{"vulnerability": "CVE-2020-1472", "sightings": [{"uuid": "ff04e558-99f3-4505-826e-b69c6838b85c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-1472", "type": "seen", "source": "MISP/e5e0a1d0-9ce0-400d-acdd-2a6c6f47bcb3", "content": "", "creation_timestamp": "2020-10-14T01:31:22.000000Z"}, {"uuid": "16e8778e-2832-4aa2-93aa-0608047d72ff", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-1472", "type": "seen", "source": "MISP/23e6786e-b796-48cc-8bb6-0e1ddb595c8a", "content": "", "creation_timestamp": "2020-10-16T06:26:38.000000Z"}, {"uuid": "d19ad9e0-b14e-4104-b906-2acdac67c7e2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-1472", "type": "seen", "source": "MISP/5f850411-c103-491f-abff-9421425403cf", "content": "", "creation_timestamp": "2020-10-21T08:19:11.000000Z"}, {"uuid": "1eff83ed-f3d8-4d0a-a401-de690c4fd8b1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-1472", "type": "seen", "source": "MISP/5b7316df-33f3-4e2e-95a2-55d4e7a8ee85", "content": "", "creation_timestamp": "2020-10-27T08:03:33.000000Z"}, {"uuid": "a71c27e7-6e0b-45b5-b9ad-19e755ce25e2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-1472", "type": "seen", "source": "MISP/ae5eefd4-2626-4235-bd09-9924685780bd", "content": "", "creation_timestamp": "2020-11-18T18:55:51.000000Z"}, {"uuid": "594bea82-53a7-4ba0-a237-be3e57f38f65", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-1472", "type": "seen", "source": "MISP/42d04e94-bf5b-427d-acc8-f5d740675941", "content": "", "creation_timestamp": "2020-10-20T15:57:21.000000Z"}, {"uuid": "a2771b54-121d-408e-97a0-b12b33e0b1a9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-1472", "type": "seen", "source": "MISP/453274cf-e60d-452a-b88e-0bf6a5a6dae4", "content": "", "creation_timestamp": "2020-10-13T06:50:38.000000Z"}, {"uuid": "9b6ab4ed-5c19-4c90-a6e9-bbbf08220743", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-1472", "type": "seen", "source": "MISP/b426aa9c-dc22-4a91-8213-f8d513405423", "content": "", "creation_timestamp": "2020-12-09T07:18:56.000000Z"}, {"uuid": "ec5df526-fbd0-48f7-a1fa-42e2e428395b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-1472", "type": "seen", "source": "MISP/e8363b57-fbf3-40fb-934f-00f1ebc415fd", "content": "", "creation_timestamp": "2020-09-25T10:00:23.000000Z"}, {"uuid": "482b8ae8-3ac3-4c00-a777-19ad370eb20b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-1472", "type": "seen", "source": "MISP/f5030aca-7d5a-43a4-ae03-8f4ac8e85422", "content": "", "creation_timestamp": "2021-11-08T08:58:19.000000Z"}, {"uuid": "ee7ba8c2-e11d-4480-af9a-0002fe79fbc7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-1472", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2021-11-20T09:53:52.000000Z"}, {"uuid": "7a407eb1-4ef0-4a68-99d7-43f1714163b3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-1472", "type": "seen", "source": "MISP/d925a2ee-e7cf-46f6-bec1-ad8e19122730", "content": "", "creation_timestamp": "2020-10-20T15:58:05.000000Z"}, {"uuid": "9ed2ac85-7eab-48a3-aa0c-694c29754802", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-1472", "type": "seen", "source": "MISP/eafff3bd-a5ac-4799-b860-febbeaf42a54", "content": "", "creation_timestamp": "2020-10-19T15:29:02.000000Z"}, {"uuid": "d323fd81-7d6f-44ae-8db9-43c3c1e6b78b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-1472", "type": "seen", "source": "MISP/09e89b96-7b85-4a49-9556-d6b25b6b93e5", "content": "", "creation_timestamp": "2020-10-19T15:30:03.000000Z"}, {"uuid": "818819c9-95a3-41b7-b407-3fb2be89d14d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-1472", "type": "seen", "source": "MISP/f628d96f-2958-4717-91da-e86aace4925d", "content": "", "creation_timestamp": "2020-10-13T15:16:18.000000Z"}, {"uuid": "60db31c5-941c-4242-980b-272dd3f631ca", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-1472", "type": "seen", "source": "MISP/8d121e04-9fcc-48d9-be88-3af090913786", "content": "", "creation_timestamp": "2020-10-22T19:44:04.000000Z"}, {"uuid": "d5e69d2d-395f-4ed3-95e5-b6a8af54717b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-1472", "type": "seen", "source": "MISP/73846acc-5c3e-48e2-9c0a-c9de0351c60e", "content": "", "creation_timestamp": "2020-11-07T03:00:07.000000Z"}, {"uuid": "2ef8a26a-6f15-4106-9877-a6b393f30126", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-1472", "type": "seen", "source": "MISP/5362d288-c25b-43e5-9311-2ddedfe84549", "content": "", "creation_timestamp": "2020-10-22T19:51:04.000000Z"}, {"uuid": "01fb1493-b55b-4629-aaa7-453e92d4a0e8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-1472", "type": "seen", "source": "MISP/1bf3b9ea-9716-4615-8718-2c6ec9a0d635", "content": "", "creation_timestamp": "2020-11-17T19:15:04.000000Z"}, {"uuid": "852037c3-14b3-4413-bde2-7d4a805e2e4e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-1472", "type": "seen", "source": "MISP/c7d9eed5-d71b-4433-8433-3db121149d72", "content": "", "creation_timestamp": "2020-11-21T03:00:06.000000Z"}, {"uuid": "819ffd2e-cce0-4a05-8284-dba1ebec956b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-1472", "type": "seen", "source": "MISP/44612345-f9b0-4600-ba82-7b8388a6592f", "content": "", "creation_timestamp": "2020-11-18T03:00:05.000000Z"}, {"uuid": "64d8c191-a278-4d50-8af3-dd58b57681ce", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-1472", "type": "seen", "source": "MISP/5b421c0a-3bc4-4bce-a7cc-daa036ea090b", "content": "", "creation_timestamp": "2021-09-16T11:20:21.000000Z"}, {"uuid": "89f473bb-c891-4070-a071-222258aa5e7c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-1472", "type": "seen", "source": "MISP/99138053-ae5d-4bcf-b2f8-0954edb204bc", "content": "", "creation_timestamp": "2022-11-01T20:54:34.000000Z"}, {"uuid": "ea2a19ce-24d7-48a2-bf02-de8515b6a050", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-1472", "type": "seen", "source": "MISP/be3a3889-2c18-4d6d-ae57-71ae24e32512", "content": "", "creation_timestamp": "2023-01-10T20:08:12.000000Z"}, {"uuid": "5e7dd05c-f0eb-45a2-bceb-641d59fed5ca", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-1472", "type": "seen", "source": "MISP/095ab3f1-cbae-4b5c-8534-34d42a458aa5", "content": "", "creation_timestamp": "2022-05-12T16:19:54.000000Z"}, {"uuid": "2a69030a-5ee7-479d-bff5-79814cfb016b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-1472", "type": "seen", "source": "MISP/63ddead6-4b82-414c-ad8e-c516b950b446", "content": "", "creation_timestamp": "2021-10-25T22:32:43.000000Z"}, {"uuid": "24e76273-7f67-4832-a60c-5a5e82f438b8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-1472", "type": "seen", "source": "MISP/aaf97b2c-ad16-4ce6-928a-a440112d0fd3", "content": "", "creation_timestamp": "2024-09-16T19:13:31.000000Z"}, {"uuid": "fde39615-f1b9-411f-b6d2-aaf9015fa2f2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-1472", "type": "seen", "source": "MISP/8a5d9ef7-0fae-4fcc-a606-d3701ec5f0e0", "content": "", "creation_timestamp": "2024-10-15T11:39:19.000000Z"}, {"uuid": "44d4f17c-a78d-4f27-b59c-a79c0aa2522a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-1472", "type": "seen", "source": "MISP/ad5af8e7-0c4c-4b64-b36d-1c80910c1140", "content": "", "creation_timestamp": "2023-06-23T06:24:08.000000Z"}, {"uuid": "57511465-1caa-4875-be29-7bdf188952f1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-1472", "type": "seen", "source": "MISP/cec219ff-8f6d-45c9-bdbb-b4fb8c9c0f2b", "content": "", "creation_timestamp": "2023-09-20T10:39:36.000000Z"}, {"uuid": "15e9b780-03a9-416a-8443-b69ca916fe41", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-1472", "type": "seen", "source": "https://infosec.exchange/users/screaminggoat/statuses/113549922551599234", "content": "", "creation_timestamp": "2024-11-26T15:18:37.016075Z"}, {"uuid": "55499d09-71df-4746-9ee4-beb5c2a5b569", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-1472", "type": "seen", "source": "https://msrc.microsoft.com/blog/2020/10/attacks-exploiting-netlogon-vulnerability-cve-2020-1472/", "content": "", "creation_timestamp": "2020-10-29T06:00:00.000000Z"}, {"uuid": "1106f773-c455-4503-be34-770bd195aa02", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-1472", "type": "seen", "source": "https://msrc.microsoft.com/blog/2021/01/netlogon-domain-controller-enforcement-mode-is-enabled-by-default-beginning-with-the-february-9-2021-security-update-related-to-cve-2020-1472/", "content": "", "creation_timestamp": "2021-01-14T07:00:00.000000Z"}, {"uuid": "5e5788fd-0b78-47ee-b182-60191dc7e286", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-1472", "type": "seen", "source": "https://feedsin.space/feed/CISAKevBot/items/2970987", "content": "", "creation_timestamp": "2024-12-24T20:22:42.015800Z"}, {"uuid": "40576f4e-7f74-4acd-80ba-2253e8fb5690", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-1472", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-06T03:13:44.000000Z"}, {"uuid": "0c7453f8-c4a8-4aa1-ae74-d4c7b36685e3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-1472", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-23T04:10:24.000000Z"}, {"uuid": "d11546de-49bd-4b70-8fdc-c5f62f738559", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-1472", "type": "seen", "source": "https://bsky.app/profile/hackingne.ws/post/3li5i54s5sp2p", "content": "", "creation_timestamp": "2025-02-14T15:06:51.072405Z"}, {"uuid": "df07fbf7-ce61-4588-8df6-e9348262b4b2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-1472", "type": "seen", "source": "https://gist.github.com/strikoder/f854b31c91949abacdb498901cb0a548", "content": "", "creation_timestamp": "2025-06-28T11:13:37.000000Z"}, {"uuid": "2ba6c1fe-1b4a-47d7-871b-6dbb0336e524", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-1472", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2025-02-23T02:09:46.000000Z"}, {"uuid": "6f391517-9977-40e2-8125-03a71262f83f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-1472", "type": "seen", "source": "MISP/23e6786e-b796-48cc-8bb6-0e1ddb595c8a", "content": "", "creation_timestamp": "2025-04-10T17:09:39.000000Z"}, {"uuid": "1b7a2624-6653-457f-8f8a-5041e2814228", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-1472", "type": "seen", "source": "https://sploitus.com/exploit?id=16D213D1-AD3C-5C18-AD6C-DE680A77E410&utm_source=rss&utm_medium=rss", "content": "", "creation_timestamp": "2025-10-04T20:29:19.000000Z"}, {"uuid": "6fadb6bb-149c-4f65-9234-ce74f227d953", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-1472", "type": "seen", "source": "https://poliverso.org/objects/0477a01e-7358d820-9e7295ee585c5d83", "content": "", "creation_timestamp": "2025-04-30T17:58:26.981690Z"}, {"uuid": "97069a27-402a-4bd6-8454-6caa1af047d1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-1472", "type": "seen", "source": "https://sploitus.com/exploit?id=16D213D1-AD3C-5C18-AD6C-DE680A77E410&utm_source=rss&utm_medium=rss", "content": "", "creation_timestamp": "2025-10-04T20:29:19.000000Z"}, {"uuid": "252a07bf-b52c-4651-b41d-914db14f2b8c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-1472", "type": "seen", "source": "https://sploitus.com/exploit?id=16D213D1-AD3C-5C18-AD6C-DE680A77E410&utm_source=rss&utm_medium=rss", "content": "", "creation_timestamp": "2025-10-04T20:29:19.000000Z"}, {"uuid": "7fdf30d7-6128-4264-9951-50f293bc18b1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-1472", "type": "seen", "source": "https://sploitus.com/exploit?id=16D213D1-AD3C-5C18-AD6C-DE680A77E410&utm_source=rss&utm_medium=rss", "content": "", "creation_timestamp": "2025-10-04T20:29:19.000000Z"}, {"uuid": "9be1c5b8-11fc-4504-bc06-037419b1ede3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-1472", "type": "seen", "source": "https://sploitus.com/exploit?id=16D213D1-AD3C-5C18-AD6C-DE680A77E410&utm_source=rss&utm_medium=rss", "content": "", "creation_timestamp": "2025-10-04T20:29:19.000000Z"}, {"uuid": "3c98e81d-64ff-45e6-8b01-c4a8ac7f0755", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-1472", "type": "seen", "source": "https://sploitus.com/exploit?id=16D213D1-AD3C-5C18-AD6C-DE680A77E410&utm_source=rss&utm_medium=rss", "content": "", "creation_timestamp": "2025-10-04T20:29:19.000000Z"}, {"uuid": "a229f62a-5fe4-4352-8226-6ef2f452a2e7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-1472", "type": "seen", "source": "https://sploitus.com/exploit?id=16D213D1-AD3C-5C18-AD6C-DE680A77E410&utm_source=rss&utm_medium=rss", "content": "", "creation_timestamp": "2025-10-04T20:29:19.000000Z"}, {"uuid": "bf57a0b1-ce8d-4cd5-abcf-3f9e477b11a7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-1472", "type": "seen", "source": "https://sploitus.com/exploit?id=16D213D1-AD3C-5C18-AD6C-DE680A77E410&utm_source=rss&utm_medium=rss", "content": "", "creation_timestamp": "2025-10-04T20:29:19.000000Z"}, {"uuid": "80578407-c893-4f73-b3ad-8edc7c15712e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-1472", "type": "seen", "source": "https://sploitus.com/exploit?id=16D213D1-AD3C-5C18-AD6C-DE680A77E410&utm_source=rss&utm_medium=rss", "content": "", "creation_timestamp": "2025-10-04T20:29:19.000000Z"}, {"uuid": "a51f6190-e101-45bc-82b4-f6c8edbe0089", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-1472", "type": "seen", "source": "https://sploitus.com/exploit?id=16D213D1-AD3C-5C18-AD6C-DE680A77E410&utm_source=rss&utm_medium=rss", "content": "", "creation_timestamp": "2025-10-04T20:29:19.000000Z"}, {"uuid": "53596fbd-8ca7-4b21-a9ad-d723a6484b78", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-1472", "type": "seen", "source": "https://sploitus.com/exploit?id=16D213D1-AD3C-5C18-AD6C-DE680A77E410&utm_source=rss&utm_medium=rss", "content": "", "creation_timestamp": "2025-10-04T20:29:19.000000Z"}, {"uuid": "00f2f825-e320-466d-af09-0b092f145431", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-1472", "type": "seen", "source": "https://sploitus.com/exploit?id=F382D9A5-C23A-5DED-AD53-95C063D21BCB", "content": "", "creation_timestamp": "2025-10-18T13:33:56.000000Z"}, {"uuid": "27549039-ca0c-4c9d-b04f-926a39af43be", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-1472", "type": "seen", "source": "https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/admin/dcerpc/cve_2020_1472_zerologon.rb", "content": "", "creation_timestamp": "2020-09-22T19:37:57.000000Z"}, {"uuid": "a3b5892b-1ff9-41bd-b6d8-518b2ff795ef", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-1472", "type": "seen", "source": "https://sploitus.com/exploit?id=16D213D1-AD3C-5C18-AD6C-DE680A77E410&utm_source=rss&utm_medium=rss", "content": "", "creation_timestamp": "2025-10-04T20:29:19.000000Z"}, {"uuid": "d0924c10-2014-4ed0-959b-832ca86b4413", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-1472", "type": "seen", "source": "MISP/d17bd6ef-d68b-317b-ac33-cdbc44c5fc57", "content": "", "creation_timestamp": "2025-08-31T03:12:46.000000Z"}, {"uuid": "7f47402b-1773-4567-821b-2cf35d447c96", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-1472", "type": "seen", "source": "https://poliverso.org/objects/0477a01e-c39acbe0-91886c343547fcce", "content": "", "creation_timestamp": "2025-12-05T12:35:58.738708Z"}, {"uuid": "b1cef8d7-331e-47b5-8e43-7e347cacebb1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-1472", "type": "seen", "source": "https://gist.github.com/strikoder/99635df00444bbf5fc90ca83ec8051a0", "content": "", "creation_timestamp": "2025-12-01T12:02:42.000000Z"}, {"uuid": "d56022af-7913-474b-afba-8121b0ff73f5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-1472", "type": "seen", "source": "MISP/ab0b745f-bbd5-338e-8b92-97dd0c757e9d", "content": "", "creation_timestamp": "2025-08-31T03:01:05.000000Z"}, {"uuid": "3ae6c0d0-ca45-4885-af72-d7bdeeaa479e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-1472", "type": "seen", "source": "https://poliverso.org/objects/0477a01e-1fdfda19-2805a58255f192e9", "content": "", "creation_timestamp": "2026-03-06T10:29:26.852538Z"}, {"uuid": "dc17aa6c-5a63-4834-becb-c3454bb95d76", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-1472", "type": "seen", "source": "MISP/8a5d9ef7-0fae-4fcc-a606-d3701ec5f0e0", "content": "", "creation_timestamp": "2026-01-09T20:17:31.000000Z"}, {"uuid": "c4c67c9d-f14b-4d68-baef-888b04b07874", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-1472", "type": "seen", "source": "https://bsky.app/profile/cvedatabase.bsky.social/post/3mfcqatvdov2h", "content": "", "creation_timestamp": "2026-02-20T18:26:01.955473Z"}, {"uuid": "e37ac697-74f4-40fe-956f-c6b3b1d36f50", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-1472", "type": "seen", "source": "https://gist.github.com/alon710/173eb4d5dfd9e2a8aa8dcc576ed70b11", "content": "", "creation_timestamp": "2026-02-06T23:50:06.000000Z"}, {"uuid": "7db3f012-f6a6-41a0-b5d3-e70ae290fa76", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2020-1472", "type": "seen", "source": "https://www.kyberturvallisuuskeskus.fi/fi/hyokkaystyokaluja-julkaistu-kriittiselle-zerologon-haavoittuvuudelle", "content": "", "creation_timestamp": "2020-09-18T06:16:13.000000Z"}, {"uuid": "01aa9133-798a-42f2-ac32-940491a6560e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "af0120d0-3dac-4a6a-974b-a9f33d2a9846", "vulnerability": "CVE-2020-1472", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/86cbdda0-193d-4704-a9ae-84f65cac147e", "content": "", "creation_timestamp": "2026-02-02T12:25:27.989822Z"}, {"uuid": "f3bf1e81-f654-4617-881f-ba84477e6386", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "c933734a-9be8-4142-889e-26e95c752803", "vulnerability": "CVE-2020-1472", "type": "seen", "source": "https://vulnerability.circl.lu/bundle/d41ef7ed-39b6-4408-a718-2c3bce5fc99e", "content": "", "creation_timestamp": "2025-03-03T08:51:11.190614Z"}, {"uuid": "b9e10817-9943-4727-8aa5-cd816ddc5dd7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "af0120d0-3dac-4a6a-974b-a9f33d2a9846", "vulnerability": "CVE-2020-1472", "type": "seen", "source": "https://vulnerability.circl.lu/bundle/fdda4963-0aa7-4d15-8a8f-969db8f304ca", "content": "", "creation_timestamp": "2025-02-28T23:49:13.272798Z"}, {"uuid": "1347fdf9-f4c9-41b6-9371-b54a9ee1a6fa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2020-1472", "type": "seen", "source": "https://www.govcert.gov.hk/en/alerts_detail.php?id=499", "content": "", "creation_timestamp": "2020-08-12T04:00:00.000000Z"}, {"uuid": "746ca620-7371-442f-88ca-2084ae6f0808", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2020-1472", "type": "seen", "source": "https://mastodon.social/users/verbrecher/statuses/115899541969537991", "content": "", "creation_timestamp": "2026-01-15T14:17:45.097945Z"}, {"uuid": "a824b9e3-c0d2-4f80-9354-c0cbf72070d2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-1472", "type": "seen", "source": "https://mastodon.social/users/verbrecher/statuses/115899549143144889", "content": "", "creation_timestamp": "2026-01-15T14:19:33.927368Z"}, {"uuid": "4b3fe1c0-f872-418e-8a18-026091cf454d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-1472", "type": "published-proof-of-concept", "source": "Telegram/uvU3gBnf9Z1WMovVGRRTdFZDjWMl1qRCMdPMKGqSGuqnW3I", "content": "", "creation_timestamp": "2025-12-06T15:00:08.000000Z"}, {"uuid": "7d5d2a69-e6fb-4f7d-a723-436db986935d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "af0120d0-3dac-4a6a-974b-a9f33d2a9846", "vulnerability": "CVE-2020-1472", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/f59984a2-fb70-4f3b-907e-489d2e9f1ee2", "content": "", "creation_timestamp": "2026-02-02T12:28:56.163404Z"}, {"uuid": "ed67ba6e-77e6-424e-9b3e-19e04bc7e025", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-1472", "type": "exploited", "source": "Telegram/4QOnyeYC_lTC0SMJQhtMgvSiM85xnm7m1QqUSxY6BArIyUs", "content": "", "creation_timestamp": "2025-12-23T21:00:05.000000Z"}, {"uuid": "8c06e567-a7c4-4987-92ed-3759339c05ee", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-1472", "type": "seen", "source": "https://t.me/itsec_news/5413", "content": "\u200b\u26a1\ufe0f600 \u0436\u0435\u0440\u0442\u0432 \u0437\u0430 \u0433\u043e\u0434: RansomHub \u2013 \u043d\u043e\u0432\u044b\u0439 \u043b\u0438\u0434\u0435\u0440 \u0432 \u0441\u0444\u0435\u0440\u0435 \u0432\u044b\u043c\u043e\u0433\u0430\u0442\u0435\u043b\u044c\u0441\u043a\u0438\u0445 \u0430\u0442\u0430\u043a\n\n\ud83d\udcac \u0412 2024 \u0433\u043e\u0434\u0443 \u043d\u0430 \u043a\u0438\u0431\u0435\u0440\u043f\u0440\u0435\u0441\u0442\u0443\u043f\u043d\u043e\u0439 \u0441\u0446\u0435\u043d\u0435 \u0441\u0442\u0440\u0435\u043c\u0438\u0442\u0435\u043b\u044c\u043d\u043e \u043f\u043e\u044f\u0432\u0438\u043b\u0441\u044f \u043d\u043e\u0432\u044b\u0439 \u0438\u0433\u0440\u043e\u043a \u2014 \u0433\u0440\u0443\u043f\u043f\u0438\u0440\u043e\u0432\u043a\u0430 RansomHub, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u0443\u0441\u043f\u0435\u043b\u0430 \u0430\u0442\u0430\u043a\u043e\u0432\u0430\u0442\u044c \u0443\u0436\u0435 \u0431\u043e\u043b\u0435\u0435 600 \u043e\u0440\u0433\u0430\u043d\u0438\u0437\u0430\u0446\u0438\u0439 \u043f\u043e \u0432\u0441\u0435\u043c\u0443 \u043c\u0438\u0440\u0443. \u041f\u043e \u0434\u0430\u043d\u043d\u044b\u043c \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u043d\u0438\u044f Group-IB, \u0433\u0440\u0443\u043f\u043f\u0430 RansomHub \u0437\u0430\u043f\u043e\u043b\u043d\u0438\u043b\u0430 \u0432\u044b\u043c\u043e\u0433\u0430\u0442\u0435\u043b\u044c\u0441\u043a\u0443\u044e \u043d\u0438\u0448\u0443 \u043f\u043e\u0441\u043b\u0435 \u043d\u0435\u0434\u0430\u0432\u043d\u0438\u0445 \u043d\u0430\u0440\u0443\u0448\u0435\u043d\u0438\u0439 \u0432 \u0434\u0435\u044f\u0442\u0435\u043b\u044c\u043d\u043e\u0441\u0442\u0438 ALPHV \u0438 LockBit .\n\n\u042d\u043a\u0441\u043f\u0435\u0440\u0442\u044b \u043e\u0442\u043c\u0435\u0447\u0430\u044e\u0442, \u0447\u0442\u043e RansomHub \u0434\u0435\u0439\u0441\u0442\u0432\u0443\u0435\u0442 \u0432 \u0444\u043e\u0440\u043c\u0430\u0442\u0435 ransomware-as-a-service (RaaS), \u0430\u043a\u0442\u0438\u0432\u043d\u043e \u043f\u0440\u0438\u0432\u043b\u0435\u043a\u0430\u044f \u043f\u0430\u0440\u0442\u043d\u0451\u0440\u043e\u0432 \u043d\u0430 \u043f\u043e\u0434\u043f\u043e\u043b\u044c\u043d\u044b\u0445 \u0444\u043e\u0440\u0443\u043c\u0430\u0445, \u0442\u0430\u043a\u0438\u0445 \u043a\u0430\u043a RAMP. \u041e\u0441\u043d\u043e\u0432\u043d\u043e\u0439 \u0441\u0442\u0440\u0430\u0442\u0435\u0433\u0438\u0435\u0439 \u0441\u0442\u0430\u043b\u043e \u043f\u0435\u0440\u0435\u043c\u0430\u043d\u0438\u0432\u0430\u043d\u0438\u0435 \u0445\u0430\u043a\u0435\u0440\u043e\u0432 , \u0440\u0430\u043d\u0435\u0435 \u0440\u0430\u0431\u043e\u0442\u0430\u0432\u0448\u0438\u0445 \u043d\u0430 \u0434\u0440\u0443\u0433\u0438\u0435 \u0433\u0440\u0443\u043f\u043f\u0438\u0440\u043e\u0432\u043a\u0438, \u0447\u0442\u043e \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u043b\u043e RansomHub \u0431\u044b\u0441\u0442\u0440\u043e \u043d\u0430\u0440\u0430\u0441\u0442\u0438\u0442\u044c \u043c\u0430\u0441\u0448\u0442\u0430\u0431\u044b \u0430\u0442\u0430\u043a.\n\n\u0410\u043d\u0430\u043b\u0438\u0437 \u043a\u043e\u0434\u0430 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u0430 \u043f\u043e\u043a\u0430\u0437\u0430\u043b, \u0447\u0442\u043e \u0433\u0440\u0443\u043f\u043f\u0438\u0440\u043e\u0432\u043a\u0430, \u0432\u0435\u0440\u043e\u044f\u0442\u043d\u043e, \u043f\u0440\u0438\u043e\u0431\u0440\u0435\u043b\u0430 \u0441\u0432\u043e\u0451 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0435 \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u0435 \u0443 Knight (Cyclops), \u0434\u0440\u0443\u0433\u043e\u0439 \u0438\u0437\u0432\u0435\u0441\u0442\u043d\u043e\u0439 \u043a\u0438\u0431\u0435\u0440\u043f\u0440\u0435\u0441\u0442\u0443\u043f\u043d\u043e\u0439 \u043e\u0440\u0433\u0430\u043d\u0438\u0437\u0430\u0446\u0438\u0438. \u0418\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0433\u043e\u0442\u043e\u0432\u044b\u0445 \u0440\u0435\u0448\u0435\u043d\u0438\u0439 \u0443\u0441\u043a\u043e\u0440\u0438\u043b\u043e \u0440\u0430\u0437\u0432\u0451\u0440\u0442\u044b\u0432\u0430\u043d\u0438\u0435 \u0430\u0442\u0430\u043a, \u0430 \u043c\u0443\u043b\u044c\u0442\u0438\u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u0435\u043d\u043d\u043e\u0441\u0442\u044c \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u044b \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0448\u0438\u0444\u0440\u043e\u0432\u0430\u0442\u044c \u0441\u0438\u0441\u0442\u0435\u043c\u044b \u043d\u0430 Windows, ESXi, Linux \u0438 FreeBSD, \u0440\u0430\u0441\u0448\u0438\u0440\u044f\u044f \u0441\u043f\u0438\u0441\u043e\u043a \u043f\u043e\u0442\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u044b\u0445 \u0436\u0435\u0440\u0442\u0432.\n\nRansomHub \u043e\u0442\u043b\u0438\u0447\u0430\u0435\u0442\u0441\u044f \u0432\u044b\u0441\u043e\u043a\u043e\u0439 \u0441\u0442\u0435\u043f\u0435\u043d\u044c\u044e \u043e\u0440\u0433\u0430\u043d\u0438\u0437\u043e\u0432\u0430\u043d\u043d\u043e\u0441\u0442\u0438. \u0413\u0440\u0443\u043f\u043f\u0438\u0440\u043e\u0432\u043a\u0430 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442 \u043a\u0430\u043a \u043f\u0440\u043e\u0432\u0435\u0440\u0435\u043d\u043d\u044b\u0435 \u0442\u0435\u0445\u043d\u0438\u043a\u0438 \u0432\u0437\u043b\u043e\u043c\u0430 \u2014 \u0430\u0442\u0430\u043a\u0438 \u043d\u0430 VPN-\u0441\u0435\u0440\u0432\u0438\u0441\u044b \u0438 \u043f\u043e\u0434\u0431\u043e\u0440 \u043f\u0430\u0440\u043e\u043b\u0435\u0439, \u0442\u0430\u043a \u0438 \u0441\u043b\u043e\u0436\u043d\u044b\u0435 \u043c\u0435\u0442\u043e\u0434\u044b, \u0432\u043a\u043b\u044e\u0447\u0430\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u043d\u0443\u043b\u0435\u0432\u043e\u0433\u043e \u0434\u043d\u044f. \u0412 \u0430\u0440\u0441\u0435\u043d\u0430\u043b\u0435 \u0430\u0442\u0430\u043a\u0443\u044e\u0449\u0438\u0445 \u2014 \u0438\u043d\u0441\u0442\u0440\u0443\u043c\u0435\u043d\u0442\u044b \u0432\u0440\u043e\u0434\u0435 PCHunter, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0438\u0435 \u043e\u0431\u0445\u043e\u0434\u0438\u0442\u044c \u0441\u0440\u0435\u0434\u0441\u0442\u0432\u0430 \u0437\u0430\u0449\u0438\u0442\u044b.\n\n\u0422\u0430\u043a\u0442\u0438\u043a\u0430 \u0430\u0442\u0430\u043a \u0432\u043a\u043b\u044e\u0447\u0430\u0435\u0442 \u0442\u0449\u0430\u0442\u0435\u043b\u044c\u043d\u043e\u0435 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u043d\u0438\u0435 \u0441\u0435\u0442\u0438 \u0436\u0435\u0440\u0442\u0432\u044b \u0438 \u0437\u0430\u0445\u0432\u0430\u0442 \u043d\u0430\u0438\u0431\u043e\u043b\u0435\u0435 \u0446\u0435\u043d\u043d\u044b\u0445 \u0434\u0430\u043d\u043d\u044b\u0445. \u041e\u043f\u0435\u0440\u0430\u0442\u043e\u0440\u044b \u043f\u0440\u043e\u043d\u0438\u043a\u0430\u044e\u0442 \u0432 \u0438\u043d\u0444\u0440\u0430\u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u0443, \u043f\u043e\u043b\u0443\u0447\u0430\u044e\u0442 \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u044c \u043d\u0430\u0434 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u043c\u0438 \u0443\u0437\u043b\u0430\u043c\u0438 \u2014 \u0444\u0430\u0439\u043b\u043e\u0432\u044b\u043c\u0438 \u0445\u0440\u0430\u043d\u0438\u043b\u0438\u0449\u0430\u043c\u0438, \u0440\u0435\u0437\u0435\u0440\u0432\u043d\u044b\u043c\u0438 \u043a\u043e\u043f\u0438\u044f\u043c\u0438, \u0441\u0435\u0440\u0432\u0435\u0440\u0430\u043c\u0438 \u2014 \u0438 \u043f\u0435\u0440\u0435\u043d\u043e\u0441\u044f\u0442 \u043a\u043e\u043d\u0444\u0438\u0434\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u044b\u0435 \u0441\u0432\u0435\u0434\u0435\u043d\u0438\u044f \u043d\u0430 \u0443\u0434\u0430\u043b\u0451\u043d\u043d\u044b\u0435 \u0441\u0435\u0440\u0432\u0435\u0440\u044b. \u0414\u043b\u044f \u043f\u0435\u0440\u0435\u0434\u0430\u0447\u0438 \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438 \u043f\u0440\u0435\u0441\u0442\u0443\u043f\u043d\u0438\u043a\u0438 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0442 Filezilla, \u0430 \u0437\u0430\u0442\u0435\u043c \u0437\u0430\u043f\u0443\u0441\u043a\u0430\u044e\u0442 \u043f\u0440\u043e\u0446\u0435\u0441\u0441 \u0448\u0438\u0444\u0440\u043e\u0432\u0430\u043d\u0438\u044f \u043d\u0430 \u0441\u043a\u043e\u043c\u043f\u0440\u043e\u043c\u0435\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0445 \u0445\u043e\u0441\u0442\u0430\u0445.\n\n\u041f\u043e\u0441\u043b\u0435 \u0437\u0430\u0432\u0435\u0440\u0448\u0435\u043d\u0438\u044f \u0430\u0442\u0430\u043a\u0438 RansomHub \u0448\u0430\u043d\u0442\u0430\u0436\u0438\u0440\u0443\u0435\u0442 \u0436\u0435\u0440\u0442\u0432\u0443, \u0442\u0440\u0435\u0431\u0443\u044f \u0432\u044b\u043a\u0443\u043f \u0437\u0430 \u0440\u0430\u0441\u0448\u0438\u0444\u0440\u043e\u0432\u043a\u0443 \u0438 \u043d\u0435\u043f\u0443\u0431\u043b\u0438\u043a\u0430\u0446\u0438\u044e \u0434\u0430\u043d\u043d\u044b\u0445. \u041f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u0430-\u0432\u044b\u043c\u043e\u0433\u0430\u0442\u0435\u043b\u044c \u0441\u043f\u043e\u0441\u043e\u0431\u043d\u0430 \u043e\u0441\u0442\u0430\u043d\u0430\u0432\u043b\u0438\u0432\u0430\u0442\u044c \u0432\u0438\u0440\u0442\u0443\u0430\u043b\u044c\u043d\u044b\u0435 \u043c\u0430\u0448\u0438\u043d\u044b, \u0443\u043d\u0438\u0447\u0442\u043e\u0436\u0430\u0442\u044c \u0442\u0435\u043d\u0435\u0432\u044b\u0435 \u043a\u043e\u043f\u0438\u0438 \u0444\u0430\u0439\u043b\u043e\u0432 \u0438 \u0437\u0430\u0447\u0438\u0449\u0430\u0442\u044c \u0436\u0443\u0440\u043d\u0430\u043b\u044b \u0441\u043e\u0431\u044b\u0442\u0438\u0439, \u0437\u0430\u0442\u0440\u0443\u0434\u043d\u044f\u044f \u0440\u0430\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u043d\u0438\u0435 \u0438\u043d\u0446\u0438\u0434\u0435\u043d\u0442\u0430 .\n\n\u041e\u0434\u043d\u043e\u0439 \u0438\u0437 \u043d\u0430\u0438\u0431\u043e\u043b\u0435\u0435 \u0440\u0430\u0437\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044c\u043d\u044b\u0445 \u0430\u0442\u0430\u043a RansomHub \u0441\u0442\u0430\u043b\u0430 \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u044f, \u043f\u0440\u043e\u0432\u0435\u0434\u0451\u043d\u043d\u0430\u044f \u0432\u0441\u0435\u0433\u043e \u0437\u0430 14 \u0447\u0430\u0441\u043e\u0432. \u041f\u0440\u0435\u0441\u0442\u0443\u043f\u043d\u0438\u043a\u0438 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 \u043c\u0435\u0436\u0441\u0435\u0442\u0435\u0432\u043e\u043c \u044d\u043a\u0440\u0430\u043d\u0435 Palo Alto ( CVE-2024-3400 ) \u0434\u043b\u044f \u043f\u0435\u0440\u0432\u0438\u0447\u043d\u043e\u0433\u043e \u0434\u043e\u0441\u0442\u0443\u043f\u0430, \u0437\u0430\u0442\u0435\u043c \u043f\u0440\u0438\u043c\u0435\u043d\u0438\u043b\u0438 \u0431\u0440\u0443\u0442\u0444\u043e\u0440\u0441 \u0443\u0447\u0451\u0442\u043d\u044b\u0445 \u0434\u0430\u043d\u043d\u044b\u0445 \u043e\u0442 VPN-\u043a\u043b\u0438\u0435\u043d\u0442\u0430. \u041f\u043e\u0441\u043b\u0435 \u044d\u0442\u043e\u0433\u043e \u0430\u0442\u0430\u043a\u0443\u044e\u0449\u0438\u0435 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u043e\u0432\u0430\u043b\u0438 \u0441\u0442\u0430\u0440\u044b\u0435 \u0431\u0440\u0435\u0448\u0438 \u0432 Windows ( CVE-2021-42278 \u0438 CVE-2020-1472 ), \u043f\u043e\u043b\u0443\u0447\u0430\u044f \u043f\u043e\u043b\u043d\u044b\u0439 \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u044c \u043d\u0430\u0434 \u0441\u0435\u0442\u044c\u044e.\n\n\u042d\u043a\u0441\u043f\u0435\u0440\u0442\u044b \u043f\u043e\u0434\u0447\u0451\u0440\u043a\u0438\u0432\u0430\u044e\u0442, \u0447\u0442\u043e \u0441\u0442\u043e\u043b\u044c \u044d\u0444\u0444\u0435\u043a\u0442\u0438\u0432\u043d\u0430\u044f \u0434\u0435\u044f\u0442\u0435\u043b\u044c\u043d\u043e\u0441\u0442\u044c RansomHub \u0441\u0442\u0430\u043b\u0430 \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e\u0439 \u0438\u0437-\u0437\u0430 \u043d\u0435\u0441\u0432\u043e\u0435\u0432\u0440\u0435\u043c\u0435\u043d\u043d\u043e\u0433\u043e \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c. \u0415\u0441\u043b\u0438 \u0442\u0430 \u0438\u043b\u0438 \u0438\u043d\u0430\u044f \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u044f \u0441\u0442\u0430\u043d\u043e\u0432\u0438\u0442\u0441\u044f \u0436\u0435\u0440\u0442\u0432\u043e\u0439 \u0430\u0442\u0430\u043a\u0438 \u0447\u0435\u0440\u0435\u0437 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c, \u0437\u0430\u043a\u0440\u044b\u0442\u0443\u044e \u043d\u0435\u0441\u043a\u043e\u043b\u044c\u043a\u043e \u043b\u0435\u0442 \u043d\u0430\u0437\u0430\u0434, \u0442\u043e \u0432\u0438\u043d\u043e\u0432\u0430\u0442\u043e \u0432 \u044d\u0442\u043e\u043c \u0438\u0441\u043a\u043b\u044e\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e \u0435\u0451 \u0441\u043e\u0431\u0441\u0442\u0432\u0435\u043d\u043d\u043e\u0435 \u0445\u0430\u043b\u0430\u0442\u043d\u043e\u0435 \u043e\u0442\u043d\u043e\u0448\u0435\u043d\u0438\u0435 \u043a \u043a\u0438\u0431\u0435\u0440\u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438. \u0412 \u0434\u0430\u043d\u043d\u043e\u043c \u0441\u043b\u0443\u0447\u0430\u0435 \u0433\u043b\u0443\u043f\u043e \u043f\u0435\u0440\u0435\u043a\u043b\u0430\u0434\u044b\u0432\u0430\u0442\u044c \u043e\u0442\u0432\u0435\u0442\u0441\u0442\u0432\u0435\u043d\u043d\u043e\u0441\u0442\u044c \u043d\u0430 \u043f\u043e\u0441\u0442\u0430\u0432\u0449\u0438\u043a\u043e\u0432 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f.\n\n\u0420\u0430\u0441\u0442\u0443\u0449\u0430\u044f \u0430\u043a\u0442\u0438\u0432\u043d\u043e\u0441\u0442\u044c RansomHub \u0441\u0432\u0438\u0434\u0435\u0442\u0435\u043b\u044c\u0441\u0442\u0432\u0443\u0435\u0442 \u043e \u043f\u0440\u043e\u0434\u043e\u043b\u0436\u0430\u044e\u0449\u0435\u0439\u0441\u044f \u044d\u0432\u043e\u043b\u044e\u0446\u0438\u0438 \u043a\u0438\u0431\u0435\u0440\u0443\u0433\u0440\u043e\u0437. \u041e\u0440\u0433\u0430\u043d\u0438\u0437\u0430\u0446\u0438\u0438 \u0434\u043e\u043b\u0436\u043d\u044b \u0443\u0441\u0438\u043b\u0438\u0432\u0430\u0442\u044c \u0441\u0432\u043e\u044e \u0437\u0430\u0449\u0438\u0442\u0443, \u0440\u0435\u0433\u0443\u043b\u044f\u0440\u043d\u043e \u043e\u0431\u043d\u043e\u0432\u043b\u044f\u0442\u044c \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0435 \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u0435 \u0438 \u043c\u0438\u043d\u0438\u043c\u0438\u0437\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u043f\u043e\u0432\u0435\u0440\u0445\u043d\u043e\u0441\u0442\u044c \u0430\u0442\u0430\u043a\u0438, \u0447\u0442\u043e\u0431\u044b \u043d\u0435 \u043f\u043e\u043f\u0430\u0441\u0442\u044c \u0432 \u0441\u043f\u0438\u0441\u043e\u043a \u0436\u0435\u0440\u0442\u0432 RansomHub \u0438 \u043f\u0440\u043e\u0447\u0438\u0445 \u0432\u044b\u043c\u043e\u0433\u0430\u0442\u0435\u043b\u044c\u0441\u043a\u0438\u0445 \u0433\u0440\u0443\u043f\u043f\u0438\u0440\u043e\u0432\u043e\u043a.