\u043f\u0438\u0442\u0435\u043b\u0438.\n\n\u0417\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442 \u043d\u0435\u043e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043d\u043d\u0443\u044e \u0437\u0430\u0433\u0440\u0443\u0437\u043a\u0443 DLL \u0438 \u043c\u0435\u0442\u043e\u0434\u044b \u0437\u0430\u043f\u0443\u0441\u043a\u0430 \u043f\u043e \u0441\u043e\u0431\u044b\u0442\u0438\u044e \u0434\u043b\u044f \u0438\u0437\u0432\u043b\u0435\u0447\u0435\u043d\u0438\u044f \u043f\u043e\u043b\u0435\u0437\u043d\u044b\u0445 \u043d\u0430\u0433\u0440\u0443\u0437\u043e\u043a \u0432 \u0441\u0438\u0441\u0442\u0435\u043c\u0430\u0445 \u0436\u0435\u0440\u0442\u0432.\n\n\u0426\u0435\u043b\u044c \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430 \u2014 \u043a\u0440\u0430\u0436\u0430 \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438 \u0438\u0437 \u0431\u0440\u0430\u0443\u0437\u0435\u0440\u043e\u0432, \u043f\u043e\u043b\u0443\u0447\u0435\u043d\u0438\u0435 \u0434\u043e\u0441\u0442\u0443\u043f\u0430 \u043a \u043c\u0435\u0441\u0441\u0435\u043d\u0434\u0436\u0435\u0440\u0430\u043c, \u044d\u043a\u0441\u0444\u0438\u043b\u044c\u0442\u0440\u0430\u0446\u0438\u044f \u0434\u043e\u043a\u0443\u043c\u0435\u043d\u0442\u043e\u0432 \u0438 \u043f\u0435\u0440\u0435\u0445\u0432\u0430\u0442 \u0430\u043a\u0443\u0441\u0442\u0438\u0447\u0435\u0441\u043a\u043e\u0439 \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438 \u0441 \u043c\u0438\u043a\u0440\u043e\u0444\u043e\u043d\u0430 \u0437\u0430\u0440\u0430\u0436\u0435\u043d\u043d\u043e\u0433\u043e \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430.\n\n\u041a\u0430\u043a \u043f\u043e\u043b\u0430\u0433\u0430\u044e\u0442 \u0440\u0435\u0441\u0435\u0440\u0447\u0435\u0440\u044b, \u0437\u0430 \u043f\u0435\u0440\u0438\u043e\u0434 \u0441 \u0438\u044e\u043d\u044f \u043f\u043e \u0434\u0435\u043a\u0430\u0431\u0440\u044c 2022 \u0433\u043e\u0434\u0430 Dark Pink \u0443\u0434\u0430\u043b\u043e\u0441\u044c \u0440\u0435\u0430\u043b\u0438\u0437\u043e\u0432\u0430\u0442\u044c \u043d\u0435 \u043c\u0435\u043d\u0435\u0435 \u0441\u0435\u043c\u0438 \u0443\u0441\u043f\u0435\u0448\u043d\u044b\u0445 \u0430\u0442\u0430\u043a.\n\n\u0422\u0438\u043f\u0438\u0447\u043d\u044b\u0439 \u043f\u0435\u0440\u0432\u043e\u043d\u0430\u0447\u0430\u043b\u044c\u043d\u044b\u0439 \u0432\u0435\u043a\u0442\u043e\u0440 \u0430\u0442\u0430\u043a Dark Pink \u2014 \u0444\u0438\u0448\u0438\u043d\u0433\u043e\u0432\u044b\u0435 \u044d\u043b\u0435\u043a\u0442\u0440\u043e\u043d\u043d\u044b\u0435 \u043f\u0438\u0441\u044c\u043c\u0430 \u043f\u043e \u0442\u0435\u043c\u0435 \u043f\u0440\u0438\u0435\u043c\u0430 \u043d\u0430 \u0440\u0430\u0431\u043e\u0442\u0443, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043e\u0431\u043c\u0430\u043d\u043d\u044b\u043c \u043f\u0443\u0442\u0435\u043c \u0437\u0430\u0441\u0442\u0430\u0432\u043b\u044f\u043b\u0438 \u0436\u0435\u0440\u0442\u0432\u0443 \u0437\u0430\u0433\u0440\u0443\u0436\u0430\u0442\u044c \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0439 \u0444\u0430\u0439\u043b \u043e\u0431\u0440\u0430\u0437\u0430 ISO.\n\n\u041d\u043e \u0431\u044b\u043b\u0438 \u0432\u044b\u044f\u0432\u043b\u0435\u043d\u044b \u0438 \u0434\u0440\u0443\u0433\u0438\u0435 \u0432\u0430\u0440\u0438\u0430\u043d\u0442\u044b \u0446\u0435\u043f\u043e\u0447\u043a\u0438 \u0430\u0442\u0430\u043a. \u0412 \u0447\u0430\u0441\u0442\u043d\u043e\u0441\u0442\u0438, \u0430\u043a\u0442\u043e\u0440 \u0442\u0430\u043a\u0436\u0435 \u043f\u0440\u0438\u043c\u0435\u043d\u044f\u043b ISO-\u0444\u0430\u0439\u043b \u0441 \u0434\u043e\u043a\u0443\u043c\u0435\u043d\u0442-\u043f\u0440\u0438\u043c\u0430\u043d\u043a\u043e\u0439, \u043f\u043e\u0434\u043f\u0438\u0441\u0430\u043d\u043d\u044b\u043c \u0438\u0441\u043f\u043e\u043b\u043d\u044f\u0435\u043c\u044b\u043c \u0444\u0430\u0439\u043b\u043e\u043c \u0438 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u043c DLL, \u0447\u0442\u043e \u043f\u0440\u0438\u0432\u043e\u0434\u0438\u043b\u043e \u043a \u0440\u0430\u0437\u0432\u0435\u0440\u0442\u044b\u0432\u0430\u043d\u0438\u044e \u043e\u0434\u043d\u043e\u0433\u043e \u0438\u0437 \u0434\u0432\u0443\u0445 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044c\u0441\u043a\u0438\u0445 \u0441\u0442\u0438\u043b\u043b\u0435\u0440\u043e\u0432 \u043f\u043e\u0441\u0440\u0435\u0434\u0441\u0442\u0432\u043e\u043c \u0431\u043e\u043a\u043e\u0432\u043e\u0439 \u0437\u0430\u0433\u0440\u0443\u0437\u043a\u0438 DLL.\n\nCucky \u0438 Ctealer \u2014 \u044d\u0442\u043e \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u044c\u043d\u044b\u0435 \u041f\u041e \u0434\u043b\u044f \u043a\u0440\u0430\u0436\u0438 \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438, \u043d\u0430\u043f\u0438\u0441\u0430\u043d\u043d\u044b\u0435 \u043d\u0430 .NET \u0438 C++ \u0441\u043e\u043e\u0442\u0432\u0435\u0442\u0441\u0442\u0432\u0435\u043d\u043d\u043e, \u043d\u0430\u0446\u0435\u043b\u0435\u043d\u043d\u044b\u0435 \u043d\u0430 \u0438\u0437\u0432\u043b\u0435\u0447\u0435\u043d\u0438\u0435 \u043f\u0430\u0440\u043e\u043b\u0435\u0439, \u0438\u0441\u0442\u043e\u0440\u0438\u0438 \u043f\u0440\u043e\u0441\u043c\u043e\u0442\u0440\u043e\u0432, \u0441\u043e\u0445\u0440\u0430\u043d\u0435\u043d\u043d\u044b\u0445 \u043b\u043e\u0433\u0438\u043d\u043e\u0439 \u0438 \u0444\u0430\u0439\u043b\u043e\u0432 cookie \u0438\u0437 \u0432\u0441\u0435\u0445 \u0438\u0437\u0432\u0435\u0441\u0442\u043d\u044b\u0445 \u0432\u0435\u0431-\u0431\u0440\u0430\u0443\u0437\u0435\u0440\u043e\u0432.\n\n\u041d\u0430 \u0441\u043b\u0435\u0434\u0443\u044e\u0449\u0435\u043c \u044d\u0442\u0430\u043f\u0435 \u0441\u0431\u0440\u0430\u0441\u044b\u0432\u0430\u043b\u0441\u044f \u0438\u043c\u043f\u043b\u0430\u043d\u0442\u0430\u043d\u0442 \u0440\u0435\u0435\u0441\u0442\u0440\u0430 \u043f\u043e\u0434 \u043d\u0430\u0437\u0432\u0430\u043d\u0438\u0435\u043c TelePowerBot, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u0437\u0430\u043f\u0443\u0441\u043a\u0430\u0435\u0442\u0441\u044f \u0447\u0435\u0440\u0435\u0437 \u0441\u043a\u0440\u0438\u043f\u0442 \u043f\u0440\u0438 \u0437\u0430\u0433\u0440\u0443\u0437\u043a\u0435 \u0441\u0438\u0441\u0442\u0435\u043c\u044b \u0438 \u043f\u043e\u0434\u043a\u043b\u044e\u0447\u0430\u0435\u0442\u0441\u044f \u043a \u043a\u0430\u043d\u0430\u043b\u0443 Telegram, \u043e\u0442\u043a\u0443\u0434\u0430 \u043e\u043d \u043f\u043e\u043b\u0443\u0447\u0430\u0435\u0442 \u043a\u043e\u043c\u0430\u043d\u0434\u044b PowerShell \u0434\u043b\u044f \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f.\n\n\u041a\u0430\u043a \u043f\u0440\u0430\u0432\u0438\u043b\u043e, \u043a\u043e\u043c\u0430\u043d\u0434\u044b \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0442 \u0437\u0430\u043f\u0443\u0441\u043a\u0430\u0442\u044c \u043f\u0440\u043e\u0441\u0442\u044b\u0435 \u043a\u043e\u043d\u0441\u043e\u043b\u044c\u043d\u044b\u0435 \u0438\u043d\u0441\u0442\u0440\u0443\u043c\u0435\u043d\u0442\u044b \u0438\u043b\u0438 \u0441\u043b\u043e\u0436\u043d\u044b\u0435 \u0441\u0446\u0435\u043d\u0430\u0440\u0438\u0438 PowerShell, \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0438\u0432\u0430\u044e\u0449\u0438\u0435 \u0431\u043e\u043a\u043e\u0432\u043e\u0435 \u043f\u0435\u0440\u0435\u043c\u0435\u0449\u0435\u043d\u0438\u0435 \u0447\u0435\u0440\u0435\u0437 \u0441\u044a\u0435\u043c\u043d\u044b\u0435 USB-\u043d\u0430\u043a\u043e\u043f\u0438\u0442\u0435\u043b\u0438.\n\n\u0414\u0440\u0443\u0433\u043e\u0439 \u0432\u0430\u0440\u0438\u0430\u043d\u0442 \u0432\u043a\u043b\u044e\u0447\u0430\u043b \u0434\u043e\u043a\u0443\u043c\u0435\u043d\u0442 Microsoft Office (.DOC) \u0432\u043d\u0443\u0442\u0440\u0438 \u0444\u0430\u0439\u043b\u0430 ISO, \u043f\u0440\u0438 \u043e\u0442\u043a\u0440\u044b\u0442\u0438\u0438 \u043a\u043e\u0442\u043e\u0440\u043e\u0433\u043e \u0441 GitHub \u0438\u0437\u0432\u043b\u0435\u043a\u0430\u043b\u0441\u044f \u0448\u0430\u0431\u043b\u043e\u043d \u0441 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u043c \u043c\u0430\u043a\u0440\u043e\u0441\u043e\u043c, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u0440\u0435\u0430\u043b\u0438\u0437\u043e\u0432\u044b\u0432\u0430\u043b \u0437\u0430\u0433\u0440\u0443\u0437\u043a\u0443 TelePowerBot \u0438 \u0432\u043d\u0435\u0441\u0435\u043d\u0438\u0435 \u0438\u0437\u043c\u0435\u043d\u0435\u043d\u0438\u0439 \u0432 \u0440\u0435\u0435\u0441\u0442\u0440 Windows.\n\n\u0422\u0440\u0435\u0442\u044c\u044f \u0446\u0435\u043f\u043e\u0447\u043a\u0430 \u0430\u0442\u0430\u043a, \u043f\u0440\u0430\u043a\u0442\u0438\u043a\u043e\u0432\u0430\u0432\u0448\u0430\u044f\u0441\u044f \u0432 \u0434\u0435\u043a\u0430\u0431\u0440\u0435 2022 \u0433\u043e\u0434\u0430, \u0431\u044b\u043b\u0430 \u0438\u0434\u0435\u043d\u0442\u0438\u0447\u043d\u0430 \u043f\u0435\u0440\u0432\u043e\u0439.\u00a0\u041e\u0434\u043d\u0430\u043a\u043e \u0432\u043c\u0435\u0441\u0442\u043e TelePowerBot \u0437\u0430\u0433\u0440\u0443\u0436\u0430\u043b\u043e\u0441\u044c \u0434\u0440\u0443\u0433\u043e\u0435 \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u044c\u043d\u043e\u0435 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u043e\u0435 \u041f\u041e, \u043a\u043e\u0442\u043e\u0440\u043e\u0435 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u043d\u0430\u0437\u044b\u0432\u0430\u044e\u0442 KamiKakaBot, \u043f\u0440\u0435\u0434\u043d\u0430\u0437\u043d\u0430\u0447\u0435\u043d\u043d\u044b\u0439 \u0434\u043b\u044f \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u043a\u043e\u043c\u0430\u043d\u0434.\n\nKamiKakaBot \u2014 \u044d\u0442\u043e .NET-\u0432\u0435\u0440\u0441\u0438\u044f TelePowerBot, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u0442\u0430\u043a\u0436\u0435 \u043e\u0431\u043b\u0430\u0434\u0430\u0435\u0442 \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e\u0441\u0442\u044f\u043c\u0438 \u043a\u0440\u0430\u0436\u0438 \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438, \u043d\u0430\u0446\u0435\u043b\u0435\u043d\u043d\u043e\u0439 \u043d\u0430 \u0434\u0430\u043d\u043d\u044b\u0435, \u0445\u0440\u0430\u043d\u044f\u0449\u0438\u0435\u0441\u044f \u0432 \u0431\u0440\u0430\u0443\u0437\u0435\u0440\u0430\u0445 \u043d\u0430 \u043e\u0441\u043d\u043e\u0432\u0435 Chrome \u0438 Firefox.\n\n\u041f\u043e\u043c\u0438\u043c\u043e \u043d\u0430\u0437\u0432\u0430\u043d\u043d\u044b\u0445 \u0438\u043d\u0441\u0442\u0440\u0443\u043c\u0435\u043d\u0442\u043e\u0432 Dark Pink \u0442\u0430\u043a\u0436\u0435 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b\u0438 \u0441\u043a\u0440\u0438\u043f\u0442 \u0434\u043b\u044f \u0437\u0430\u043f\u0438\u0441\u0438 \u0437\u0432\u0443\u043a\u0430 \u0447\u0435\u0440\u0435\u0437 \u043c\u0438\u043a\u0440\u043e\u0444\u043e\u043d \u0432 \u043c\u0438\u043d\u0443\u0442\u043d\u043e\u043c \u0438\u043d\u0442\u0435\u0440\u0432\u0430\u043b\u0435.\u00a0\u0414\u0430\u043d\u043d\u044b\u0435 \u0441\u043e\u0445\u0440\u0430\u043d\u044f\u044e\u0442\u0441\u044f \u0432 \u0432\u0438\u0434\u0435 ZIP-\u0430\u0440\u0445\u0438\u0432\u0430 \u0432\u043e \u0432\u0440\u0435\u043c\u0435\u043d\u043d\u043e\u0439 \u043f\u0430\u043f\u043a\u0435 Windows, \u043f\u043e\u0441\u043b\u0435 \u0447\u0435\u0433\u043e \u043f\u0435\u0440\u0435\u0434\u0430\u044e\u0442\u0441\u044f \u0447\u0435\u0440\u0435\u0437 Telegram-\u0431\u043e\u0442.\n\n\u041a\u0440\u043e\u043c\u0435 \u0442\u043e\u0433\u043e, \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u044c\u043d\u0443\u044e \u0443\u0442\u0438\u043b\u0438\u0442\u0443 ZMsg \u0434\u043b\u044f \u044d\u043a\u0441\u0444\u0438\u043b\u044c\u0442\u0440\u0430\u0446\u0438\u0438 \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438 \u0438\u0437 \u043c\u0435\u0441\u0441\u0435\u043d\u0434\u0436\u0435\u0440\u043e\u0432, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043a\u0440\u0430\u0434\u0435\u0442 \u043f\u0435\u0440\u0435\u043f\u0438\u0441\u043a\u0443 \u0438\u0437 Viber, Telegram \u0438 Zalo.