{"vulnerability": "CVE-2018-8174", "sightings": [{"uuid": "6401d26b-8a68-4e87-b16e-af746acfe5d2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2018-8174", "type": "seen", "source": "MISP/5dc5795d-5c90-4be7-9f05-548b73e10023", "content": "", "creation_timestamp": "2019-11-08T14:20:28.000000Z"}, {"uuid": "ade1d5e8-5ad6-4333-a72f-e926c950b943", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2018-8174", "type": "seen", "source": "MISP/5b1a8db7-1454-480d-b6fa-1042c0a8ab16", "content": "", "creation_timestamp": "2018-06-08T14:14:53.000000Z"}, {"uuid": "2785fddf-2dda-483a-8107-77c6ea037617", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2018-8174", "type": "seen", "source": "MISP/5b1a8ec4-3900-4584-8c93-184bc0a8ab16", "content": "", "creation_timestamp": "2018-06-08T14:14:06.000000Z"}, {"uuid": "0de34bff-7f04-49ea-b85d-1e238dccf603", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2018-8174", "type": "seen", "source": "MISP/5af2be06-dc9c-4086-a6aa-45d9950d210f", "content": "", "creation_timestamp": "2018-05-09T09:25:28.000000Z"}, {"uuid": "98d04e2c-c10e-40c9-8154-5c6ca91bd97c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2018-8174", "type": "seen", "source": "MISP/5b0baa6c-c724-4e8c-a59b-03a0c0a8ab16", "content": "", "creation_timestamp": "2018-06-03T09:49:08.000000Z"}, {"uuid": "0a03e13e-95ca-4a7c-9000-cf3acab2b1a9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2018-8174", "type": "seen", "source": "MISP/5bab9721-28ac-48c4-845a-28f70a021402", "content": "", "creation_timestamp": "2018-09-26T14:29:36.000000Z"}, {"uuid": "01fb0565-a9db-4a4d-8b4b-a3bf4e257702", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2018-8174", "type": "seen", "source": "MISP/5b61a496-b034-4321-9406-e0330acd0835", "content": "", "creation_timestamp": "2018-08-01T12:22:29.000000Z"}, {"uuid": "ab120760-f277-49e5-900a-bc9d36b14a40", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2018-8174", "type": "seen", "source": "MISP/5b8cfdbc-e684-4d62-95b4-3c5002de0b81", "content": "", "creation_timestamp": "2018-09-03T09:26:26.000000Z"}, {"uuid": "39a3dd9a-724b-4581-b1e4-be940149d79b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2018-8174", "type": "seen", "source": "MISP/5b92428b-23b8-4a0e-8b3b-2849ac100a5a", "content": "", "creation_timestamp": "2018-09-07T09:30:39.000000Z"}, {"uuid": "04841d4a-555d-42b6-bc36-672e96b8fcec", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2018-8174", "type": "seen", "source": "MISP/5af41710-7b3c-43c3-8592-1f0cac12042b", "content": "", "creation_timestamp": "2018-05-10T11:38:07.000000Z"}, {"uuid": "ad4e180d-4970-42c9-a92d-320c1b33455e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2018-8174", "type": "seen", "source": "MISP/5dc53d64-eef8-4ee2-bb5c-4b240a3b4631", "content": "", "creation_timestamp": "2019-11-08T10:03:52.000000Z"}, {"uuid": "3212f5a5-7958-4620-a1e6-33c5b4d28649", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2018-8174", "type": "seen", "source": "MISP/5c543c87-503c-4622-a292-0aa6ac12042b", "content": "", "creation_timestamp": "2019-02-01T12:53:41.000000Z"}, {"uuid": "c0f1649d-9a27-42d7-bba9-434aaa5e47ce", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2018-8174", "type": "seen", "source": "MISP/5c812baa-d614-4f99-88e0-426d950d210f", "content": "", "creation_timestamp": "2019-03-07T14:35:39.000000Z"}, {"uuid": "5a0845ab-63b9-417b-bc3e-b557822f1751", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2018-8174", "type": "seen", "source": "MISP/5cd00a4e-1b14-4330-b51b-406602de0b81", "content": "", "creation_timestamp": "2019-05-06T10:24:00.000000Z"}, {"uuid": "a6834666-d54c-418d-84a0-73fd2524ce87", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2018-8174", "type": "seen", "source": "MISP/5d307d92-3514-4a9b-9840-0a540a950b0c", "content": "", "creation_timestamp": "2019-07-18T14:16:29.000000Z"}, {"uuid": "e116cb71-fd69-4e09-91ef-f6bb75d6e33a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2018-8174", "type": "seen", "source": "MISP/5eb68789-b0f4-4df2-a01a-03788e5d62f7", "content": "", "creation_timestamp": "2020-05-09T11:06:39.000000Z"}, {"uuid": "23a95873-f5f3-475f-8dd8-6001bcd47ecb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2018-8174", "type": "seen", "source": "MISP/c9adff75-eb56-4971-89d6-982688931f6b", "content": "", "creation_timestamp": "2020-10-09T16:14:24.000000Z"}, {"uuid": "4c4ad777-30a6-442e-a02d-0e9b1e1ad72e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2018-8174", "type": "seen", "source": "MISP/dec58de8-6301-4e10-a4a6-e8a5f9ce5203", "content": "", "creation_timestamp": "2020-10-09T14:19:37.000000Z"}, {"uuid": "f95f34c1-b307-4268-b2a7-639e326cb571", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2018-8174", "type": "seen", "source": "MISP/c94a7e1a-4647-47b3-8fb7-3088e73b47b9", "content": "", "creation_timestamp": "2020-10-09T15:54:14.000000Z"}, {"uuid": "c46b6250-44f7-4e1e-9eb8-b026157cbb8a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2018-8174", "type": "seen", "source": "MISP/df9a5179-f5e3-4ece-abde-e02ac4561816", "content": "", "creation_timestamp": "2020-10-09T13:27:39.000000Z"}, {"uuid": "c3e96dee-7d2e-4ed3-8761-a3a87152aa94", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2018-8174", "type": "seen", "source": "MISP/0f0e6302-18ce-4342-b5cf-b8468fa5531a", "content": "", "creation_timestamp": "2020-10-09T14:47:32.000000Z"}, {"uuid": "3d364c72-2938-4236-b155-1bf9e1d19973", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2018-8174", "type": "seen", "source": "MISP/0b0f374b-39b1-4229-891b-2defd31fe736", "content": "", "creation_timestamp": "2020-10-09T15:53:02.000000Z"}, {"uuid": "4f6eb9d6-9fee-45f9-b30a-ae20a3bb5ad6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2018-8174", "type": "seen", "source": "MISP/ceffe993-fba5-4117-9d95-cc501e161029", "content": "", "creation_timestamp": "2020-10-09T13:37:29.000000Z"}, {"uuid": "bc0acb2d-0376-4f9e-a638-f524a934898f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2018-8174", "type": "seen", "source": "MISP/7be1b70f-0f74-4e54-9a75-441653b92cab", "content": "", "creation_timestamp": "2020-10-09T16:16:48.000000Z"}, {"uuid": "0e091a68-cc3a-4615-b89a-206cb699e5f4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2018-8174", "type": "seen", "source": "MISP/0cbad1e3-4b6d-413f-a234-8939127e7112", "content": "", "creation_timestamp": "2020-10-09T13:51:49.000000Z"}, {"uuid": "a867874e-d02d-49d7-85c7-b74f930b4f58", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2018-8174", "type": "seen", "source": "MISP/10a1266a-1398-46fe-8952-5539e1bb94ae", "content": "", "creation_timestamp": "2020-10-09T16:14:27.000000Z"}, {"uuid": "9eb144b2-675f-4a49-8ade-1e43ce01ff6b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2018-8174", "type": "seen", "source": "MISP/2a330185-520a-4481-b9f3-928cd6c2dc8d", "content": "", "creation_timestamp": "2020-10-09T16:07:50.000000Z"}, {"uuid": "01e96db7-8051-400b-99ae-b1c128c7cbf8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2018-8174", "type": "seen", "source": "MISP/b5f16ac7-7df4-4b28-a1c6-c146f548987d", "content": "", "creation_timestamp": "2020-10-09T15:22:40.000000Z"}, {"uuid": "7f20a597-bb3c-44f4-b3eb-d57aa6e99838", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2018-8174", "type": "seen", "source": "MISP/bdb0a91e-146f-4dba-a6a6-0debd5058d45", "content": "", "creation_timestamp": "2020-10-09T15:48:43.000000Z"}, {"uuid": "d7e58b4c-cf91-4f87-bd78-d7af907dae0c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2018-8174", "type": "seen", "source": "MISP/4c9380a5-efe6-4f83-84b6-2db7c3f7402b", "content": "", "creation_timestamp": "2020-10-09T15:43:45.000000Z"}, {"uuid": "a9507331-d311-4f99-951f-a15e8e37f5f2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2018-8174", "type": "seen", "source": "MISP/a20c4c82-41fe-4580-814c-f398d2fb417f", "content": "", "creation_timestamp": "2020-10-09T15:43:21.000000Z"}, {"uuid": "1afeb597-a270-4e33-9a4b-c2a25f84a848", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2018-8174", "type": "seen", "source": "MISP/e965095d-fcbc-403a-a6e8-8628ca355440", "content": "", "creation_timestamp": "2020-10-09T16:13:08.000000Z"}, {"uuid": "7ca8b4a2-2ad8-4065-a698-dea7299c26b8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2018-8174", "type": "seen", "source": "MISP/9e962af8-a083-44bd-a144-42accb00769b", "content": "", "creation_timestamp": "2020-10-09T15:37:20.000000Z"}, {"uuid": "f99235f2-a4cf-482d-93b1-9d437f070d7e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2018-8174", "type": "seen", "source": "MISP/e4f4a02d-0c3b-4d09-bcd1-f54a5c8c5962", "content": "", "creation_timestamp": "2020-10-09T16:21:49.000000Z"}, {"uuid": "8094f4af-0974-40b5-9d3f-0b004e9714fe", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2018-8174", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2023-06-14T21:10:03.000000Z"}, {"uuid": "b3ead8f1-405b-4dc9-86ce-69d8a0a69711", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2018-8174", "type": "seen", "source": "https://feedsin.space/feed/CISAKevBot/items/2971258", "content": "", "creation_timestamp": "2024-12-24T20:26:37.405132Z"}, {"uuid": "007c3e2b-86e8-4ff9-a77e-154c6a33723b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2018-8174", "type": "exploited", "source": "https://t.me/cRyPtHoN_INFOSEC_DE/58", "content": "HookAds Malvertising Installieren von Malware \u00fcber das Fallout Exploit Kit\n\nDie HookAds-Malvertising-Kampagne war in letzter Zeit aktiv und leitet Besucher auf das Fallout Exploit Kit um. Sobald das Kit aktiviert ist, versucht es, bekannte Schwachstellen in Windows auszunutzen, um verschiedene Malware wie den DanaBot-Banking-Trojaner, den Nocturnal Information Stealer und GlobeImposter Ransomware zu installieren.\n\nHookAds ist eine Malvertising-Kampagne, die billige Werbefl\u00e4chen in qualitativ hochwertigen Werbenetzwerken kauft, die h\u00e4ufig von Websites f\u00fcr Erwachsene, Online-Spielen oder Blackhat SEO-Websites verwendet werden. Diese Anzeigen enthalten JavaScript, das einen Besucher \u00fcber eine Reihe von T\u00e4uschungsseiten weiterleitet, die wie Seiten mit einheimischen Anzeigen, Online-Spielen oder anderen Seiten von geringer Qualit\u00e4t aussehen. Unter den richtigen Umst\u00e4nden l\u00e4dt ein Besucher das Fallout-Exploit-Kit, das die Malware-Nutzlast installiert und installiert.\n\nUnten sehen Sie ein Beispiel f\u00fcr eine der letzten Tage entdeckten Lockvogel-Websites, die vom Exploit-Kit-Experten nao_sec entdeckt wurden .\n\nLaut nao_sec wurden diese beiden Kampagnen letzte Woche entdeckt. Eine Kampagne fand am 8. November statt und verteilte den DanaBot- Kennwort, der Trojaner stiehlt, sowie eine weitere Kampagne , bei der der Nocturnal Stealer und die Ransomware GlobeImposter installiert wurden.\n\nWenn der umgeleitete Benutzer Internet Explorer ausf\u00fchrt, versucht das Fallout Exploit Kit, die Windows CVE-2018-8174- VBScript-Sicherheitsanf\u00e4lligkeit auszunutzen, um die Nutzlast zu installieren.\n\nDaher ist es sehr wichtig, dass Benutzer sicherstellen, dass alle verf\u00fcgbaren Windows-Sicherheitsupdates installiert sind, um sich vor bekannten Sicherheitsl\u00fccken zu sch\u00fctzen.\n\n\ud83d\udce1 @cRyPtHoN_InfoSEC_DE", "creation_timestamp": "2018-11-14T15:48:09.000000Z"}, {"uuid": "33b006ff-91e8-4d3d-a8a8-69dd7c3e0eb4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2018-8174", "type": "seen", "source": "https://www.govcert.gov.hk/en/alerts_detail.php?id=289", "content": "", "creation_timestamp": "2018-05-09T04:00:00.000000Z"}, {"uuid": "81cf4a39-7ab5-4676-8e6b-959fa61e5bf9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2018-8174", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2025-02-23T02:10:20.000000Z"}, {"uuid": "a56de125-e11f-403b-bd77-3dcfcc909a0f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2018-8174", "type": "seen", "source": "MISP/ab0b745f-bbd5-338e-8b92-97dd0c757e9d", "content": "", "creation_timestamp": "2025-08-31T03:01:02.000000Z"}, {"uuid": "006715db-5ede-499a-8273-e01691b1cd72", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "af0120d0-3dac-4a6a-974b-a9f33d2a9846", "vulnerability": "CVE-2018-8174", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/cb1ae1ac-b124-4e7d-a9b9-319eb82b45d3", "content": "", "creation_timestamp": "2026-02-02T12:28:23.102844Z"}, {"uuid": "f96af34d-9f8a-4a64-8e4a-585516597a62", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2018-8174", "type": "published-proof-of-concept", "source": "https://t.me/R0_Crew/593", "content": "https://securelist.com/root-cause-analysis-of-cve-2018-8174/85486/ #malware #exploit #dukeBarman", "creation_timestamp": "2018-05-09T08:16:21.000000Z"}, {"uuid": "351a4794-1eeb-4f2c-bb8f-f940882dcce7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2018-8174", "type": "exploited", "source": "https://t.me/itsec_news/2284", "content": "\u200b\u26a1\ufe0f \u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u043f\u043e\u0434\u0435\u043b\u0438\u043b\u0438\u0441\u044c \u043d\u043e\u0432\u044b\u043c\u0438 \u0441\u0432\u0435\u0434\u0435\u043d\u0438\u044f\u043c\u0438 \u043e \u0440\u0430\u0431\u043e\u0442\u0435 \u0437\u043b\u043e\u0432\u0440\u0435\u0434\u043d\u044b\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c RIG Exploit Kit.