\n\n\ud83d\udd14 ITsec NEWS", "creation_timestamp": "2025-02-17T08:21:47.000000Z"}, {"uuid": "a208d7a4-b128-41d1-b32b-c442baf47faa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-1472", "type": "exploited", "source": "https://t.me/cKure/2408", "content": "\u25a0\u25a0\u25a0\u25a1\u25a1 CVE-2020-1472\n\nhttps://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/admin/dcerpc/cve_2020_1472_zerologon.rb", "creation_timestamp": "2020-09-29T09:26:18.000000Z"}, {"uuid": "e64f0462-2930-4709-8fd4-bd6914253ae2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-1472", "type": "seen", "source": "https://gist.github.com/polirise-och5ty-long/0553d1b567d5e4e4c05bd4bd470b77bf", "content": "", "creation_timestamp": "2026-04-19T17:35:28.000000Z"}, {"uuid": "a2282986-146f-4db5-aeed-ec354763197c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-1472", "type": "seen", "source": "https://gist.github.com/polirise-och5ty-long/921c7aa9360839078ec5ad52cee75648", "content": "", "creation_timestamp": "2026-04-19T17:37:51.000000Z"}, {"uuid": "f1a8b90f-ca7c-407f-bf4c-047fd700d9f9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-1472", "type": "seen", "source": "https://gist.github.com/polirise-och5ty-long/26f16159ab0369f7b5368e757a208f61", "content": "", "creation_timestamp": "2026-04-19T17:39:00.000000Z"}, {"uuid": "d39b7353-ac9e-4389-8720-eaf3f246a5b9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-1472", "type": "published-proof-of-concept", "source": "Telegram/8wPJR4Zrqe1NVpmz6R4R-oJOE4FmewBY2nxE00bK5aCo0SE", "content": "", "creation_timestamp": "2025-10-18T19:00:11.000000Z"}, {"uuid": "e432cd95-5306-47ee-b9e7-816a4ca9d800", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-1472", "type": "published-proof-of-concept", "source": "Telegram/ZHsH8l_PJf6qA-LG3pwKoQfrYnUBM4bmr6171DkIh35gCrQ", "content": "", "creation_timestamp": "2025-10-18T21:00:05.000000Z"}, {"uuid": "7c42892b-690a-4692-b8b9-98e466494240", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-1472", "type": "exploited", "source": "https://t.me/itsec_news/1174", "content": "\u200b\ud83d\udde1 \u0422\u0440\u043e\u043f\u0438\u0447\u0435\u0441\u043a\u0438\u0439 \u0441\u043a\u043e\u0440\u043f\u0438\u043e\u043d \u0438\u0437 \u041a\u0443\u0431\u044b \u0430\u0442\u0430\u043a\u0443\u0435\u0442 \u043d\u0435\u0438\u0437\u0432\u0435\u0441\u0442\u043d\u044b\u043c\u0438 \u0438\u043d\u0441\u0442\u0440\u0443\u043c\u0435\u043d\u0442\u0430\u043c\u0438.\n\n\ud83d\udcac \u0421\u043e\u0433\u043b\u0430\u0441\u043d\u043e \u043e\u0442\u0447\u0435\u0442\u0443 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439 \u0438\u0437 Palo Alto Networks Unit 42, \u043d\u0430\u0437\u0432\u0430\u043d\u043d\u044b\u0439 \u0438\u043c\u0438 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a Tropical Scorpius \u043f\u0440\u0435\u0434\u043f\u043e\u043b\u043e\u0436\u0438\u0442\u0435\u043b\u044c\u043d\u043e \u044f\u0432\u043b\u044f\u0435\u0442\u0441\u044f \u0443\u0447\u0430\u0441\u0442\u043d\u0438\u043a\u043e\u043c \u0433\u0440\u0443\u043f\u043f\u044b \u0432\u044b\u043c\u043e\u0433\u0430\u0442\u0435\u043b\u0435\u0439 Cuba \u0438 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442 \u0440\u0430\u043d\u0435\u0435 \u043d\u0435\u0438\u0437\u0432\u0435\u0441\u0442\u043d\u044b\u0435 \u0442\u0435\u0445\u043d\u0438\u043a\u0438, \u0442\u0430\u043a\u0442\u0438\u043a\u0438 \u0438 \u043f\u0440\u043e\u0446\u0435\u0434\u0443\u0440\u044b, \u0432 \u0442\u043e\u043c \u0447\u0438\u0441\u043b\u0435 \u043d\u043e\u0432\u044b\u0439 \u0442\u0440\u043e\u044f\u043d \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u0433\u043e \u0434\u043e\u0441\u0442\u0443\u043f\u0430 \u0438 \u043d\u043e\u0432\u044b\u0439 \u0438\u043d\u0441\u0442\u0440\u0443\u043c\u0435\u043d\u0442 \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u0438\u044f \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439.\n\n\u041f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u0443-\u0432\u044b\u043c\u043e\u0433\u0430\u0442\u0435\u043b\u044c Cuba \u0437\u0430\u043f\u0443\u0441\u0442\u0438\u043b\u0438 \u0432 2019 \u0433\u043e\u0434\u0443. \u0412 \u043f\u0435\u0440\u0432\u043e\u043c \u043a\u0432\u0430\u0440\u0442\u0430\u043b\u0435 2022 \u0433\u043e\u0434\u0430 \u0435\u0435 \u043e\u0431\u043d\u043e\u0432\u0438\u043b\u0438, \u0438 \u043e\u043d\u0430 \u043f\u043e\u043b\u0443\u0447\u0438\u043b\u0430, \u043f\u043e\u043c\u0438\u043c\u043e \u043f\u0440\u043e\u0447\u0435\u0433\u043e, \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u043d\u044b\u0439 \u0448\u0438\u0444\u0440\u043e\u0432\u0430\u043b\u044c\u0449\u0438\u043a \u0441 \u0431\u043e\u043b\u0435\u0435 \u0442\u043e\u043d\u043a\u0438\u043c\u0438 \u043f\u0430\u0440\u0430\u043c\u0435\u0442\u0440\u0430\u043c\u0438. \u041a\u0438\u0431\u0435\u0440\u043f\u0440\u0435\u0441\u0442\u0443\u043f\u043d\u0438\u043a Tropical Scorpius \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442 \u0441\u0442\u0430\u043d\u0434\u0430\u0440\u0442\u043d\u0443\u044e \u043f\u043e\u043b\u0435\u0437\u043d\u0443\u044e \u043d\u0430\u0433\u0440\u0443\u0437\u043a\u0443 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u044b-\u0432\u044b\u043c\u043e\u0433\u0430\u0442\u0435\u043b\u044f Cuba, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043f\u0440\u0430\u043a\u0442\u0438\u0447\u0435\u0441\u043a\u0438 \u043d\u0435 \u0438\u0437\u043c\u0435\u043d\u0438\u043b\u0430\u0441\u044c \u0441 \u043c\u043e\u043c\u0435\u043d\u0442\u0430 \u0437\u0430\u043f\u0443\u0441\u043a\u0430 \u043a\u0430\u043c\u043f\u0430\u043d\u0438\u0438 \u0432 2019 \u0433\u043e\u0434\u0443.\n\n\u041e\u0434\u0438\u043d \u0438\u0437 \u043d\u043e\u0432\u044b\u0445 \u043c\u0435\u0442\u043e\u0434\u043e\u0432 \u0441 \u0438\u044e\u043d\u044f 2022 \u0433\u043e\u0434\u0430 \u2014 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0437\u0430\u043a\u043e\u043d\u043d\u043e\u0433\u043e, \u043d\u043e \u043d\u0435\u0434\u0435\u0439\u0441\u0442\u0432\u0438\u0442\u0435\u043b\u044c\u043d\u043e\u0433\u043e \u0441\u0435\u0440\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u0430 NVIDIA \u0434\u043b\u044f \u043f\u043e\u0434\u043f\u0438\u0441\u0438 \u0434\u0440\u0430\u0439\u0432\u0435\u0440\u0430 \u044f\u0434\u0440\u0430, \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u0433\u043e \u043d\u0430 \u043d\u0430\u0447\u0430\u043b\u044c\u043d\u044b\u0445 \u044d\u0442\u0430\u043f\u0430\u0445 \u0437\u0430\u0440\u0430\u0436\u0435\u043d\u0438\u044f. \u0421\u0435\u0440\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u044b \u0443\u043a\u0440\u0430\u043b\u0430 \u0433\u0440\u0443\u043f\u043f\u0430 LAPSUS \u0432 \u043c\u0430\u0440\u0442\u0435 2022 \u0433\u043e\u0434\u0430. \u0417\u0430\u0434\u0430\u0447\u0430 \u0434\u0440\u0430\u0439\u0432\u0435\u0440\u0430 \u2014 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u0432\u0430\u0442\u044c \u043f\u0440\u043e\u0446\u0435\u0441\u0441\u044b \u0441\u0438\u0441\u0442\u0435\u043c\u044b \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0438 \u0437\u0430\u0432\u0435\u0440\u0448\u0430\u0442\u044c \u0438\u0445, \u0447\u0442\u043e\u0431\u044b \u0445\u0430\u043a\u0435\u0440 \u043c\u043e\u0433 \u0438\u0437\u0431\u0435\u0436\u0430\u0442\u044c \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0438\u044f \u0432 \u0441\u043a\u043e\u043c\u043f\u0440\u043e\u043c\u0435\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u0439 \u0441\u0440\u0435\u0434\u0435.\n\n\u0417\u0430\u0442\u0435\u043c Tropical Scorpius \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b \u0438\u043d\u0441\u0442\u0440\u0443\u043c\u0435\u043d\u0442 \u043b\u043e\u043a\u0430\u043b\u044c\u043d\u043e\u0433\u043e \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u0438\u044f \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u0441\u043e\u0434\u0435\u0440\u0436\u0438\u0442 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442 \u0434\u043b\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u0438\u044f \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439 \u0432 Windows CVE-2022-24521.\n\n\u041d\u0430 \u0441\u043b\u0435\u0434\u0443\u044e\u0449\u0435\u043c \u044d\u0442\u0430\u043f\u0435 Tropical Scorpius \u0437\u0430\u0433\u0440\u0443\u0437\u0438\u043b ADFind \u0438 NetScan \u0434\u043b\u044f \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u0431\u043e\u043a\u043e\u0432\u043e\u0433\u043e \u043f\u0435\u0440\u0435\u043c\u0435\u0449\u0435\u043d\u0438\u044f. \u0422\u0430\u043a\u0436\u0435 \u0441\u0443\u0431\u044a\u0435\u043a\u0442 \u0443\u0433\u0440\u043e\u0437\u044b \u0440\u0430\u0437\u0432\u0435\u0440\u043d\u0443\u043b \u043d\u043e\u0432\u044b\u0439 \u0438\u043d\u0441\u0442\u0440\u0443\u043c\u0435\u043d\u0442, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u043a\u044d\u0448\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0435 \u0443\u0447\u0435\u0442\u043d\u044b\u0435 \u0434\u0430\u043d\u043d\u044b\u0435 Kerberos.\n\n\u0422\u0430\u043a\u0436\u0435 \u043a\u0438\u0431\u0435\u0440\u043f\u0440\u0435\u0441\u0442\u0443\u043f\u043d\u0438\u043a \u043c\u043e\u0436\u0435\u0442 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u0445\u0430\u043a\u0435\u0440\u0441\u043a\u0438\u0439 \u0438\u043d\u0441\u0442\u0440\u0443\u043c\u0435\u043d\u0442 ZeroLogon, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u0435\u0442 \u043e\u0448\u0438\u0431\u043a\u0443 CVE-2020-1472 \u0434\u043b\u044f \u043f\u043e\u043b\u0443\u0447\u0435\u043d\u0438\u044f \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439 \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440\u0430 \u0434\u043e\u043c\u0435\u043d\u0430.\n\n\u042d\u043a\u0441\u043f\u0435\u0440\u0442\u044b \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u043b\u0438, \u0447\u0442\u043e Tropical Scorpius \u0440\u0430\u0437\u0432\u0435\u0440\u0442\u044b\u0432\u0430\u0435\u0442 ROMCOM RAT, \u0440\u0430\u043d\u0435\u0435 \u043d\u0435\u0438\u0437\u0432\u0435\u0441\u0442\u043d\u043e\u0435 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u043e\u0435 \u041f\u041e, \u043a\u043e\u0442\u043e\u0440\u043e\u0435 \u043e\u0431\u0440\u0430\u0431\u0430\u0442\u044b\u0432\u0430\u0435\u0442 \u0441\u0432\u044f\u0437\u044c \u0441 C2-\u0441\u0435\u0440\u0432\u0435\u0440\u043e\u043c \u0447\u0435\u0440\u0435\u0437 ICMP-\u0437\u0430\u043f\u0440\u043e\u0441\u044b, \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0435\u043c\u044b\u0435 \u0444\u0443\u043d\u043a\u0446\u0438\u044f\u043c\u0438 Windows API.\n\nROMCOM RAT \u043f\u043e\u0434\u0434\u0435\u0440\u0436\u0438\u0432\u0430\u0435\u0442 10 \u043a\u043e\u043c\u0430\u043d\u0434:\n\n\u2014 \u0412\u0435\u0440\u043d\u0443\u0442\u044c \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044e \u043e \u043f\u043e\u0434\u043a\u043b\u044e\u0447\u0435\u043d\u043d\u043e\u043c \u0434\u0438\u0441\u043a\u0435;\n\u2014 \u0412\u0435\u0440\u043d\u0443\u0442\u044c \u0441\u043f\u0438\u0441\u043a\u0438 \u0444\u0430\u0439\u043b\u043e\u0432 \u0434\u043b\u044f \u0443\u043a\u0430\u0437\u0430\u043d\u043d\u043e\u0433\u043e \u043a\u0430\u0442\u0430\u043b\u043e\u0433\u0430;\n\u2014 \u0417\u0430\u043f\u0443\u0441\u0442\u0438\u0442\u044c \u043e\u0431\u0440\u0430\u0442\u043d\u0443\u044e \u043e\u0431\u043e\u043b\u043e\u0447\u043a\u0443 \u043f\u043e\u0434 \u0438\u043c\u0435\u043d\u0435\u043c \u00absvchelper.exe\u00bb \u0432 \u043f\u0430\u043f\u043a\u0435 \u00ab%ProgramData%\u00bb;\n\u2014 \u0417\u0430\u0433\u0440\u0443\u0437\u0438\u0442\u044c \u0434\u0430\u043d\u043d\u044b\u0435 \u0432 C2-\u0441\u0435\u0440\u0432\u0435\u0440 \u0432 \u0432\u0438\u0434\u0435 ZIP-\u0444\u0430\u0439\u043b\u0430, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044f IShellDispatch \u0434\u043b\u044f \u043a\u043e\u043f\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u044f \u0444\u0430\u0439\u043b\u043e\u0432;\n\u2014 \u0421\u043a\u0430\u0447\u0430\u0442\u044c \u0434\u0430\u043d\u043d\u044b\u0435 \u0438 \u0437\u0430\u043f\u0438\u0441\u0430\u0442\u044c \u0432 \u00abworker.txt\u00bb \u0432 \u043f\u0430\u043f\u043a\u0435 \u00ab%ProgramData%\u00bb;\n\u2014 \u0423\u0434\u0430\u043b\u0438\u0442\u044c \u0443\u043a\u0430\u0437\u0430\u043d\u043d\u044b\u0439 \u0444\u0430\u0439\u043b;\n\u2014 \u0423\u0434\u0430\u043b\u0438\u0442\u044c \u0443\u043a\u0430\u0437\u0430\u043d\u043d\u044b\u0439 \u043a\u0430\u0442\u0430\u043b\u043e\u0433;\n\u2014 \u0421\u043e\u0437\u0434\u0430\u0442\u044c \u043f\u0440\u043e\u0446\u0435\u0441\u0441 \u0441 \u043f\u043e\u0434\u043c\u0435\u043d\u043e\u0439 \u0438\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440\u0430 \u043f\u0440\u043e\u0446\u0435\u0441\u0441\u0430;\n\u2014 \u041e\u0431\u0440\u0430\u0431\u043e\u0442\u0430\u0442\u044c \u0442\u043e\u043b\u044c\u043a\u043e ServiceMain, \u043f\u043e\u043b\u0443\u0447\u0435\u043d\u043d\u044b\u043c \u043e\u0442 C2-\u0441\u0435\u0440\u0432\u0435\u0440\u0430 \u0438 \u043f\u0440\u0438\u043e\u0441\u0442\u0430\u043d\u043e\u0432\u0438\u0442\u044c \u043f\u0440\u043e\u0446\u0435\u0441\u0441 \u0432 \u0442\u0435\u0447\u0435\u043d\u0438\u0435 120 000 \u043c\u0441;\n\u2014 \u0418\u0442\u0435\u0440\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u0437\u0430\u043f\u0443\u0449\u0435\u043d\u043d\u044b\u0435 \u043f\u0440\u043e\u0446\u0435\u0441\u0441\u044b \u0438 \u0441\u043e\u0431\u0440\u0430\u0442\u044c \u0438\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440\u044b \u043f\u0440\u043e\u0446\u0435\u0441\u0441\u043e\u0432.\n\n\u041f\u043e\u044f\u0432\u043b\u0435\u043d\u0438\u0435 Tropical Scorpius \u0438 \u0435\u0433\u043e \u043d\u043e\u0432\u044b\u0445 TTP \u0443\u043a\u0430\u0437\u044b\u0432\u0430\u0435\u0442 \u043d\u0430 \u0442\u043e, \u0447\u0442\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u0430-\u0432\u044b\u043c\u043e\u0433\u0430\u0442\u0435\u043b\u044c Cuba \u043f\u0440\u0435\u0432\u0440\u0430\u0449\u0430\u0435\u0442\u0441\u044f \u0432 \u0431\u043e\u043b\u0435\u0435 \u043e\u043f\u0430\u0441\u043d\u0443\u044e \u0443\u0433\u0440\u043e\u0437\u0443. \u0422\u043e\u0447\u043d\u043e\u0435 \u043a\u043e\u043b\u0438\u0447\u0435\u0441\u0442\u0432\u043e \u0436\u0435\u0440\u0442\u0432 \u043d\u0430 \u0434\u0430\u043d\u043d\u044b\u0439 \u043c\u043e\u043c\u0435\u043d\u0442 \u043d\u0435 \u0438\u0437\u0432\u0435\u0441\u0442\u043d\u043e, \u043d\u043e Cuba \u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043b\u0430 \u0443\u043a\u0440\u0430\u0434\u0435\u043d\u043d\u044b\u0435 \u0444\u0430\u0439\u043b\u044b 4 \u0436\u0435\u0440\u0442\u0432 \u0441 \u0438\u044e\u043d\u044f 2022 \u0433\u043e\u0434\u0430 \u043d\u0430 \u0441\u0432\u043e\u0435\u043c onion-\u0441\u0430\u0439\u0442\u0435. \u0423\u0447\u0438\u0442\u044b\u0432\u0430\u044f \u0432\u0440\u0435\u043c\u044f \u0434\u043b\u044f \u043f\u0435\u0440\u0435\u0433\u043e\u0432\u043e\u0440\u043e\u0432, \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u043e\u0436\u0438\u0434\u0430\u044e\u0442 \u0443\u0432\u0438\u0434\u0435\u0442\u044c \u0440\u0435\u0437\u0443\u043b\u044c\u0442\u0430\u0442\u044b \u043a\u0430\u043c\u043f\u0430\u043d\u0438\u0439 \u0432\u043e \u0432\u0442\u043e\u0440\u043e\u0439 \u043f\u043e\u043b\u043e\u0432\u0438\u043d\u0435 2022 \u0433\u043e\u0434\u0430.\n\n#\u0425\u0430\u043a\u0435\u0440\u044b #\u041a\u0443\u0431\u0430 \n\n\ud83d\udd14 ITsec NEWS", "creation_timestamp": "2022-08-11T15:00:29.000000Z"}, {"uuid": "db9c3694-5299-44dc-9528-d08a5336c8cf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-1472", "type": "published-proof-of-concept", "source": "Telegram/GFK7iRP-YRfUisfPB-meWn-WL3QJHLEcpUZ2wQtZdLdd_6s", "content": "", "creation_timestamp": "2025-12-07T21:00:05.000000Z"}, {"uuid": "1eba8c7e-2e06-4b42-ac44-e826f99e8a30", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-1472", "type": "exploited", "source": "https://t.me/cKure/2217", "content": "\u25a0\u25a0\u25a0\u25a0\u25a1 Zerologon : Instantly become domain admin by subverting Netlogon cryptography.\n\nhttps://github.com/SecuraBV/CVE-2020-1472\n\nTest tool for CVE-2020-1472.", "creation_timestamp": "2020-09-15T14:46:33.000000Z"}, {"uuid": "66da4cc2-e771-472c-ab36-c66eee518712", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-1472", "type": "exploited", "source": "https://t.me/cKure/2222", "content": "\u25a0\u25a0\u25a0\u25a1\u25a1 Windows Zerologon PoC exploits allow domain takeover. Patch Now!\n\nCVE-2020-1472\n\nhttps://www.bleepingcomputer.com/news/microsoft/windows-zerologon-poc-exploits-allow-domain-takeover-patch-now/", "creation_timestamp": "2020-09-19T11:38:39.000000Z"}, {"uuid": "34518a0d-6a7d-4a67-9741-d3d4e8eda2ed", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-1472", "type": "published-proof-of-concept", "source": "https://t.me/CyberGovIL/877", "content": "", "creation_timestamp": "2020-10-06T11:44:09.000000Z"}, {"uuid": "c776bb1e-9a27-44d8-9953-2355f6be37e3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-1472", "type": "published-proof-of-concept", "source": "https://t.me/codeby_sec/3525", "content": "\u200b\u200b\u0421\u0430\u043c\u044b\u0435 \u043f\u043e\u043f\u0443\u043b\u044f\u0440\u043d\u044b\u0435 \u0442\u0435\u043c\u044b \u0437\u0430 \u043f\u0440\u043e\u0448\u0435\u0434\u0448\u0443\u044e \u043d\u0435\u0434\u0435\u043b\u044e\n\n\u2714\ufe0f Soft - Cscan\n\u2714\ufe0f Keychain \u0432 iOS - \u0447\u0442\u043e \u0432\u043d\u0443\u0442\u0440\u0438?