\n\n\u0420\u0435\u0437\u0443\u043b\u044c\u0442\u0430\u0442\u044b \u0430\u043d\u0430\u043b\u0438\u0437\u0430 \u0430\u043a\u0442\u0438\u0432\u043d\u043e\u0441\u0442\u0438 Dark Pink \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u043b\u0438 \u0441 \u0432\u044b\u0441\u043e\u043a\u043e\u0439 \u0432\u0435\u0440\u043e\u044f\u0442\u043d\u043e\u0441\u0442\u044c\u044e Group-IB \u043a\u043e\u043d\u0441\u0442\u0430\u0442\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u0443\u0441\u043f\u0435\u0445 \u0441\u0435\u043c\u0438 \u0430\u0442\u0430\u043a, \u043e\u0434\u043d\u0430\u043a\u043e \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u043f\u043e\u043b\u0430\u0433\u0430\u044e\u0442, \u0447\u0442\u043e \u0438\u0445 \u043c\u043e\u0433\u043b\u043e \u0431\u044b\u0442\u044c \u0437\u043d\u0430\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e \u0431\u043e\u043b\u044c\u0448\u0435.", "creation_timestamp": "2023-01-12T12:39:51.000000Z"}, {"uuid": "5eff601b-522f-412f-9677-19b80fbf7155", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2017-0199", "type": "exploited", "source": "https://t.me/true_secator/4699", "content": "\u0420\u0435\u0441\u0435\u0440\u0447\u0435\u0440\u044b \u0438\u0437 \u041b\u0430\u0431\u043e\u0440\u0430\u0442\u043e\u0440\u0438\u0438 \u041a\u0430\u0441\u043f\u0435\u0440\u0441\u043a\u043e\u0433\u043e \u043f\u0440\u043e\u0434\u043e\u043b\u0436\u0430\u044e\u0442 \u0441\u043b\u0435\u0434\u0438\u0442\u044c \u0437\u0430 \u0442\u0435\u043c, \u0447\u0442\u043e \u043f\u0440\u043e\u0438\u0441\u0445\u043e\u0434\u0438\u0442 \u0432 crimeware, \u0430\u043d\u0430\u043b\u0438\u0437\u0438\u0440\u0443\u044f \u043d\u0430\u0439\u0434\u0435\u043d\u043d\u044b\u0435 \u043e\u0431\u0440\u0430\u0437\u0446\u044b \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u043e\u0433\u043e \u041f\u041e, \u043d\u0430\u0431\u043b\u044e\u0434\u0430\u044f \u0437\u0430 \u0431\u043e\u0442\u043d\u0435\u0442\u0430\u043c\u0438 \u0438 \u0430\u043a\u0442\u0438\u0432\u043d\u043e\u0441\u0442\u044c\u044e \u043d\u0430 \u0442\u0435\u043d\u0435\u0432\u044b\u0445 \u0444\u043e\u0440\u0443\u043c\u0430\u0445.\n\n\u0412 \u0441\u0432\u043e\u0435\u043c \u043e\u0442\u0447\u0435\u0442\u0435 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u0440\u0430\u0441\u0441\u043a\u0430\u0437\u044b\u0432\u0430\u044e\u0442 \u043e \u043d\u043e\u0432\u044b\u0445 \u043e\u0431\u0440\u0430\u0437\u0446\u0430\u0445\u00a0Emotet \u0438 \u0437\u0430\u0433\u0440\u0443\u0437\u0447\u0438\u043a\u0430 DarkGate, \u0430 \u0442\u0430\u043a\u0436\u0435 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0435\u0439 \u043a\u0430\u043c\u043f\u0430\u043d\u0438\u0438 \u0441 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435\u043c\u00a0\u0441\u0442\u0438\u043b\u0435\u0440\u0430 LokiBot.\n\n\u0412 \u0438\u044e\u043d\u0435 2023\u00a0\u0433\u043e\u0434\u0430 \u0438\u0437\u0432\u0435\u0441\u0442\u043d\u044b\u0439 \u0432 \u0434\u0430\u0440\u043a\u043d\u0435\u0442\u0435 \u0440\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u0447\u0438\u043a \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u043e\u0433\u043e \u041f\u041e \u043f\u0440\u0435\u0437\u0435\u043d\u0442\u043e\u0432\u0430\u043b \u0441\u0432\u043e\u044e \u043d\u043e\u0432\u0443\u044e \u0440\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u043a\u0443 - DarkGate, \u043d\u0430 \u043a\u043e\u0442\u043e\u0440\u0443\u044e \u043f\u043e\u0442\u0440\u0430\u0442\u0438\u043b \u0431\u043e\u043b\u0435\u0435 20\u00a0000\u00a0\u0447\u0430\u0441\u043e\u0432, \u043d\u0430\u0447\u0438\u043d\u0430\u044f \u0441 2017 \u0433\u043e\u0434\u0430.\n\n\u041d\u043e\u0432\u044b\u0439 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0439 \u0437\u0430\u0433\u0440\u0443\u0437\u0447\u0438\u043a \u043e\u0431\u043b\u0430\u0434\u0430\u0435\u0442 \u0440\u0430\u0441\u0448\u0438\u0440\u0435\u043d\u043d\u044b\u043c\u0438 \u0444\u0443\u043d\u043a\u0446\u0438\u044f\u043c\u0438, \u0432\u043a\u043b\u044e\u0447\u0430\u044f \u0442\u0430\u043a\u0438\u0435 \u043e\u0441\u043d\u043e\u0432\u043d\u044b\u0435, \u043a\u0430\u043a: \u0441\u043a\u0440\u044b\u0442\u043e\u0435 VNC-\u043f\u043e\u0434\u043a\u043b\u044e\u0447\u0435\u043d\u0438\u0435, \u043e\u0431\u0445\u043e\u0434 \u0417\u0430\u0449\u0438\u0442\u043d\u0438\u043a\u0430 Windows, \u043a\u0440\u0430\u0436\u0430 \u0438\u0441\u0442\u043e\u0440\u0438\u0438 \u0431\u0440\u0430\u0443\u0437\u0435\u0440\u0430 \u0438 \u0442\u043e\u043a\u0435\u043d\u043e\u0432 Discord, \u043e\u0431\u0440\u0430\u0442\u043d\u044b\u0439 \u043f\u0440\u043e\u043a\u0441\u0438, \u0444\u0430\u0439\u043b\u043e\u0432\u044b\u0439 \u043c\u0435\u043d\u0435\u0434\u0436\u0435\u0440.\n\n\u041f\u043e\u043b\u043d\u0430\u044f \u0446\u0435\u043f\u043e\u0447\u043a\u0430 \u0437\u0430\u0440\u0430\u0436\u0435\u043d\u0438\u044f \u0441\u043e\u0441\u0442\u043e\u0438\u0442 \u0438\u0437 4 \u044d\u0442\u0430\u043f\u043e\u0432: VBS-\u0437\u0430\u0433\u0440\u0443\u0437\u0447\u0438\u043a, \u0441\u043a\u0440\u0438\u043f\u0442 AutoIT V3, \u0448\u0435\u043b\u043b-\u043a\u043e\u0434 \u0438 \u0438\u0441\u043f\u043e\u043b\u043d\u0438\u0442\u0435\u043b\u044c DarkGate.\n\n\u0417\u0430\u0433\u0440\u0443\u0437\u0447\u0438\u043a DarkGate \u0441\u043e\u0434\u0435\u0440\u0436\u0438\u0442 17 \u0433\u043b\u043e\u0431\u0430\u043b\u044c\u043d\u044b\u0445 \u043f\u0435\u0440\u0435\u043c\u0435\u043d\u043d\u044b\u0445 (Delphi TStringList), \u043e\u043f\u0438\u0441\u044b\u0432\u0430\u044e\u0449\u0438\u0445  \u043e\u0441\u043d\u043e\u0432\u043d\u044b\u0435 \u0444\u0443\u043d\u043a\u0446\u0438\u0438 \u0437\u043b\u043e\u0432\u0440\u0435\u0434\u0430, \u0432 \u0447\u0438\u0441\u043b\u043e \u043a\u043e\u0442\u043e\u0440\u044b\u0445 \u043d\u0435 \u0432\u0445\u043e\u0434\u0438\u0442 \u0437\u0430\u0433\u0440\u0443\u0437\u043a\u0430 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u043e\u0433\u043e \u041f\u041e, \u0434\u043b\u044f \u044d\u0442\u043e\u0433\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442\u0441\u044f \u043e\u0442\u0434\u0435\u043b\u044c\u043d\u044b\u0439 \u043c\u043e\u0434\u0443\u043b\u044c.\n\n\u0418\u043d\u0442\u0435\u0440\u0435\u0441 \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 \u0442\u0430\u043a\u0436\u0435 \u0441\u043f\u043e\u0441\u043e\u0431 \u0448\u0438\u0444\u0440\u043e\u0432\u0430\u043d\u0438\u044f \u0441\u0442\u0440\u043e\u043a. \u041a\u0430\u0436\u0434\u0430\u044f \u0441\u0442\u0440\u043e\u043a\u0430 \u0448\u0438\u0444\u0440\u0443\u0435\u0442\u0441\u044f \u0441 \u0443\u043d\u0438\u043a\u0430\u043b\u044c\u043d\u044b\u043c \u043a\u043b\u044e\u0447\u043e\u043c \u0438 \u043c\u043e\u0434\u0438\u0444\u0438\u0446\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u0439 \u0432\u0435\u0440\u0441\u0438\u0435\u0439 \u043a\u043e\u0434\u0438\u0440\u043e\u0432\u043a\u0438 Base64 (\u0441 \u0441\u043e\u0431\u0441\u0442\u0432\u0435\u043d\u043d\u044b\u043c \u043d\u0430\u0431\u043e\u0440\u043e\u043c \u0441\u0438\u043c\u0432\u043e\u043b\u043e\u0432).\n\n\u041d\u043e\u0432\u0430\u044f \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u043d\u0430\u044f \u043a\u0430\u043c\u043f\u0430\u043d\u0438\u044f \u0441 LokiBot (\u043e\u0431\u043d\u0430\u0440\u0443\u0434\u0435\u043d\u043d\u044b\u0439 \u0432\u043f\u0435\u0440\u0432\u044b\u0435 \u0432 2016 \u0433\u043e\u0434\u0443 \u0441\u0442\u0438\u043b\u043b\u0435\u0440) \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u0444\u0438\u0448\u0438\u043d\u0433\u043e\u043c, \u043d\u0430\u0446\u0435\u043b\u0435\u043d\u043d\u044b\u043c \u043d\u0430 \u043d\u0430 \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0438, \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u0438\u0437\u0438\u0440\u0443\u044e\u0449\u0438\u0435\u0441\u044f \u043d\u0430 \u043c\u043e\u0440\u0441\u043a\u0438\u0445 \u0433\u0440\u0443\u0437\u043e\u043f\u0435\u0440\u0435\u0432\u043e\u0437\u043a\u0430\u0445.\n\n\u0416\u0435\u0440\u0442\u0432\u044b \u043f\u043e\u043b\u0443\u0447\u0430\u043b\u0438 \u044d\u043b\u0435\u043a\u0442\u0440\u043e\u043d\u043d\u043e\u0435 \u043f\u0438\u0441\u044c\u043c\u043e \u044f\u043a\u043e\u0431\u044b \u043e\u0442 \u043a\u043e\u043d\u0442\u0440\u0430\u0433\u0435\u043d\u0442\u0430 \u0441 \u0442\u0440\u0435\u0431\u043e\u0432\u0430\u043d\u0438\u0435\u043c \u0443\u043f\u043b\u0430\u0442\u0438\u0442\u044c \u043f\u043e\u0440\u0442\u043e\u0432\u044b\u0435 \u0441\u0431\u043e\u0440\u044b. \u0412 \u043f\u0438\u0441\u044c\u043c\u043e \u0431\u044b\u043b \u0432\u043b\u043e\u0436\u0435\u043d \u0434\u043e\u043a\u0443\u043c\u0435\u043d\u0442 Excel, \u043f\u0440\u0438 \u043e\u0442\u043a\u0440\u044b\u0442\u0438\u0438 \u043a\u043e\u0442\u043e\u0440\u043e\u0433\u043e \u0432\u043c\u0435\u0441\u0442\u043e \u043e\u0436\u0438\u0434\u0430\u0435\u043c\u043e\u0439 \u0430\u043a\u0442\u0438\u0432\u0430\u0446\u0438\u0438 \u043c\u0430\u043a\u0440\u043e\u0441\u0430 - \u043f\u0440\u043e\u0438\u0441\u0445\u043e\u0434\u0438\u0442 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f CVE-2017-0199.\n\n\u041f\u0440\u0438 \u0443\u0441\u043f\u0435\u0448\u043d\u043e\u0439 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0437\u0430\u0433\u0440\u0443\u0436\u0430\u0435\u0442\u0441\u044f \u0434\u043e\u043a\u0443\u043c\u0435\u043d\u0442 RTF, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u0435\u0442 \u0434\u0440\u0443\u0433\u0443\u044e CVE-2017-11882, \u0437\u0430\u043f\u0443\u0441\u043a\u0430\u044e\u0449\u0443\u044e LokiBot, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u0441\u043e\u0431\u0438\u0440\u0430\u0435\u0442 \u0443\u0447\u0435\u0442\u043d\u044b\u0435 \u0434\u0430\u043d\u043d\u044b\u0435 \u0438\u0437 \u0440\u0430\u0437\u043b\u0438\u0447\u043d\u044b\u0445 \u0438\u0441\u0442\u043e\u0447\u043d\u0438\u043a\u043e\u0432 \u0438 \u043e\u0442\u043f\u0440\u0430\u0432\u043b\u044f\u0435\u0442 \u0438\u0445 \u043d\u0430 \u043a\u043e\u043c\u0430\u043d\u0434\u043d\u044b\u0439 \u0441\u0435\u0440\u0432\u0435\u0440 \u0432 POST-\u0437\u0430\u043f\u0440\u043e\u0441\u0430\u0445, \u0441\u0436\u0430\u0442\u044b\u0445 \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e \u0431\u0438\u0431\u043b\u0438\u043e\u0442\u0435\u043a\u0438 APLib.\n\n\u0412 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0435\u0439 \u0432\u043e\u043b\u043d\u0435 \u0432\u043e\u0437\u043e\u0431\u043d\u043e\u0432\u0438\u0432\u0448\u0438\u0445\u0441\u044f \u043f\u043e\u0441\u043b\u0435 2021 \u0433\u043e\u0434\u0430 \u0430\u0442\u0430\u043a \u043e\u043f\u0435\u0440\u0430\u0442\u043e\u0440\u044b Emotet \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b\u0438 \u043f\u043e\u043f\u0443\u043b\u044f\u0440\u043d\u044b\u0439 \u0432\u0435\u043a\u0442\u043e\u0440 \u0437\u0430\u0440\u0430\u0436\u0435\u043d\u0438\u044f \u0447\u0435\u0440\u0435\u0437 \u0440\u0430\u0441\u0441\u044b\u043b\u043a\u0438 \u043f\u0438\u0441\u0435\u043c \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u043c\u0438 \u0444\u0430\u0439\u043b\u0430\u043c\u0438 OneNote, \u043f\u0440\u0438 \u043e\u0442\u043a\u0440\u044b\u0442\u0438\u0438 \u043a\u043e\u0442\u043e\u0440\u044b\u0445 \u043f\u043e\u044f\u0432\u043b\u044f\u0435\u0442\u0441\u044f \u0438\u0437\u043e\u0431\u0440\u0430\u0436\u0435\u043d\u0438\u0435 \u0441 \u043a\u043d\u043e\u043f\u043a\u043e\u0439 \u043f\u0440\u043e\u0441\u043c\u043e\u0442\u0440\u0430.\n\n\u0414\u0430\u043b\u044c\u043d\u0435\u0439\u0448\u0438\u0439 \u043a\u043b\u0438\u043a \u043f\u0440\u0438\u0432\u043e\u0434\u0438\u0442\u044c \u043a \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044e \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u043e\u0433\u043e \u043e\u0431\u0444\u0443\u0441\u0446\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u0433\u043e \u0432\u0441\u0442\u0440\u043e\u0435\u043d\u043d\u043e\u0433\u043e VBS-\u0441\u043a\u0440\u0438\u043f\u0442\u0430, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u0434\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 \u0441 \u043d\u0435\u0441\u043a\u043e\u043b\u044c\u043a\u0438\u0445 \u0441\u0430\u0439\u0442\u043e\u0432 \u043f\u043e\u043b\u0435\u0437\u043d\u0443\u044e \u043d\u0430\u0433\u0440\u0443\u0437\u043a\u0443 (DLL-\u0444\u0430\u0439\u043b).