\n\n\ud83d\udcac \u00abRIG Exploit Kit \u2014 \u044d\u0442\u043e \u0444\u0438\u043d\u0430\u043d\u0441\u043e\u0432\u043e \u043c\u043e\u0442\u0438\u0432\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u0430\u044f \u043a\u0430\u043c\u043f\u0430\u043d\u0438\u044f, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u0434\u0435\u0439\u0441\u0442\u0432\u0443\u0435\u0442 \u0441 2014 \u0433\u043e\u0434\u0430\u00bb, \u2014 \u0433\u043e\u0432\u043e\u0440\u0438\u0442\u0441\u044f \u0432 \u0438\u0441\u0447\u0435\u0440\u043f\u044b\u0432\u0430\u044e\u0449\u0435\u043c \u043e\u0442\u0447\u0435\u0442\u0435 PRODAFT. \u041d\u0430\u0431\u043e\u0440 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u043e\u0432 RIG EK \u0434\u043e\u0441\u0442\u0438\u0433 \u0440\u0435\u043a\u043e\u0440\u0434\u043d\u043e \u0432\u044b\u0441\u043e\u043a\u043e\u0433\u043e \u0443\u0440\u043e\u0432\u043d\u044f \u0443\u0441\u043f\u0435\u0448\u043d\u043e\u0439 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u2014 \u043f\u043e\u0447\u0442\u0438 30% \u0432 2022 \u0433\u043e\u0434\u0443, \u0441\u043e\u0433\u043b\u0430\u0441\u043d\u043e \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0438\u043c \u0434\u0430\u043d\u043d\u044b\u043c.\n\n\u041a\u0430\u043a \u0441\u043e\u043e\u0431\u0449\u0430\u0435\u0442\u0441\u044f, \u0445\u0430\u043a\u0435\u0440\u044b \u043e\u0431\u043d\u043e\u0432\u043b\u044f\u044e\u0442 \u0441\u0432\u043e\u0451 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u043e\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0435 \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u0435 \u0447\u0443\u0442\u044c \u043b\u0438 \u043d\u0435 \u0435\u0436\u0435\u043d\u0435\u0434\u0435\u043b\u044c\u043d\u043e, \u0440\u0430\u0441\u0448\u0438\u0440\u044f\u044f \u0444\u0443\u043d\u043a\u0446\u0438\u043e\u043d\u0430\u043b \u0438 \u0434\u043e\u0431\u0430\u0432\u043b\u044f\u044f \u043d\u043e\u0432\u044b\u0435 \u043c\u0435\u0445\u0430\u043d\u0438\u0437\u043c\u044b \u0443\u043a\u043b\u043e\u043d\u0435\u043d\u0438\u044f \u043e\u0442 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0438\u044f. \u0412\u043f\u0440\u043e\u0447\u0435\u043c, \u0442\u0430\u043a\u0430\u044f \u043f\u043e\u0434\u0434\u0435\u0440\u0436\u043a\u0430 \u043d\u0435\u0443\u0434\u0438\u0432\u0438\u0442\u0435\u043b\u044c\u043d\u0430, \u0432\u0435\u0434\u044c RIG EK \u0440\u0430\u0431\u043e\u0442\u0430\u0435\u0442 \u043f\u043e \u0441\u0435\u0440\u0432\u0438\u0441\u043d\u043e\u0439 \u043c\u043e\u0434\u0435\u043b\u0438 (Maas). \u042d\u0442\u043e \u043e\u0437\u043d\u0430\u0447\u0430\u0435\u0442, \u0447\u0442\u043e \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u043f\u043b\u0430\u0442\u044f\u0442 \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440\u0430\u043c \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u0430 \u0437\u0430 \u043d\u0435\u043e\u0431\u0445\u043e\u0434\u0438\u043c\u044b\u0435 \u0438\u043c \u0434\u0435\u0439\u0441\u0442\u0432\u0438\u044f \u043d\u0430 \u0446\u0435\u043b\u0435\u0432\u044b\u0445 \u043a\u043e\u043c\u043f\u044c\u044e\u0442\u0435\u0440\u0430\u0445.\n\n\u0414\u043b\u044f \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f \u0432\u044b\u0441\u043e\u043a\u043e\u0433\u043e \u0443\u0440\u043e\u0432\u043d\u044f \u0437\u0430\u0440\u0430\u0436\u0435\u043d\u0438\u044f \u0438 \u043c\u0430\u0441\u0448\u0442\u0430\u0431\u043d\u043e\u0433\u043e \u043e\u0445\u0432\u0430\u0442\u0430, \u043e\u043f\u0435\u0440\u0430\u0442\u043e\u0440\u044b RIG EK \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0442 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u0443\u044e \u0440\u0435\u043a\u043b\u0430\u043c\u0443. \u041f\u043e\u0441\u0435\u0442\u0438\u0442\u0435\u043b\u0438 \u0444\u0438\u0448\u0438\u043d\u0433\u043e\u0432\u044b\u0445 \u0438\u043b\u0438 \u0432\u0437\u043b\u043e\u043c\u0430\u043d\u043d\u044b\u0445 \u0441\u0430\u0439\u0442\u043e\u0432 \u043f\u0435\u0440\u0435\u043d\u0430\u043f\u0440\u0430\u0432\u043b\u044f\u044e\u0442\u0441\u044f \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u043e\u0433\u043e \u043a\u043e\u0434\u0430 JavaScript \u043d\u0430 \u043f\u0440\u043e\u043a\u0441\u0438-\u0441\u0435\u0440\u0432\u0435\u0440, \u043a\u043e\u0442\u043e\u0440\u044b\u0439, \u0432 \u0441\u0432\u043e\u044e \u043e\u0447\u0435\u0440\u0435\u0434\u044c, \u0432\u043e\u0437\u0432\u0440\u0430\u0449\u0430\u0435\u0442 \u043d\u0435\u043e\u0431\u0445\u043e\u0434\u0438\u043c\u0443\u044e \u0432\u0435\u0440\u0441\u0438\u044e \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430 \u0438\u043d\u0434\u0438\u0432\u0438\u0434\u0443\u0430\u043b\u044c\u043d\u043e \u043f\u043e\u0434 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0431\u0440\u0430\u0443\u0437\u0435\u0440\u0430 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f.\n\n\u00ab\u0418\u0441\u043a\u0443\u0441\u043d\u044b\u0439 \u0434\u0438\u0437\u0430\u0439\u043d Exploit Kit \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0435\u043c\u0443 \u0437\u0430\u0440\u0430\u0436\u0430\u0442\u044c \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430 \u043f\u0440\u0430\u043a\u0442\u0438\u0447\u0435\u0441\u043a\u0438 \u0431\u0435\u0437 \u0432\u0437\u0430\u0438\u043c\u043e\u0434\u0435\u0439\u0441\u0442\u0432\u0438\u044f \u0441 \u043a\u043e\u043d\u0435\u0447\u043d\u044b\u043c \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u043c. \u041c\u0435\u0436\u0434\u0443 \u0442\u0435\u043c, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u043f\u0440\u043e\u043a\u0441\u0438-\u0441\u0435\u0440\u0432\u0435\u0440\u043e\u0432 \u0437\u0430\u0442\u0440\u0443\u0434\u043d\u044f\u0435\u0442 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0438\u0435 \u0437\u0430\u0440\u0430\u0436\u0435\u043d\u0438\u044f\u00bb, \u2014 \u0433\u043e\u0432\u043e\u0440\u044f\u0442 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438.