\n\u2714\ufe0f \u0413\u0435\u043d\u0435\u0440\u0430\u0446\u0438\u044f \u0431\u043e\u043b\u044c\u0448\u0438\u0445 \u043f\u0440\u043e\u0441\u0442\u044b\u0445 \u0447\u0438\u0441\u0435\u043b Python\n\u2714\ufe0f SYSENTER \u2013 \u0441\u043a\u0440\u044b\u0442\u044b\u0439 \u0437\u0430\u043f\u0443\u0441\u043a Native-API\n\u2714\ufe0f \u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c Recon\n\u2714\ufe0f \u041e\u0431\u0437\u043e\u0440 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 CVE-2020-1472 \u0438 \u044d\u043a\u0441\u043f\u043b\u043e\u0438\u0442\u0430 \u201cZeroLogon\u201d\n\u2714\ufe0f \u041a\u0430\u043a \u0437\u0430\u0431\u0430\u043d\u0438\u0442\u044c IP \u0430\u0434\u0440\u0435\u0441?\n\u2714\ufe0f \u0412\u0430\u043a\u0430\u043d\u0441\u0438\u044f - \u0421\u043f\u0435\u0446\u0438\u0430\u043b\u0438\u0441\u0442 \u043f\u043e \u0440\u0430\u0437\u0432\u0438\u0442\u0438\u044e \u043d\u0430\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f Advanced Threat Protection\n\u2714\ufe0f \u0412\u0437\u043b\u043e\u043c\u0430\u0442\u044c \u0432\u043a\n\u2714\ufe0f \u041d\u0430 \u043a\u0430\u043a\u043e\u043c \u044f\u043f \u043d\u0430\u043f\u0438\u0441\u0430\u043d\u043e \u043c\u043e\u0431\u0438\u043b\u044c\u043d\u043e\u0435 \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u0435 \u0412\u041a\u043e\u043d\u0442\u0430\u043a\u0442\u0435?\n\u2714\ufe0f \u0438\u0437\u0443\u0447\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0435", "creation_timestamp": "2020-10-14T10:10:43.000000Z"}, {"uuid": "6f52a952-552e-485d-8d6a-12c68c2fd812", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-1472", "type": "published-proof-of-concept", "source": "https://t.me/codeby_sec/4535", "content": "\u200b\u200b\u041e\u0431\u0437\u043e\u0440 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 CVE-2020-1472 \u0438 \u044d\u043a\u0441\u043f\u043b\u043e\u0438\u0442\u0430 \u201cZeroLogon\u201d\n\n\u0412\u0441\u0435\u043c \u043f\u0440\u0438\u0432\u0435\u0442! \u0412 \u0430\u0432\u0433\u0443\u0441\u0442\u0435 2020 Microsoft \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0438 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u0443\u0441\u0442\u0440\u0430\u043d\u044f\u044e\u0449\u0435\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2020-1472. \u042d\u0442\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0437\u0430\u0445\u0432\u0430\u0442\u0438\u0442\u044c \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u043b\u0435\u0440 \u0434\u043e\u043c\u0435\u043d\u0430.\n\u041f\u0440\u0435\u0434\u043b\u0430\u0433\u0430\u044e \u043d\u0435\u043c\u043d\u043e\u0433\u043e \u0443\u0433\u043b\u0443\u0431\u0438\u0442\u044c\u0441\u044f \u0432 \u044d\u0442\u0443 \u0442\u0435\u043c\u0443, \u0440\u0430\u0437\u043e\u0431\u0440\u0430\u0442\u044c\u0441\u044f \u0432 \u043f\u0440\u0438\u0447\u0438\u043d\u0430\u0445 \u0438 \u0440\u0438\u0441\u043a\u0430\u0445, \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u044b\u0445 \u0441 \u044d\u0442\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c\u044e, \u0438 \u0440\u0430\u0441\u0441\u043c\u043e\u0442\u0440\u0435\u0442\u044c \u0441\u0443\u0449\u0435\u0441\u0442\u0432\u0443\u044e\u0449\u0438\u0435 \u044d\u043a\u0441\u043f\u043b\u043e\u0438\u0442\u044b.\n\n\u0427\u0438\u0442\u0430\u0442\u044c: https://codeby.net/threads/obzor-ujazvimosti-cve-2020-1472-i-ehksploita-zerologon.75277/\n\n#exploit #windows", "creation_timestamp": "2021-06-01T17:17:00.000000Z"}, {"uuid": "bdcce02f-9ea6-45c5-a132-49eb0126ef69", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-1472", "type": "published-proof-of-concept", "source": "https://t.me/x_notes/202", "content": "\ud83d\udfe2\ud83d\udfe2\n\ud83d\udcf0 \u041d\u0430 #github \u043f\u043e\u044f\u0432\u0438\u043b\u0441\u044f \u0441\u043a\u0440\u0438\u043f\u0442 \u0434\u043b\u044f \u0442\u0435\u0441\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 #Zerologon (CVE-2020-1472). \u041e\u043d \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0441\u043e\u0432\u0435\u0440\u0448\u0438\u0442\u044c \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0443 \u043e\u0431\u0445\u043e\u0434\u0430 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438 \u0438 \u0437\u0430\u0432\u0435\u0440\u0448\u0430\u0435\u0442 \u0441\u0435\u0441\u0441\u0438\u044e.\n\ud83d\udd25 \u0415\u0441\u043b\u0438 \u043a\u0442\u043e-\u0442\u043e \u043d\u0435 \u0432 \u043a\u0443\u0440\u0441\u0435 \u0434\u0435\u043b\u0430, \u0442\u043e #Microsoft \u0437\u0430\u043f\u0430\u0442\u0447\u0438\u043b\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u043b\u0430 \u043f\u0443\u0442\u0451\u043c \u0432\u044b\u0437\u043e\u0432\u0430 #RPC \u043f\u0440\u043e\u0446\u0435\u0434\u0443\u0440\u044b \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u043f\u0440\u0430\u0432\u0430 \u0430\u0434\u043c\u0438\u043d\u0430, \u0432 \u0442\u043e\u043c \u0447\u0438\u0441\u043b\u0435 \u0434\u043e\u043c\u0435\u043d\u043d\u043e\u0433\u043e. \n\u2764\ufe0f \u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043f\u043e\u043b\u0443\u0447\u0438\u043b\u0430 10 \u0431\u0430\u043b\u043e\u0432 \u043f\u043e \u0448\u043a\u0430\u043b\u0435 #CVSS. \u0422\u0430\u043a \u0447\u0442\u043e \u0435\u0441\u043b\u0438 \u0432\u044b \u043d\u0435 \u043d\u0430\u043a\u0430\u0442\u0438\u043b\u0438 \u0430\u043f\u0434\u0435\u0439\u0442\u044b, \u0442\u043e \u043e\u0447\u0435\u043d\u044c \u043f\u043e\u0440\u0430. \u041d\u0430 \u043e\u0441\u043d\u043e\u0432\u0435 \u044d\u0442\u043e\u0433\u043e \u043a\u043e\u0434\u0430 \u0443\u043c\u0435\u043b\u044c\u0446\u044b \u0431\u044b\u0441\u0442\u0440\u043e \u043d\u0430\u043f\u0438\u0448\u0443\u0442 \u0431\u043e\u0435\u0432\u043e\u0439 \u0441\u043f\u043b\u043e\u0439\u0442, \u0430 \u043f\u043e\u0442\u043e\u043c \u0431\u0443\u0434\u0435\u0442 \u0431\u0435\u0434\u0430.\n\n#vulnerability #ActiveDirectory #patchtuesday \n\nhttps://github.com/SecuraBV/CVE-2020-1472", "creation_timestamp": "2020-09-22T18:42:29.000000Z"}, {"uuid": "7e85bac3-7a4a-4b60-a983-af8d31b12902", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-1472", "type": "seen", "source": "https://t.me/codeby_sec/8087", "content": "\u200b\u200b\u041e\u0431\u0437\u043e\u0440 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 CVE-2020-1472 \u0438 \u044d\u043a\u0441\u043f\u043b\u043e\u0438\u0442\u0430 \u201cZeroLogon\u201d\n\n\u0412\u0441\u0435\u043c \u043f\u0440\u0438\u0432\u0435\u0442! \u0412 \u0430\u0432\u0433\u0443\u0441\u0442\u0435 2020 Microsoft \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0438 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u0443\u0441\u0442\u0440\u0430\u043d\u044f\u044e\u0449\u0435\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2020-1472. \u042d\u0442\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0437\u0430\u0445\u0432\u0430\u0442\u0438\u0442\u044c \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u043b\u0435\u0440 \u0434\u043e\u043c\u0435\u043d\u0430.\n\u041f\u0440\u0435\u0434\u043b\u0430\u0433\u0430\u044e \u043d\u0435\u043c\u043d\u043e\u0433\u043e \u0443\u0433\u043b\u0443\u0431\u0438\u0442\u044c\u0441\u044f \u0432 \u044d\u0442\u0443 \u0442\u0435\u043c\u0443, \u0440\u0430\u0437\u043e\u0431\u0440\u0430\u0442\u044c\u0441\u044f \u0432 \u043f\u0440\u0438\u0447\u0438\u043d\u0430\u0445 \u0438 \u0440\u0438\u0441\u043a\u0430\u0445, \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u044b\u0445 \u0441 \u044d\u0442\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c\u044e, \u0438 \u0440\u0430\u0441\u0441\u043c\u043e\u0442\u0440\u0435\u0442\u044c \u0441\u0443\u0449\u0435\u0441\u0442\u0432\u0443\u044e\u0449\u0438\u0435 \u044d\u043a\u0441\u043f\u043b\u043e\u0438\u0442\u044b.\n\n\ud83d\udccc \u0427\u0438\u0442\u0430\u0442\u044c \u0434\u0430\u043b\u0435\u0435\n\n#exploit #windows", "creation_timestamp": "2024-04-11T17:39:27.000000Z"}, {"uuid": "8962a31b-fc25-42f0-9aa3-f83887c6b75a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-1472", "type": "exploited", "source": "https://t.me/tech_b0lt_Genona/2079", "content": "CVE-2020-1472: Zerologon\nhttps://github.com/blackarrowsec/redteam-research/tree/master/CVE-2020-1472", "creation_timestamp": "2020-09-14T17:07:13.000000Z"}, {"uuid": "5765c879-0f40-461e-9da8-266b01b71d7e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-1472", "type": "seen", "source": "https://t.me/antichat/8859", "content": "\u041d\u0430\u043f\u0438\u0441\u0430\u043b\u0438 \u0433\u0430\u0439\u0434 \u043f\u043e \u0432\u044b\u044f\u0432\u043b\u0435\u043d\u0438\u044e \u0444\u0430\u043a\u0442\u043e\u0432 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u043e\u0434\u043d\u043e\u0439 \u0438\u0437 \u0441\u0430\u043c\u044b\u0445 \u043e\u043f\u0430\u0441\u043d\u044b\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0438\u0445 \u043b\u0435\u0442 \u2014 CVE-2020-1472, \u0438\u043b\u0438 Zerologon.\n\n\u041e\u043d\u0430 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u0437\u0430\u0445\u0432\u0430\u0442\u0438\u0442\u044c \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u043b\u0435\u0440 \u0434\u043e\u043c\u0435\u043d\u0430 \u0434\u0430\u0436\u0435 \u0431\u0435\u0437 \u043d\u0430\u043b\u0438\u0447\u0438\u044f \u043a\u0430\u043a\u043e\u0433\u043e-\u043b\u0438\u0431\u043e \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044c\u0441\u043a\u043e\u0433\u043e \u0430\u043a\u043a\u0430\u0443\u043d\u0442\u0430. \u0414\u043b\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0430\u0442\u0430\u043a\u0443\u044e\u0449\u0435\u043c\u0443 \u0434\u043e\u0441\u0442\u0430\u0442\u043e\u0447\u043d\u043e \u043f\u043e\u0434\u043a\u043b\u044e\u0447\u0438\u0442\u044c\u0441\u044f \u043a \u043a\u043e\u0440\u043f\u043e\u0440\u0430\u0442\u0438\u0432\u043d\u043e\u0439 \u0441\u0435\u0442\u0438.\n\n\u0412 \u043f\u0440\u043e\u0446\u0435\u0441\u0441\u0435 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u043d\u0438\u044f \u043c\u044b \u0440\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u0430\u043b\u0438 \u0440\u0430\u0437\u043b\u0438\u0447\u043d\u044b\u0435 \u043c\u0435\u0442\u043e\u0434\u044b \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0438\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 Zerologon:\n\u25aa\ufe0f\u043f\u043e \u0441\u043e\u0431\u044b\u0442\u0438\u044f\u043c \u0436\u0443\u0440\u043d\u0430\u043b\u043e\u0432 \u0430\u0443\u0434\u0438\u0442\u0430 Windows;\n\u25aa\ufe0f\u043f\u043e \u0441\u0435\u0442\u0435\u0432\u043e\u043c\u0443 \u0442\u0440\u0430\u0444\u0438\u043a\u0443;\n\u25aa\ufe0f\u043f\u0440\u0438 \u043f\u043e\u043c\u043e\u0449\u0438\u00a0YARA-\u043f\u0440\u0430\u0432\u0438\u043b.\n\n\u0414\u0430\u043d\u043d\u044b\u0435 \u043c\u0435\u0442\u043e\u0434\u044b \u043c\u043e\u0436\u043d\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u043a\u0430\u043a \u043f\u043e \u043e\u0442\u0434\u0435\u043b\u044c\u043d\u043e\u0441\u0442\u0438, \u0442\u0430\u043a \u0438 \u0432\u043c\u0435\u0441\u0442\u0435, \u0447\u0442\u043e \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442 \u043d\u0435 \u0442\u043e\u043b\u044c\u043a\u043e \u0434\u0435\u0442\u0435\u043a\u0442\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u0444\u0430\u043a\u0442\u044b \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438, \u043d\u043e \u0438 \u043f\u043e\u0432\u044b\u0441\u0438\u0442\u044c \u0441\u043a\u043e\u0440\u043e\u0441\u0442\u044c \u043a\u043b\u0430\u0441\u0441\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438 \u0438\u043d\u0446\u0438\u0434\u0435\u043d\u0442\u0430.\n\n\u041f\u043e\u0434\u0440\u043e\u0431\u043d\u0435\u0435 \u043e \u043a\u0430\u0436\u0434\u043e\u043c \u0438\u0437 \u0441\u043f\u043e\u0441\u043e\u0431\u043e\u0432 \u0434\u0435\u0442\u0435\u043a\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u044f \u0447\u0438\u0442\u0430\u0439\u0442\u0435 \u0432 \u043d\u0430\u0448\u0435\u043c \u043c\u0430\u0442\u0435\u0440\u0438\u0430\u043b\u0435.", "creation_timestamp": "2020-11-03T14:00:37.000000Z"}, {"uuid": "0407863b-dcea-40af-8a89-1e62fdfba3ae", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-1472", "type": "published-proof-of-concept", "source": "Telegram/SumV8avL7Sbl1SJPE_rB4-ULAsTbHoJ55H_PswnJfdlCjxM", "content": "", "creation_timestamp": "2025-10-05T03:00:06.000000Z"}, {"uuid": "e2de459b-2939-4304-8f69-9fa63e68f10c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-1472", "type": "published-proof-of-concept", "source": "Telegram/0kkoPZe9SRaFjk6r6hE0E-PGR1LEPuhACBCZgoO035MqCFM", "content": "", "creation_timestamp": "2025-10-05T03:00:12.000000Z"}, {"uuid": "0fcfba71-bd53-48d0-9f19-53f3dc67409c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-1472", "type": "seen", "source": "https://t.me/tech_b0lt_Genona/2078", "content": "\u0411\u043e\u043b\u044c\u0448\u043e\u0439 \u0448\u0443\u043c \u043f\u043e\u0434\u043d\u044f\u043b\u0441\u044f \u0432 \u0438\u043d\u0444\u043e\u0441\u0435\u043a \u0441\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u0435 \u043f\u043e\u0441\u043b\u0435 \u043e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043d\u0438\u044f \u0441\u0435\u0433\u043e\u0434\u043d\u044f \u0433\u043e\u043b\u043b\u0430\u043d\u0434\u0441\u043a\u043e\u0439 \u0438\u043d\u0444\u043e\u0441\u0435\u043a \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0435\u0439 Secure BV \u0442\u0435\u0445\u043d\u0438\u0447\u0435\u0441\u043a\u0438\u0445 \u043f\u043e\u0434\u0440\u043e\u0431\u043d\u043e\u0441\u0442\u0435\u0439 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u043d\u043e\u0439 Microsoft \u0432 \u0430\u0432\u0433\u0443\u0441\u0442\u043e\u0432\u0441\u043a\u043e\u043c \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 CVE-2020-1472, \u043f\u043e\u043b\u0443\u0447\u0438\u0432\u0448\u0435\u0439 \u043d\u0430\u0437\u0432\u0430\u043d\u0438\u0435 Zerologon.  \n\n\u0425\u043e\u0442\u044f \u0440\u0430\u043d\u0435\u0435 \u0438 \u0431\u044b\u043b\u043e \u0438\u0437\u0432\u0435\u0441\u0442\u043d\u043e, \u0447\u0442\u043e \u043e\u0448\u0438\u0431\u043a\u0430 \u043f\u043e\u043b\u0443\u0447\u0438\u043b\u0430 10 \u0438\u0437 10  \u043f\u043e \u0448\u043a\u0430\u043b\u0435 \u043a\u0440\u0438\u0442\u0438\u0447\u043d\u043e\u0441\u0442\u0438 \u0438 \u043a\u0430\u0441\u0430\u0435\u0442\u0441\u044f \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u0438\u044f \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439 \u0432 Netlogon, \u0441\u043b\u0443\u0436\u0431\u0435 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438 \u0432 Windows Server, \u043f\u043e\u043b\u043d\u043e\u0439 \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438 \u043d\u0435 \u0431\u044b\u043b\u043e. \u041e\u043d\u0430 \u043f\u043e\u044f\u0432\u0438\u043b\u0430\u0441\u044c \u0441\u0435\u0433\u043e\u0434\u043d\u044f \u0438 \u043f\u043e\u0441\u0442\u0430\u0432\u0438\u043b\u0430 \u0432\u0441\u0435\u0445 \u043d\u0430 \u0443\u0448\u0438.\n\n\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0437\u0430\u043a\u043b\u044e\u0447\u0430\u0435\u0442\u0441\u044f \u0432 \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043a\u0435 \u0432 \u043a\u0440\u0438\u043f\u0442\u043e\u0433\u0440\u0430\u0444\u0438\u0447\u0435\u0441\u043a\u043e\u0439 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438 \u043f\u0440\u043e\u0442\u043e\u043a\u043e\u043b\u0430 Netlogon Remote Protocol. \u041e\u043d\u0430 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u0432\u044b\u0434\u0430\u0432\u0430\u0442\u044c \u0441\u0435\u0431\u044f \u0437\u0430 \u043b\u044e\u0431\u043e\u0439 \u0445\u043e\u0441\u0442 \u0432 \u0441\u0435\u0442\u0438, \u0432\u043a\u043b\u044e\u0447\u0430\u044f \u0441\u0430\u043c \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u043b\u0435\u0440 \u0434\u043e\u043c\u0435\u043d\u0430. \u041a\u0440\u043e\u043c\u0435 \u0442\u043e\u0433\u043e, \u0445\u0430\u043a\u0435\u0440 \u043c\u043e\u0436\u0435\u0442 \u043e\u0442\u043a\u043b\u044e\u0447\u0438\u0442\u044c \u0444\u0443\u043d\u043a\u0446\u0438\u0438 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438 Netlogon \u0438 \u0438\u0437\u043c\u0435\u043d\u0438\u0442\u044c \u043f\u0430\u0440\u043e\u043b\u044c \u0432 Active Directory. \n\n\u0412 \u0447\u0435\u043c \u0436\u0435 \u043a\u043e\u043d\u043a\u0440\u0435\u0442\u043d\u043e \u0441\u043e\u0434\u0435\u0440\u0436\u0430\u043b\u0430\u0441\u044c \u043e\u0448\u0438\u0431\u043a\u0430? \u0412 \u0440\u0435\u0430\u043b\u0438\u0437\u0430\u0446\u0438\u0438 \u0430\u043b\u0433\u043e\u0440\u0438\u0442\u043c\u0430 \u0448\u0438\u0444\u0440\u043e\u0432\u0430\u043d\u0438\u044f AES-CFB8 \u0432 \u0444\u0443\u043d\u043a\u0446\u0438\u0438 ComputeNetlogonCredential, \u0433\u0434\u0435 \u0432\u0435\u043a\u0442\u043e\u0440 \u0438\u043d\u0438\u0446\u0438\u0430\u043b\u0438\u0437\u0430\u0446\u0438\u0438 (IV) \u044f\u0432\u043b\u044f\u0435\u0442\u0441\u044f \u0444\u0438\u043a\u0441\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u043c \u0438 \u0441\u043e\u0441\u0442\u043e\u0438\u0442 \u0438\u0437 16 \u043d\u0443\u043b\u0435\u0432\u044b\u0445 \u0431\u0430\u0439\u0442\u043e\u0432, \u0445\u043e\u0442\u044f \u043f\u043e \u0442\u0440\u0435\u0431\u043e\u0432\u0430\u043d\u0438\u044f\u043c \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u043e\u043d \u0434\u043e\u043b\u0436\u0435\u043d \u0431\u044b\u0442\u044c \u0441\u043b\u0443\u0447\u0430\u0439\u043d\u044b\u043c. \u0412 \u0438\u0442\u043e\u0433\u0435 \u0434\u043b\u044f 1 \u0438\u0437 256 \u043a\u043b\u044e\u0447\u0435\u0439 \u043f\u0440\u0438\u043c\u0435\u043d\u0435\u043d\u0438\u0435 \u0448\u0438\u0444\u0440\u043e\u0432\u0430\u043d\u0438\u044f \u043a \u0432\u0432\u043e\u0434\u0443, \u0441\u043e\u0441\u0442\u043e\u044f\u0449\u0435\u043c\u0443 \u0438\u0437 \u0432\u0441\u0435\u0445 \u043d\u0443\u043b\u0435\u0439, \u0434\u0430\u0441\u0442 \u0442\u0430\u043a\u043e\u0439 \u0436\u0435 \u043d\u0443\u043b\u0435\u0432\u043e\u0439 \u0432\u044b\u0432\u043e\u0434.