\n\n\u0420\u0430\u0441\u0448\u0438\u0444\u0440\u043e\u0432\u0430\u043d\u043d\u0430\u044f \u043f\u043e\u043b\u0435\u0437\u043d\u0430\u044f \u043d\u0430\u0433\u0440\u0443\u0437\u043a\u0430 \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 \u0441\u043e\u0431\u043e\u0439 \u0448\u0435\u043b\u043b-\u043a\u043e\u0434, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0435\u0442 \u0441\u0442\u0430\u043d\u0434\u0430\u0440\u0442\u043d\u044b\u0439 \u0438\u043c\u043f\u043e\u0440\u0442 \u043f\u043e \u0445\u0435\u0448\u0443. \u0414\u0432\u0435 \u0438\u0437 \u0438\u043c\u043f\u043e\u0440\u0442\u0438\u0440\u0443\u0435\u043c\u044b\u0445 \u0444\u0443\u043d\u043a\u0446\u0438\u0439 \u2014 LdrLoadDll \u0438 LdrGetProcedureAddress.\n\n\u041d\u0430 \u0441\u043b\u0435\u0434\u0443\u044e\u0449\u0435\u043c \u044d\u0442\u0430\u043f\u0435 \u0440\u0435\u0430\u043b\u0438\u0437\u0443\u0435\u0442\u0441\u044f \u0438\u0442\u043e\u0433\u043e\u0432\u0430\u044f \u043f\u043e\u043b\u0435\u0437\u043d\u0430\u044f \u043d\u0430\u0433\u0440\u0443\u0437\u043a\u0430 - Emotet, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043d\u0435 \u043e\u0442\u043b\u0438\u0447\u0430\u0435\u0442\u0441\u044f \u043e\u0442 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u043d\u043e\u0439 \u0432 \u043f\u0440\u0435\u0434\u044b\u0434\u0443\u0449\u0438\u0445 \u0432\u043e\u043b\u043d\u0430\u0445 \u0430\u0442\u0430\u043a.\n\n\u0411\u043e\u043b\u0435\u0435 \u0434\u0435\u0442\u0430\u043b\u044c\u043d\u043e \u0432\u0441\u0435 \u0446\u0435\u043f\u043e\u0447\u043a\u0438 \u0437\u0430\u0440\u0430\u0436\u0435\u043d\u0438\u0439 \u0438 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u043d\u044b\u0439 \u0444\u0443\u043d\u043a\u0446\u0438\u043e\u043d\u0430\u043b \u0437\u043b\u043e\u0432\u0440\u0435\u0434\u043e\u0432 \u0441 \u0438\u043d\u0434\u0438\u043a\u0430\u0442\u043e\u0440\u0430\u043c\u0438 \u043a\u043e\u043c\u043f\u0440\u043e\u043c\u0435\u0442\u0430\u0446\u0438\u0438 \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u043b\u0435\u043d\u044b \u0432 \u043e\u0442\u0447\u0435\u0442\u0435.", "creation_timestamp": "2023-08-07T17:27:46.000000Z"}, {"uuid": "93b65820-a9fb-49c8-b7e2-6089b3c021bb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2017-0199", "type": "exploited", "source": "https://t.me/information_security_channel/15309", "content": "The Top Vulnerabilities Exploited by Cybercriminals\nhttp://feedproxy.google.com/~r/Securityweek/~3/LZdKf59wwhs/top-vulnerabilities-exploited-cybercriminals\n\nCybercriminals are shifting their focus from Adobe to Microsoft consumer products, and are now concentrating more on targeted attacks than on web-based exploit kits.\nEach year, Recorded Future provides an analysis of criminal chatter on the dark web in its Top Ten Vulnerabilities Report (https://go.recordedfuture.com/hubfs/reports/cta-2018-0327.pdf?utm_source=SecurityWeek). It does this because it perceives a weakness in traditional vulnerability databases and scanning tools -- they do not indicate which vulnerabilities are currently being exploited, nor to what extent. Reliance on vulnerability lists alone cannot say where patching and remediation efforts should be prioritized.\u00a0\n\"We do this analysis because the sale and use of exploits is a for-profit industry,\" Recorded Future's VP of technical solutions, Scott Donnelly told SecurityWeek. This means that exploit developers have to sell their products, while other criminals have to buy them -- and this leads to the chatter that Recorded Future analyzes.\u00a0\n\"If you're a cybercriminal trying to make money, you have to discuss it. If you hold back too much you're not going to make any money; so, there's a necessity for the criminals to stick their heads up a little bit -- and we can take advantage of that and call out some of the big conversations.\" It assumes a correlation between chatter about a vulnerability with active exploitation of that vulnerability -- an assumption that common sense rather than science suggests is reasonable.\nDonnelly is confident that his firm's knowledge of and access to the dark web is statistically valid. Nation-state activity is specifically excluded from this analysis, because, he says, \"If you're a nation-state with an exploit, or if you're a third-party supplier of exploits to a nation state, you're less likely to talk about it in a general criminal forum.\"\nAt the macro level, this year's analysis highlights a move away from Adobe vulnerabilities towards Microsoft consumer product vulnerabilities. While Flash exploits have dominated earlier annual reports, seven of the top ten (including the top five) most discussed vulnerabilities are now Microsoft vulnerabilities. \"As Adobe Flash Player has begun to see its usage significantly drop, this year we find that it's a lot of Microsoft consumer products that are seeing heavy exploitation,\" says Donnelly.\nThe three most used vulnerabilities are CVE-2017-0199 (https://www.securityweek.com/attackers-combine-office-exploits-avoid-detection) (which allows attackers to download and execute a Visual Basic script containing PowerShell commands from a malicious document), CVE-2016-018 (https://www.securityweek.com/ie-exploit-added-neutrino-after-experts-publish-poc)9 (which is an old Internet Explorer vulnerability that allows attackers to use an exploit kit to drop malware, such as ransomware), and CVE-2017-0022 (https://www.securityweek.com/stegano-exploit-kit-adopts-diffie-hellman-algorithm) (which enables data theft).\nA second major takeaway from the analysis is that 2017 has seen a significant drop in the development of new exploit kits. \"This has been noticed before,\" Donnelly told SecurityWeek, \"but mainly because researchers simply haven't seen them in action. This is now evidence that the criminals themselves aren't talking about or trying to sell that many new kits.\"\nIn raw numbers, Recorded Future's analysis noted 26 new kits in 2016, but only 10 new kits in 2017 (from a total list of 158 EKs). \"The observed drop in exploit kit activity,\" suggests Donnelly, \"overlaps with the rapid decline of Flash Player usage. Users have shifted to more secure browsers, and attackers have shifted as well. Spikes in cryptocurrency mining malware and more targeted victim attacks have filled the void.\"", "creation_timestamp": "2018-03-27T17:55:16.000000Z"}, {"uuid": "320282ed-4107-4cda-b33f-b1ffec276121", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2017-0199", "type": "exploited", "source": "https://t.me/HackerOne/617", "content": "CVE-2017-0199: In the Wild Attacks Leveraging HTA Handler\nhttps://www.fireeye.com/blog/threat-research/2017/04/cve-2017-0199-hta-handler.html", "creation_timestamp": "2017-04-12T14:54:21.000000Z"}, {"uuid": "071ffbb7-5b8f-44e0-8af0-96baff29bad9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2017-0199", "type": "exploited", "source": "https://t.me/true_secator/7059", "content": "\u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 Acronis \u0441\u043e\u043e\u0431\u0449\u0430\u044e\u0442 \u043e \u043d\u043e\u0432\u043e\u0439 \u043a\u0430\u043c\u043f\u0430\u043d\u0438\u0438 \u0441\u043e\u043e\u0431\u0449\u0430\u044e\u0442 \u043e \u043d\u043e\u0432\u043e\u0439 \u043a\u0430\u043c\u043e\u0431\u044a\u0435\u043a\u0442\u0430\u043c\u0438 \u043a\u043e\u0442\u043e\u0440\u043e\u0439 \u0441\u0442\u0430\u043b\u0438 \u0432\u044b\u0441\u0448\u0438\u0435 \u043f\u0440\u0430\u0432\u0438\u0442\u0435\u043b\u044c\u0441\u0442\u0432\u0435\u043d\u043d\u044b\u0435 \u0443\u0447\u0440\u0435\u0436\u0434\u0435\u043d\u0438\u044f \u0428\u0440\u0438-\u041b\u0430\u043d\u043a\u0438, \u0411\u0430\u043d\u0433\u043b\u0430\u0434\u0435\u0448 \u0438 \u041f\u0430\u043a\u0438\u0441\u0442\u0430\u043d\u0430.\n\n\u0417\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b\u0438 \u0444\u0438\u0448\u0438\u043d\u0433\u043e\u0432\u044b\u0435 \u043f\u0438\u0441\u044c\u043c\u0430 \u0432 \u0441\u043e\u0447\u0435\u0442\u0430\u043d\u0438\u0438 \u0441 \u0433\u0435\u043e\u0437\u043e\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u043c\u0438 \u043f\u043e\u043b\u0435\u0437\u043d\u044b\u043c\u0438 \u043d\u0430\u0433\u0440\u0443\u0437\u043a\u0430\u043c\u0438, \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0438\u0432\u0430\u044f \u0440\u0435\u0430\u043b\u0438\u0437\u0430\u0446\u0438\u044e \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u043e\u0433\u043e \u043a\u043e\u043d\u0442\u0435\u043d\u0442\u0430 \u0438\u0441\u043a\u043b\u044e\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e \u0436\u0435\u0440\u0442\u0432\u0430\u043c \u0432 \u043e\u043f\u0440\u0435\u0434\u0435\u043b\u0435\u043d\u043d\u044b\u0445 \u0441\u0442\u0440\u0430\u043d\u0430\u0445.\n\n\u0426\u0435\u043f\u043e\u0447\u043a\u0438 \u0430\u0442\u0430\u043a \u0437\u0430\u0434\u0435\u0439\u0441\u0442\u0432\u043e\u0432\u0430\u043b\u0438 \u0444\u0438\u0448\u0438\u043d\u0433\u043e\u0432\u044b\u0435 \u043f\u0440\u0438\u043c\u0430\u043d\u043a\u0438 \u0432 \u043a\u0430\u0447\u0435\u0441\u0442\u0432\u0435 \u043e\u0442\u043f\u0440\u0430\u0432\u043d\u043e\u0439 \u0442\u043e\u0447\u043a\u0438 \u0434\u043b\u044f \u0430\u043a\u0442\u0438\u0432\u0430\u0446\u0438\u0438 \u043f\u0440\u043e\u0446\u0435\u0441\u0441\u0430 \u0437\u0430\u0440\u0430\u0436\u0435\u043d\u0438\u044f \u0438 \u0440\u0430\u0437\u0432\u0435\u0440\u0442\u044b\u0432\u0430\u043d\u0438\u044f \u0438\u0437\u0432\u0435\u0441\u0442\u043d\u043e\u0433\u043e \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u043e\u0433\u043e \u041f\u041e - StealerBot.\n\n\u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u043e\u0442\u043c\u0435\u0447\u0430\u044e\u0442, \u0447\u0442\u043e modus operandi \u043f\u043e\u043b\u043d\u043e\u0441\u0442\u044c\u044e \u0441\u043e\u043e\u0442\u0432\u0435\u0442\u0441\u0442\u0432\u0443\u0435\u0442 \u043d\u0435\u0434\u0430\u0432\u043d\u0438\u043c \u0430\u0442\u0430\u043a\u0430\u043c SideWinder, \u0437\u0430\u0434\u043e\u043a\u0443\u043c\u0435\u043d\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u043c\u00a0\u041b\u0430\u0431\u043e\u0440\u0430\u0442\u043e\u0440\u0438\u0435\u0439 \u041a\u0430\u0441\u043f\u0435\u0440\u0441\u043a\u043e\u0433\u043e \u0432 \u043c\u0430\u0440\u0442\u0435 2025 \u0433\u043e\u0434\u0430.\n\n\u041f\u043e \u0434\u0430\u043d\u043d\u044b\u043c Acronis, \u0432 \u0447\u0438\u0441\u043b\u043e \u0446\u0435\u043b\u0435\u0439 \u0432\u043e\u0448\u043b\u0438: \u041a\u043e\u043c\u0438\u0441\u0441\u0438\u044f \u043f\u043e \u0440\u0435\u0433\u0443\u043b\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u044e \u0442\u0435\u043b\u0435\u043a\u043e\u043c\u043c\u0443\u043d\u0438\u043a\u0430\u0446\u0438\u0439 \u0411\u0430\u043d\u0433\u043b\u0430\u0434\u0435\u0448, \u043c\u0438\u043d\u043e\u0431\u043e\u0440\u043e\u043d\u044b \u0438 \u043c\u0438\u043d\u0444\u0438\u043d, \u0434\u0438\u0440\u0435\u043a\u0442\u043e\u0440\u0430\u0442 \u043f\u043e \u0442\u0435\u0445\u043d\u0438\u0447\u0435\u0441\u043a\u043e\u043c\u0443 \u0440\u0430\u0437\u0432\u0438\u0442\u0438\u044e \u041f\u0430\u043a\u0438\u0441\u0442\u0430\u043d\u0430, \u0434\u0435\u043f\u0430\u0440\u0442\u0430\u043c\u0435\u043d\u0442 \u0432\u043d\u0435\u0448\u043d\u0438\u0445 \u0440\u0435\u0441\u0443\u0440\u0441\u043e\u0432, \u043a\u0430\u0437\u043d\u0430\u0447\u0435\u0439\u0441\u0442\u0432\u043e, \u043c\u0438\u043d\u043e\u0431\u043e\u0440\u043e\u043d\u044b \u0438 \u0426\u0435\u043d\u0442\u0440\u043e\u0431\u0430\u043d\u043a \u0428\u0440\u0438-\u041b\u0430\u043d\u043a\u0438.\n\n\u0410\u0442\u0430\u043a\u0438 \u0445\u0430\u0440\u0430\u043a\u0442\u0435\u0440\u0438\u0437\u0443\u044e\u0442\u0441\u044f \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435\u043c \u043c\u043d\u043e\u0433\u043e\u043b\u0435\u0442\u043d\u0438\u0445 RCE-\u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0432 Microsoft Office (CVE-2017-0199 \u0438 CVE-2017-11882) \u0432 \u043a\u0430\u0447\u0435\u0441\u0442\u0432\u0435 \u043d\u0430\u0447\u0430\u043b\u044c\u043d\u044b\u0445 \u0432\u0435\u043a\u0442\u043e\u0440\u043e\u0432 \u0434\u043b\u044f \u0440\u0430\u0437\u0432\u0435\u0440\u0442\u044b\u0432\u0430\u043d\u0438\u044f \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u043e\u0433\u043e \u041f\u041e, \u0440\u0435\u0430\u043b\u0438\u0437\u0443\u044e\u0449\u0435\u0433\u043e \u043f\u043e\u0441\u0442\u043e\u044f\u043d\u043d\u044b\u0439 \u0434\u043e\u0441\u0442\u0443\u043f \u0432 \u043f\u0440\u0430\u0432\u0438\u0442\u0435\u043b\u044c\u0441\u0442\u0432\u0435\u043d\u043d\u044b\u0445 \u0441\u0440\u0435\u0434\u0430\u0445 \u043f\u043e \u0432\u0441\u0435\u0439 \u042e\u0436\u043d\u043e\u0439 \u0410\u0437\u0438\u0438.