\n\n\u0421 \u043c\u043e\u043c\u0435\u043d\u0442\u0430 \u043f\u043e\u044f\u0432\u043b\u0435\u043d\u0438\u044f \u0432 2014 \u0433\u043e\u0434\u0443 \u0431\u044b\u043b\u043e \u0437\u0430\u043c\u0435\u0447\u0435\u043d\u043e, \u0447\u0442\u043e RIG EK \u043f\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 \u0448\u0438\u0440\u043e\u043a\u0438\u0439 \u0441\u043f\u0435\u043a\u0442\u0440 \u0444\u0438\u043d\u0430\u043d\u0441\u043e\u0432\u044b\u0445 \u0442\u0440\u043e\u044f\u043d\u043e\u0432, \u043f\u043e\u0445\u0438\u0442\u0438\u0442\u0435\u043b\u0435\u0439 \u0438 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c-\u0432\u044b\u043c\u043e\u0433\u0430\u0442\u0435\u043b\u0435\u0439, \u0442\u0430\u043a\u0438\u0445 \u043a\u0430\u043a AZORult, CryptoBit, Dridex, Raccoon Stealer \u0438 WastedLoader. \u041e\u0434\u043d\u0430\u043a\u043e \u0432 2017 \u043f\u043e \u0438\u043d\u0444\u0440\u0430\u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u0435 RIG \u0431\u044b\u043b \u043d\u0430\u043d\u0435\u0441\u0435\u043d \u043e\u0433\u0440\u043e\u043c\u043d\u044b\u0439 \u0443\u0434\u0430\u0440 \u043f\u043e\u0441\u043b\u0435 \u0440\u044f\u0434\u0430 \u0441\u043a\u043e\u043e\u0440\u0434\u0438\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0445 \u0434\u0435\u0439\u0441\u0442\u0432\u0438\u0439 \u043a\u0440\u0443\u043f\u043d\u044b\u0445 \u043e\u0440\u0433\u0430\u043d\u0438\u0437\u0430\u0446\u0438\u0439 \u0432 \u043e\u0442\u0440\u0430\u0441\u043b\u0438 \u043a\u0438\u0431\u0435\u0440\u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438. \u041d\u0430 \u0432\u0440\u0435\u043c\u044f \u044d\u0442\u043e \u043f\u0440\u0438\u043e\u0441\u0442\u0430\u043d\u043e\u0432\u0438\u043b\u043e \u0430\u043a\u0442\u0438\u0432\u043d\u043e\u0441\u0442\u044c \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u043e\u0439 \u043a\u0430\u043c\u043f\u0430\u043d\u0438\u0438.\n\n\u041d\u0435\u0434\u0430\u0432\u043d\u0438\u0435 \u043a\u0430\u043c\u043f\u0430\u043d\u0438\u0438 RIG EK \u0431\u044b\u043b\u0438 \u043d\u0430\u0446\u0435\u043b\u0435\u043d\u044b \u043d\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c Internet Explorer \u043f\u043e\u0434 \u0438\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440\u043e\u043c CVE-2021-26411. \u0421 \u0435\u0451 \u043f\u043e\u043c\u043e\u0449\u044c\u044e \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u043b\u043e\u0441\u044c \u0440\u0430\u0437\u0432\u0451\u0440\u0442\u044b\u0432\u0430\u043d\u0438\u0435 RedLine Stealer. \u0414\u0440\u0443\u0433\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u043c\u044b\u0435 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u043c \u041f\u041e, \u0432\u043a\u043b\u044e\u0447\u0430\u044e\u0442: CVE-2013-2551, CVE-2014-6332, CVE-2015-0313, CVE-2015-2419, CVE -2016-0189, CVE-2018-8174, CVE-2019-0752, \u0438 CVE-2020-0674.\n\n\u00ab\u0418\u043d\u0442\u0435\u0440\u0435\u0441\u043d\u043e, \u0447\u0442\u043e \u043a\u043e\u043b\u0438\u0447\u0435\u0441\u0442\u0432\u043e \u043f\u043e\u043f\u044b\u0442\u043e\u043a \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u044f \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u043e\u0432 \u0431\u044b\u043b\u043e \u0441\u0430\u043c\u044b\u043c \u0432\u044b\u0441\u043e\u043a\u0438\u043c \u0432\u043e \u0432\u0442\u043e\u0440\u043d\u0438\u043a, \u0441\u0440\u0435\u0434\u0443 \u0438 \u0447\u0435\u0442\u0432\u0435\u0440\u0433, \u043f\u0440\u0438\u0447\u0435\u043c \u0443\u0441\u043f\u0435\u0448\u043d\u044b\u0435 \u0437\u0430\u0440\u0430\u0436\u0435\u043d\u0438\u044f \u043f\u0440\u043e\u0438\u0441\u0445\u043e\u0434\u0438\u043b\u0438 \u0432 \u043e\u0434\u043d\u0438 \u0438 \u0442\u0435 \u0436\u0435 \u0434\u043d\u0438 \u043d\u0435\u0434\u0435\u043b\u0438\u00bb, \u2014 \u0441\u043e\u043e\u0431\u0449\u0438\u043b\u0438 \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u0438\u0441\u0442\u044b.\n\n\u00ab\u0412 \u0446\u0435\u043b\u043e\u043c, RIG EK \u0432\u0435\u0434\u0451\u0442 \u043e\u0447\u0435\u043d\u044c \u043f\u043b\u043e\u0434\u043e\u0442\u0432\u043e\u0440\u043d\u044b\u0439 \u0431\u0438\u0437\u043d\u0435\u0441 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u043e\u0432 \u043a\u0430\u043a \u0443\u0441\u043b\u0443\u0433\u0438, \u0438\u043c\u0435\u044f \u0436\u0435\u0440\u0442\u0432 \u043f\u043e \u0432\u0441\u0435\u043c\u0443 \u043c\u0438\u0440\u0443, \u0432\u044b\u0441\u043e\u043a\u043e\u044d\u0444\u0444\u0435\u043a\u0442\u0438\u0432\u043d\u044b\u0439 \u0430\u0440\u0441\u0435\u043d\u0430\u043b \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u043e\u0432 \u0438 \u043c\u043d\u043e\u0436\u0435\u0441\u0442\u0432\u043e \u043a\u043b\u0438\u0435\u043d\u0442\u043e\u0432 \u0441 \u043f\u043e\u0441\u0442\u043e\u044f\u043d\u043d\u043e \u043e\u0431\u043d\u043e\u0432\u043b\u044f\u0435\u043c\u044b\u043c \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u043c \u041f\u041e\u00bb, \u2014 \u043f\u043e\u0434\u0432\u0435\u043b\u0438 \u0438\u0442\u043e\u0433 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 PRODAFT.\n\n#RIGExploitKit #\u0412\u0440\u0435\u0434\u043e\u043d\u043e\u0441\n\n\ud83d\udd14 ITsec NEWS", "creation_timestamp": "2023-02-28T13:24:28.000000Z"}, {"uuid": "03c86bb8-62ea-4fe1-aad8-be3edba0138f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2018-8174", "type": "published-proof-of-concept", "source": "https://t.me/antichat/1518", "content": "#windows #exploit #\u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f\n\nRCE \u0447\u0435\u0440\u0435\u0437 VBScript \u0432 IE 11 \u0438 MS Office\n\n\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2018-8174 \u0432 Windows VBScript Engine \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0439 \u043a\u043e\u0434 \u0441 \u043f\u0440\u0430\u0432\u0430\u043c\u0438 \u0442\u0435\u043a\u0443\u0449\u0435\u0433\u043e \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f. \u041f\u0440\u0438 \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0438 \u043a\u043e\u0434\u0430 visual basic, \u0440\u0430\u0437\u0443\u043c\u0435\u0435\u0442\u0441\u044f. \u0412\u043e\u0442, \u043d\u0430\u043f\u0440\u0438\u043c\u0435\u0440, \u043c\u043e\u0434\u0443\u043b\u044c \u0434\u043b\u044f \u043c\u0435\u0442\u0430\u0441\u043f\u043b\u043e\u0439\u0442\u0430, \u0447\u0442\u043e\u0431\u044b \u0441\u043e\u0437\u0434\u0430\u0442\u044c doc \u0444\u0430\u0439\u043b \u0441 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u043e\u043c: https://github.com/0x09AL/CVE-2018-8174-msf (\u0442\u0430\u043c \u0435\u0441\u0442\u044c \u043e\u0433\u0440\u0430\u043d\u0438\u0447\u0435\u043d\u0438\u0435 - \u0434\u043b\u044f 32-\u0431\u0438\u0442\u043d\u043e\u0433\u043e Microsoft Office). \u0418\u043b\u0438 .html, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0435\u0442 \u043a\u043e\u0434 \u043f\u0440\u0438 \u0437\u0430\u043f\u0443\u0441\u043a\u0435 \u0447\u0435\u0440\u0435\u0437 IE 11 \u043d\u0430 Windows 7: https://packetstormsecurity.com/files/147877/msie11vbscript-exec.txt.