\n\n\u0427\u0435\u043c \u0436\u0435 \u044d\u0442\u043e \u043f\u043b\u043e\u0445\u043e? \u0410 \u0442\u0435\u043c, \u0447\u0442\u043e \u0445\u0430\u043a\u0435\u0440, \u043f\u043e\u043f\u0440\u043e\u0431\u043e\u0432\u0430\u0432 \u043d\u0435\u0441\u043a\u043e\u043b\u044c\u043a\u043e \u0440\u0430\u0437 \u043f\u043e\u0434\u0440\u044f\u0434 (\u0441\u0440\u0435\u0434\u043d\u0435\u0435 \u043e\u0436\u0438\u0434\u0430\u0435\u043c\u043e\u0435 \u043a\u043e\u043b\u0438\u0447\u0435\u0441\u0442\u0432\u043e \u043f\u043e\u043f\u044b\u0442\u043e\u043a \u0440\u0430\u0432\u043d\u044f\u0435\u0442\u0441\u044f 256), \u043c\u043e\u0436\u0435\u0442 \u043e\u0431\u043e\u0439\u0442\u0438 \u043f\u0440\u043e\u0446\u0435\u0441\u0441 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438, \u043f\u043e\u0441\u043a\u043e\u043b\u044c\u043a\u0443 \u043e\u0434\u0438\u043d \u0438\u0437 \u043a\u043b\u044e\u0447\u0435\u0432\u044b\u0445 \u0435\u0433\u043e \u043f\u0430\u0440\u0430\u043c\u0435\u0442\u0440\u043e\u0432, ClientCredential, \u0432\u044b\u0447\u0438\u0441\u043b\u044f\u0435\u0442\u0441\u044f \u043a\u0430\u043a \u0440\u0430\u0437 \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e ComputeNetlogonCredential. \u0422\u043e \u0435\u0441\u0442\u044c \u0432 \u0441\u0440\u0435\u0434\u043d\u0435\u043c \u0432 1 \u0438\u0437 256 \u043f\u043e\u043f\u044b\u0442\u043e\u043a \u0441\u0435\u0440\u0432\u0435\u0440 \u043f\u0440\u0438 \u043f\u043e\u043b\u0443\u0447\u0435\u043d\u0438\u0438 \u043a\u043b\u0438\u0435\u043d\u0442\u0441\u043a\u043e\u0433\u043e \u0437\u0430\u043f\u0440\u043e\u0441\u0430 \u0438\u0437 8 \u043d\u0443\u043b\u0435\u0439 \u0431\u0443\u0434\u0435\u0442 \u043e\u0436\u0438\u0434\u0430\u0442\u044c ClientCredential \u0442\u0430\u043a\u0436\u0435 \u0438\u0437 8 \u043d\u0443\u043b\u0435\u0439.\n\n\u0410 \u043f\u043e\u0441\u043a\u043e\u043b\u044c\u043a\u0443 \u0430\u043a\u043a\u0430\u0443\u043d\u0442 \u043f\u043e\u0434\u043a\u043b\u044e\u0447\u0430\u044e\u0449\u0435\u0433\u043e\u0441\u044f \u043a\u043e\u043c\u043f\u044c\u044e\u0442\u0435\u0440\u0430 \u043d\u0435 \u0431\u043b\u043e\u043a\u0438\u0440\u0443\u0435\u0442\u0441\u044f \u0432 \u0441\u043b\u0443\u0447\u0430\u0435 \u043d\u0435\u0432\u0435\u0440\u043d\u043e\u0433\u043e \u043e\u0442\u0432\u0435\u0442\u0430, \u0442\u043e \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e \u043f\u0440\u043e\u0441\u0442\u043e\u0439 \u043f\u043e\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u044c\u043d\u043e\u0441\u0442\u0438 \u043f\u043e\u043f\u044b\u0442\u043e\u043a \u043d\u0430\u043f\u0438\u0445\u0430\u0442\u044c \u0441\u0435\u0440\u0432\u0435\u0440\u0443 8 \u043d\u0443\u043b\u0435\u0439, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u0437\u0430\u0439\u043c\u0435\u0442 \u043e\u043a\u043e\u043b\u043e 3 \u0441\u0435\u043a\u0443\u043d\u0434, \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a \u043f\u0440\u043e\u0439\u0434\u0435\u0442 \u043f\u0440\u043e\u0446\u0435\u0441\u0441 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438. \n\n\u0412 \u0434\u0430\u043b\u044c\u043d\u0435\u0439\u0448\u0435\u043c \u0445\u0430\u043a\u0435\u0440 \u043f\u0440\u0435\u0434\u043f\u0440\u0438\u043c\u0435\u0442 \u0435\u0449\u0435 \u043d\u0435\u0441\u043a\u043e\u043b\u044c\u043a\u043e \u0442\u0440\u044e\u043a\u043e\u0432, \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u044b\u0445 \u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c\u044e ComputeNetlogonCredential, \u0447\u0442\u043e\u0431\u044b \u043f\u043e\u043b\u043d\u043e\u0446\u0435\u043d\u043d\u043e \u0432\u0437\u044f\u0442\u044c \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u043b\u0435\u0440 \u0434\u043e\u043c\u0435\u043d\u0430 \u043f\u043e\u0434 \u0441\u0432\u043e\u044e \u0432\u043b\u0430\u0441\u0442\u044c.\n\n\u0415\u0434\u0438\u043d\u0441\u0442\u0432\u0435\u043d\u043d\u043e\u0435 \u043e\u0433\u0440\u0430\u043d\u0438\u0447\u0435\u043d\u0438\u0435 \u043d\u0430 \u043f\u0440\u0438\u043c\u0435\u043d\u0435\u043d\u0438\u0435 \u0430\u0442\u0430\u043a\u0438 - \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a \u0434\u043e\u043b\u0436\u0435\u043d \u0441\u043e\u0432\u0435\u0440\u0448\u0430\u0442\u044c \u0435\u0435 \u0438\u0437\u043d\u0443\u0442\u0440\u0438 \u0441\u0435\u0442\u0438, \u043f\u0440\u0435\u0434\u0432\u0430\u0440\u0438\u0442\u0435\u043b\u044c\u043d\u043e \u0441\u043a\u043e\u043c\u043f\u0440\u043e\u043c\u0435\u0442\u0438\u0440\u043e\u0432\u0430\u0432 \u043e\u0434\u043d\u0443 \u0438\u0437 \u043c\u0430\u0448\u0438\u043d. \u041d\u043e \u044d\u0442\u043e \u0437\u0430\u0434\u0430\u0447\u0430 \u0432\u043e \u043c\u043d\u043e\u0433\u0438\u0445 \u0441\u043b\u0443\u0447\u0430\u044f\u0445 \u0440\u0435\u0448\u0430\u0435\u043c\u0430\u044f.\n\n\u0412\u044b\u043f\u0443\u0449\u0435\u043d\u043d\u044b\u0439 Microsoft \u0432 \u0430\u0432\u0433\u0443\u0441\u0442\u0435 \u043f\u0430\u0442\u0447 \u0443\u0441\u0442\u0430\u043d\u0430\u0432\u043b\u0438\u0432\u0430\u0435\u0442 \u0437\u0430\u043f\u043b\u0430\u0442\u043a\u0443 \u043d\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c Zerologon, \u0434\u0435\u043b\u0430\u044f \u043e\u0431\u044f\u0437\u0430\u0442\u0435\u043b\u044c\u043d\u044b\u043c \u0432\u043a\u043b\u044e\u0447\u0435\u043d\u0438\u0435 \u043c\u0435\u0445\u0430\u043d\u0438\u0437\u043c\u0430 NRPC \u0442\u0440\u0430\u043d\u0441\u043f\u043e\u0440\u0442\u043d\u043e\u0433\u043e \u0448\u0438\u0444\u0440\u043e\u0432\u0430\u043d\u0438\u044f, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u0445\u0430\u043a\u0435\u0440 \u043c\u043e\u0433 \u043e\u0431\u043e\u0439\u0442\u0438, \u043f\u0440\u043e\u0441\u0442\u043e \u043e\u0442\u043a\u043b\u044e\u0447\u0438\u0432 \u0435\u0433\u043e \u0441\u043e \u0441\u0442\u043e\u0440\u043e\u043d\u044b \u043a\u043b\u0438\u0435\u043d\u0442\u0430 (\u0442\u0430\u043a\u043e\u0435 \u0434\u043e\u043f\u0443\u0441\u043a\u0430\u043b\u043e\u0441\u044c). \n\n\u0418\u043d\u0444\u043e\u0441\u0435\u043a \u044d\u043a\u0441\u043f\u0435\u0440\u0442\u044b \u043f\u0440\u0438\u0437\u043d\u0430\u044e\u0442 Zerologon \u0432\u0435\u0441\u044c\u043c\u0430 \u043f\u0440\u043e\u0441\u0442\u043e\u0439 \u043a \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u044e \u0438 \u043e\u0447\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c\u044e - \"This is really scary\". \u0427\u0442\u043e\u0431\u044b \u043d\u0435 \u0431\u044b\u043b\u043e \"scary\" \u043d\u0430\u0434\u043e \u043f\u0440\u043e\u0441\u0442\u043e \u0441\u0432\u043e\u0435\u0432\u0440\u0435\u043c\u0435\u043d\u043d\u043e \u0430\u043f\u0434\u0435\u0439\u0442\u0438\u0442\u044c \u0441\u0432\u043e\u0438 Windows Server.", "creation_timestamp": "2020-09-14T17:05:34.000000Z"}, {"uuid": "2007ba37-76d5-47de-9cba-96fd6b2d4311", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-1472", "type": "published-proof-of-concept", "source": "https://t.me/tech_b0lt_Genona/2085", "content": "> \u0420\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u0447\u0438\u043a\u0438 \u043f\u0440\u043e\u0435\u043a\u0442\u0430 Samba \u043f\u0440\u0435\u0434\u0443\u043f\u0440\u0435\u0434\u0438\u043b\u0438 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439, \u0447\u0442\u043e \u043d\u0435\u0434\u0430\u0432\u043d\u043e \u0432\u044b\u044f\u0432\u043b\u0435\u043d\u043d\u0430\u044f \u0432 Windows \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c ZeroLogin (CVE-2020-1472) \u043f\u0440\u043e\u044f\u0432\u043b\u044f\u0435\u0442\u0441\u044f \u0438 \u0432 \u0440\u0435\u0430\u043b\u0438\u0437\u0430\u0446\u0438\u0438 \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u043b\u0435\u0440\u0430 \u0434\u043e\u043c\u0435\u043d\u0430 \u043d\u0430 \u0431\u0430\u0437\u0435 Samba. \u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432\u044b\u0437\u0432\u0430\u043d\u0430 \u043d\u0435\u0434\u043e\u0440\u0430\u0431\u043e\u0442\u043a\u0430\u043c\u0438 \u0432 \u043f\u0440\u043e\u0442\u043e\u043a\u043e\u043b\u0435 MS-NRPC \u0438 \u043a\u0440\u0438\u043f\u0442\u043e\u0430\u043b\u0433\u043e\u0440\u0438\u0442\u043c\u0435 AES-CFB8, \u0438 \u043f\u0440\u0438 \u0443\u0441\u043f\u0435\u0448\u043d\u043e\u0439 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u0434\u043e\u0441\u0442\u0443\u043f \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440\u0430 \u0432 \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u043b\u0435\u0440\u0435 \u0434\u043e\u043c\u0435\u043d\u0430.\n\nhttps://www.opennet.ru/opennews/art.shtml?num=53728", "creation_timestamp": "2020-09-17T09:16:10.000000Z"}, {"uuid": "d5e7032c-99de-42bc-b3fa-0f3ade920814", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-1472", "type": "exploited", "source": "https://t.me/BleepingComputer/8221", "content": "Microsoft clarifies patch confusion for Windows Zerologon flaw\n\nMicrosoft clarified the steps customers should take to make sure that their devices are protected against ongoing attacks using Windows Server Zerologon\u00a0(CVE-2020-1472) exploits. [...]\n\nhttps://www.bleepingcomputer.com/news/security/microsoft-clarifies-patch-confusion-for-windows-zerologon-flaw/", "creation_timestamp": "2020-09-29T15:09:03.000000Z"}, {"uuid": "c4fee9f7-fd8a-4c39-b501-270f1ede16a2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-1472", "type": "exploited", "source": "https://t.me/BleepingComputer/8146", "content": "Windows Zerologon PoC exploits allow domain takeover. Patch Now!\n\nResearchers have released exploits for the Windows Zerologon CVE-2020-1472 vulnerability that allow an attacker to take control of a Windows domain. Install patches now! [...]\n\nhttps://www.bleepingcomputer.com/news/microsoft/windows-zerologon-poc-exploits-allow-domain-takeover-patch-now/", "creation_timestamp": "2020-09-15T20:38:13.000000Z"}, {"uuid": "a38eeaa5-c461-433d-a1c5-3fe0488a2e44", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-1472", "type": "seen", "source": "https://t.me/BleepingComputer/8310", "content": "Hackers used VPN flaws to access US govt elections support systems\n\nGovernment-backed hackers\u00a0have compromised and gained access to US elections support systems by chaining together VPN vulnerabilities and the recent Windows CVE-2020-1472 security flaw. [...]\n\nhttps://www.bleepingcomputer.com/news/security/hackers-used-vpn-flaws-to-access-us-govt-elections-support-systems/", "creation_timestamp": "2020-10-12T18:40:46.000000Z"}, {"uuid": "1ff9cd0e-5bcf-448b-aad8-94a6a02a9c7d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-1472", "type": "exploited", "source": "https://t.me/CyberGovIL/822", "content": "\u05e2\u05d3\u05db\u05d5\u05df \u05d4\u05d0\u05d1\u05d8\u05d7\u05d4 \u05d4\u05d7\u05d5\u05d3\u05e9\u05d9 \u05e9\u05dc \u05de\u05d9\u05e7\u05e8\u05d5\u05e1\u05d5\u05e4\u05d8 - \u05d0\u05d5\u05d2\u05d5\u05e1\u05d8 2020 | LEA102064\n\n\u05d1-11 \u05dc\u05d7\u05d5\u05d3\u05e9 \u05e4\u05e8\u05e1\u05de\u05d4 \u05de\u05d9\u05e7\u05e8\u05d5\u05e1\u05d5\u05e4\u05d8 \u05db-120 \u05e2\u05d3\u05db\u05d5\u05e0\u05d9 \u05d0\u05d1\u05d8\u05d7\u05d4 \u05dc\u05e4\u05d2\u05d9\u05e2\u05d5\u05d9\u05d5\u05ea \u05d1\u05ea\u05d5\u05db\u05e0\u05d5\u05ea \u05e0\u05ea\u05de\u05db\u05d5\u05ea. 17 \u05e4\u05d2\u05d9\u05e2\u05d5\u05d9\u05d5\u05ea \u05de\u05e1\u05d5\u05d5\u05d2\u05d5\u05ea \u05db\u05e7\u05e8\u05d9\u05d8\u05d9\u05d5\u05ea.\n\n\u05d4\u05e4\u05d2\u05d9\u05e2\u05d5\u05d9\u05d5\u05ea \u05d4\u05d7\u05de\u05d5\u05e8\u05d5\u05ea \u05d1\u05d9\u05d5\u05ea\u05e8 \u05e2\u05dc\u05d5\u05dc\u05d5\u05ea \u05dc\u05d0\u05e4\u05e9\u05e8 \u05dc\u05ea\u05d5\u05e7\u05e4\u05d9\u05dd \u05d4\u05e4\u05e2\u05dc\u05ea \u05e7\u05d5\u05d3 \u05de\u05e8\u05d7\u05d5\u05e7 (RCE).\n\n2 \u05e4\u05d2\u05d9\u05e2\u05d5\u05d9\u05d5\u05ea \u05de\u05e0\u05d5\u05e6\u05dc\u05d5\u05ea \u05d1\u05e4\u05d5\u05e2\u05dc \u05d1\u05ea\u05e7\u05d9\u05e4\u05d5\u05ea \u05d1\u05e2\u05d5\u05dc\u05dd (Zero day).\n\n\u05ea\u05e9\u05d5\u05de\u05ea \u05dc\u05d9\u05d1\u05db\u05dd \u05dc\u05e4\u05d2\u05d9\u05e2\u05d5\u05ea \u05d1\u05e9\u05d9\u05e8\u05d5\u05ea NetLogon (CVE-2020-1472) \u05d5\u05dc\u05d8\u05d9\u05e4\u05d5\u05dc \u05d1\u05d4, \u05d4\u05de\u05d5\u05e8\u05db\u05d1 \u05de\u05de\u05e1\u05e4\u05e8 \u05e9\u05dc\u05d1\u05d9\u05dd.\n\n\u05de\u05d5\u05de\u05dc\u05e5 \u05de\u05d0\u05d3 \u05dc\u05d1\u05d7\u05d5\u05df \u05d4\u05e2\u05d3\u05db\u05d5\u05e0\u05d9\u05dd \u05d1\u05e1\u05d1\u05d9\u05d1\u05ea \u05e0\u05d9\u05e1\u05d5\u05d9, \u05d5\u05dc\u05d4\u05ea\u05e7\u05d9\u05e0\u05dd \u05d1\u05d4\u05e7\u05d3\u05dd \u05d4\u05d0\u05e4\u05e9\u05e8\u05d9.", "creation_timestamp": "2020-08-12T13:06:42.000000Z"}, {"uuid": "7e3bc70a-c31c-44b4-81af-5d0738454d46", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-1472", "type": "exploited", "source": "https://t.me/ETHICALHACKERSCOMMUNITY2/2089", "content": "address of these users so that you can target their box.  Link: https://github.com/HunnicCyber/SharpSniper      SharpSphere:    Description: SharpSphere gives red teamers the ability to easily interact with the guest operating systems of virtual machines managed by vCenter  Link: https://github.com/JamesCooteUK/SharpSphere      SharpSpray:    Description: SharpSpray a simple code set to perform a password spraying attack against all users of a domain using LDAP and is compatible with Cobalt Strike.  Link: https://github.com/jnqpblc/SharpSpray      SharpSQLPwn:    Description: C# tool to identify and exploit weaknesses with MSSQL instances in Active Directory environments  Link: https://github.com/lefayjey/SharpSQLPwn      SharpStay:    Description: .NET Persistence  Link: https://github.com/0xthirteen/SharpStay      SharpSvc:    Description: SharpSvc is a simple code set to interact with the SC Manager API using the same DCERPC process as sc.exe, which open with TCP port 135 and is followed by the use of an ephemeral TCP   port  Link: https://github.com/jnqpblc/SharpSvc      SharpTask:    Description: SharpTask is a simple code set to interact with the Task Scheduler service API using the same DCERPC process as schtasks.exe, which open with TCP port 135 and is followed by the use of   an ephemeral TCP port.  Link: https://github.com/jnqpblc/SharpTask      SharpUp:    Description: SharpUp is a C# port of various PowerUp functionality  Link: https://github.com/GhostPack/SharpUp      SharpView:    Description: .NET port of PowerView  Link: https://github.com/tevora-threat/SharpView      SharpWebServer:    Description: Red Team oriented simple HTTP & WebDAV server written in C# with functionality to capture Net-NTLM hashes  Link: https://github.com/mgeeky/SharpWebServer      SharpWifiGrabber:    Description: Retrieves in clear-text the Wi-Fi Passwords from all WLAN Profiles saved on a workstation  Link: https://github.com/r3nhat/SharpWifiGrabber      SharpWMI:    Description: SharpWMI is a C# implementation of various WMI functionality.  Link: https://github.com/GhostPack/SharpWMI      SharpZeroLogon:    Description: An exploit for CVE-2020-1472, a.k.a. Zerologon. This tool exploits a cryptographic vulnerability in Netlogon to achieve authentication bypass.  Link: https://github.com/nccgroup/nccfsas      Shhmon:    Description: While Sysmon's driver can be renamed at installation, it is always loaded at altitude 385201. The objective of this tool is to challenge the assumption that our defensive tools are   always collecting events.  Link: https://github.com/matterpreter/Shhmon      Snaffler:    Description: Snaffler is a tool for pentesters and red teamers to help find delicious candy needles (creds mostly, but it's flexible) in a bunch of horrible boring haystacks (a massive Windows/AD   environment).  Link: https://github.com/SnaffCon/Snaffler      SqlClient:    Description: C# .NET mssql client for accessing database data through beacon.  Link: https://github.com/FortyNorthSecurity/SqlClient      StandIn:    Description: StandIn is a small AD post-compromise toolkit  Link: https://github.com/FuzzySecurity/StandIn      SweetPotato:    Description: A collection of various native Windows privilege escalation techniques from service accounts to SYSTEM  Link: https://github.com/CCob/SweetPotato      ThreatCheck:    Description: Modified version of Matterpreter's DefenderCheck  Link: https://github.com/rasta-mouse/ThreatCheck      TokenStomp:    Description: C# POC for the token privilege removal flaw reported  Link: https://github.com/MartinIngesen/TokenStomp      TruffleSnout:    Description: Iterative AD discovery toolkit for offensive operators  Link: https://github.com/dsnezhkov/TruffleSnout      Watson:    Description: Watson is a .NET tool designed to enumerate missing KBs and suggest exploits for Privilege Escalation vulnerabilities.  