\n\n\u041f\u0440\u0438 \u043e\u0442\u043a\u0440\u044b\u0442\u0438\u0438 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0445 \u0434\u043e\u043a\u0443\u043c\u0435\u043d\u0442\u043e\u0432 \u0430\u043a\u0442\u0438\u0432\u0438\u0440\u0443\u0435\u0442\u0441\u044f \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442 \u0434\u043b\u044f CVE-2017-0199, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u0434\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 \u043f\u043e\u043b\u0435\u0437\u043d\u044b\u0435 \u043d\u0430\u0433\u0440\u0443\u0437\u043a\u0438 \u0441\u043b\u0435\u0434\u0443\u044e\u0449\u0435\u0433\u043e \u044d\u0442\u0430\u043f\u0430, \u043e\u0442\u0432\u0435\u0447\u0430\u044e\u0449\u0438\u0435 \u0437\u0430 \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043a\u0443 StealerBot \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e \u043c\u0435\u0442\u043e\u0434\u043e\u0432 \u0437\u0430\u0433\u0440\u0443\u0437\u043a\u0438 DLL-\u0431\u0438\u0431\u043b\u0438\u043e\u0442\u0435\u043a.\n\n\u041e\u0434\u043d\u0430 \u0438\u0437 \u043f\u0440\u0438\u043c\u0435\u0447\u0430\u0442\u0435\u043b\u044c\u043d\u044b\u0445 \u0442\u0430\u043a\u0442\u0438\u043a SideWinder \u0437\u0430\u043a\u043b\u044e\u0447\u0430\u0435\u0442\u0441\u044f \u0432 \u0442\u043e\u043c, \u0447\u0442\u043e \u0444\u0438\u0448\u0438\u043d\u0433\u043e\u0432\u044b\u0435 \u043f\u0438\u0441\u044c\u043c\u0430 \u0441\u0432\u044f\u0437\u0430\u043d\u044b \u0441 \u0433\u0435\u043e\u0437\u043e\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u043c\u0438 \u043f\u043e\u043b\u0435\u0437\u043d\u044b\u043c\u0438 \u043d\u0430\u0433\u0440\u0443\u0437\u043a\u0430\u043c\u0438, \u0433\u0430\u0440\u0430\u043d\u0442\u0438\u0440\u0443\u044e\u0449\u0438\u043c\u0438 \u0441\u043e\u043e\u0442\u0432\u0435\u0442\u0441\u0442\u0432\u0443\u044e\u0449\u0438\u0435 \u043a\u0440\u0438\u0442\u0435\u0440\u0438\u0438 \u0442\u0430\u0440\u0433\u0435\u0442\u0438\u043d\u0433\u0430.\n\n\u0412 \u0441\u043b\u0443\u0447\u0430\u0435, \u0435\u0441\u043b\u0438 IP-\u0430\u0434\u0440\u0435\u0441 \u0436\u0435\u0440\u0442\u0432\u044b \u043d\u0435 \u0441\u043e\u0432\u043f\u0430\u0434\u0430\u0435\u0442, \u0432\u043c\u0435\u0441\u0442\u043e \u043d\u0435\u0433\u043e \u043e\u0442\u043f\u0440\u0430\u0432\u043b\u044f\u0435\u0442\u0441\u044f \u043f\u0443\u0441\u0442\u043e\u0439 \u0444\u0430\u0439\u043b RTF \u0432 \u043a\u0430\u0447\u0435\u0441\u0442\u0432\u0435 \u043f\u0440\u0438\u043c\u0430\u043d\u043a\u0438.\n\n\u0412\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u0430\u044f \u043f\u043e\u043b\u0435\u0437\u043d\u0430\u044f \u043d\u0430\u0433\u0440\u0443\u0437\u043a\u0430 \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 \u0441\u043e\u0431\u043e\u0439 RTF-\u0444\u0430\u0439\u043b, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2017-11882, \u043f\u0440\u0438\u0432\u043e\u0434\u044f\u0449\u0443\u044e \u043a \u043f\u043e\u0432\u0440\u0435\u0436\u0434\u0435\u043d\u0438\u044e \u043f\u0430\u043c\u044f\u0442\u0438 \u0432 \u0440\u0435\u0434\u0430\u043a\u0442\u043e\u0440\u0435 \u0444\u043e\u0440\u043c\u0443\u043b, \u0434\u043b\u044f \u0437\u0430\u043f\u0443\u0441\u043a\u0430 \u0437\u0430\u0433\u0440\u0443\u0437\u0447\u0438\u043a\u0430 \u043d\u0430 \u043e\u0441\u043d\u043e\u0432\u0435 \u0448\u0435\u043b\u043b-\u043a\u043e\u0434\u0430, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u0437\u0430\u043f\u0443\u0441\u043a\u0430\u0435\u0442 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u043e\u0435 \u041f\u041e StealerBot.\n\n\u041f\u043e \u0434\u0430\u043d\u043d\u044b\u043c \u041b\u0430\u0431\u043e\u0440\u0430\u0442\u043e\u0440\u0438\u0438 \u041a\u0430\u0441\u043f\u0435\u0440\u0441\u043a\u043e\u0433\u043e, StealerBot - \u044d\u0442\u043e\u00a0.NET-\u0438\u043c\u043f\u043b\u0430\u043d\u0442, \u0440\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u0430\u043d\u043d\u044b\u0439 \u0434\u043b\u044f \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043a\u0438 \u0434\u043e\u043f\u043e\u043b\u043d\u0438\u0442\u0435\u043b\u044c\u043d\u043e\u0433\u043e \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u043e\u0433\u043e \u041f\u041e, \u0437\u0430\u043f\u0443\u0441\u043a\u0430 \u043e\u0431\u0440\u0430\u0442\u043d\u043e\u0439 \u043e\u0431\u043e\u043b\u043e\u0447\u043a\u0438 \u0438 \u0441\u0431\u043e\u0440\u0430 \u0448\u0438\u0440\u043e\u043a\u043e\u0433\u043e \u0441\u043f\u0435\u043a\u0442\u0440\u0430 \u0434\u0430\u043d\u043d\u044b\u0445 \u0441\u043e \u0441\u043a\u043e\u043c\u043f\u0440\u043e\u043c\u0435\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0445 \u0445\u043e\u0441\u0442\u043e\u0432, \u0432\u043a\u043b\u044e\u0447\u0430\u044f \u0441\u043d\u0438\u043c\u043a\u0438 \u044d\u043a\u0440\u0430\u043d\u0430, \u043d\u0430\u0436\u0430\u0442\u0438\u044f \u043a\u043b\u0430\u0432\u0438\u0448, \u043f\u0430\u0440\u043e\u043b\u0438 \u0438 \u0444\u0430\u0439\u043b\u044b.\n\nSideWinder \u0434\u0435\u043c\u043e\u043d\u0441\u0442\u0440\u0438\u0440\u0443\u0435\u0442 \u0443\u0441\u0442\u043e\u0439\u0447\u0438\u0432\u0443\u044e \u0430\u043a\u0442\u0438\u0432\u043d\u043e\u0441\u0442\u044c \u0432 \u0442\u0435\u0447\u0435\u043d\u0438\u0435 \u0434\u043e\u043b\u0433\u043e\u0433\u043e \u0432\u0440\u0435\u043c\u0435\u043d\u0438, \u043f\u043e\u0434\u0434\u0435\u0440\u0436\u0438\u0432\u0430\u044f \u0441\u0442\u0430\u0431\u0438\u043b\u044c\u043d\u044b\u0439 \u0442\u0435\u043c\u043f \u0440\u0430\u0431\u043e\u0442\u044b \u0431\u0435\u0437 \u0434\u043b\u0438\u0442\u0435\u043b\u044c\u043d\u043e\u0433\u043e \u0431\u0435\u0437\u0434\u0435\u0439\u0441\u0442\u0432\u0438\u044f - \u043c\u043e\u0434\u0435\u043b\u044c, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043e\u0442\u0440\u0430\u0436\u0430\u0435\u0442 \u043e\u0440\u0433\u0430\u043d\u0438\u0437\u0430\u0446\u0438\u043e\u043d\u043d\u0443\u044e \u043f\u0440\u0435\u0435\u043c\u0441\u0442\u0432\u0435\u043d\u043d\u043e\u0441\u0442\u044c \u0438 \u0443\u0441\u0442\u043e\u0439\u0447\u0438\u0432\u044b\u0435 \u043d\u0430\u043c\u0435\u0440\u0435\u043d\u0438\u044f.\n\n\u0411\u043e\u043b\u0435\u0435 \u043f\u043e\u0434\u0440\u043e\u0431\u043d\u044b\u0439 \u0430\u043d\u0430\u043b\u0438\u0437 TTPs \u0434\u0435\u043c\u043e\u043d\u0441\u0442\u0440\u0438\u0440\u0443\u0435\u0442 \u0432\u044b\u0441\u043e\u043a\u0443\u044e \u0441\u0442\u0435\u043f\u0435\u043d\u044c \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u044f \u0438 \u0442\u043e\u0447\u043d\u043e\u0441\u0442\u0438, \u0433\u0430\u0440\u0430\u043d\u0442\u0438\u0440\u0443\u044e\u0449\u0443\u044e \u0434\u043e\u0441\u0442\u0430\u0432\u043a\u0443 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0445 \u0434\u0430\u043d\u043d\u044b\u0445 \u0442\u043e\u043b\u044c\u043a\u043e \u0442\u0449\u0430\u0442\u0435\u043b\u044c\u043d\u043e \u0432\u044b\u0431\u0440\u0430\u043d\u043d\u044b\u043c \u0446\u0435\u043b\u044f\u043c \u0438 \u0437\u0430\u0447\u0430\u0441\u0442\u0443\u044e \u0438\u0441\u043a\u043b\u044e\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e \u0432 \u0442\u0435\u0447\u0435\u043d\u0438\u0435 \u043e\u0433\u0440\u0430\u043d\u0438\u0447\u0435\u043d\u043d\u043e\u0433\u043e \u043f\u0435\u0440\u0438\u043e\u0434\u0430 \u0432\u0440\u0435\u043c\u0435\u043d\u0438.", "creation_timestamp": "2025-05-22T17:00:07.000000Z"}, {"uuid": "e0e7bb3e-446d-4ab2-9c4c-088275a8f89e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2017-0199", "type": "exploited", "source": "https://t.me/information_security_channel/8296", "content": "Malspam Campaign using CVE-2017-0199 Targets Manufacturing, Pharmaceutical, and other important Industries\nhttp://blogs.quickheal.com/malspam-campaign-using-cve-2017-0199-targets-manufacturing-pharmaceutical-important-industries/\n\nQuick Heal Security Labs has come across various email campaigns that are actively exploiting the famous vulnerability CVE-2017-0199 in their bid to target prominent private industries in India. CVE-2017-0199 was a zero-day vulnerability reported in April 2017 by two different security firms. Almost all of the MS Office versions were...\nThe post Malspam Campaign using CVE-2017-0199 Targets Manufacturing, Pharmaceutical, and other important Industries (http://blogs.quickheal.com/malspam-campaign-using-cve-2017-0199-targets-manufacturing-pharmaceutical-important-industries/) appeared first on Quick Heal Technologies Security Blog | Latest computer security news, tips, and advice (http://blogs.quickheal.com/).", "creation_timestamp": "2017-08-31T12:37:20.000000Z"}, {"uuid": "076927d4-5b25-4fd0-9cf8-6ba785f8289e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2017-0199", "type": "exploited", "source": "https://t.me/information_security_channel/8425", "content": "PowerPoint File Armed with CVE-2017-0199 and UAC Bypass https://t.co/8kBjAiF40i via @Fortinet", "creation_timestamp": "2017-09-03T04:43:46.000000Z"}, {"uuid": "ff62dd64-8fde-4d5c-ab19-24b4208afddf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2017-0199", "type": "exploited", "source": "https://t.me/information_security_channel/8469", "content": "PowerPoint file Equipped with CVE-2017-0199 could Compromise Your\u00a0System https://t.co/vMhRmkHU52 https://t.co/x63vUsLl4y", "creation_timestamp": "2017-09-05T07:50:17.000000Z"}, {"uuid": "6b112770-18e4-4410-84c1-69b4d0b84911", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2017-0199", "type": "exploited", "source": "https://t.me/information_security_channel/7764", "content": "Old Flaws, New Tricks: CVE-2017-0199 and PowerPoint Abuse\nhttps://www.darkreading.com/vulnerabilities---threats/old-flaws-new-tricks-cve-2017-0199-and-powerpoint-abuse/d/d-id/1329634?_mc=rss_x_drr_edt_aud_dr_x_x-rss-simple\n\nResearchers discover attackers are using a patched Microsoft vulnerability to abuse PowerPoint files and distribute malware.", "creation_timestamp": "2017-08-16T21:16:42.000000Z"}, {"uuid": "8428a29c-4719-4069-8dc1-14f039d52236", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2017-0199", "type": "exploited", "source": "https://t.me/information_security_channel/4340", "content": "CVE-2017-0199 \u2013 Microsoft Office/WordPad Remote Code Execution Vulnerability w/Windows API\nhttp://blogs.quickheal.com/cve-2017-0199-microsoft-officewordpad-remote-code-execution-vulnerability-wwindows-api/\n\nThe newly discovered zero-day vulnerability (CVE-2017-0199) in Microsoft Office/WordPad is being actively exploited in the wild. Almost all Microsoft Office versions are affected with this bug. To fix this vulnerability, Microsoft released a security update on April 11, 2017. Vulnerable Versions According to Microsoft, the following are the affected products...\nThe post CVE-2017-0199 \u2013 Microsoft Office/WordPad Remote Code Execution Vulnerability w/Windows API (http://blogs.quickheal.com/cve-2017-0199-microsoft-officewordpad-remote-code-execution-vulnerability-wwindows-api/) appeared first on Quick Heal Technologies Security Blog | Latest computer security news, tips, and advice (http://blogs.quickheal.com/).", "creation_timestamp": "2017-04-14T12:26:50.000000Z"}, {"uuid": "a00acdf5-c6c2-4099-a6ca-ed60cfe6dd15", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2017-0199", "type": "exploited", "source": "https://t.me/information_security_channel/12842", "content": "Malspam campaigns exploiting recent MS Office vulnerability \u2018CVE-2017-11882\u2019 \u2013 An Analysis by Quick Heal Security Labs\nhttp://blogs.quickheal.com/malspam-campaigns-exploiting-recent-ms-office-vulnerability-cve-2017-11882/\n\nNo wonder malspam campaigns are a major medium to spread malware. Previously, we have written about such campaigns making use of MS Office malware such as malicious macro,\u00a0CVE-2017-0199, CVE-2017-8759\u00a0and DDE-based attack. Recently, we have started observing various malspam campaigns exploiting the latest MS Office vulnerability CVE-2018-11882. Let\u2019s take a look\u2026", "creation_timestamp": "2018-02-05T12:19:22.000000Z"}, {"uuid": "5812b9f3-ae7a-4832-a717-58182e0defb3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2017-0199", "type": "exploited", "source": "https://t.me/information_security_channel/15024", "content": "http://feedproxy.google.com/~r/Securityweek/~3/XBNDgTtf0k8/you-can-ddos-organization-just-10-hour-cybercrime-report\n\nThe cost of having an organization targeted by a distributed denial of service (DDoS) attack for an hour is as low as $10, cybersecurity firm Armor says.