\n\n\u0420\u0430\u0437\u0443\u043c\u0435\u0435\u0442\u0441\u044f, Microsoft \u0443\u0436\u0435 \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0430 \u0430\u043f\u0434\u0435\u0439\u0442\u044b, \u0441\u043f\u0438\u0441\u043e\u043a \u043d\u043e\u043c\u0435\u0440\u043e\u0432 KB: https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8174", "creation_timestamp": "2018-05-28T07:47:49.000000Z"}, {"uuid": "dad309c9-f8e3-4628-b6a5-b37da9073065", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2018-8174", "type": "seen", "source": "https://t.me/arpsyndicate/245", "content": "#ExploitObserverAlert\n\nCVE-2018-8174\n\nDESCRIPTION: Exploit Observer has 76 entries related to CVE-2018-8174. A remote code execution vulnerability exists in the way that the VBScript engine handles objects in memory, aka \"Windows VBScript Engine Remote Code Execution Vulnerability.\" This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers.\n\nFIRST-EPSS: 0.974410000\nNVD-IS: 5.9\nNVD-ES: 1.6", "creation_timestamp": "2023-11-17T09:04:54.000000Z"}, {"uuid": "8b9c6d2b-3699-4162-b1ca-e58e88e91e38", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2018-8174", "type": "published-proof-of-concept", "source": "https://t.me/cKure/329", "content": "https://securelist.com/delving-deep-into-vbscript-analysis-of-cve-2018-8174-exploitation/86333/", "creation_timestamp": "2018-07-17T21:35:10.000000Z"}, {"uuid": "0bb12a85-6e60-4a49-9af9-4df83a351be0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2018-8174", "type": "seen", "source": "https://t.me/arpsyndicate/1267", "content": "#ExploitObserverAlert\n\nCVE-2018-8174\n\nDESCRIPTION: Exploit Observer has 76 entries related to CVE-2018-8174. A remote code execution vulnerability exists in the way that the VBScript engine handles objects in memory, aka \"Windows VBScript Engine Remote Code Execution Vulnerability.\" This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers.\n\nFIRST-EPSS: 0.974330000\nNVD-IS: 5.9\nNVD-ES: 1.6", "creation_timestamp": "2023-12-04T17:51:51.000000Z"}, {"uuid": "94eea410-ea79-409f-8ee2-2608a0267d18", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2018-8174", "type": "seen", "source": "https://t.me/is_n3ws/34", "content": "\u200c\u041a\u043e\u043c\u0430\u043d\u0434\u0430 Recorded Future \u043f\u0440\u043e\u0448\u0435\u0440\u0441\u0442\u0438\u043b\u0430 \u0440\u0435\u043f\u043e\u0437\u0438\u0442\u043e\u0440\u0438\u0438, \u0434\u0430\u0440\u043a\u0432\u0435\u0431 \u0438 \u0441\u043e\u0441\u0442\u0430\u0432\u0438\u043b\u0430 \u0441\u043f\u0438\u0441\u043e\u043a \u043d\u0430\u0438\u0431\u043e\u043b\u0435\u0435 \u0447\u0430\u0441\u0442\u043e \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u0435\u043c\u044b\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u043f\u043e \u0433\u043e\u0434\u0430\u043c.\u00a0\n\n\n\u200b\u200bCVE-2018-15982\nis a use-after-free in the Flash\u2019s file package com.adobe.tvsdk.mediacore.metadata that can be exploited to deliver and execute malicious code on a victim\u2019s computer. Exploit vector: rtf document with flash object.\n\nCVE-2018-8174\nWindows VBScript Engine Remote Code Execution Vulnerability. Exploit vector:\u00a0 An attacker could embed an ActiveX control marked \"safe for initialization\" in an application or Microsoft Office document.\n\nCVE-2017-11882\nVulnerability in an older version of the Office Equation Editor. Exploit vector: RTF file downloads and runs multiple scripts of different types (VBScript, PowerShell, PHP, others) to download the payload.\n\nCVE-2018-4878\nFlash Player vulnerability. Exploit vector: The Excel file carrying an embedded SWF file with the exploit.\n\nCVE-2019-0752\nA remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer. Exploit vector: In a web-based attack scenario, an attacker could host a specially crafted website that is designed to exploit the vulnerability through Internet Explorer and then convince a user to view the website. An attacker could also embed an ActiveX control marked \"safe for initialization\" in an application or Microsoft Office document that hosts the IE rendering engine.\n\nCVE-2017-0199\nMS Office zero-day vulnerability. Exploit vector: Microsoft Word RTF (Rich Text Format) document.\n\nCVE-2015-2419\nJScript 9 in Microsoft Internet Explorer 10 and 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka \"JScript9 Memory Corruption Vulnerability.\"\n\nCVE-2018-20250\nWinRAR vulnerability that allows attackers to extract a malicious executable to one of the Windows Startup folder to be executed every time the system is booted.\n\nCVE-2017-8750\nA remote code execution vulnerability exists in the way that Microsoft browsers access objects in memory.\u00a0 Exploit vector: An attacker could host a specially crafted website that is designed to exploit the vulnerability through Microsoft browsers.\n\nCVE-2012-0158\nA buffer overflow vulnerability in the\u00a0 ListView / TreeView ActiveX controls in the MSCOMCTL.OCX library. The malicious code can be triggered by a specially crafted DOC or RTF file for MS Office versions 2003, 2007 and 2010.\n\nhttps://www.helpnetsecurity.com/2020/02/06/most-exploited-vulnerabilities-2019/", "creation_timestamp": "2020-02-07T07:05:41.000000Z"}, {"uuid": "0066fbe5-699c-4779-8784-a105103224a1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2018-8174", "type": "exploited", "source": "https://t.me/information_security_channel/24061", "content": "Fallout is an exploit kit (EK) first identified at the end of August 2018. It was first seen as a part of a malvertising campaign affecting users in Japan, Korea, the Middle East, Southern Europe, and others in the Asia Pacific. Fallout was observed exploiting vulnerabilities CVE-2018-4878 and CVE-2018-8174 and distributing the Gandcrab ransomware to [\u2026]\nThe post Improved Fallout Exploit Kit \u2013 Now supports HTTPS and Flash exploit (CVE-2018-15982) (https://gbhackers.com/improved-fallout-exploit-kit/) appeared first on GBHackers On Security (https://gbhackers.com/).", "creation_timestamp": "2019-01-26T15:49:49.000000Z"}, {"uuid": "ee62f128-3de4-4bf5-ac00-be6a7b261339", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2018-8174", "type": "exploited", "source": "Telegram/xkvsuia3v6wPLppXOE2RXlBG5novh1iJQ2U04S6bWLolNFg", "content": "", "creation_timestamp": "2024-08-28T19:33:05.000000Z"}, {"uuid": "987001e0-2b11-441c-8912-d132fc342aa7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2018-8174", "type": "exploited", "source": "https://t.me/true_secator/1069", "content": "\u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u0438\u0437 \u044f\u043f\u043e\u043d\u0441\u043a\u043e\u0439 Trend Micro, \u0437\u0430\u0446\u0435\u043f\u0438\u043b\u0438 \u043a\u0438\u0431\u0435\u0440\u043e\u043f\u0435\u0440\u0430\u0446\u0438\u044e \u043d\u0435\u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043b\u0435\u043d\u043d\u043e\u0439 APT, \u043a\u043e\u0442\u043e\u0440\u0443\u044e \u043d\u0430\u0437\u0432\u0430\u043b\u0438 Operation Earth Kitsune.