Link: https://github.com/rasta-mouse/Watson      Whisker:    Description: Whisker is a C#", "creation_timestamp": "2023-02-17T13:46:41.000000Z"}, {"uuid": "9024cea8-69c8-4468-a20c-2413cf24f708", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-1472", "type": "published-proof-of-concept", "source": "https://t.me/alexmakus/3640", "content": "\u0442\u0443\u0442 \u0432\u0441\u044f\u0447\u0435\u0441\u043a\u0438 \u043f\u0440\u0438\u0437\u044b\u0432\u0430\u044e\u0442 \u0430\u0434\u043c\u0438\u043d\u043e\u0432 \u043a\u0430\u043a \u043c\u043e\u0436\u043d\u043e \u0431\u044b\u0441\u0442\u0440\u0435\u0435 \u043f\u0440\u043e\u043f\u0430\u0442\u0447\u0438\u0442\u044c \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2020-1472 \u0432 Microsoft netlogon \n\nhttps://support.microsoft.com/en-us/help/4557222/how-to-manage-the-changes-in-netlogon-secure-channel-connections-assoc\n\nhttps://www.secura.com/blog/zero-logon\n\nhttps://github.com/SecuraBV/CVE-2020-1472", "creation_timestamp": "2020-09-15T15:27:25.000000Z"}, {"uuid": "7376edc3-fc36-46ee-a1ed-cf9d40c66fde", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-1472", "type": "seen", "source": "https://t.me/is_n3ws/36", "content": "\u0410\u041d\u0411 \u043f\u0440\u043e\u0430\u043d\u0430\u043b\u0438\u0437\u0438\u0440\u043e\u0432\u0430\u043b\u043e \u0430\u0442\u0430\u043a\u0438 \u043a\u0438\u0442\u0430\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u0430\u0432\u0438\u0442\u0435\u043b\u044c\u0441\u0432\u0442\u0432\u0435\u043d\u043d\u044b\u0445 \u0445\u0430\u043a\u0435\u0440\u043e\u0432 \u0438 \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u043e \u043e\u0442\u0447\u0435\u0442. Top-20 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u0435\u043c\u044b\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439.\n\nhttps://media.defense.gov/2020/Oct/20/2002519884/-1/-1/0/CSA_CHINESE_EXPLOIT_VULNERABILITIES_UOO179811.PDF\n\nGaining Remote Access: \n-----------------------------\nCVE-2019-11510: Arbitrary file read/Pulse Secure VPN\nCVE-2019-19781: RCE/Citrix ADC\nCVE-2020-8195/3/6: Unauthenticated access\nCVE-2019-0708: RCE on RDP server\nCVE-2020-5902: RCE in F5 BIG-IP\n\nAD:\n----\nCVE-2020-1472: #ZeroLogon\nCVE-2019-1040: NTLM relay bypass\n\nMDM: \n------\nCVE-2020-15505: MobileIron device management\n\nExploiting Public Facing Services:\n---------------- \nCVE-2020-1350: RCE/ DNS Servers #SigRed\nCVE-2018-6789: RCE/ Exim mail transfer\nCVE-2018-4939: RCE/ Adobe's Cold Fusion\n\nWorkstation Local Privilege Escalation:\n-------------------------\nCVE-2020-0601: ECC spoofing #CurveBall\nCVE-2019-0803: Win32k Elevation of Privilege\n\nInternal Applications:\n--------------------\nCVE-2020-0688: RCE/MS Exchange\nCVE-2020-2555: RCE/Oracle Weblogic\nCVE-2019-11580: RCE/Atlassian Crowd\nCVE-2019-18935: RCE/ASP.Net\nCVE-2015-4852: RCE/Apache\nCVE-2019-3396: Unauthorized Access/Confluence\nCVE-2020-10189: RCE/Desktop Central", "creation_timestamp": "2020-11-06T22:00:17.000000Z"}, {"uuid": "7fc9e359-2eaf-43aa-9a7e-e40d9b88c437", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-1472", "type": "published-proof-of-concept", "source": "https://t.me/hybgl/430", "content": "#windows #CVE #privesc #zerologon\n\n[ CVE-2020-1472  Netlogon authentication bypass testing ]\n\nhttps://github.com/SecuraBV/CVE-2020-1472\n\n\n\u041f\u043e\u0434\u0440\u043e\u0431\u043d\u043e\u0441\u0442\u0438:  https://www.secura.com/pathtoimg.php?id=2055", "creation_timestamp": "2021-07-22T16:10:45.000000Z"}, {"uuid": "6778a585-c10e-4ab7-813c-1c632891a50c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-1472", "type": "published-proof-of-concept", "source": "Telegram/12GQmhdjAZoUy0KyEWtwA71DbE079snwo4quD3RJiXmYXw", "content": "", "creation_timestamp": "2020-09-16T06:13:02.000000Z"}, {"uuid": "78ea6e33-696e-42e4-bd6a-0b2e9a4d11d2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-1472", "type": "seen", "source": "https://t.me/true_secator/7103", "content": "\u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u041b\u0430\u0431\u043e\u0440\u0430\u0442\u043e\u0440\u0438\u0438 \u041a\u0430\u0441\u043f\u0435\u0440\u0441\u043a\u043e\u0433\u043e \u043f\u0440\u043e\u0434\u043e\u043b\u0436\u0430\u044e\u0442 \u0431\u043e\u043c\u0431\u0438\u0442\u044c \u043e\u0442\u0447\u0435\u0442\u0430\u043c\u0438, \u043d\u0430 \u044d\u0442\u043e\u0442 \u0440\u0430\u0437 \u043f\u043e\u0434\u043e\u0433\u043d\u0430\u043b\u0438 \u0430\u043d\u0430\u043b\u0438\u0442\u0438\u043a\u0443 \u043f\u043e \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430\u043c \u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044f\u043c \u0437\u0430 \u043f\u0435\u0440\u0432\u044b\u0439 \u043a\u0432\u0430\u0440\u0442\u0430\u043b 2025 \u0433\u043e\u0434\u0430.\n\n\u0412 \u043f\u0435\u0440\u0432\u043e\u043c \u043a\u0432\u0430\u0440\u0442\u0430\u043b\u0435 2025 \u0433\u043e\u0434\u0430 \u043f\u0440\u043e\u0434\u043e\u043b\u0436\u0430\u043b\u0430\u0441\u044c \u043f\u0443\u0431\u043b\u0438\u043a\u0430\u0446\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439, \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u043d\u044b\u0445 \u0438 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043d\u044b\u0445 \u0432 2024 \u0433\u043e\u0434\u0443, \u0442\u0430\u043a \u043a\u0430\u043a \u043d\u0435\u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u0440\u0430\u043d\u0435\u0435 \u043d\u0435 \u043c\u043e\u0433\u043b\u0438 \u043e\u0431\u043d\u0430\u0440\u043e\u0434\u043e\u0432\u0430\u0442\u044c \u043f\u043e\u0434\u0440\u043e\u0431\u043d\u043e\u0441\u0442\u0438.\n\n\u0412 \u0446\u0435\u043b\u043e\u043c \u043f\u043e\u043a\u0430\u0437\u0430\u0442\u0435\u043b\u0438 \u043a\u0432\u0430\u0440\u0442\u0430\u043b\u0430 \u0434\u0435\u043c\u043e\u043d\u0441\u0442\u0440\u0438\u0440\u0443\u044e\u0442 \u0434\u043e\u0441\u0442\u0430\u0442\u043e\u0447\u043d\u043e \u0431\u043e\u043b\u044c\u0448\u043e\u0435 \u043a\u043e\u043b\u0438\u0447\u0435\u0441\u0442\u0432\u043e \u0437\u0430\u0440\u0435\u0433\u0438\u0441\u0442\u0440\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439, \u043f\u0440\u0438 \u044d\u0442\u043e\u043c \u0434\u0438\u043d\u0430\u043c\u0438\u043a\u0430 \u0438\u0445 \u0440\u0435\u0433\u0438\u0441\u0442\u0440\u0430\u0446\u0438\u0438 \u0432\u043e \u043c\u043d\u043e\u0433\u043e\u043c \u043f\u043e\u0432\u0442\u043e\u0440\u044f\u0435\u0442 \u043f\u0440\u0435\u0434\u044b\u0434\u0443\u0449\u0438\u0435 \u0433\u043e\u0434\u044b.\n\n\u0412 \u0446\u0435\u043b\u043e\u043c \u043c\u043d\u043e\u0433\u0438\u0435 CWE \u0438\u0437 TOP 10 \u0434\u043b\u044f \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u044b\u0445 \u0440\u0435\u0448\u0435\u043d\u0438\u0439 Microsoft \u0438 \u044f\u0434\u0440\u0430 Linux \u0441\u043e\u0432\u043f\u0430\u0434\u0430\u044e\u0442 \u0438\u043b\u0438 \u044f\u0432\u043b\u044f\u044e\u0442\u0441\u044f \u0430\u043d\u0430\u043b\u043e\u0433\u0438\u0447\u043d\u044b\u043c\u0438, \u0430 \u0437\u043d\u0430\u0447\u0438\u0442, \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043e\u0441\u043d\u043e\u0432\u0430\u043d\u044b \u043d\u0430 \u0441\u0445\u043e\u0436\u0438\u0445 \u043f\u0440\u0438\u043d\u0446\u0438\u043f\u0430\u0445, \u0447\u0442\u043e \u043f\u0440\u0438\u0432\u043e\u0434\u0438\u0442 \u0447\u0430\u0441\u0442\u043e \u043a \u00ab\u043f\u043e\u0440\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u044e\u00bb \u043c\u0435\u0445\u0430\u043d\u0438\u0437\u043c\u043e\u0432 \u0430\u0442\u0430\u043a \u0434\u043b\u044f Linux \u043d\u0430 Windows \u0438 \u043d\u0430\u043e\u0431\u043e\u0440\u043e\u0442.\n\n\u0412 \u043f\u0435\u0440\u0432\u043e\u043c \u043a\u0432\u0430\u0440\u0442\u0430\u043b\u0435 2025 \u0433\u043e\u0434\u0430 \u043a\u043e\u043b\u0438\u0447\u0435\u0441\u0442\u0432\u043e \u0430\u0442\u0430\u043a \u0441 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430\u043c\u0438 \u0434\u043b\u044f \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u044b Windows \u0432\u044b\u0440\u043e\u0441\u043b\u043e \u043f\u043e \u0441\u0440\u0430\u0432\u043d\u0435\u043d\u0438\u044e \u0441 \u0430\u043d\u0430\u043b\u043e\u0433\u0438\u0447\u043d\u044b\u043c \u043f\u0435\u0440\u0438\u043e\u0434\u043e\u043c \u043f\u0440\u043e\u0448\u043b\u043e\u0433\u043e \u0433\u043e\u0434\u0430.\n\n\u041a\u0430\u043a \u0438 \u043f\u0440\u0435\u0436\u0434\u0435, \u043b\u044c\u0432\u0438\u043d\u0430\u044f \u0434\u043e\u043b\u044f \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u043d\u044b\u0445 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u043e\u0432 \u0431\u044b\u043b\u0430 \u043d\u0430\u0446\u0435\u043b\u0435\u043d\u0430 \u043d\u0430 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u044b Microsoft Office.\n\n\u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u043e\u0442\u043c\u0435\u0447\u0430\u044e\u0442, \u0447\u0442\u043e \u0447\u0430\u0449\u0435 \u0438\u0445 \u0440\u0435\u0448\u0435\u043d\u0438\u044f \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u044b \u0434\u043b\u044f \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u044b Windows \u043a \u0441\u043b\u0435\u0434\u0443\u044e\u0449\u0438\u043c \u0441\u0442\u0430\u0440\u044b\u043c \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044f\u043c: CVE-2018-0802, CVE-2017-11882 (\u043e\u0431\u0435 RCE \u0432 Equation Editor), CVE-2017-0199 (Microsoft Office \u0438 WordPad).\n\n\u0412\u0441\u0435 \u0442\u0440\u0438 \u043e\u0441\u0442\u0430\u0432\u0430\u043b\u0438\u0441\u044c \u0441\u0430\u043c\u044b\u043c\u0438 \u0440\u0430\u0441\u043f\u0440\u043e\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u043d\u044b\u043c\u0438 \u043d\u0430 \u043f\u0440\u043e\u0442\u044f\u0436\u0435\u043d\u0438\u0438 2024 \u0433\u043e\u0434\u0430, \u0438 \u043c\u044b \u043f\u0440\u0435\u0434\u043f\u043e\u043b\u0430\u0433\u0430\u0435\u043c, \u0447\u0442\u043e \u0442\u0430\u043a\u0430\u044f \u0442\u0435\u043d\u0434\u0435\u043d\u0446\u0438\u044f \u0441\u043e\u0445\u0440\u0430\u043d\u0438\u0442\u0441\u044f \u0438 \u0432 \u0434\u0430\u043b\u044c\u043d\u0435\u0439\u0448\u0435\u043c.\n\n\u0417\u0430 \u043d\u0438\u043c\u0438 \u0441\u043b\u0435\u0434\u0443\u044e\u0442 \u043d\u0435 \u043c\u0435\u043d\u0435\u0435 \u043f\u043e\u043f\u0443\u043b\u044f\u0440\u043d\u044b\u0435 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u044b \u0432 WinRAR \u0438 \u0432 \u0441\u0430\u043c\u043e\u0439 \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u043e\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u0435 Windows: CVE-2023-38831 (WinRAR), CVE-2024-35250 (\u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0434\u0440\u0430\u0439\u0432\u0435\u0440\u0430\u00a0ks.sys) \u0438 CVE-2022-3699 (\u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0434\u0440\u0430\u0439\u0432\u0435\u0440\u0430 Lenovo Diagnostics).\n\n\u0414\u043b\u044f \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u043e\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u044b Linux \u0431\u043e\u043b\u044c\u0448\u0435 \u0432\u0441\u0435\u0433\u043e \u0431\u044b\u043b\u043e \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u043e \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u043e\u0432 \u043a \u0441\u043b\u0435\u0434\u0443\u044e\u0449\u0438\u043c \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044f\u043c: CVE-2022-0847 (Dirty Pipe), CVE-2019-13272 (\u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043d\u0435\u043a\u043e\u0440\u0440\u0435\u043a\u0442\u043d\u043e\u0439 \u043e\u0431\u0440\u0430\u0431\u043e\u0442\u043a\u0438 \u043d\u0430\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u043d\u0438\u044f \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439) \u0438 CVE-2021-3156 (\u043f\u0435\u0440\u0435\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435 \u043a\u0443\u0447\u0438 \u0432 \u0443\u0442\u0438\u043b\u0438\u0442\u0435\u00a0sudo).\n\n\u0412 \u043f\u0435\u0440\u0432\u043e\u043c \u043a\u0432\u0430\u0440\u0442\u0430\u043b\u0435 2025 \u0433\u043e\u0434\u0430 \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u044b\u0435 \u0441\u0438\u0441\u0442\u0435\u043c\u044b, \u043a\u0430\u043a \u0441\u0430\u043c\u043e\u0435 \u0441\u043b\u043e\u0436\u043d\u043e\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0435 \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u0435, \u043f\u0440\u043e\u0434\u043e\u043b\u0436\u0430\u044e\u0442 \u043b\u0438\u0434\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u043f\u043e \u043a\u043e\u043b\u0438\u0447\u0435\u0441\u0442\u0432\u0443 \u043e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043d\u043d\u044b\u0445 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u043e\u0432.\n\n\u041a\u0440\u043e\u043c\u0435 \u0442\u043e\u0433\u043e, \u0444\u0438\u043a\u0441\u0438\u0440\u0443\u0435\u0442\u0441\u044f \u0441\u0442\u0430\u0431\u0438\u043b\u044c\u043d\u044b\u0439 \u0440\u043e\u0441\u0442 \u0447\u0438\u0441\u043b\u0430 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u043e\u0432 \u043a \u0431\u0440\u0430\u0443\u0437\u0435\u0440\u0430\u043c - \u044d\u0442\u0430 \u0442\u0435\u043d\u0434\u0435\u043d\u0446\u0438\u044f \u0441\u043e\u0445\u0440\u0430\u043d\u044f\u043b\u0430\u0441\u044c \u0438 \u043d\u0430 \u043f\u0440\u043e\u0442\u044f\u0436\u0435\u043d\u0438\u0438 \u0432\u0441\u0435\u0433\u043e \u043f\u0440\u043e\u0448\u043b\u043e\u0433\u043e \u0433\u043e\u0434\u0430.\n\n\u0422\u0430\u043a\u0436\u0435 \u0443\u0432\u0435\u043b\u0438\u0447\u0438\u043b\u0430\u0441\u044c \u0434\u043e\u043b\u044f \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u043e\u0432 \u043a \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044f\u043c \u0432 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u0430\u0445 Microsoft Office.\n\n\u0418\u0437\u0443\u0447\u0438\u0432 \u0434\u0430\u043d\u043d\u044b\u0435 \u043e\u0431 \u0430\u0442\u0430\u043a\u0430\u0445 APT, \u0432 \u041b\u041a \u0432\u044b\u0434\u0435\u043b\u0438\u043b\u0438 \u0441\u043b\u0435\u0434\u0443\u044e\u0449\u0438\u0435 \u043d\u0430\u0438\u0431\u043e\u043b\u0435\u0435 \u0447\u0430\u0441\u0442\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0432\u0448\u0438\u0435\u0441\u044f \u0432 \u043f\u0435\u0440\u0432\u043e\u043c \u043a\u0432\u0430\u0440\u0442\u0430\u043b\u0435 2025 \u0433\u043e\u0434\u0430: CVE-2025-0282, CVE-2024-21887 \u0438 CVE-2025-0283 (Ivanti Connect Secure), CVE-2020-1472 (Netlogon Windows), CVE-2023-46805 (Ivanti ICS), CVE-2023-48788 (Fortinet) \u0438 \u0434\u0440.\n\n\u041e\u0442\u043c\u0435\u0442\u0438\u043c, \u0447\u0442\u043e \u0432 TOP 10 \u0432\u0435\u0440\u043d\u0443\u043b\u0430\u0441\u044c \u0438\u0437\u0432\u0435\u0441\u0442\u043d\u0430\u044f \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0430\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c Zerologon, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0430\u044f \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u043b\u0435\u0440\u0443 \u0434\u043e\u043c\u0435\u043d\u0430.\n\n\u0412 \u043a\u0430\u0447\u0435\u0441\u0442\u0432\u0435 \u043d\u0430\u0438\u0431\u043e\u043b\u0435\u0435 \u0438\u043d\u0442\u0435\u0440\u0435\u0441\u043d\u044b\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0431\u044b\u043b\u0438 \u043e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043d\u044b \u0432 \u043f\u0435\u0440\u0432\u043e\u043c \u043a\u0432\u0430\u0440\u0442\u0430\u043b\u0435 2025 \u0433\u043e\u0434\u0430 \u0440\u0435\u0441\u0435\u0440\u0447\u0435\u0440\u044b \u041b\u041a \u0432\u044b\u0434\u0435\u043b\u0438\u043b\u0438: \n\n- ZDI-CAN-25373: \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043d\u0430\u0440\u0443\u0448\u0435\u043d\u0438\u044f \u043e\u0442\u043e\u0431\u0440\u0430\u0436\u0435\u043d\u0438\u044f \u043f\u0430\u0440\u0430\u043c\u0435\u0442\u0440\u043e\u0432 lnk-\u0444\u0430\u0439\u043b\u043e\u0432 \u0432 \u041e\u0421 Windows;\n\n- CVE-2025-21333: \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043f\u0435\u0440\u0435\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u0431\u0443\u0444\u0435\u0440\u0430 \u0432 \u043a\u0443\u0447\u0435 \u0432 \u0434\u0440\u0430\u0439\u0432\u0435\u0440\u0435 vkrnlintvsp.sys;\n\n- CVE-2025-24071: \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0443\u0442\u0435\u0447\u043a\u0438 NetNTLM-\u0445\u044d\u0448\u0430 \u0432 \u0438\u043d\u0434\u0435\u043a\u0441\u0430\u0442\u043e\u0440\u0435 \u0444\u0430\u0439\u043b\u043e\u0432\u043e\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u044b.\n\n\u041f\u043e\u0434\u0440\u043e\u0431\u043d\u0430\u044f \u0441\u0442\u0430\u0442\u0438\u0441\u0442\u0438\u043a\u0430 \u0438 \u0438\u043d\u0444\u043e\u0433\u0440\u0430\u0444\u0438\u043a\u0430 - \u0432 \u043e\u0442\u0447\u0435\u0442\u0435.", "creation_timestamp": "2025-06-04T18:00:07.000000Z"}, {"uuid": "fb6705f2-ec9d-4966-8257-fe3bc2a43143", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-1472", "type": "seen", "source": "https://t.me/YAH_Channel/327", "content": "\u041d\u0430\u043f\u0438\u0441\u0430\u043b\u0438 \u0433\u0430\u0439\u0434 \u043f\u043e \u0432\u044b\u044f\u0432\u043b\u0435\u043d\u0438\u044e \u0444\u0430\u043a\u0442\u043e\u0432 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u043e\u0434\u043d\u043e\u0439 \u0438\u0437 \u0441\u0430\u043c\u044b\u0445 \u043e\u043f\u0430\u0441\u043d\u044b\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0438\u0445 \u043b\u0435\u0442 \u2014 CVE-2020-1472, \u0438\u043b\u0438 Zerologon.