\nThe low cost of launching such attacks results from the proliferation of cybercrime-as-a-service, one of the most profitable business models adopted by cybercriminals over the past years. It allows criminals-wannabe to employ the resources of established cybercriminals for their nefarious purposes, including malware distribution, DDoS-ing, spam, and more. \nAll that miscreants have to do is to access underground markets or forums and hire the desired cybercrime service to conduct the malicious actions for them. And while the incurred financial losses total billions or even more for affected organizations, the price of hiring such a service is highly affordable to anyone. \nAccording to Armor\u2019s The Black Market Report (https://event.on24.com/wcc/r/1630121/C5E9D26D11A30024CBB36E365850C694?partnerref=news): A Look into the Dark Web (PDF), anyone can DDoS an organization for only $10 an hour or $200 per day. Remote Desktop Protocol (RDP) access for a system for three months costs only $35. \nThe data was collected through the analysis of dozens of online underground markets and forums during the fourth quarter of 2017 and reveals a slight increase in prices compared to a couple of years ago. Considering how powerful DDoS attacks have become lately, however, the cost of launching an attack remains incredibly low.\nDDoS-for-hire services, however, are only one example of how cheap cybercrime services are on the dark web. The Disdain exploit kit could be rented for $80 a day, $500 a week or $1,400 a month, Armor has discovered. A botnet capable of webinject and other nefarious actions was available at $750 or $1,200 a month, with support available at an extra $100 or $150 a month.\n\u201cWhen source code is offered, there is a trend toward offloading risk by selling malware or exploit code to someone else and then selling support as well. In the spirit of helping others, some sellers have taken to hawking hacker tutorials and known exploits in bundles at relatively low cost, most likely to low-skill hackers known as script kiddies,\u201d the security firm says. \nArmor's researchers found a Microsoft Office exploit builder targeting the CVE-2017-0199 vulnerability available at $1,000. A banking Trojan license, on the other hand, was available at $3,000 to $5,000, while a remote access Trojan was seen selling for $200. \nOn underground forums, buyers can also find code-signing certificates (a Class 3 code-signing certificate was selling for $400, while an Extended Validation (EV) certificate was offered for $2,500), account hacking programs (for as low as $12.99), WordPress exploits (at $100), password stealers ($50), Android malware loader ($1,500), ATM skimmers ($700 - $1,500), and various other tools as well. \nCredit card skimmers and magnetic stripe readers were found selling for as little as $700 and $450, respectively. Credit card data is available for purchase as well, with prices starting as low as $7 for US Visa cards. \nCard numbers sold with additional identifying information are a bit more expensive: $18 vs $10-$12 at the same vendor. Customers looking to verify the bank information number (BIN) may be charged as much as $15 for the operation, Armor has discovered. American Express and Discover card numbers were available at $12 to $17 with BIN verification. \nThe cost of credit card information was also influenced by the credit limit on the card: one with a $10,000 limit was available at $800, while another with a $15,000 limit was $1,000. Access to bank accounts too is priced in line with the available balance, ranging from $200 to $1,000 for accounts at Wells Fargo, JPMorgan Chase and Bank of America with balances between $3,000 and $15,000.", "creation_timestamp": "2018-03-22T18:34:43.000000Z"}, {"uuid": "2318d20b-4df3-428c-8926-f16c386094f2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2017-0199", "type": "exploited", "source": "https://t.me/information_security_channel/15310", "content": "At the micro level, the big takeaway from this report is the anomalous position of CVE-2017-0022. It is the third most discussed vulnerability on the dark web forums, yet in relation to just two pieces of malware: exploit kits Astrum (aka Stegano) and Neutrino. This is the lowest number of associated malware in the top ten vulnerabilities -- both of the two more popular vulnerabilities are associated with ten different peices of malware. CVE-2017-0199 is associated with malware including Hancitor, Dridex (https://www.securityweek.com/dridex-campaign-abuses-ftp-servers)\u00a0and FinFisher (https://www.securityweek.com/net-zero-day-flaw-exploited-deliver-finfisher-spyware), while CVE-2016-0189 is associated with nine different exploit kits and the Magniber (https://www.securityweek.com/new-magniber-ransomware-emerges) ransomware.\nBut it's not just in malware associations that CVE-2017-0022 is anomalous. It has a Common Vulnerability Scoring System (CVSS) rating of just 4.3. The next lowest rating in the top ten vulnerabilities is 7.6, while the top two are rated at 9.3 and 7.6. CVSS defines a 4.3 score as medium risk; and yet Recorded Future's research shows it to be the third most exploited vulnerability, commenting, \"'In the wild' severity does not always correlate with the Common Vulnerability Scoring System (CVSS) score.\"\nThis is a prime example of the reason for the analysis. Security teams could check the CVSS score and conclude on this evidence alone that the vulnerability does not require expedited remediation or patching. As the third most exploited vulnerability, Recorded Future's latest threat analysis suggests otherwise.\nBoston, Mass.-based Recorded Future raised $25 million in a Series E funding round led by Insight Venture Partners in October 2017 -- bringing the total funding raised to $57.9 million.\nRelated: Use of Fake Code Signing Certificates in Malware Surges (https://www.securityweek.com/use-fake-code-signing-certificates-malware-surges)\u00a0\nRelated: Researchers Warn Against Knee-Jerk Attribution of 'Olympic Destroyer' Attack (https://www.securityweek.com/researchers-warn-against-knee-jerk-attribution-olympic-destroyer-attack)\n\n                         \n            \n            \n  \n        \n                         \n            \n                \n            \n            \n            \n                Tweet (http://twitter.com/share)", "creation_timestamp": "2018-03-27T17:55:16.000000Z"}, {"uuid": "ed0e86c8-d1d7-4cdd-bc50-3a39f6b7adda", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2017-0199", "type": "exploited", "source": "https://t.me/information_security_channel/15313", "content": "New \"ThreadKit\" Office Exploit Builder Emerges\nhttp://feedproxy.google.com/~r/Securityweek/~3/7de3m_eM7i8/new-threadkit-office-exploit-builder-emerges\n\nA newly discovered Microsoft Office document exploit builder kit has been used for the distribution of a variety of malicious payloads, including banking Trojans and backdoors, Proofpoint reports.\nThe exploit builder kit was initially discovered in October 2017, but Proofpoint's researchers have linked it to activity dating back to June 2017. The builder kit shows similarities to Microsoft Word Intruder (MWI), but is a new tool called ThreadKit.\nIn June 2017, the kit was being advertised in a forum post as being able to create documents with embedded executables and embedded decoy documents, and several campaigns featuring such documents were observed that month. The documents would perform an initial check-in to the command and control (C&C) server, a tactic also used by MWI. \nThe documents were targeting CVE-2017-0199 and were focused on downloading and executing a HTA file that would then download the decoy and a malicious VB script to extract and run the embedded executable. The payload was Smoke Loader, which in turn downloaded banking malware.\nIn October, ThreadKit started targeting CVE 2017-8759 as well, but continued to use the initial C&C check-in and the HTA file to execute the embedded executable, Proofpoint says (https://www.proofpoint.com/us/threat-insight/post/unraveling-ThreadKit-new-document-exploit-builder-distribute-The-Trick-Formbook-Loki-Bot-malware). However, changes were made to the manner in which the exploit documents operate and new exploits were integrated as well. \nIn November, ThreadKit was quick to incorporate exploits for new Microsoft Office vulnerabilities, and started being advertised as capable of targeting CVE 2017-11882 too. Soon after, campaigns that featured the previously observed check-in already started to emerge. \nIn February and March 2018, the kit was embedding new exploits, targeting vulnerabilities such as an Adobe Flash zero-day (CVE-2018-4878) and several new Microsoft office vulnerabilities, including CVE-2018-0802 and CVE-2017-8570. \nAt the same time, the researchers noticed a large spike in email campaigns featuring ThreadKit-generated Office attachments packing these exploits. The exploits appear copied from proofs of concept available on a researcher\u2019s GitHub repo. \nAs part of these attacks, the attachments would drop the contained packager objects into the temp folder, then the exploits would execute the dropped scriptlet file, thus leading to the execution of the dropped batch files, which in turn run the executable.\nProofpoint found that not all ThreadKit documents contain a valid URL for the statistics check-in (some contain placeholder URLs). Furthermore, not all documents followed the same execution chain, with some scripts modified to perform other actions, a customization that may be provided as a service by the kit author.\n\u201cIn 2017, several new vulnerabilities entered regular use by threat actors and the first months of 2018 have added to that repertoire. Document exploit builder kits like ThreadKit enable even low-skilled threat actors to take advantage of the latest vulnerabilities to distribute malware. Organizations and individuals can mitigate the risk from ThreadKit and other document exploit-based attacks by ensuring that clients are patched for the latest vulnerabilities in Microsoft office and other applications,\u201d Proofpoint concludes. \nRelated: Microsoft Patches Zero-Day Vulnerability in Office\nRelated: Microsoft Manually Patched Office Component: Researchers", "creation_timestamp": "2018-03-27T17:57:22.000000Z"}, {"uuid": "d0adbe7e-8c93-4d4a-8634-dc909499d50c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2017-0199", "type": "exploited", "source": "https://t.me/SHATOOB/1586", "content": "\ud83c\udd94 @SHATOOB\n\n#OilRig\n\n\u0628\u0647\u0631\u0647 \u0628\u0631\u062f\u0627\u0631\u06cc \u0627\u0632 \u0622\u0633\u06cc\u0628 \u067e\u0630\u06cc\u0631\u06cc \u0627\u062e\u06cc\u0631  Office \u062a\u0648\u0633\u0637 \u0646\u0641\u0648\u0630\u06af\u0631\u0627\u0646 \u0627\u06cc\u0631\u0627\u0646\u06cc\n\n\n\ud83d\udc48\u06cc\u06a9 \u0634\u0631\u06a9\u062a \u0627\u0645\u0646\u06cc\u062a\u06cc \u0628\u0647 \u0646\u0627\u0645 Morphisec  \u0645\u062f\u0639\u06cc \u0634\u062f\u0647 \u0627\u0633\u062a \u06a9\u0647 \u0646\u0641\u0648\u0630\u06af\u0631\u0627\u0646 \u0627\u06cc\u0631\u0627\u0646\u06cc \u0627\u0632 \u0622\u0633\u06cc\u0628 \u067e\u0630\u06cc\u0631\u06cc 0day \u0627\u062e\u06cc\u0631    Microsoft Office \u0628\u0631\u0627\u06cc \u062d\u0645\u0644\u0647 \u0628\u0647 \u0628\u0631\u062e\u06cc \u0627\u0632 \u0633\u0627\u0632\u0645\u0627\u0646 \u0647\u0627\u06cc \u0627\u0633\u0631\u0627\u0626\u06cc\u0644 \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u06a9\u0631\u062f\u0647 \u0627\u0646\u062f . \n\n\ud83d\udd39\u0627\u06cc\u0646 \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc \u062f\u0631 Microsoft Office \u0648\u062c\u0648\u062f \u062f\u0627\u0634\u062a \u0648 \u0627\u0648\u0627\u06cc\u0644 \u0645\u0627\u0647  April \u0648\u0635\u0644\u0647 \u0634\u062f\u0647 \u0628\u0648\u062f \u0648\u0644\u06cc \u067e\u0633 \u0627\u0632 \u0645\u062f\u062a\u06cc \u062f\u0631 \u062f\u0646\u06cc\u0627\u06cc \u0648\u0627\u0642\u0639\u06cc \u0628\u0647\u0631\u0647\u200c\u0628\u0631\u062f\u0627\u0631\u06cc \u0647\u0627\u06cc\u06cc \u0627\u0632 \u0622\u0646 \u0627\u0646\u062c\u0627\u0645 \u0634\u062f .