\n\n\u0414\u043b\u044f \u043d\u0430\u0447\u0430\u043b\u0430 \u043d\u0435\u043e\u0431\u0445\u043e\u0434\u0438\u043c\u043e \u0432\u0435\u0440\u043d\u0443\u0442\u044c\u0441\u044f \u043d\u0430 \u043f\u043e\u043b\u0442\u043e\u0440\u0430 \u0433\u043e\u0434\u0430 \u043d\u0430\u0437\u0430\u0434. \u0412 \u043c\u0430\u0440\u0442\u0435 2019 \u0433\u043e\u0434\u0430 \u044f\u043f\u043e\u043d\u0441\u043a\u0438\u0435 \u0440\u0435\u0441\u0435\u0440\u0447\u0435\u0440\u044b \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u043b\u0438 \u043d\u043e\u0432\u043e\u0435 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u043e\u0435 \u041f\u041e, \u043a\u043e\u0442\u043e\u0440\u043e\u043c\u0443 \u0434\u0430\u043b\u0438 \u0438\u043c\u044f SLUB. \u041e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u043b\u0438 \u0435\u0433\u043e \u043d\u0430 \u0432\u0437\u043b\u043e\u043c\u0430\u043d\u043d\u043e\u043c \u0441\u0430\u0439\u0442\u0435, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b\u0441\u044f \u0445\u0430\u043a\u0435\u0440\u0430\u043c\u0438 \u0432 \u0445\u043e\u0434\u0435 \u0442.\u043d. \u0430\u0442\u0430\u043a\u0438 \u043d\u0430 \u0432\u043e\u0434\u043e\u043f\u043e\u0439. \n\n\u041f\u043e\u0441\u0435\u0442\u0438\u0442\u0435\u043b\u0438 \u0432\u0437\u043b\u043e\u043c\u0430\u043d\u043d\u043e\u0433\u043e \u0440\u0435\u0441\u0443\u0440\u0441\u0430 (\u0441\u0443\u0434\u044f \u043f\u043e \u0432\u0441\u0435\u043c\u0443, \u043e\u043d \u0431\u044b\u043b \u043a\u0430\u043d\u0430\u0434\u0441\u043a\u0438\u0439), \u043f\u043e\u0441\u0432\u044f\u0449\u0435\u043d\u043d\u043e\u0433\u043e \u0441\u0435\u0432\u0435\u0440\u043e\u043a\u043e\u0440\u0435\u0439\u0441\u043a\u043e\u0439 \u0442\u0435\u043c\u0430\u0442\u0438\u043a\u0435, \u0437\u0430\u0440\u0430\u0436\u0430\u043b\u0438\u0441\u044c \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 CVE-2018-8174, \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 \u0434\u0432\u0438\u0436\u043a\u0435 VBScript, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0432\u0448\u0435\u0439 \u043e\u0441\u0443\u0449\u0435\u0441\u0442\u0432\u0438\u0442\u044c RCE.\n\n\u0421\u0430\u043c\u0430 \u0441\u0445\u0435\u043c\u0430 \u0437\u0430\u0440\u0430\u0436\u0435\u043d\u0438\u044f \u0431\u044b\u043b\u0430 \u043c\u043d\u043e\u0433\u043e\u044d\u0442\u0430\u043f\u043d\u0430 - \u0441\u043d\u0430\u0447\u0430\u043b\u0430 \u0437\u0430\u0433\u0440\u0443\u0436\u0430\u043b\u0441\u044f \u0441\u0432\u043e\u0435\u043e\u0431\u0440\u0430\u0437\u043d\u044b\u0439 \u0440\u0430\u0437\u0432\u0435\u0434\u0447\u0438\u043a, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u0434\u0435\u0442\u0435\u043a\u0442\u0438\u0440\u043e\u0432\u0430\u043b \u0430\u043d\u0442\u0438\u0432\u0438\u0440\u0443\u0441\u043d\u044b\u0435 \u043f\u0440\u043e\u0446\u0435\u0441\u0441\u044b \u0438, \u0432 \u0441\u043b\u0443\u0447\u0430\u0435 \u0438\u0445 \u043d\u0430\u0445\u043e\u0436\u0434\u0435\u043d\u0438\u044f, \u0437\u0430\u0432\u0435\u0440\u0448\u0430\u043b \u0441\u0432\u043e\u044e \u0440\u0430\u0431\u043e\u0442\u0443. \u0415\u0441\u043b\u0438 \u0430\u0442\u0430\u043a\u043e\u0432\u0430\u043d\u043d\u044b\u0439 \u0445\u043e\u0441\u0442 \u0431\u044b\u043b \u0447\u0438\u0441\u0442, \u0442\u043e \u0434\u0430\u043b\u0435\u0435 \u0437\u0430\u0433\u0440\u0443\u0436\u0430\u043b\u0441\u044f \u043e\u0441\u043d\u043e\u0432\u043d\u043e\u0439 \u043c\u043e\u0434\u0443\u043b\u044c, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u0437\u0430\u043d\u0438\u043c\u0430\u043b\u0441\u044f \u0441\u0431\u043e\u0440\u043e\u043c \u0438 \u044d\u043a\u0441\u0444\u0438\u043b\u044c\u0442\u0440\u0430\u0446\u0438\u0435\u0439 \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438.\n\n\u041e\u0434\u043d\u043e\u0439 \u0438\u0437 \u0437\u0430\u0446\u0435\u043f\u043e\u043a, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0435\u0439 \u0445\u043e\u0442\u044c \u043a\u0430\u043a-\u0442\u043e \u043a\u043e\u0441\u0432\u0435\u043d\u043d\u043e \u0441\u0443\u0434\u0438\u0442\u044c \u043e\u0431 \u0430\u0432\u0442\u043e\u0440\u0430\u0445 \u043a\u0438\u0431\u0435\u0440\u043a\u0430\u043c\u043f\u0430\u043d\u0438\u0438 \u0441\u0442\u0430\u043b \u0441\u0431\u043e\u0440 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043e\u043c \u0432\u0441\u0435\u0445 \u0434\u043e\u043a\u0443\u043c\u0435\u043d\u0442\u043e\u0432  \u0441 \u0440\u0430\u0441\u0448\u0438\u0440\u0435\u043d\u0438\u0435\u043c HWP, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u043c\u043e\u043c \u0434\u043b\u044f \u0445\u0440\u0430\u043d\u0435\u043d\u0438\u044f \u0442\u0435\u043a\u0441\u0442\u043e\u0432\u044b\u0445 \u0434\u043e\u043a\u0443\u043c\u0435\u043d\u0442\u043e\u0432 \u0441 \u043f\u043e\u0434\u0434\u0435\u0440\u0436\u043a\u043e\u0439 \u0445\u0430\u043d\u0433\u044b\u043b\u044c, \u043a\u043e\u0440\u0435\u0439\u0441\u043a\u043e\u0433\u043e \u043f\u0438\u0441\u044c\u043c\u0430.\n\n\u0423\u043d\u0438\u043a\u0430\u043b\u044c\u043d\u043e\u0439 \u043e\u043a\u0430\u0437\u0430\u043b\u0430\u0441\u044c \u0441\u0445\u0435\u043c\u0430 \u043a\u043e\u043c\u043c\u0443\u043d\u0438\u043a\u0430\u0446\u0438\u0438 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u0430 \u0441 \u0430\u0442\u0430\u043a\u0443\u044e\u0449\u0438\u043c\u0438. SLUB \u043f\u043e\u043b\u0443\u0447\u0430\u043b \u043a\u043e\u043c\u0430\u043d\u0434\u044b \u043f\u043e\u0441\u0440\u0435\u0434\u0441\u0442\u0432\u043e\u043c GitHub, \u043e\u0442\u0447\u0438\u0442\u044b\u0432\u0430\u043b\u0441\u044f \u043f\u043e \u0440\u0435\u0437\u0443\u043b\u044c\u0442\u0430\u0442\u0430\u043c \u0438\u0445 \u0438\u0441\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u0447\u0435\u0440\u0435\u0437 \u0437\u0430\u043a\u0440\u044b\u0442\u044b\u0439 \u0447\u0430\u0442 \u043c\u0435\u0441\u0441\u0435\u043d\u0434\u0436\u0435\u0440\u0430 Slack, \u0430 \u044d\u043a\u0441\u0444\u0438\u043b\u044c\u0442\u0440\u0430\u0446\u0438\u044e \u0444\u0430\u0439\u043b\u043e\u0432 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u043b \u043d\u0430 file .io.