\n\n\u041e\u043d\u0430 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u0437\u0430\u0445\u0432\u0430\u0442\u0438\u0442\u044c \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u043b\u0435\u0440 \u0434\u043e\u043c\u0435\u043d\u0430 \u0434\u0430\u0436\u0435 \u0431\u0435\u0437 \u043d\u0430\u043b\u0438\u0447\u0438\u044f \u043a\u0430\u043a\u043e\u0433\u043e-\u043b\u0438\u0431\u043e \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044c\u0441\u043a\u043e\u0433\u043e \u0430\u043a\u043a\u0430\u0443\u043d\u0442\u0430. \u0414\u043b\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0430\u0442\u0430\u043a\u0443\u044e\u0449\u0435\u043c\u0443 \u0434\u043e\u0441\u0442\u0430\u0442\u043e\u0447\u043d\u043e \u043f\u043e\u0434\u043a\u043b\u044e\u0447\u0438\u0442\u044c\u0441\u044f \u043a \u043a\u043e\u0440\u043f\u043e\u0440\u0430\u0442\u0438\u0432\u043d\u043e\u0439 \u0441\u0435\u0442\u0438.\n\n\u0412 \u043f\u0440\u043e\u0446\u0435\u0441\u0441\u0435 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u043d\u0438\u044f \u043c\u044b \u0440\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u0430\u043b\u0438 \u0440\u0430\u0437\u043b\u0438\u0447\u043d\u044b\u0435 \u043c\u0435\u0442\u043e\u0434\u044b \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0438\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 Zerologon:\n\u25aa\ufe0f\u043f\u043e \u0441\u043e\u0431\u044b\u0442\u0438\u044f\u043c \u0436\u0443\u0440\u043d\u0430\u043b\u043e\u0432 \u0430\u0443\u0434\u0438\u0442\u0430 Windows;\n\u25aa\ufe0f\u043f\u043e \u0441\u0435\u0442\u0435\u0432\u043e\u043c\u0443 \u0442\u0440\u0430\u0444\u0438\u043a\u0443;\n\u25aa\ufe0f\u043f\u0440\u0438 \u043f\u043e\u043c\u043e\u0449\u0438\u00a0YARA-\u043f\u0440\u0430\u0432\u0438\u043b.\n\n\u0414\u0430\u043d\u043d\u044b\u0435 \u043c\u0435\u0442\u043e\u0434\u044b \u043c\u043e\u0436\u043d\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u043a\u0430\u043a \u043f\u043e \u043e\u0442\u0434\u0435\u043b\u044c\u043d\u043e\u0441\u0442\u0438, \u0442\u0430\u043a \u0438 \u0432\u043c\u0435\u0441\u0442\u0435, \u0447\u0442\u043e \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442 \u043d\u0435 \u0442\u043e\u043b\u044c\u043a\u043e \u0434\u0435\u0442\u0435\u043a\u0442\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u0444\u0430\u043a\u0442\u044b \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438, \u043d\u043e \u0438 \u043f\u043e\u0432\u044b\u0441\u0438\u0442\u044c \u0441\u043a\u043e\u0440\u043e\u0441\u0442\u044c \u043a\u043b\u0430\u0441\u0441\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438 \u0438\u043d\u0446\u0438\u0434\u0435\u043d\u0442\u0430.\n\n\u041f\u043e\u0434\u0440\u043e\u0431\u043d\u0435\u0435 \u043e \u043a\u0430\u0436\u0434\u043e\u043c \u0438\u0437 \u0441\u043f\u043e\u0441\u043e\u0431\u043e\u0432 \u0434\u0435\u0442\u0435\u043a\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u044f \u0447\u0438\u0442\u0430\u0439\u0442\u0435 \u0432 \u043d\u0430\u0448\u0435\u043c \u043c\u0430\u0442\u0435\u0440\u0438\u0430\u043b\u0435.", "creation_timestamp": "2020-11-03T14:25:29.000000Z"}, {"uuid": "c8c7e240-6a37-4288-88ee-278f02f0b80d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-1472", "type": "seen", "source": "https://t.me/bizone_channel/148", "content": "\u041d\u0430\u043f\u0438\u0441\u0430\u043b\u0438 \u0433\u0430\u0439\u0434 \u043f\u043e \u0432\u044b\u044f\u0432\u043b\u0435\u043d\u0438\u044e \u0444\u0430\u043a\u0442\u043e\u0432 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u043e\u0434\u043d\u043e\u0439 \u0438\u0437 \u0441\u0430\u043c\u044b\u0445 \u043e\u043f\u0430\u0441\u043d\u044b\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0438\u0445 \u043b\u0435\u0442 \u2014 CVE-2020-1472, \u0438\u043b\u0438 Zerologon.\n\n\u041e\u043d\u0430 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u0437\u0430\u0445\u0432\u0430\u0442\u0438\u0442\u044c \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u043b\u0435\u0440 \u0434\u043e\u043c\u0435\u043d\u0430 \u0434\u0430\u0436\u0435 \u0431\u0435\u0437 \u043d\u0430\u043b\u0438\u0447\u0438\u044f \u043a\u0430\u043a\u043e\u0433\u043e-\u043b\u0438\u0431\u043e \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044c\u0441\u043a\u043e\u0433\u043e \u0430\u043a\u043a\u0430\u0443\u043d\u0442\u0430. \u0414\u043b\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0430\u0442\u0430\u043a\u0443\u044e\u0449\u0435\u043c\u0443 \u0434\u043e\u0441\u0442\u0430\u0442\u043e\u0447\u043d\u043e \u043f\u043e\u0434\u043a\u043b\u044e\u0447\u0438\u0442\u044c\u0441\u044f \u043a \u043a\u043e\u0440\u043f\u043e\u0440\u0430\u0442\u0438\u0432\u043d\u043e\u0439 \u0441\u0435\u0442\u0438.\n\n\u0412 \u043f\u0440\u043e\u0446\u0435\u0441\u0441\u0435 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u043d\u0438\u044f \u043c\u044b \u0440\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u0430\u043b\u0438 \u0440\u0430\u0437\u043b\u0438\u0447\u043d\u044b\u0435 \u043c\u0435\u0442\u043e\u0434\u044b \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0438\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 Zerologon:\n\u25aa\ufe0f\u043f\u043e \u0441\u043e\u0431\u044b\u0442\u0438\u044f\u043c \u0436\u0443\u0440\u043d\u0430\u043b\u043e\u0432 \u0430\u0443\u0434\u0438\u0442\u0430 Windows;\n\u25aa\ufe0f\u043f\u043e \u0441\u0435\u0442\u0435\u0432\u043e\u043c\u0443 \u0442\u0440\u0430\u0444\u0438\u043a\u0443;\n\u25aa\ufe0f\u043f\u0440\u0438 \u043f\u043e\u043c\u043e\u0449\u0438\u00a0YARA-\u043f\u0440\u0430\u0432\u0438\u043b.\n\n\u0414\u0430\u043d\u043d\u044b\u0435 \u043c\u0435\u0442\u043e\u0434\u044b \u043c\u043e\u0436\u043d\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u043a\u0430\u043a \u043f\u043e \u043e\u0442\u0434\u0435\u043b\u044c\u043d\u043e\u0441\u0442\u0438, \u0442\u0430\u043a \u0438 \u0432\u043c\u0435\u0441\u0442\u0435, \u0447\u0442\u043e \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442 \u043d\u0435 \u0442\u043e\u043b\u044c\u043a\u043e \u0434\u0435\u0442\u0435\u043a\u0442\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u0444\u0430\u043a\u0442\u044b \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438, \u043d\u043e \u0438 \u043f\u043e\u0432\u044b\u0441\u0438\u0442\u044c \u0441\u043a\u043e\u0440\u043e\u0441\u0442\u044c \u043a\u043b\u0430\u0441\u0441\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438 \u0438\u043d\u0446\u0438\u0434\u0435\u043d\u0442\u0430.\n\n\u041f\u043e\u0434\u0440\u043e\u0431\u043d\u0435\u0435 \u043e \u043a\u0430\u0436\u0434\u043e\u043c \u0438\u0437 \u0441\u043f\u043e\u0441\u043e\u0431\u043e\u0432 \u0434\u0435\u0442\u0435\u043a\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u044f \u0447\u0438\u0442\u0430\u0439\u0442\u0435 \u0432 \u043d\u0430\u0448\u0435\u043c \u043c\u0430\u0442\u0435\u0440\u0438\u0430\u043b\u0435.", "creation_timestamp": "2020-11-03T14:19:18.000000Z"}, {"uuid": "abd1f127-c84a-4cf8-89bf-d3c83b5cd829", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-1472", "type": "published-proof-of-concept", "source": "Telegram/7Qrvv0n_A492fFBBgAcKrfKClVFk6YoFPN9jHzyI2JtJfpE", "content": "", "creation_timestamp": "2020-10-01T10:36:08.000000Z"}, {"uuid": "40cd8a35-db2c-48b3-8573-75d4414c3fb9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-1472", "type": "seen", "source": "Telegram/BukL9V416GWTLpIflWe5h5lu1HR9vVf6UKjMPBsKx6eT_Q", "content": "", "creation_timestamp": "2020-10-09T23:40:07.000000Z"}, {"uuid": "cc57b3cf-3f92-41ad-bffa-73d3cee5ca91", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-1472", "type": "published-proof-of-concept", "source": "Telegram/kHAG78X2RtYAPuQ25BOUIrC4WsYU58YO06E33bWQ-2Pwlw", "content": "", "creation_timestamp": "2020-09-16T06:13:02.000000Z"}, {"uuid": "ad79f10c-862a-431c-9a8c-4098f911c6cd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-1472", "type": "seen", "source": "https://t.me/arpsyndicate/1448", "content": "#ExploitObserverAlert\n\nCVE-2020-1472\n\nDESCRIPTION: Exploit Observer has 414 entries related to CVE-2020-1472. An elevation of privilege vulnerability exists when an attacker establishes a vulnerable Netlogon secure channel connection to a domain controller, using the Netlogon Remote Protocol (MS-NRPC), aka 'Netlogon Elevation of Privilege Vulnerability'.\n\nFIRST-EPSS: 0.974580000\nNVD-IS: 6.0\nNVD-ES: 3.9", "creation_timestamp": "2023-12-05T09:54:43.000000Z"}, {"uuid": "0d52c406-1e9b-46ef-983a-694a124ccd58", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-1472", "type": "seen", "source": "https://t.me/anwar1213xx/979", "content": "\u062b\u063a\u0631\u0627\u062a \u0644\u0625\u062e\u062a\u0631\u0627\u0642 \u0627\u0644\u0648\u064a\u0646\u062f\u0648\u0632 :\n\n\u0643\u0644 \u0645\u0646 \u064a\u0633\u062a\u062e\u062f\u0645 \u0646\u0638\u0627\u0645 \u0627\u0644\u062a\u0634\u063a\u064a\u0644 \u0648\u064a\u0646\u062f\u0648\u0632 \u0623\u0648 \u062d\u0632\u0645\u0629 \u062a\u0637\u0628\u064a\u0642\u0627\u062a Microsoft Office \u064a\u062c\u0628 \u0639\u0644\u064a\u0647 \u0623\u0646 \u064a\u062d\u062f\u062b\u0647\u0645\u060c \u064a\u0648\u062c\u062f \u062a\u062d\u062f\u064a\u062b\u0627\u062a \u0635\u062f\u0631\u062a \u0644\u062a\u0631\u0642\u064a\u0639 120 \u062b\u063a\u0631\u0629 \u0645\u0646\u0647\u0645 18 \u062b\u063a\u0631\u0629 \u062f\u0631\u062c\u0629 \u062e\u0637\u0648\u0631\u062a\u0647\u0645 \u0645\u0635\u0646\u0641\u0647 \u0643\u0640 \"\u062d\u0631\u062c\u0629\" \u06482 \u0628\u0627\u0644\u0641\u0639\u0644 \u064a\u062a\u0645 \u0625\u0633\u062a\u063a\u0644\u0627\u0644\u0647\u0645 \u0628\u0634\u0643\u0644 \u0643\u0628\u064a\u0631\n\u0647\u0630\u0647 \u0627\u0644\u062b\u063a\u0631\u0627\u062a \u062a\u0639\u0631\u0636 \u062c\u0647\u0627\u0632\u0643 \u0644\u0644\u0625\u062e\u062a\u0631\u0627\u0642 \u0641\u064a \u0627\u0644\u062d\u0627\u0644\u0627\u062a \u0627\u0644\u062a\u0627\u0644\u064a\u0629:\n\u0627\u0644\u062b\u063a\u0631\u0629 CVE-2020-1525 \u0648 CVE-2020-1585 \u0645\u0645\u0643\u0646 \u062a\u062a\u0633\u0628\u0628 \u0641\u064a \u0625\u062e\u062a\u0631\u0627\u0642 \u062c\u0647\u0627\u0632\u0643 \u0639\u0646 \u0637\u0631\u064a\u0642 \u062a\u0634\u063a\u064a\u0644 \u0645\u0644\u0641 \u0641\u064a\u062f\u064a\u0648.\n\u0627\u0644\u062b\u063a\u0631\u0629 CVE-2020-1548 \u0645\u0645\u0643\u0646 \u062a\u062a\u0633\u0628\u0628 \u0641\u064a \u0625\u062e\u062a\u0631\u0627\u0642 \u062c\u0647\u0627\u0632\u0643 \u0639\u0646 \u0637\u0631\u064a\u0642 \u062a\u0634\u063a\u064a\u0644 \u0645\u0644\u0641 \u0635\u0648\u062a.\n\u0627\u0644\u062b\u063a\u0631\u0629 CVE-2020-1560 \u0648 CVE-2020-1574 \u0645\u0645\u0643\u0646 \u062a\u062a\u0633\u0628\u0628 \u0641\u064a \u0625\u062e\u062a\u0631\u0627\u0642 \u062c\u0647\u0627\u0632\u0643 \u0639\u0646 \u0637\u0631\u064a\u0642 \u062a\u0634\u063a\u064a\u0644 \u0645\u0644\u0641 \u0635\u0648\u0631\u0629.\n\u0627\u0644\u062b\u063a\u0631\u0629 CVE-2020-1483 \u0645\u0645\u0643\u0646 \u062a\u062a\u0633\u0628\u0628 \u0641\u0649 \u0625\u062e\u062a\u0631\u0627\u0642 \u062c\u0647\u0627\u0632\u0643 \u0625\u0630\u0627 \u0642\u0645\u062a \u0628\u0633\u062a\u062e\u062f\u0645 \u062a\u0637\u0628\u064a\u0642 Microsoft Outlook \u0641\u064a \u0625\u0633\u062a\u0644\u0627\u0645 \u0627\u0644\u0631\u0633\u0627\u0626\u0644.\n\u0627\u0644\u062b\u063a\u0631\u0629 CVE-2020-1567 \u0645\u0645\u0643\u0646 \u062a\u062a\u0633\u0628\u0628 \u0641\u064a \u0625\u062e\u062a\u0631\u0627\u0642 \u062c\u0647\u0627\u0632\u0643 \u0625\u0630\u0627 \u062d\u0627\u0648\u0644\u062a \u0623\u0646 \u062a\u0642\u0648\u0645 \u0628\u062a\u062d\u0631\u064a\u0631 edit \u0644\u0635\u0641\u062d\u0629 HTML.\n\u0627\u0644\u062b\u063a\u0631\u0629 CVE-2020-1380 \u0645\u0645\u0643\u0646 \u062a\u062a\u0633\u0628\u0628 \u0641\u064a \u0625\u062e\u062a\u0631\u0627\u0642 \u062c\u0647\u0627\u0632\u0643 \u0625\u0630\u0627 \u062d\u0627\u0648\u0644\u062a \u062a\u0641\u062a\u062d \u0645\u0648\u0642\u0639 \u0645\u0639\u064a\u0646 \u0639\u0644\u0649 \u0645\u062a\u0635\u0641\u062d Internet Explorer 11.\n\u0627\u0644\u062b\u063a\u0631\u0629 CVE-2020-1472 \u0627\u0644\u0645\u0648\u062c\u0648\u062f\u0629 \u0641\u0649 \u0645\u0643\u0648\u0646 NetLogon \u0645\u0645\u0643\u0646 \u062a\u062a\u0633\u0628\u0628 \u0641\u0649 \u0631\u0641\u0639 \u0635\u0644\u0627\u062d\u064a\u0627\u062a \u0627\u0644\u0645\u062e\u062a\u0631\u0642 \u0648\u062a\u0633\u0645\u062d \u0644\u0647 \u0628\u0625\u062e\u062a\u0631\u0627\u0642 \u062c\u0647\u0627\u0632\u0643 \u0641\u064a \u062d\u0627\u0644\u0629 \u0645\u0627 \u0625\u0630\u0627 \u0643\u0627\u0646 \u0645\u062a\u0635\u0644 \u0639\u0644\u0649 Domain Controller (DC) \u0627\u0644\u0645\u0633\u062a\u062e\u062f\u0645 \u0641\u0649 \u0627\u0644\u063a\u0627\u0644\u0628 \u062f\u0627\u062e\u0644 \u0627\u0644\u0645\u0624\u0633\u0633\u0627\u062a.\n\u0627\u0644\u062b\u063a\u0631\u0627\u0629 CVE-2020-1494 \u0648 CVE-2020-1495 \u0648 CVE-2020-1496 \u0648 CVE-2020-1504 \u0648 CVE-2020-1498 \u0645\u0645\u0643\u0646 \u0623\u0646 \u064a\u062a\u0633\u0628\u0628\u0648 \u0641\u0649 \u0625\u062e\u062a\u0631\u0627\u0642 \u062c\u0647\u0627\u0632\u0643 \u0627\u0646 \u0641\u062a\u062d\u062a \u0645\u0644\u0641 Excel sheet \u0639\u0644\u0649 \u0627\u0644\u0627\u0635\u062f\u0627\u0631 \u0627\u0644\u0645\u0635\u0627\u0628 \u0645\u0646 Microsoft Excel.\n\u0627\u0644\u062b\u063a\u0631\u0629 CVE-2020-1571 \u0645\u0645\u0643\u0646 \u062a\u062a\u0633\u0628\u0628 \u0641\u0649 \u0631\u0641\u0639 \u0635\u0644\u0627\u062d\u064a\u0627\u062a \u0627\u0644\u0645\u062e\u062a\u0631\u0642 \u0645\u0646 \u062e\u0644\u0627\u0644 \u0625\u0633\u062a\u062e\u062f\u0627\u0645 \u0627\u0644\u062a\u0637\u0628\u064a\u0642 \u0627\u0644\u0645\u0633\u0624\u0648\u0644 \u0639\u0646 \u062a\u0646\u0635\u064a\u0628 \u0646\u0633\u062e\u0629 \u0627\u0644\u0648\u064a\u0646\u062f\u0648\u0632 \u0646\u0641\u0633\u0647\u0627\n\nThe Yemeni ghost\nMy pride is crazy", "creation_timestamp": "2021-10-08T16:50:51.000000Z"}, {"uuid": "227366f7-a791-4b1a-85f0-eedf1b232088", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-1472", "type": "seen", "source": "https://t.me/arpsyndicate/134", "content": "#ExploitObserverAlert\n\nCVE-2020-1472\n\nDESCRIPTION: Exploit Observer has 406 entries related to CVE-2020-1472. An elevation of privilege vulnerability exists when an attacker establishes a vulnerable Netlogon secure channel connection to a domain controller, using the Netlogon Remote Protocol (MS-NRPC), aka 'Netlogon Elevation of Privilege Vulnerability'.\n\nFIRST-EPSS: 0.974540000\nNVD-IS: 6.0\nNVD-ES: 3.9", "creation_timestamp": "2023-11-13T00:58:03.000000Z"}, {"uuid": "cfed6de1-9b68-4312-8554-5b2409150762", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-1472", "type": "seen", "source": "https://t.me/arpsyndicate/895", "content": "#ExploitObserverAlert\n\nCVE-2020-1472\n\nDESCRIPTION: Exploit Observer has 412 entries related to CVE-2020-1472. An elevation of privilege vulnerability exists when an attacker establishes a vulnerable Netlogon secure channel connection to a domain controller, using the Netlogon Remote Protocol (MS-NRPC), aka 'Netlogon Elevation of Privilege Vulnerability'.\n\nFIRST-EPSS: 0.974580000\nNVD-IS: 6.0\nNVD-ES: 3.9", "creation_timestamp": "2023-12-02T23:44:05.000000Z"}, {"uuid": "9fafaa2c-22f9-4046-ba38-92517df0d13d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-1472", "type": "seen", "source": "https://t.me/arpsyndicate/1694", "content": "#ExploitObserverAlert\n\nCVE-2020-1472\n\nDESCRIPTION: Exploit Observer has 414 entries related to CVE-2020-1472. An elevation of privilege vulnerability exists when an attacker establishes a vulnerable Netlogon secure channel connection to a domain controller, using the Netlogon Remote Protocol (MS-NRPC), aka 'Netlogon Elevation of Privilege Vulnerability'.\n\nFIRST-EPSS: 0.974450000\nNVD-IS: 6.0\nNVD-ES: 3.9", "creation_timestamp": "2023-12-11T03:25:21.000000Z"}, {"uuid": "4221f757-4b9d-4c66-8a7e-bbf198f5c2f7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-1472", "type": "seen", "source": "https://t.me/GDSpace/9", "content": "\u200b\u200bTenable.ad. \u0417\u0430\u0449\u0438\u0442\u0430 \u043e\u0442 \u0430\u0442\u0430\u043a \u043d\u0430 Active Directory \u0432 \u0440\u0435\u0430\u043b\u044c\u043d\u043e\u043c \u0432\u0440\u0435\u043c\u0435\u043d\u0438\n\nActive Directory, \u0434\u0430\u0436\u0435 \u0435\u0441\u043b\u0438 \u043e\u043d\u0430 \u0432\u0435\u0440\u043d\u043e \u043d\u0430\u0441\u0442\u0440\u043e\u0435\u043d\u0430, \u044f\u0432\u043b\u044f\u0435\u0442\u0441\u044f \u0438\u0437\u043b\u044e\u0431\u043b\u0435\u043d\u043d\u043e\u0439 \u0446\u0435\u043b\u044c\u044e \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u043e\u0432 \u0434\u043b\u044f \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u0438\u044f \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439 \u0438 \u043b\u0430\u0442\u0435\u0440\u0430\u043b\u044c\u043d\u043e\u0433\u043e \u0434\u0432\u0438\u0436\u0435\u043d\u0438\u044f. \u041c\u044b \u043f\u0440\u043e\u0434\u0435\u043c\u043e\u043d\u0441\u0442\u0440\u0438\u0440\u0443\u0435\u043c \u044d\u043c\u0443\u043b\u044f\u0446\u0438\u044e \u0440\u0435\u0430\u043b\u044c\u043d\u044b\u0445 \u0430\u0442\u0430\u043a \u043d\u0430 Active Directory, \u0432 \u0442\u043e\u043c \u0447\u0438\u0441\u043b\u0435 Brute Force, DCShadow, DCsync, \u0438 \u0438\u0445 \u0432\u044b\u044f\u0432\u043b\u0435\u043d\u0438\u0435 \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e Tenable.ad. \u041c\u044b \u0442\u0430\u043a\u0436\u0435 \u0440\u0430\u0441\u0441\u043c\u043e\u0442\u0440\u0438\u043c \u0444\u0443\u043d\u043a\u0446\u0438\u043e\u043d\u0430\u043b \u0432\u044b\u044f\u0432\u043b\u0435\u043d\u0438\u044f \u043e\u0448\u0438\u0431\u043e\u043a \u0432 \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u044f\u0445 AD, \u0442\u0430\u043a\u0438\u0445 \u043a\u0430\u043a CVE-2020-1472 (\"Zerologon\u201d), \u043e\u0448\u0438\u0431\u043a\u0438 \u0432 \u043f\u0430\u0440\u043e\u043b\u044c\u043d\u044b\u0445 \u043f\u043e\u043b\u0438\u0442\u0438\u043a\u0430\u0445, \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0435 \u0423\u0417, \u0438\u0437-\u043f\u043e\u0434 \u043a\u043e\u0442\u043e\u0440\u044b\u0445 \u0437\u0430\u043f\u0443\u0449\u0435\u043d\u044b \u0441\u0435\u0440\u0432\u0438\u0441\u044b Kerberos, \u0438 \u0434\u0440.