\n\n\ud83d\udd38\u0627\u06cc\u0646 \u0634\u0631\u06a9\u062a \u0645\u06cc\u200c\u06af\u0648\u06cc\u062f \u0627\u0632 \u06f1\u06f9 \u062a\u0627 \u06f2\u06f4 \u0645\u0627\u0647 April \u0646\u0641\u0648\u0630\u06af\u0631\u0627\u0646 \u0627\u06cc\u0631\u0627\u0646\u06cc \u0627\u0632 \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc \u0628\u0627 \u0634\u0646\u0627\u0633\u0647\u200c\u06cc   CVE-2017-0199  \u0628\u0627 \u0627\u0647\u062f\u0627\u0641 \u0633\u06cc\u0627\u0633\u06cc \u0628\u0647\u0631\u0647\u200c\u0628\u0631\u062f\u0627\u0631\u06cc \u06a9\u0631\u062f\u0647\u200c\u0627\u0646\u062f . \n \n\ud83d\udd39\u0628\u0647\u200c\u062f\u0644\u06cc\u0644 \u0627\u06cc\u0646\u06a9\u0647 \u0628\u0633\u06cc\u0627\u0631\u06cc \u0627\u0632 \u0633\u0627\u0632\u0645\u0627\u0646\u200c\u0647\u0627 \u0646\u06cc\u0632 \u062f\u0631 \u0627\u0633\u0631\u0639 \u0648\u0642\u062a \u0648\u0635\u0644\u0647\u200c\u0647\u0627 \u0631\u0627 \u0627\u0639\u0645\u0627\u0644 \u0646\u06a9\u0631\u062f\u0647\u200c\u0627\u0646\u062f \u060c \u0646\u0641\u0648\u0630\u06af\u0631\u0627\u0646 \u062a\u0648\u0627\u0646\u0633\u062a\u0647\u200c\u0627\u0646\u062f \u0628\u0647 \u062d\u0645\u0644\u0627\u062a \u062e\u0648\u062f \u0627\u062f\u0627\u0645\u0647 \u062f\u0647\u0646\u062f . \u0627\u06cc\u0646 \u062d\u0645\u0644\u0627\u062a \u0633\u0627\u0632\u0645\u0627\u0646\u200c\u0647\u0627\u06cc \u0645\u062e\u062a\u0644\u0641 \u0631\u0698\u06cc\u0645 \u0635\u0647\u06cc\u0648\u0646\u06cc\u0633\u062a\u06cc \u0631\u0627 \u0647\u062f\u0641 \u0642\u0631\u0627\u0631 \u062f\u0627\u062f\u0647 \u0648 \u0627\u0632 \u0637\u0631\u06cc\u0642 \u0631\u0627\u06cc\u0627\u0646\u0627\u0645\u0647\u200c\u0647\u0627\u06cc\u06cc \u06a9\u0647 \u0628\u0647 \u06a9\u0627\u0631\u0628\u0631\u0627\u0646 \u0627\u0631\u0633\u0627\u0644 \u0645\u06cc\u200c\u0634\u062f \u060c \u0627\u06cc\u0646 \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc \u0645\u0648\u0631\u062f \u0628\u0647\u0631\u0647\u200c\u0628\u0631\u062f\u0627\u0631\u06cc \u0642\u0631\u0627\u0631 \u0645\u06cc\u200c\u06af\u0631\u0641\u062a .\n \n\ud83d\udd38\u0627\u06cc\u0646 \u0631\u0627\u06cc\u0627\u0646\u0627\u0645\u0647\u200c\u0647\u0627 \u0628\u0647\u200c\u0637\u0648\u0631 \u0648\u06cc\u0698\u0647 \u0628\u0647 \u0633\u0645\u062a \u06a9\u0627\u0631\u0628\u0631\u0627\u0646 \u062f\u0631 \u06cc\u06a9\u06cc \u0627\u0632 \u0645\u0631\u0627\u06a9\u0632 \u0627\u0645\u0646\u06cc\u062a \u0633\u0627\u06cc\u0628\u0631\u06cc \u060c \u062f\u0627\u0646\u0634\u06af\u0627\u0647 Ben Gurion \u060c \u0627\u0631\u0633\u0627\u0644 \u0634\u062f\u0647 \u0627\u0633\u062a . \u0645\u0647\u0627\u062c\u0645 \u0627\u0632 \u06a9\u062f \u0627\u062b\u0628\u0627\u062a \u0645\u0641\u0647\u0648\u0645\u06cc (POC) \u0627\u06cc\u0646 \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc \u06a9\u0647 \u067e\u0633 \u0627\u0632 \u0648\u0635\u0644\u0647\u200c\u06cc \u0622\u0646 \u0645\u0646\u062a\u0634\u0631 \u0634\u062f\u0647 \u0628\u0648\u062f \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u06a9\u0631\u062f\u0646\u062f \u062a\u0627 \u0628\u0627 \u0628\u0647\u0631\u0647\u200c\u0628\u0631\u062f\u0627\u0631\u06cc \u0627\u0632 \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc \u060c \u0646\u0633\u062e\u0647\u200c\u06cc Fileless  \u0639\u0627\u0645\u0644   Helminth Trojan  \u0631\u0627 \u0645\u0646\u062a\u0634\u0631 \u06a9\u0646\u0646\u062f .\n \n\ud83d\udd39\u0645\u062d\u0642\u0642\u0627\u0646 \u0627\u0645\u0646\u06cc\u062a\u06cc \u0627\u0634\u0627\u0631\u0647 \u06a9\u0631\u062f\u0646\u062f \u06a9\u0647 \u0633\u0627\u0632\u0645\u0627\u0646\u200c\u0647\u0627\u06cc \u0633\u0637\u062d \u0628\u0627\u0644\u0627\u06cc \u0627\u06cc\u0646 \u0631\u0698\u06cc\u0645 \u0627\u0632 \u062c\u0645\u0644\u0647 \u0633\u0627\u0632\u0645\u0627\u0646\u200c\u0647\u0627\u06cc \u0641\u0646\u0627\u0648\u0631\u06cc \u060c \u067e\u0632\u0634\u06a9\u06cc \u0648 \u0622\u0645\u0648\u0631\u0632\u0634 \u0648 \u067e\u0631\u0648\u0631\u0634 \u060c \u0642\u0631\u0628\u0627\u0646\u06cc\u0627\u0646 \u0627\u06cc\u0646 \u062d\u0645\u0644\u0647 \u0628\u0648\u062f\u0647\u200c\u0627\u0646\u062f . \u0622\u0646\u200c\u0647\u0627 \u0647\u0645\u0686\u0646\u06cc\u0646 \u0627\u06cc\u0646 \u062d\u0645\u0644\u0627\u062a \u0631\u0627 \u0628\u0647 \u06cc\u06a9 \u06af\u0631\u0648\u0647 \u0646\u0641\u0648\u0630 \u0627\u06cc\u0631\u0627\u0646\u06cc \u0646\u0633\u0628\u062a \u062f\u0627\u062f\u0646\u062f \u06a9\u0647 \u0645\u0633\u0624\u0648\u0644 \u067e\u0648\u06cc\u0634 \u0628\u062f\u0627\u0641\u0632\u0627\u0631\u06cc  OilRig \u0647\u0633\u062a\u0646\u062f . \n\n\ud83d\udd38\u062f\u0631 \u0628\u0631\u0631\u0633\u06cc \u0628\u062f\u0627\u0641\u0632\u0627\u0631  Helminth \u060c \u0645\u062d\u0642\u0642\u0627\u0646 \u0646\u0632\u062f\u06cc\u06a9\u06cc \u0628\u0633\u06cc\u0627\u0631 \u0632\u06cc\u0627\u062f\u06cc \u0631\u0627 \u0628\u0627 \u0628\u062f\u0627\u0641\u0632\u0627\u0631 OilRig \u06a9\u0634\u0641 \u06a9\u0631\u062f\u0646\u062f . \u06af\u0641\u062a\u0647 \u0645\u06cc\u200c\u0634\u062f \u0628\u062f\u0627\u0641\u0632\u0627\u0631 OilRig \u0646\u0632\u062f\u06cc\u06a9 \u0628\u0647 \u06f1\u06f4\u06f0 \u0633\u0627\u0632\u0645\u0627\u0646 \u062f\u0631 \u062e\u0627\u0648\u0631\u0645\u06cc\u0627\u0646\u0647 \u0631\u0627 \u0647\u062f\u0641 \u062d\u0645\u0644\u0647 \u0642\u0631\u0627\u0631 \u062f\u0627\u062f\u0647 \u0627\u0633\u062a . \n \n\ud83d\udd39\u0645\u062d\u0642\u0642\u0627\u0646 \u0627\u0645\u0646\u06cc\u062a\u06cc \u0647\u0645\u0686\u0646\u06cc\u0646 \u0627\u0634\u0627\u0631\u0647 \u06a9\u0631\u062f\u0646\u062f \u06a9\u0647 \u0646\u0641\u0648\u0630\u06af\u0631\u0627\u0646 \u0627\u06cc\u0646 \u06af\u0631\u0648\u0647 \u060c \u0627\u0632 \u0645\u0627\u06a9\u0631\u0648\u0647\u0627\u06cc \u0645\u062e\u0631\u0628 \u062f\u0631 \u0627\u0633\u0646\u0627\u062f  Excel \u0648 Word \u0628\u0647 \u0633\u0645\u062a \u0628\u0647\u0631\u0647\u200c\u0628\u0631\u062f\u0627\u0631\u06cc \u0627\u0632 \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc\u200c\u0647\u0627 \u0631\u0627\u0647 \u06cc\u0627\u0641\u062a\u0647 \u0627\u0646\u062f . \u0627\u06cc\u0646 \u06af\u0631\u0648\u0647 \u0646\u0641\u0648\u0630 \u060c \u062d\u0645\u0644\u0627\u062a \u062e\u0648\u062f \u0631\u0627 \u0628\u0633\u06cc\u0627\u0631 \u0633\u0631\u06cc\u0639 \u0627\u0646\u062c\u0627\u0645 \u062f\u0627\u062f\u0647 \u0627\u0646\u062f \u0686\u0631\u0627 \u06a9\u0647 \u0627\u062d\u062a\u0645\u0627\u0644 \u0645\u06cc \u062f\u0627\u062f\u0646\u062f \u0628\u0627\u0632\u0647\u200c\u06cc \u0632\u0645\u0627\u0646\u06cc \u0628\u06cc\u0646 \u0627\u0641\u0634\u0627\u06cc \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc \u0648 \u0648\u0635\u0644\u0647\u200c\u06cc \u0622\u0646 \u062a\u0648\u0633\u0637 \u06a9\u0627\u0631\u0628\u0631\u0627\u0646 \u0628\u0633\u06cc\u0627\u0631 \u06a9\u0648\u062a\u0627\u0647 \u0628\u0627\u0634\u062f . \n \n\ud83d\udd38\u062f\u0631 \u0627\u06cc\u0646 \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc \u0627\u0632 \u06cc\u06a9 \u0633\u0646\u062f RTF \u062c\u0639\u0644\u06cc \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0645\u06cc\u200c\u0634\u0648\u062f \u06a9\u0647 \u0628\u0647 \u0645\u062d\u0636 \u0628\u0627\u0632 \u0634\u062f\u0646 \u0622\u0646 \u060c \u06cc\u06a9 \u067e\u0631\u0648\u0646\u062f\u0647\u200c\u06cc HTML \u062f\u0627\u0646\u0644\u0648\u062f \u0645\u06cc \u0634\u0648\u062f \u06a9\u0647  payload \u0646\u0647\u0627\u06cc\u06cc \u0631\u0627 \u0628\u0631 \u0631\u0648\u06cc \u062f\u0633\u062a\u06af\u0627\u0647 \u0642\u0631\u0628\u0627\u0646\u06cc \u0628\u0627\u0631\u06af\u0630\u0627\u0631\u06cc \u0648 \u0646\u0635\u0628 \u0645\u06cc\u200c\u06a9\u0646\u062f . \n\n\ud83d\udd39 \u062f\u0631 \u062a\u0627\u0631\u06cc\u062e \u06f1\u06f1 April \u060c \u0634\u0631\u06a9\u062a Microsoft \u0628\u0627 \u0627\u0646\u062a\u0634\u0627\u0631 \u0628\u0647\u200c\u0631\u0648\u0632\u0631\u0633\u0627\u0646\u06cc\u200c\u0647\u0627\u06cc \u0627\u0645\u0646\u06cc\u062a\u06cc \u060c \u0627\u06cc\u0646 \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc \u0631\u0627 \u0648\u0635\u0644\u0647 \u06a9\u0631\u062f\u0647 \u0627\u0633\u062a \u0648\u0644\u06cc \u06af\u0641\u062a\u0647 \u0645\u06cc\u200c\u0634\u0648\u062f \u0646\u0641\u0648\u0630\u06af\u0631\u0627\u0646 \u062d\u0645\u0644\u0627\u062a \u062e\u0648\u062f \u0631\u0627 \u067e\u06cc\u0634 \u0627\u0632  \u0627\u0646\u062a\u0634\u0627\u0631 \u0648\u0635\u0644\u0647 \u0647\u0627 \u0627\u0646\u062c\u0627\u0645 \u062f\u0627\u062f\u0647 \u0627\u0646\u062f .\n\n\n\ud83d\udd38\u0647\u0645\u0686\u0646\u06cc\u0646 \u062a\u062d\u0644\u06cc\u0644 \u0627\u06cc\u0646 \u0622\u0633\u06cc\u0628 \u067e\u0630\u06cc\u0631\u06cc \u0631\u0627 \u0645\u06cc \u062a\u0648\u0627\u0646\u06cc\u062f \u062f\u0631 \u0645\u0646\u0628\u0639 \u0632\u06cc\u0631 \u0645\u0637\u0627\u0644\u0639\u0647 \u0641\u0631\u0645\u0627\u0626\u06cc\u062f .\n\n\n\ud83c\udf10 http://rewtin.blogspot.de/2017/04/cve-2017-0199-practical-exploitation-poc.html\n\n\n\u0645\u0646\u0628\u0639 :\n\n\ud83c\udf10 https://goo.gl/ByCsZu\n\n\ud83c\udf10 http://www.securityweek.com/iranian-hackers-exploit-recent-office-0-day-attacks-report\n \n\n\u269c\ufe0f\u269c\ufe0f  \u0634\u0627\u062a\u0648\u0628 \u062f\u0631\u06cc\u0686\u0647 \u0627\u06cc \u0628\u0647 \u062f\u0646\u06cc\u0627\u06cc \u0631\u0627\u06cc\u0627\u0646\u0647 \u269c\ufe0f\u269c\ufe0f\n\n\ud83c\udd94 @SHATOOB", "creation_timestamp": "2017-05-04T08:17:31.000000Z"}, {"uuid": "ad8e1a88-759d-4ae0-9acb-abbbd78e3ff0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2017-0199", "type": "exploited", "source": "https://t.me/canyoupwnme/1845", "content": "\"Bypassing\" Microsoft's Patch for CVE-2017-0199\nhttps://justhaifei1.blogspot.com.tr/2017/07/bypassing-microsofts-cve-2017-0199-patch.html", "creation_timestamp": "2017-07-26T20:31:07.000000Z"}, {"uuid": "a370db75-a469-49c5-a673-ab106c3b7a52", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2017-0199", "type": "exploited", "source": "https://t.me/proitru/326", "content": "\u0412\u0420\u0415\u0414\u041e\u041d\u041e\u0421\u042b \u00ab\u041f\u0415\u0422\u042f\u00bb (PETYA) \u0418 \u00ab\u041c\u0418\u0428\u0410\u00bb (MISHA): \u0427\u0422\u041e \u041f\u0420\u041e\u0418\u0421\u0425\u041e\u0414\u0418\u0422 \u0418 \u0427\u0422\u041e \u0414\u0415\u041b\u0410\u0422\u042c \u0412 \u0422\u0420\u0415\u0425 \u0421\u041b\u041e\u0412\u0410\u0425? \n\n\u041c\u043e\u0434\u0435\u043b\u044c \u0440\u0430\u0441\u043f\u0440\u043e\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f \u043e\u0442\u0447\u0430\u0441\u0442\u0438 \u0430\u043d\u0430\u043b\u043e\u0433\u0438\u0447\u043d\u0430 WannaCry \u2014 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442\u0441\u044f \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442 \u043a \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 MS17-010, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u0431\u044b\u043b \u0443\u0441\u0438\u043b\u0435\u043d \u0441\u043e\u0446\u0438\u0430\u043b\u044c\u043d\u043e\u0439 \u0438\u043d\u0436\u0435\u043d\u0435\u0440\u0438\u0435\u0439 \u0441 