\n\n\u041f\u043e\u0441\u043b\u0435 \u044d\u0442\u043e\u0433\u043e SLUB \u043d\u0435 \u0432\u0441\u043f\u043b\u044b\u0432\u0430\u043b \u0433\u043e\u0434. \u0410 \u0443\u0436\u0435 \u0432 \u043c\u0430\u0440\u0442\u0435, \u043c\u0430\u0435 \u0438 \u0441\u0435\u043d\u0442\u044f\u0431\u0440\u0435 \u0442\u0435\u043a\u0443\u0449\u0435\u0433\u043e \u0433\u043e\u0434\u0430 \u0431\u044b\u043b \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d \u043d\u043e\u0432\u044b\u0439 \u0432\u0430\u0440\u0438\u0430\u043d\u0442 \u044d\u0442\u043e\u0433\u043e \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u0430. \u0420\u0430\u0441\u043f\u0440\u043e\u0441\u0442\u0440\u0430\u043d\u044f\u043b\u0441\u044f \u043e\u043d \u043e\u043f\u044f\u0442\u044c \u0436\u0435 \u0447\u0435\u0440\u0435\u0437 \u0432\u043e\u0434\u043e\u043f\u043e\u0439 - \u0441\u043d\u043e\u0432\u0430 \u0431\u044b\u043b\u0438 \u0432\u0437\u043b\u043e\u043c\u0430\u043d\u044b \u043d\u0435\u0441\u043a\u043e\u043b\u044c\u043a\u043e \u0441\u0430\u0439\u0442\u043e\u0432, \u043f\u043e\u0441\u0432\u044f\u0449\u0435\u043d\u043d\u044b\u0445 \u0441\u0435\u0432\u0435\u0440\u043e\u043a\u043e\u0440\u0435\u0439\u0441\u043a\u043e\u0439 \u0442\u0435\u043c\u0430\u0442\u0438\u043a\u0435. \u0418 \u043c\u043e\u0436\u043d\u043e \u0431\u044b\u043b\u043e \u0431\u044b \u0441 \u0434\u043e\u0441\u0442\u0430\u0442\u043e\u0447\u043d\u043e\u0439 \u0443\u0432\u0435\u0440\u0435\u043d\u043d\u043e\u0441\u0442\u044c\u044e \u043a\u0438\u0432\u0430\u0442\u044c \u0432 \u0441\u0442\u043e\u0440\u043e\u043d\u0443 \u0445\u0430\u043a\u0435\u0440\u043e\u0432 \u041a\u041d\u0414\u0420, \u0435\u0441\u043b\u0438 \u0431\u044b \u043d\u0435 \u043e\u0434\u043d\u043e \u043d\u043e - \u043d\u0430 \u0440\u044f\u0434\u0435 \u0440\u0435\u0441\u0443\u0440\u0441\u043e\u0432 \u0431\u044b\u043b\u0438 \u0437\u0430\u0431\u043b\u043e\u043a\u0438\u0440\u043e\u0432\u0430\u043d\u044b IP-\u0434\u0438\u0430\u043f\u0430\u0437\u043e\u043d\u044b \u042e\u0436\u043d\u043e\u0439 \u041a\u043e\u0440\u0435\u0438. \u0422\u043e \u0435\u0441\u0442\u044c \u044e\u0436\u043d\u043e\u043a\u043e\u0440\u0435\u0439\u0441\u043a\u0438\u0435 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u043d\u0435 \u0431\u044b\u043b\u0438 \u0446\u0435\u043b\u044c\u044e \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u0438 Earth Kitsune.\n\n\u0412 \u043f\u0440\u043e\u0446\u0435\u0441\u0441\u0435 \u0437\u0430\u0440\u0430\u0436\u0435\u043d\u0438\u044f \u043f\u043e\u0441\u0435\u0442\u0438\u0442\u0435\u043b\u0435\u0439 \u0441\u0430\u0439\u0442\u043e\u0432 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b\u0438 1-day \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 Chrome \u0438 IE. \u0412\u043c\u0435\u0441\u0442\u0435 \u0441 SLUB \u0447\u0435\u0440\u0435\u0437 \u0432\u0437\u043b\u043e\u043c\u0430\u043d\u043d\u044b\u0435 \u0441\u0430\u0439\u0442\u044b \u0440\u0430\u0441\u043f\u0440\u043e\u0441\u0442\u0440\u0430\u043d\u044f\u043b\u0438\u0441\u044c \u0435\u0449\u0435 \u0434\u0432\u0430 \u0430\u0432\u0442\u043e\u0440\u0441\u043a\u0438\u0445 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u0430, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u044f\u043f\u043e\u043d\u0441\u043a\u0438\u0435 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u043d\u0430\u0437\u0432\u0430\u043b\u0438 dneSpy \u0438 agfSpy. \u041e\u043d\u0438 \u0442\u0430\u043a\u0436\u0435 \u043f\u0440\u0435\u0434\u043d\u0430\u0437\u043d\u0430\u0447\u0435\u043d\u044b \u0434\u043b\u044f \u043f\u043e\u0438\u0441\u043a\u0430 \u0438 \u0441\u0431\u043e\u0440\u0430 \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438 \u0441 \u0430\u0442\u0430\u043a\u043e\u0432\u0430\u043d\u043d\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c.\n\n\u0418\u0437\u043c\u0435\u043d\u0435\u043d\u0438\u044f \u043a\u043e\u0441\u043d\u0443\u043b\u0438\u0441\u044c \u0438 \u0441\u0430\u043c\u043e\u0433\u043e SLUB - \u0432 \u044d\u0442\u043e\u0442 \u0440\u0430\u0437 \u0434\u043b\u044f \u043a\u043e\u043c\u043c\u0443\u043d\u0438\u043a\u0430\u0446\u0438\u0438 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b \u043e\u043f\u0435\u043d\u0441\u043e\u0440\u0441\u043d\u044b\u0439 \u043e\u043d\u043b\u0430\u0439\u043d-\u0447\u0430\u0442 Mattermost, \u0430 \u0442\u0430\u043a\u0436\u0435 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u043e\u0432\u0430\u043b \u043d\u0435\u0441\u043a\u043e\u043b\u044c\u043a\u043e \u0441\u0432\u0435\u0436\u0438\u0445 1-day \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439.\n\n\u041d\u043e\u0432\u044b\u0445 \u0434\u0430\u043d\u043d\u044b\u0445 \u0432 \u043e\u0442\u043d\u043e\u0448\u0435\u043d\u0438\u0438 \u0441\u0442\u043e\u044f\u0449\u0435\u0439 \u0437\u0430 SLUB \u0445\u0430\u043a\u0435\u0440\u0441\u043a\u043e\u0439 \u0433\u0440\u0443\u043f\u043f\u044b Trend Micro \u043d\u0435 \u043f\u043e\u043b\u0443\u0447\u0438\u043b\u0438. \u041f\u043e\u044d\u0442\u043e\u043c\u0443, \u0441 \u0443\u0447\u0435\u0442\u043e\u043c \u043d\u0435\u043f\u043e\u043d\u044f\u0442\u043d\u044b\u0445 \u043c\u043e\u043c\u0435\u043d\u0442\u043e\u0432 \u0432 \u0432\u044b\u0431\u043e\u0440\u0435 \u0446\u0435\u043b\u0435\u0439 \u0434\u043b\u044f \u0432\u0437\u043b\u043e\u043c\u0430, \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u044f Earth Kitsune \u0432\u044b\u0433\u043b\u044f\u0434\u0438\u0442 \u043a\u0440\u0430\u0439\u043d\u0435 \u0441\u0442\u0440\u0430\u043d\u043d\u043e. \n\n\u0422\u0430\u043a\u043e\u0439 \u0432\u043e\u0442 \u043e\u043d \u0437\u0430\u0433\u0430\u0434\u043e\u0447\u043d\u044b\u0439, \u043c\u0438\u0440 APT.", "creation_timestamp": "2020-10-21T16:53:35.000000Z"}, {"uuid": "187c8dd2-f3be-4a0c-b850-0117b996fa03", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2018-8174", "type": "exploited", "source": "https://t.me/information_security_channel/17069", "content": "CVE-2018-8174 : Windows VBScript Engine Remote Code Execution Vulnerability \u2013 An advisory by Quick Heal Security Labs\nhttp://blogs.quickheal.com/cve-2018-8174-windows-vbscript-engine-remote-code-execution-vulnerability-advisory-quick-heal-security-labs/\n\nThe recent zero-day vulnerability in Windows VBScript Engine (CVE-2018-8174), enables attackers to perform\u00a0a\u00a0remote code execution on targeted machines. Microsoft has released a security advisory\u00a0CVE-2018-8174\u00a0on May 8, 2018, to address this issue. According to\u00a0Microsoft, it impacts most of the Windows Operating Systems. Vulnerable versions Windows 7 x86 and x64 versions Windows\u2026", "creation_timestamp": "2018-05-10T14:51:08.000000Z"}, {"uuid": "285f7442-3231-4ee8-ac4b-0b7f302000a3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2018-8174", "type": "exploited", "source": "https://t.me/SecLabNews/4461", "content": "\u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0438 Trend Micro \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u043b\u0438 \u0440\u0430\u043d\u0435\u0435 \u043d\u0435\u0438\u0437\u0432\u0435\u0441\u0442\u043d\u044b\u0439 \u0431\u044d\u043a\u0434\u043e\u0440 SLUB, \u0437\u0430\u0438\u043d\u0442\u0435\u0440\u0435\u0441\u043e\u0432\u0430\u0432\u0448\u0438\u0439 \u0438\u0445 \u0441\u0440\u0430\u0437\u0443 \u043f\u043e \u0446\u0435\u043b\u043e\u043c\u0443 \u0440\u044f\u0434\u0443 \u043f\u0440\u0438\u0447\u0438\u043d. \u0412\u043e-\u043f\u0435\u0440\u0432\u044b\u0445, \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441 \u0440\u0430\u0441\u043f\u0440\u043e\u0441\u0442\u0440\u0430\u043d\u044f\u0435\u0442\u0441\u044f \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e \u0430\u0442\u0430\u043a watering hole. \u0414\u0430\u043d\u043d\u0430\u044f \u0442\u0435\u0445\u043d\u0438\u043a\u0430 \u043f\u0440\u0435\u0434\u043f\u043e\u043b\u0430\u0433\u0430\u0435\u0442 \u0432\u0437\u043b\u043e\u043c \u0441\u0430\u0439\u0442\u0430 \u0441 \u0446\u0435\u043b\u044c\u044e \u043f\u0435\u0440\u0435\u043d\u0430\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0435\u0433\u043e \u043f\u043e\u0441\u0435\u0442\u0438\u0442\u0435\u043b\u0435\u0439 \u043d\u0430 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0439 \u043a\u043e\u0434. \u0412 \u0441\u043b\u0443\u0447\u0430\u0435 \u0441 SLUB \u043a\u0430\u0436\u0434\u0430\u044f \u0436\u0435\u0440\u0442\u0432\u0430 \u043f\u0435\u0440\u0435\u043d\u0430\u043f\u0440\u0430\u0432\u043b\u044f\u0435\u0442\u0441\u044f \u0442\u043e\u043b\u044c\u043a\u043e \u043e\u0434\u0438\u043d \u0440\u0430\u0437. \u0417\u0430\u0440\u0430\u0436\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0438\u0441\u0445\u043e\u0434\u0438\u0442 \u0447\u0435\u0440\u0435\u0437 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 VBScript (CVE-2018-8174), \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043d\u0443\u044e Microsoft \u0432 \u043c\u0430\u0435 \u043f\u0440\u043e\u0448\u043b\u043e\u0433\u043e \u0433\u043e\u0434\u0430.    \n\u0420\u0430\u043d\u0435\u0435 \u043d\u0435\u0438\u0437\u0432\u0435\u0441\u0442\u043d\u044b\u0439 \u0431\u044d\u043a\u0434\u043e\u0440 SLUB \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442 \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u0443 Slack \u0432 \u043a\u043e\u043c\u043c\u0443\u043d\u0438\u043a\u0430\u0446\u0438\u043e\u043d\u043d\u044b\u0445 \u0446\u0435\u043b\u044f\u0445", "creation_timestamp": "2019-03-13T10:08:42.000000Z"}, {"uuid": "7c6700de-317c-4b97-a33a-46de45f87a8c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2018-8174", "type": "exploited", "source": "https://t.me/canyoupwnme/3745", "content": "The King is dead. Long live the King!\nRoot cause analysis of the latest Internet Explorer zero day \u2013 CVE-2018-8174\nhttps://securelist.com/root-cause-analysis-of-cve-2018-8174/85486/", "creation_timestamp": "2018-05-10T21:57:41.000000Z"}, {"uuid": "c47127b2-f40f-443b-92ec-dedf1e7885e4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2018-8174", "type": "exploited", "source": "https://t.me/canyoupwnme/3736", "content": "Root cause analysis of the latest Internet Explorer zero day \u2013 CVE-2018-8174\nhttps://securelist.com/root-cause-analysis-of-cve-2018-8174/85486/", "creation_timestamp": "2018-05-09T21:13:26.000000Z"}, {"uuid": "75ef7553-8964-4b37-bbde-1568efab6ea9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2018-8174", "type": "exploited", "source": "https://t.me/xakep_ru/3747", "content": "\u041d\u0430\u0431\u043e\u0440 \u044d\u043a\u0441\u043f\u043b\u043e\u0438\u0442\u043e\u0432 RIG \u0432\u0437\u044f\u043b \u043d\u0430 \u0432\u043e\u043e\u0440\u0443\u0436\u0435\u043d\u0438\u0435 \u0441\u0432\u0435\u0436\u0443\u044e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 Internet Explorer\n\n\u0410\u0432\u0442\u043e\u0440\u044b \u044d\u043a\u0441\u043f\u043b\u043e\u0438\u0442-\u043a\u0438\u0442\u0430 RIG \u0434\u043e\u0431\u0430\u0432\u0438\u043b\u0438 \u0432 \u0441\u0432\u043e\u0439 \u0430\u0440\u0441\u0435\u043d\u0430\u043b \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2018-8174, \u043d\u0435\u0434\u0430\u0432\u043d\u043e \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u043d\u0443\u044e \u0432 \u0441\u043e\u0441\u0442\u0430\u0432\u0435 VBScript, \u0441 \u043a\u043e\u0442\u043e\u0440\u044b\u043c \u0440\u0430\u0431\u043e\u0442\u0430\u044e\u0442 Internet Explorer \u0438 Microsoft Office.\n\nhttps://xakep.ru/2018/06/04/rig-new-cve/", "creation_timestamp": "2018-06-04T17:35:12.000000Z"}, {"uuid": "597a64ca-66b3-45da-a3ee-8b06d55c120d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2018-8174", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/60", "content": "#exploit\nNew vulnerabilities in Microsoft products\n\n1. CVE-2018-0802:\nEquation Editor in MS Office 2007, 2010, 2013, 2016 - RCE\nhttps://github.com/zldww2011/CVE-2018-0802_POC\n]-&gt; https://github.com/rxwx/CVE-2018-0802\nGenerate RTF exploit payload uses CVE-2017-11882, CVE-2017-8570, CVE-2018-0802, CVE-2018-8174\nhttps://github.com/dcsync/rtfkit\n\n2. CVE-2018-0824:\nRCE in \"Microsoft COM for Windows\"\nhttps://github.com/codewhitesec/UnmarshalPwn\n// This affects Win7, 8.1, 10, RT 8.1, Server 2012 R2, 2008/2008 R2, 2012, 2016\n\n3. CVE-2018-0886:\nCredSSP protocol in MS Windows Server 2008 SP2/R2 SP1, Win7 SP1, 8.1, RT 8.1, Server 2012/R2, Win10 Gold, 1511, 1607, 1703, 1709, Server 2016, 1709 - RCE\nhttps://github.com/preempt/credssp", "creation_timestamp": "2024-10-10T21:06:31.000000Z"}, {"uuid": "9e153458-300e-40a3-a3d2-e8a225e9d060", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2018-8174", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/66", "content": "#Malware_analysis\n1. Uncovering A PayPal Phishing Campaign\nhttp://www.deependresearch.org/2018/07/uncovering-paypal-phishing-campaign.html\n2. Java 7 0-Day vulnerability information and mitigation\nhttp://www.deependresearch.org/2012/08/java-7-0-day-vulnerability-information.html\n3. Delving deep into VBScript:\nAnalysis of CVE-2018-8174 exploitation\nhttps://securelist.com/delving-deep-into-vbscript-analysis-of-cve-2018-8174-exploitation/86333", "creation_timestamp": "2022-01-26T11:35:59.000000Z"}]}