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435\u043c \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 MS Word. \u0417\u0430\u0440\u0430\u0436\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0438\u0441\u0445\u043e\u0434\u0438\u0442 \u043f\u043e\u0441\u043b\u0435 \u043e\u0442\u043a\u0440\u044b\u0442\u0438\u044f \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u043c \u043f\u043e\u0447\u0442\u043e\u0432\u043e\u0433\u043e \u0432\u043b\u043e\u0436\u0435\u043d\u0438\u044f, \u043a\u043e\u0442\u043e\u0440\u043e\u0435 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u0435\u0442 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2017-0199, \u043e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043d\u043d\u0443\u044e \u0432 \u0430\u043f\u0440\u0435\u043b\u0435 2017 \u0433\u043e\u0434\u0430. \u0410 \u0440\u0430\u0441\u043f\u0440\u043e\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u0435 \u043f\u043e \u0434\u0440\u0443\u0433\u0438\u043c \u043a\u043e\u043c\u043f\u044c\u044e\u0442\u0435\u0440\u0430\u043c \u0432 \u0441\u0435\u0442\u0438 \u0443\u0436\u0435 \u043f\u043e MS17-010. \u0410 \u0432\u043e\u0442 \u043c\u043e\u0434\u0435\u043b\u044c \u0448\u0438\u0444\u0440\u043e\u0432\u0430\u043d\u0438\u044f \u2014 \u0441\u0443\u0449\u0435\u0441\u0442\u0432\u0435\u043d\u043d\u043e \u0438\u0437\u043c\u0435\u043d\u0438\u043b\u0430\u0441\u044c. \u00ab\u041f\u0435\u0442\u044f\u00bb, \u043f\u0440\u043e\u043d\u0438\u043a\u0430\u044f \u043d\u0430 \u043a\u043e\u043c\u043f\u044c\u044e\u0442\u0435\u0440 \u0441 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435\u043c \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430, \u0437\u0430\u0440\u0430\u0436\u0430\u0435\u0442 MBR (\u0433\u043b\u0430\u0432\u043d\u0430\u044f \u0437\u0430\u0433\u0440\u0443\u0437\u043e\u0447\u043d\u0430\u044f \u0437\u0430\u043f\u0438\u0441\u044c) \u0441\u0438\u0441\u0442\u0435\u043c\u044b. \u0410 \u0434\u0430\u043b\u044c\u0448\u0435 \u0432 \u0441\u0438\u0441\u0442\u0435\u043c\u0443 \u0437\u0430\u0433\u0440\u0443\u0436\u0430\u0435\u0442\u0441\u044f \u00ab\u041c\u0438\u0448\u0430\u00bb, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u0448\u0438\u0444\u0440\u0443\u0435\u0442 \u0444\u0430\u0439\u043b\u044b \u043d\u0430 \u0434\u0438\u0441\u043a\u0435, \u0438 \u0442\u0440\u0435\u0431\u0443\u0435\u0442 \u0432\u044b\u043a\u0443\u043f \u0432 \u0440\u0430\u0437\u043c\u0435\u0440\u0435 $300 \u0437\u0430 \u043e\u0434\u0438\u043d \u043a\u043e\u043c\u043f\u044c\u044e\u0442\u0435\u0440. \u0422\u0430\u043a \u0436\u0435 \u0435\u0441\u0442\u044c \u043c\u043e\u0434\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438, \u043a\u043e\u0433\u0434\u0430 \u00ab\u041f\u0435\u0442\u044f\u00bb \u0438 \u00ab\u041c\u0438\u0448\u0430\u00bb \u0440\u0430\u0431\u043e\u0442\u0430\u044e\u0442 \u043d\u0435\u0437\u0430\u0432\u0438\u0441\u0438\u043c\u043e \u0434\u0440\u0443\u0433 \u043e\u0442 \u0434\u0440\u0443\u0433\u0430, \u0432 \u0437\u0430\u0432\u0438\u0441\u0438\u043c\u043e\u0441\u0442\u0438 \u043e\u0442 \u043d\u0430\u043b\u0438\u0447\u0438\u044f \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439 \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440\u0430 \u0441\u0438\u0441\u0442\u0435\u043c\u044b. \u0415\u0441\u0442\u044c \u0441\u043e\u043e\u0431\u0449\u0435\u043d\u0438\u044f \u043e \u0442\u043e\u043c, \u0442\u043e \u0432\u0441\u0442\u0440\u0435\u0447\u0430\u043b\u0430\u0441\u044c \u0442\u0430\u043a\u0436\u0435 \u043c\u043e\u0434\u0435\u043b\u044c \u0440\u0430\u0441\u043f\u0440\u043e\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0449\u0430\u044f \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0435 \u0432\u043b\u043e\u0436\u0435\u043d\u0438\u044f \u0441 \u043c\u0430\u0441\u043a\u0438\u0440\u043e\u0432\u043a\u043e\u0439 \u043f\u043e\u0434 pdf-\u0444\u0430\u0439\u043b\u044b.  \n\n\u041f\u043e\u0434\u0440\u043e\u0431\u043d\u0435\u0435: http://www.jetinfo.ru/stati/vredonosy-petya-petya-i-misha-misha-chto-proiskhodit-i-chto-delat-v-trekh", "creation_timestamp": "2017-06-28T10:38:18.000000Z"}, {"uuid": "3e20a1f1-ede0-4c87-a710-d420f7547eba", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2017-0199", "type": "exploited", "source": "https://t.me/canyoupwnme/1189", "content": "CVE-2017-0199: In the Wild Attacks Leveraging HTA Handler\nhttps://www.fireeye.com/blog/threat-research/2017/04/cve-2017-0199-hta-handler.html", "creation_timestamp": "2017-04-12T00:30:01.000000Z"}, {"uuid": "edcf22b5-6d9f-4b36-9854-8e3b3e77ade2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2017-0199", "type": "exploited", "source": "https://t.me/canyoupwnme/1236", "content": "Windows attacks via CVE-2017-0199 \u2013 Practical exploitation! (PoC)\nhttp://securityaffairs.co/wordpress/58077/breaking-news/cve-2017-0199-exploitation-poc.html", "creation_timestamp": "2017-04-18T00:30:03.000000Z"}, {"uuid": "d5faa393-4e83-4338-9979-86e0e9600aec", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2017-0199", "type": "exploited", "source": "https://t.me/SecLabNews/5089", "content": "\u0418\u0440\u0430\u043d\u0441\u043a\u0430\u044f APT-\u0433\u0440\u0443\u043f\u043f\u0438\u0440\u043e\u0432\u043a\u0430 MuddyWater \u043d\u0430\u0447\u0430\u043b\u0430 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u043d\u043e\u0432\u044b\u0435 \u0432\u0435\u043a\u0442\u043e\u0440\u044b \u0430\u0442\u0430\u043a \u043d\u0430 \u0442\u0435\u043b\u0435\u043a\u043e\u043c\u043c\u0443\u043d\u0438\u043a\u0430\u0446\u0438\u043e\u043d\u043d\u044b\u0435 \u0438 \u043f\u0440\u0430\u0432\u0438\u0442\u0435\u043b\u044c\u0441\u0442\u0432\u0435\u043d\u043d\u044b\u0435 \u043e\u0440\u0433\u0430\u043d\u0438\u0437\u0430\u0446\u0438\u0438. \u041a\u0430\u043a \u0441\u043e\u043e\u0431\u0449\u0430\u044e\u0442 \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u0438\u0441\u0442\u044b \u0418\u0411-\u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0438 Clearsky Security, MuddyWater \u043f\u043e\u043f\u043e\u043b\u043d\u0438\u043b\u0430 \u0441\u0432\u043e\u0438 \u0442\u0430\u043a\u0442\u0438\u043a\u0438, \u0442\u0435\u0445\u043d\u0438\u043a\u0438 \u0438 \u043f\u0440\u043e\u0446\u0435\u0434\u0443\u0440\u044b (TTP) \u043d\u043e\u0432\u044b\u043c\u0438 \u0434\u043e\u043a\u0443\u043c\u0435\u043d\u0442\u0430\u043c\u0438 Microsoft Word, \u0437\u0430\u0433\u0440\u0443\u0436\u0430\u044e\u0449\u0438\u043c\u0438 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0435 \u0444\u0430\u0439\u043b\u044b \u0447\u0435\u0440\u0435\u0437 \u0441\u043a\u043e\u043c\u043f\u0440\u043e\u043c\u0435\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0435 \u0441\u0435\u0440\u0432\u0435\u0440\u044b, \u0430 \u0442\u0430\u043a\u0436\u0435 \u0434\u043e\u043a\u0443\u043c\u0435\u043d\u0442\u0430\u043c\u0438, \u044d\u043a\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u044e\u0449\u0438\u043c\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2017-0199.    \nAPT-\u0433\u0440\u0443\u043f\u043f\u0430 MuddyWater \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442 \u043d\u043e\u0432\u044b\u0435 \u0432\u0435\u043a\u0442\u043e\u0440\u044b \u0430\u0442\u0430\u043a", "creation_timestamp": "2019-06-07T12:55:32.000000Z"}, {"uuid": "6c69adc5-9b7e-4252-a8a3-68d06f18840c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2017-0199", "type": "exploited", "source": "https://t.me/SecLabNews/173", "content": "\u0417\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0442 CVE-2017-0199 \u0434\u043b\u044f \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043a\u0438 RAT \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e PowerPoint", "creation_timestamp": "2017-08-16T13:34:53.000000Z"}, {"uuid": "bb10cedc-3d0e-4584-9a86-ce9357a0d0ed", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2017-0199", "type": "exploited", "source": "https://t.me/S_E_Reborn/4980", "content": "Blackberry \u0440\u0430\u0441\u043a\u0440\u044b\u0432\u0430\u0435\u0442 \u043d\u043e\u0432\u0443\u044e \u0438\u043d\u0444\u0440\u0430\u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u0443 \u0438 TTPs SideWinder, \u0432 \u0440\u0430\u043c\u043a\u0430\u0445 \u043a\u0430\u043c\u043f\u0430\u043d\u0438\u0438, \u043d\u0430\u0446\u0435\u043b\u0435\u043d\u043d\u043e\u0439 \u00a0\u043d\u0430 \u043f\u043e\u0440\u0442\u044b \u0438 \u043c\u043e\u0440\u0441\u043a\u0438\u0435 \u0441\u043e\u043e\u0440\u0443\u0436\u0435\u043d\u0438\u044f \u0432 \u0418\u043d\u0434\u0438\u0439\u0441\u043a\u043e\u043c \u043e\u043a\u0435\u0430\u043d\u0435 \u0438 \u0421\u0440\u0435\u0434\u0438\u0437\u0435\u043c\u043d\u043e\u043c \u043c\u043e\u0440\u0435.\n\n\u0418\u043d\u0434\u0438\u0439\u0441\u043a\u0430\u044f SideWinder APT (Razor Tiger, Rattlesnake \u0438 T-APT-04) \u0434\u0435\u0439\u0441\u0442\u0432\u0443\u0435\u0442 \u043f\u043e \u043a\u0440\u0430\u0439\u043d\u0435\u0439 \u043c\u0435\u0440\u0435 \u0441 2012 \u0438 \u0440\u0430\u043d\u0435\u0435 \u0431\u044b\u043b\u0430 \u0437\u0430\u043c\u0435\u0447\u0435\u043d\u0430 \u0432 \u043d\u0430\u043f\u0430\u0434\u0435\u043d\u0438\u044f\u0445 \u043d\u0430 \u0432\u043e\u0435\u043d\u043d\u044b\u0435, \u043f\u0440\u0430\u0432\u0438\u0442\u0435\u043b\u044c\u0441\u0442\u0432\u0435\u043d\u043d\u044b\u0435 \u0438 \u043a\u043e\u043c\u043c\u0435\u0440\u0447\u0435\u0441\u043a\u0438\u0435 \u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u044b \u041f\u0430\u043a\u0438\u0441\u0442\u0430\u043d\u0430, \u0410\u0444\u0433\u0430\u043d\u0438\u0441\u0442\u0430\u043d\u0430, \u041a\u0438\u0442\u0430\u044f \u0438 \u041d\u0435\u043f\u0430\u043b\u0430.\n\n\u0414\u043e\u043c\u0435\u043d\u044b \u0438 \u0434\u043e\u043a\u0443\u043c\u0435\u043d\u0442\u044b, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u043c\u044b\u0435 \u0441 \u0434\u043e\u0441\u0442\u0430\u0432\u043a\u043e\u0439 \u043f\u0435\u0440\u0432\u043e\u0433\u043e \u044d\u0442\u0430\u043f\u0430, \u043f\u043e\u0434\u0440\u0430\u0437\u0443\u043c\u0435\u0432\u0430\u044e\u0442 \u0442\u0430\u0440\u0433\u0435\u0442\u0438\u043d\u0433 \u043d\u0430 \u041f\u0430\u043a\u0438\u0441\u0442\u0430\u043d, \u0415\u0433\u0438\u043f\u0435\u0442 \u0438 \u0428\u0440\u0438-\u041b\u0430\u043d\u043a\u0443.\n\n\u041f\u0440\u0438 \u044d\u0442\u043e\u043c \u0441\u0443\u0431\u0434\u043e\u043c\u0435\u043d\u044b \u0432\u0442\u043e\u0440\u043e\u0433\u043e \u044d\u0442\u0430\u043f\u0430, \u0443\u043a\u0430\u0437\u044b\u0432\u0430\u044e\u0442 \u043d\u0430 \u0434\u043e\u043f\u043e\u043b\u043d\u0438\u0442\u0435\u043b\u044c\u043d\u044b\u0439 \u0442\u0430\u0440\u0433\u0435\u0442\u0438\u043d\u0433 \u0432 \u043e\u0442\u043d\u043e\u0448\u0435\u043d\u0438\u0438 \u0411\u0430\u043d\u0433\u043b\u0430\u0434\u0435\u0448, \u041c\u044c\u044f\u043d\u043c\u044b, \u041d\u0435\u043f\u0430\u043b\u0430 \u0438 \u041c\u0430\u043b\u044c\u0434\u0438\u0432.\n\n\u041e\u0441\u043d\u043e\u0432\u044b\u0432\u0430\u044f\u0441\u044c \u043d\u0430 \u043f\u0440\u0435\u0434\u044b\u0434\u0443\u0449\u0438\u0445 \u043d\u0430\u0431\u043b\u044e\u0434\u0435\u043d\u0438\u044f\u0445, \u0446\u0435\u043b\u044c\u044e \u044d\u0442\u043e\u0439 \u043d\u043e\u0432\u043e\u0439 \u043a\u0430\u043c\u043f\u0430\u043d\u0438\u0438 SideWinder, \u043f\u043e \u0432\u0441\u0435\u0439 \u0432\u0438\u0434\u0438\u043c\u043e\u0441\u0442\u0438, \u044f\u0432\u043b\u044f\u0435\u0442\u0441\u044f \u0448\u043f\u0438\u043e\u043d\u0430\u0436 \u0438 \u0441\u0431\u043e\u0440 \u0440\u0430\u0437\u0432\u0435\u0434\u044b\u0432\u0430\u0442\u0435\u043b\u044c\u043d\u043e\u0439 \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438.\n\nSideWinder \u0442\u0440\u0430\u0434\u0438\u0446\u0438\u043e\u043d\u043d\u043e \u0440\u0435\u0430\u043b\u0438\u0437\u0443\u0435\u0442 \u043c\u0435\u0442\u043e\u0434\u044b \u0446\u0435\u043b\u0435\u0432\u043e\u0433\u043e \u0444\u0438\u0448\u0438\u043d\u0433\u0430 \u044d\u043b\u0435\u043a\u0442\u0440\u043e\u043d\u043d\u043e\u0439 \u043f\u043e\u0447\u0442\u044b, \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0434\u043e\u043a\u0443\u043c\u0435\u043d\u0442\u043e\u0432 \u0438 \u0431\u043e\u043a\u043e\u0432\u043e\u0439 \u0437\u0430\u0433\u0440\u0443\u0437\u043a\u0438 DLL, \u0447\u0442\u043e\u0431\u044b \u0438\u0437\u0431\u0435\u0436\u0430\u0442\u044c \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0438\u044f \u0438 \u0434\u043e\u0441\u0442\u0430\u0432\u0438\u0442\u044c \u0446\u0435\u043b\u0435\u0432\u044b\u0435 \u0438\u043c\u043f\u043b\u0430\u043d\u0442\u044b.\n\n\u041e\u0431\u044b\u0447\u043d\u043e \u0436\u0435\u0440\u0442\u0432\u0430 \u0437\u0430\u0433\u0440\u0443\u0436\u0430\u0435\u0442 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0439 \u0434\u043e\u043a\u0443\u043c\u0435\u043d\u0442 \u0441 \u043e\u0447\u0435\u043d\u044c \u043f\u043e\u0432\u0435\u0440\u0445\u043d\u043e\u0441\u0442\u043d\u044b\u043c \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0438\u0435\u043c \u043d\u0430 VirusTotal \u0438 \u043e\u0442\u043a\u0440\u044b\u0432\u0430\u0435\u0442 \u0435\u0433\u043e, \u0437\u0430\u043f\u0443\u0441\u043a\u0430\u044f \u0441\u043b\u0435\u0434\u0443\u044e\u0449\u0438\u0439 \u044d\u0442\u0430\u043f \u0446\u0435\u043f\u043e\u0447\u043a\u0438 \u0437\u0430\u0440\u0430\u0436\u0435\u043d\u0438\u044f.\n\n\u0412\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0439 \u0434\u043e\u043a\u0443\u043c\u0435\u043d\u0442 \u043e\u0447\u0435\u043d\u044c \u0442\u0449\u0430\u0442\u0435\u043b\u044c\u043d\u043e \u043f\u043e\u0434\u0433\u043e\u0442\u043e\u0432\u043b\u0435\u043d, \u0447\u0442\u043e\u0431\u044b \u0432\u044b\u0434\u0430\u0442\u044c \u0435\u0433\u043e \u0437\u0430 \u0440\u0435\u0430\u043b\u044c\u043d\u044b\u0439 \u0434\u043e\u043a\u0443\u043c\u0435\u043d\u0442 \u043e\u0444\u0438\u0446\u0438\u0430\u043b\u044c\u043d\u043e\u0439 \u043e\u0440\u0433\u0430\u043d\u0438\u0437\u0430\u0446\u0438\u0438, \u0443\u0436\u0435 \u0438\u0437\u0432\u0435\u0441\u0442\u043d\u043e\u0439 \u0446\u0435\u043b\u0438.\n\n\u0412 \u043d\u043e\u0432\u043e\u0439 \u043a\u0430\u043c\u043f\u0430\u043d\u0438\u0438 \u0444\u0430\u043b\u044c\u0441\u0438\u0444\u0438\u0446\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0435 \u0434\u043e\u043a\u0443\u043c\u0435\u043d\u0442\u044b \u0431\u044b\u043b\u0438 \u0441\u0432\u044f\u0437\u0430\u043d\u044b \u0441 \u043a\u043e\u043d\u043a\u0440\u0435\u0442\u043d\u043e\u0439 \u0438\u043d\u0444\u0440\u0430\u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u043e\u0439 \u043f\u043e\u0440\u0442\u0430 \u0410\u043b\u0435\u043a\u0441\u0430\u043d\u0434\u0440\u0438\u044f \u0432 \u0421\u0440\u0435\u0434\u0438\u0437\u0435\u043c\u043d\u043e\u043c \u043c\u043e\u0440\u0435, \u0442\u0430\u043a\u0436\u0435 \u041f\u043e\u0440\u0442\u043e\u0432\u043e\u0435 \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0435 \u0432 \u041a\u0440\u0430\u0441\u043d\u043e\u043c \u043c\u043e\u0440\u0435.\n\n\u0412\u0441\u0435 \u0437\u0430\u043c\u0435\u0447\u0435\u043d\u043d\u044b\u0435 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0435 \u0434\u043e\u043a\u0443\u043c\u0435\u043d\u0442\u044b \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0442 \u0442\u0435\u0445\u043d\u0438\u043a\u0443 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u0433\u043e \u0432\u043d\u0435\u0434\u0440\u0435\u043d\u0438\u044f \u0448\u0430\u0431\u043b\u043e\u043d\u0430 (CVE-2017-0199) \u0434\u043b\u044f \u043f\u043e\u043b\u0443\u0447\u0435\u043d\u0438\u044f \u043d\u0430\u0447\u0430\u043b\u044c\u043d\u043e\u0433\u043e \u0434\u043e\u0441\u0442\u0443\u043f\u0430 \u043a \u0441\u0438\u0441\u0442\u0435\u043c\u0435 \u0446\u0435\u043b\u0438.\n\n\u0422\u0435\u043b\u043e \u0434\u043e\u043a\u0443\u043c\u0435\u043d\u0442\u0430, \u043e\u0442\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043d\u043e\u0433\u043e \u0432 \u0432\u0438\u0434\u0435 \u0444\u0438\u0448\u0438\u043d\u0433\u043e\u0432\u043e\u0433\u043e \u043f\u0438\u0441\u044c\u043c\u0430, \u0441\u043e\u0434\u0435\u0440\u0436\u0438\u0442 URL \u0432 \u0432\u0438\u0434\u0435 \u043e\u0431\u044b\u0447\u043d\u043e\u0433\u043e \u0442\u0435\u043a\u0441\u0442\u0430, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u0432\u0435\u0434\u0435\u0442 \u043d\u0430 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0439 \u0441\u0430\u0439\u0442, \u043e\u0442\u043a\u0443\u0434\u0430 \u0437\u0430\u0433\u0440\u0443\u0436\u0430\u0435\u0442\u0441\u044f \u0444\u0430\u0439\u043b \u0441\u043b\u0435\u0434\u0443\u044e\u0449\u0435\u0433\u043e \u044d\u0442\u0430\u043f\u0430.\n\n\u0414\u0430\u043b\u0435\u0435 \u0444\u0430\u0439\u043b \u0432 \u0444\u043e\u0440\u043c\u0430\u0442\u0435 RTF \u0437\u0430\u0433\u0440\u0443\u0436\u0430\u0435\u0442 \u0434\u043e\u043a\u0443\u043c\u0435\u043d\u0442, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2017-11882. \u041e\u043d \u0441\u043e\u0434\u0435\u0440\u0436\u0438\u0442 \u0448\u0435\u043b\u043b\u043a\u043e\u0434, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0435\u0442\u0441\u044f \u043f\u043e\u0441\u043b\u0435 \u043e\u0442\u043a\u0440\u044b\u0442\u0438\u044f \u0444\u0430\u0439\u043b\u0430.\n\n\u041f\u0440\u0438\u0447\u0435\u043c \u0432\u00a0\u043f\u0440\u0435\u0434\u044b\u0434\u0443\u0449\u0435\u0439 \u043a\u0430\u043c\u043f\u0430\u043d\u0438\u0438 SideWinder\u00a0\u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u0430\u044f \u041f\u041e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b\u0430 JavaScript, \u0441\u043a\u0440\u044b\u0442\u044b\u0439 \u0432 \u0444\u0430\u0439\u043b\u0435 RTF.\n\n\u0426\u0435\u043b\u044c\u044e \u0448\u0435\u043b\u043b-\u043a\u043e\u0434\u0430 \u044f\u0432\u043b\u044f\u0435\u0442\u0441\u044f \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0430 \u0441\u0438\u0441\u0442\u0435\u043c\u044b \u0436\u0435\u0440\u0442\u0432\u044b, \u0447\u0442\u043e\u0431\u044b \u0443\u0432\u0438\u0434\u0435\u0442\u044c, \u044f\u0432\u043b\u044f\u0435\u0442\u0441\u044f \u043b\u0438 \u0441\u0438\u0441\u0442\u0435\u043c\u0430 \u0440\u0435\u0430\u043b\u044c\u043d\u043e\u0439, \u0430 \u043d\u0435 \u0432\u0438\u0440\u0442\u0443\u0430\u043b\u044c\u043d\u043e\u0439 \u0441\u0440\u0435\u0434\u043e\u0439.\n\n\u041f\u043e\u0441\u043b\u0435 \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0438 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u0430 \u0440\u0430\u0441\u0448\u0438\u0444\u0440\u043e\u0432\u044b\u0432\u0430\u0435\u0442 \u0438 \u0437\u0430\u043f\u0443\u0441\u043a\u0430\u0435\u0442 \u043d\u0435\u0431\u043e\u043b\u044c\u0448\u043e\u0439 \u043a\u043e\u0434 JavaScript, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u0433\u0440\u0443\u0437\u0438\u0442 \u0441\u043b\u0435\u0434\u0443\u044e\u0449\u0438\u0439 \u044d\u0442\u0430\u043f \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u0441 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u0433\u043e \u0441\u0435\u0440\u0432\u0435\u0440\u0430 - \u0442\u0430\u043a\u0436\u0435 \u043a\u043e\u0434\u043e\u043c JavaScript (\u043d\u043e \u0437\u0430\u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u043e\u0431\u0440\u0430\u0437\u0446\u044b \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0435\u0433\u043e \u044d\u0442\u0430\u043f\u0430 \u043d\u0435 \u0443\u0434\u0430\u043b\u043e\u0441\u044c).\n\n\u041f\u043e\u0434\u0440\u043e\u0431\u043d\u044b\u0439 \u0440\u0430\u0437\u0431\u043e\u0440 \u043f\u043e \u0438\u043d\u0444\u0440\u0430\u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u0435 \u04212 \u0441 \u0433\u0435\u043e\u0442\u0430\u0440\u0433\u0435\u0442\u0438\u0440\u0432\u043e\u0430\u043d\u0438\u0435\u043c, \u0430 \u0442\u0430\u043a\u0436\u0435 \u0438\u043d\u0434\u0438\u043a\u0430\u0442\u043e\u0440\u044b \u043a\u043e\u043c\u043f\u0440\u043e\u043c\u0435\u0442\u0430\u0446\u0438\u0438 - \u0432 \u043e\u0442\u0447\u0435\u0442\u0435.", "creation_timestamp": "2024-07-29T20:25:43.000000Z"}, {"uuid": "ac8a6c08-e185-4b9c-960c-5398b6e00801", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2017-0199", "type": "exploited", "source": "https://t.me/canyoupwnme/2022", "content": "CVE-2017-0199: New Malware Abuses PowerPoint Slide Show\nhttp://blog.trendmicro.com/trendlabs-security-intelligence/cve-2017-0199-new-malware-abuses-powerpoint-slide-show/", "creation_timestamp": "2017-08-14T17:59:09.000000Z"}, {"uuid": "f8c147ac-71bc-4659-80f2-1dbceca69504", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2017-0199", "type": "seen", "source": "https://t.me/canyoupwnme/1210", "content": "Cisco Coverage for CVE-2017-0199\nhttp://blog.talosintelligence.com/2017/04/cve-2017-0199.html", "creation_timestamp": "2017-04-15T16:58:51.000000Z"}, {"uuid": "f486c32a-9c8b-4750-af12-d90038600b7d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2017-0199", "type": "exploited", "source": "https://t.me/canyoupwnme/1198", "content": "CVE-2017-0199 Used as Zero Day to Distribute FINSPY Espionage Malware and LATENTBOT Cyber Crime Malware\nhttps://www.fireeye.com/blog/threat-research/2017/04/cve-2017-0199_useda.html", "creation_timestamp": "2017-04-12T22:25:46.000000Z"}, {"uuid": "f2914e6e-186c-4662-9a64-a51ce15cfbb4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2017-0199", "type": "exploited", "source": "https://t.me/canyoupwnme/1200", "content": "Analysis of a CVE-2017-0199 Malicious RTF Document\nhttps://blog.nviso.be/2017/04/12/analysis-of-a-cve-2017-0199-malicious-rtf-document/", "creation_timestamp": "2017-04-13T13:21:30.000000Z"}, {"uuid": "9ef5757e-234b-4a21-87ad-dbe2ef431725", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2017-0199", "type": "exploited", "source": "https://t.me/canyoupwnme/1201", "content": "Exploiting CVE-2017-0199: HTA Handler Vulnerability\nhttps://www.mdsec.co.uk/2017/04/exploiting-cve-2017-0199-hta-handler-vulnerability/", "creation_timestamp": "2017-04-13T13:21:50.000000Z"}, {"uuid": "e2efc426-95ae-4394-9843-15d83360d563", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2017-0199", "type": "exploited", "source": "https://t.me/indoghostsec/1901", "content": "INDOGHOSTSEC\n\n CVE-2017-0199 Vulnerability Exploit Sample Analysis BY INDOGHOSTSEC \ninstagram.com/indoghost.sec\n\n4x3ll666gh05t\n\n> md5: 0087AA25E20070186AC171BE6C528DA6 \n\n> File size: 31752 bytes (31kb) \n\n> File type: PDF         \n\nsample The initial file is disguised as a PDF file, hidden in its PDF data stream segment, a word file, and a JS hidden in its PDF Code. When the PDF is opened, the JS code will be executed. Then, the software that opens the word file by default on the computer will be called to open the word file. Then, if the software that is associated with the computer to open the word file by default is the office in the vulnerability version, it will execute by default Download the malicious link in word.    Use PDFstreamDumper to view the data of each segment of this PDF, this is a Word file with embedded data stream segments\n\nAttack Load \n\nFile MD5: AAFD0EBFE1AFBCAE1834430FEEBD5A31\nFile Type: of Bi nExecute / Microsoft.EXE [: the X86]\n\n> compiled language: NSIS Packer sample description;      the sample is The NSIS packaging program. After running the sample, the sample will successively call [collages.dll Corticoid.cab System.dll] ( where System.dl is harmless ) in its resource file, and then call the LoadLibraryExA function to load System.dll after System. dll will continue to call collages.dll address and call LoadLibraryA function to load collages.dll, collages.dll will Corticoid.cab compressed file decryption core sample shellcode decrypt it, then\n\n>  collages.dll uses process injection technology to create a child process that injects the decrypted shellcode data into the child process and executes the shellcode to execute malicious code for camouflage purposes. After finding that it is nsis packaged software, use 7-zip to decompress it, and you can see its related resource files. The cab file is a corrupted file, the cabinet compressed file size and its file type and it is suspected to be a shellcode resource file\n\n#Note Loaded the resource file, analyzed the two dlls at the beginning, found no malicious code, focused on the cab file, and turned it around for a long time in the packaging program. A lot of time wasted)\n\nby indoghostsec", "creation_timestamp": "2020-02-08T03:53:27.000000Z"}]}