\n\n#GDS\u042d\u043a\u0441\u043f\u0435\u0440\u0442\u044b\u0413\u043e\u0432\u043e\u0440\u044f\u0442\u00a0#GlobalDigitalSpace \ud83d\ude80", "creation_timestamp": "2022-06-02T21:43:31.000000Z"}, {"uuid": "718df4ae-9852-4eb6-afbc-57c1621763a0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-1472", "type": "published-proof-of-concept", "source": "https://t.me/EgyptHackerTeam/451", "content": "Exploiting CVE-2020-1472 Zerologon in Cobalt Strike\n\nDownload the script here\nhttps://github.com/rsmudge/ZeroLogon-BOF\n\nInclude the script as usual, the address is\nZeroLogon-BOF/dist/zerologon.cna\n\nThe console should show a new command - zerologon\n\nApplication:\n\nnet domain - get domain name (e.g. domain.local)\n\nRun the exploit:\nzerologon iunderstand domain.local\n\niunderstand - stop word. By exploiting this vulnerability we reset the password. This exploit can lead to a failure of the domain controller. WE USE IT LAST.\n\nIn case of success we get:\nSuccess! Use pth .\\\\\\%S 31d6cfe0d16ae931b73c59d7e0c089c0 and run dcscync\n\nDo exactly what it says.\npth .\\\\\\%S 31d6cfe0d16ae931b73c59d7e0c089c0\n\nAnd run\ndcsync domain.local\n\nIf everything worked successfully, we get NTDS", "creation_timestamp": "2023-08-07T01:03:46.000000Z"}, {"uuid": "e085d1a1-d4ff-428a-840c-439b186559a2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-1472", "type": "published-proof-of-concept", "source": "Telegram/DSUpJzd535KWvozjCvixS0aCLxmEfW4QzhCQOssR_q3Zo9k", "content": "", "creation_timestamp": "2025-03-07T10:00:06.000000Z"}, {"uuid": "72e08f53-618b-4cb3-8c88-81cde515017e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-1472", "type": "published-proof-of-concept", "source": "https://t.me/dilagrafie/3126", "content": "Tools \ud83d\udd27 \ud83d\udd28 \ud83d\udd27 \ud83d\udd28  - Hackers Factory\n\n\u200b\u200bTor / Darknet Links\n\nVerified darknet market and darknet service links on the Tor Network.\n\nhttps://github.com/DarkNetEye/tor-links\n\nWeb:\nhttps://darkneteye.com/\n\n#cybersecurity #infosec #privacy\n\n\u200b\u200bDragondoom\n\nThe PAKE Dragonfly is used as SAE in WPA3 authentication. A critical point during the authentication is when the password needs to be derived into an elliptic curve point.\n\nhttps://gitlab.inria.fr/ddealmei/artifact_dragondoom\n\n#cybersecurity #infosec\n\n\u200b\u200bwhatlicense\n\nFull tool chain to extract WinLicense secrets from a protected program then launch it bypassing all verification steps, utlizing an Intel PIN tool and license file builder.\n\nhttps://github.com/charlesnathansmith/whatlicense\n\n#infosec #pentesting #bugbounty\n\n\u200b\u200bCVE-2022-44875\n\nTesting CVE-2022-44875\n\nhttps://github.com/c0d30d1n/CVE-2022-44875-Test\n\n#cve #cybersecurity #infosec\n\n\u200b\u200bWiFi-OSINT\n\nSome great Wifi, resources, tools and blogs if Wi-Fi #OSINT is your thing.\n\nhttps://github.com/cqcore/WiFi-OSINT\n\n#cybersecurity #infosec #pentesting\n\n\u200b\u200bCVE-2023-35885\n\nCloudpanel 0-day Exploit\n\nhttps://github.com/datackmy/FallingSkies-CVE-2023-35885\n\n#cve #cybersecurity #infosec\n\n\u200b\u200bCVE-2023-3519\n\nThis script is a basic Citrix Scanner for CVE-2023-3519. We try to identify vulnerable Citrix Gateways/ADCs by looking at the HTTP headers.\n\nhttps://github.com/telekom-security/cve-2023-3519-citrix-scanner\n\n#cve #infosec #pentesting\n\n\u200b\u200bvala-vala-hey\n\nThis is a 0day root LPE for latest #Manjaro distro, tested on embedded ARM and x86_64 desktop installs.\n\nhttps://github.com/c-skills/vala-vala-hey\n\n#cve #cybersecurity #infosec\n\n\u200b\u200bCVE-2020-1472\n\nA Python script that uses the Impacket library to test vulnerability for the Zerologon exploit (CVE-2020-1472).\n\nhttps://github.com/SecuraBV/CVE-2020-1472\n\n#cve #cybersecurity #infosec\n\nEX-SQLi\n\nA tool for scanning and exploiting the famous SQL injection vulnerability in more than millions of sites. The exploit was programmed by the TYG team.\n\nhttps://github.com/mr-sami-x/SQLi\n\n#infosec #pentesting #redteam\n\n\u200b\u200bCVE-2023-38632\n\nAsync-sockets-cpp <0.3.1 TCP Packet tcpsocket.hpp Stack-based Overflow\n\nhttps://github.com/Halcy0nic/CVE-2023-38632\n\n#cve #cybersecurity #infosec\n\n\u200b\u200bCVE-2023-3519\n\nThis Nuclei template checks for the presence of the CVE-2023-3519 vulnerability in a target web server.\n\nhttps://github.com/SalehLardhi/CVE-2023-3519\n\n#cybersecurity #infosec #pentesting\n\n\u200b\u200bCVE-2023-28121\n\nWooCommerce Payments: Unauthorized Admin Access #Exploit.\n\nhttps://github.com/gbrsh/CVE-2023-28121\n\n#cve #cybersecurity #infosec\n\n\u200b\u200bVanMoof Encryption Key Exporter\n\nExport all bike details (such as encryption key) of your VanMoof bikes.\n\nhttps://github.com/grossartig/vanmoof-encryption-key-exporter\n\nWeb:\nhttps://keyexporter.grossartig.io/\n\n#cybersecurity #infosec\n\n\u200b\u200bPowershellKerberos\n\nSome scripts to abuse kerberos using Powershell.\n\nhttps://github.com/MzHmO/PowershellKerberos\n\n#infosec #pentesting #redteam\n\nhttps://t.me/dilagrafie", "creation_timestamp": "2023-07-23T12:08:55.000000Z"}, {"uuid": "14e604e4-e430-4dc4-8663-240d2ce83760", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-1472", "type": "published-proof-of-concept", "source": "Telegram/0vZqUc7_DNu-pgRIOwk91_AhN3qHmSP4_uy4v4-hV_gZFA", "content": "", "creation_timestamp": "2020-10-11T04:50:18.000000Z"}, {"uuid": "6e247f6d-77c1-4886-900f-0442601132f7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-1472", "type": "exploited", "source": "Telegram/t56b3Q9Pzy6RNlSuP7aXlCGnrtD_6yp__frASOXq_ro", "content": "", "creation_timestamp": "2021-10-08T16:50:48.000000Z"}, {"uuid": "3f9038d6-98cf-42d4-8a10-f4560855d4a8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-1472", "type": "published-proof-of-concept", "source": "https://t.me/reconshell/359", "content": "CVE-2020-1472 - Zerologon Exploit POC\n\n#Zerologon #Exploit #CVE-2020-1472 #CyberSecurity #DataCenterHack #RedTeam\n\nhttps://reconshell.com/cve-2020-1472-zerologon-exploit-poc/", "creation_timestamp": "2021-01-24T20:35:03.000000Z"}, {"uuid": "c7b79268-1f5a-40c3-a4b4-269dce360f2f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-1472", "type": "published-proof-of-concept", "source": "Telegram/DIFndr5_kT1gv9_ye4a4QhDIX4iiu14XmmAF7D7NJ1dKeA", "content": "", "creation_timestamp": "2020-09-23T14:02:01.000000Z"}, {"uuid": "9697ee94-1640-4131-953f-58d5156e739a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-1472", "type": "seen", "source": "Telegram/0sD_EyHySREvSWLaWKL-XHqTqDduPkHhIy1vEKF4pCPQbv8", "content": "", "creation_timestamp": "2020-10-28T02:58:38.000000Z"}, {"uuid": "21f3d5cc-4d7e-44cd-a2b1-a1f800c5c2a5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-1472", "type": "exploited", "source": "https://t.me/true_secator/941", "content": "\u200b\u200b\u0415\u0441\u043b\u0438 \u0443 \u0432\u0430\u0441 \u0435\u0449\u0435 \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043e\u0447\u043d\u043e \u043e\u0441\u043d\u043e\u0432\u0430\u043d\u0438\u0439 \u043f\u043e\u0441\u0442\u0430\u0432\u0438\u0442\u044c \u0430\u0432\u0433\u0443\u0441\u0442\u043e\u0432\u0441\u043a\u043e\u0435 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u043e\u0442 Microsoft, \u0447\u0442\u043e\u0431\u044b \u0443\u0441\u0442\u0440\u0430\u043d\u0438\u0442\u044c \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2020-1472 aka Zerologon \u0432 Windows Server, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0445\u0430\u043a\u0435\u0440\u0443 \u0437\u0430\u0445\u0432\u0430\u0442\u0438\u0442\u044c \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u043b\u0435\u0440 \u0434\u043e\u043c\u0435\u043d\u0430  \u043f\u0440\u043e\u0441\u0442\u043e \u043f\u043e\u043b\u0443\u0447\u0438\u0432 \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u043e\u0434\u043d\u043e\u043c\u0443 \u0438\u0437 \u0432\u043d\u0443\u0442\u0440\u0435\u043d\u043d\u0438\u0445 \u0445\u043e\u0441\u0442\u043e\u0432, \u0442\u043e \u0432\u043e\u0442 \u0435\u0449\u0435 \u043e\u0434\u0438\u043d \u0430\u0440\u0433\u0443\u043c\u0435\u043d\u0442.\n\n\u0411\u0435\u043d\u0434\u0436\u0430\u043c\u0438\u043d \u0414\u0435\u043b\u043f\u0438, \u0440\u0443\u043a\u043e\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u044c \u0440\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u043a\u0438 Mimikatz, \u043b\u0435\u0433\u0430\u043b\u044c\u043d\u043e\u0433\u043e \u0438\u043d\u0441\u0442\u0440\u0443\u043c\u0435\u043d\u0442\u0430 \u0434\u043b\u044f \u0438\u0437\u0432\u043b\u0435\u0447\u0435\u043d\u0438\u044f \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u043e\u043d\u043d\u044b\u0445 \u0434\u0430\u043d\u043d\u044b\u0445 \u0438\u0437 Windows, \u043a\u043e\u0442\u043e\u0440\u044b\u0439, \u043f\u043e \u0438\u0440\u043e\u043d\u0438\u0438 \u0441\u0443\u0434\u044c\u0431\u044b, \u0441\u0442\u0430\u043b \u043e\u0434\u043d\u0438\u043c \u0438\u0437 \u0441\u0430\u043c\u044b\u0445 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u043c\u044b\u0445 \u0445\u0430\u043a\u0435\u0440\u0430\u043c\u0438, \u0441\u043e\u043e\u0431\u0449\u0438\u043b, \u0447\u0442\u043e \u0442\u043e\u043b\u044c\u043a\u043e \u0447\u0442\u043e \u043f\u0440\u0438\u043a\u0440\u0443\u0442\u0438\u043b \u0432 Mimikatz \u043f\u043e\u0434\u0434\u0435\u0440\u0436\u043a\u0443 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430 Zerologon. \n\n\u042d\u0442\u043e \u043e\u0437\u043d\u0430\u0447\u0430\u0435\u0442, \u0447\u0442\u043e, \u043f\u043e\u0441\u043a\u043e\u043b\u044c\u043a\u0443 Mimikatz \u0438\u043c\u0435\u0435\u0442 \u043e\u0442\u043a\u0440\u044b\u0442\u044b\u0435 \u0438\u0441\u0445\u043e\u0434\u043d\u0438\u043a\u0438, \u0441\u043a\u043e\u0440\u043e \u0432\u0441\u0435-\u0432\u0441\u0435 \u043c\u0430\u043c\u043a\u0438\u043d\u044b \u0445\u0430\u043a\u0435\u0440\u044b \u043d\u0430\u0443\u0447\u0430\u0442\u0441\u044f \u0431\u043e\u043c\u0431\u0438\u0442\u044c \u0441\u0435\u0442\u0438 \u043f\u043e\u0434 \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0435\u043c Windows Server.\n\n\u0415\u0441\u043b\u0438 \u0431\u044b \u0414\u0435\u043b\u043f\u0438 \u0441\u0434\u0435\u043b\u0430\u043b \u044d\u0442\u043e \u0434\u043e \u0432\u044b\u0445\u043e\u0434\u0430 \u043f\u0430\u0442\u0447\u0430 Microsoft, \u0442\u043e \u043c\u044b \u0431\u044b \u043d\u0430\u0437\u0432\u0430\u043b\u0438 \u0435\u0433\u043e (\u0438 \u044d\u0442\u043e \u0435\u0449\u0435 \u043c\u044f\u0433\u043a\u043e) \u043d\u0435\u0433\u043e\u0434\u044f\u0435\u043c. \u0421\u0435\u0439\u0447\u0430\u0441 \u0436\u0435 \u0411\u0435\u043d\u0434\u0436\u0430\u043c\u0438\u043d \u0444\u0430\u043a\u0442\u0438\u0447\u0435\u0441\u043a\u0438 \u0432\u044b\u0441\u0442\u0443\u043f\u0430\u0435\u0442 \u0432 \u0440\u043e\u043b\u0438 \u0441\u0430\u043d\u0438\u0442\u0430\u0440\u0430 \u043b\u0435\u0441\u0430 - \u0432\u044b\u0436\u0438\u0432\u0443\u0442 \u0442\u043e\u043b\u044c\u043a\u043e \u0441\u0438\u043b\u044c\u043d\u0435\u0439\u0448\u0438\u0435. \u0421\u0443\u0440\u043e\u0432\u043e, \u043d\u043e \u0442\u0430\u043a\u043e\u0432\u0430 \u0436\u0438\u0437\u043d\u044c \u0438\u043d\u0444\u043e\u0441\u0435\u043a\u0430. \u041e\u0445\u043e\u0442\u0430 \u043d\u0430 \u0434\u044f\u0442\u043b\u043e\u0432 \u043e\u0431\u044a\u044f\u0432\u043b\u044f\u0435\u0442\u0441\u044f \u043e\u0442\u043a\u0440\u044b\u0442\u043e\u0439!", "creation_timestamp": "2020-09-16T14:48:00.000000Z"}, {"uuid": "272cd296-7866-4ab1-a3d3-a5f9e31526dc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-1472", "type": "seen", "source": "https://t.me/true_secator/930", "content": "\u0411\u043e\u043b\u044c\u0448\u043e\u0439 \u0448\u0443\u043c \u043f\u043e\u0434\u043d\u044f\u043b\u0441\u044f \u0432 \u0438\u043d\u0444\u043e\u0441\u0435\u043a \u0441\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u0435 \u043f\u043e\u0441\u043b\u0435 \u043e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043d\u0438\u044f \u0441\u0435\u0433\u043e\u0434\u043d\u044f \u0433\u043e\u043b\u043b\u0430\u043d\u0434\u0441\u043a\u043e\u0439 \u0438\u043d\u0444\u043e\u0441\u0435\u043a \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0435\u0439 Secure BV \u0442\u0435\u0445\u043d\u0438\u0447\u0435\u0441\u043a\u0438\u0445 \u043f\u043e\u0434\u0440\u043e\u0431\u043d\u043e\u0441\u0442\u0435\u0439 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u043d\u043e\u0439 Microsoft \u0432 \u0430\u0432\u0433\u0443\u0441\u0442\u043e\u0432\u0441\u043a\u043e\u043c \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 CVE-2020-1472, \u043f\u043e\u043b\u0443\u0447\u0438\u0432\u0448\u0435\u0439 \u043d\u0430\u0437\u0432\u0430\u043d\u0438\u0435 Zerologon.  \n\n\u0425\u043e\u0442\u044f \u0440\u0430\u043d\u0435\u0435 \u0438 \u0431\u044b\u043b\u043e \u0438\u0437\u0432\u0435\u0441\u0442\u043d\u043e, \u0447\u0442\u043e \u043e\u0448\u0438\u0431\u043a\u0430 \u043f\u043e\u043b\u0443\u0447\u0438\u043b\u0430 10 \u0438\u0437 10  \u043f\u043e \u0448\u043a\u0430\u043b\u0435 \u043a\u0440\u0438\u0442\u0438\u0447\u043d\u043e\u0441\u0442\u0438 \u0438 \u043a\u0430\u0441\u0430\u0435\u0442\u0441\u044f \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u0438\u044f \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439 \u0432 Netlogon, \u0441\u043b\u0443\u0436\u0431\u0435 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438 \u0432 Windows Server, \u043f\u043e\u043b\u043d\u043e\u0439 \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438 \u043d\u0435 \u0431\u044b\u043b\u043e. \u041e\u043d\u0430 \u043f\u043e\u044f\u0432\u0438\u043b\u0430\u0441\u044c \u0441\u0435\u0433\u043e\u0434\u043d\u044f \u0438 \u043f\u043e\u0441\u0442\u0430\u0432\u0438\u043b\u0430 \u0432\u0441\u0435\u0445 \u043d\u0430 \u0443\u0448\u0438.\n\n\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0437\u0430\u043a\u043b\u044e\u0447\u0430\u0435\u0442\u0441\u044f \u0432 \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043a\u0435 \u0432 \u043a\u0440\u0438\u043f\u0442\u043e\u0433\u0440\u0430\u0444\u0438\u0447\u0435\u0441\u043a\u043e\u0439 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438 \u043f\u0440\u043e\u0442\u043e\u043a\u043e\u043b\u0430 Netlogon Remote Protocol. \u041e\u043d\u0430 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u0432\u044b\u0434\u0430\u0432\u0430\u0442\u044c \u0441\u0435\u0431\u044f \u0437\u0430 \u043b\u044e\u0431\u043e\u0439 \u0445\u043e\u0441\u0442 \u0432 \u0441\u0435\u0442\u0438, \u0432\u043a\u043b\u044e\u0447\u0430\u044f \u0441\u0430\u043c \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u043b\u0435\u0440 \u0434\u043e\u043c\u0435\u043d\u0430. \u041a\u0440\u043e\u043c\u0435 \u0442\u043e\u0433\u043e, \u0445\u0430\u043a\u0435\u0440 \u043c\u043e\u0436\u0435\u0442 \u043e\u0442\u043a\u043b\u044e\u0447\u0438\u0442\u044c \u0444\u0443\u043d\u043a\u0446\u0438\u0438 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438 Netlogon \u0438 \u0438\u0437\u043c\u0435\u043d\u0438\u0442\u044c \u043f\u0430\u0440\u043e\u043b\u044c \u0432 Active Directory. \n\n\u0412 \u0447\u0435\u043c \u0436\u0435 \u043a\u043e\u043d\u043a\u0440\u0435\u0442\u043d\u043e \u0441\u043e\u0434\u0435\u0440\u0436\u0430\u043b\u0430\u0441\u044c \u043e\u0448\u0438\u0431\u043a\u0430? \u0412 \u0440\u0435\u0430\u043b\u0438\u0437\u0430\u0446\u0438\u0438 \u0430\u043b\u0433\u043e\u0440\u0438\u0442\u043c\u0430 \u0448\u0438\u0444\u0440\u043e\u0432\u0430\u043d\u0438\u044f AES-CFB8 \u0432 \u0444\u0443\u043d\u043a\u0446\u0438\u0438 ComputeNetlogonCredential, \u0433\u0434\u0435 \u0432\u0435\u043a\u0442\u043e\u0440 \u0438\u043d\u0438\u0446\u0438\u0430\u043b\u0438\u0437\u0430\u0446\u0438\u0438 (IV) \u044f\u0432\u043b\u044f\u0435\u0442\u0441\u044f \u0444\u0438\u043a\u0441\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u043c \u0438 \u0441\u043e\u0441\u0442\u043e\u0438\u0442 \u0438\u0437 16 \u043d\u0443\u043b\u0435\u0432\u044b\u0445 \u0431\u0430\u0439\u0442\u043e\u0432, \u0445\u043e\u0442\u044f \u043f\u043e \u0442\u0440\u0435\u0431\u043e\u0432\u0430\u043d\u0438\u044f\u043c \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u043e\u043d \u0434\u043e\u043b\u0436\u0435\u043d \u0431\u044b\u0442\u044c \u0441\u043b\u0443\u0447\u0430\u0439\u043d\u044b\u043c. \u0412 \u0438\u0442\u043e\u0433\u0435 \u0434\u043b\u044f 1 \u0438\u0437 256 \u043a\u043b\u044e\u0447\u0435\u0439 \u043f\u0440\u0438\u043c\u0435\u043d\u0435\u043d\u0438\u0435 \u0448\u0438\u0444\u0440\u043e\u0432\u0430\u043d\u0438\u044f \u043a \u0432\u0432\u043e\u0434\u0443, \u0441\u043e\u0441\u0442\u043e\u044f\u0449\u0435\u043c\u0443 \u0438\u0437 \u0432\u0441\u0435\u0445 \u043d\u0443\u043b\u0435\u0439, \u0434\u0430\u0441\u0442 \u0442\u0430\u043a\u043e\u0439 \u0436\u0435 \u043d\u0443\u043b\u0435\u0432\u043e\u0439 \u0432\u044b\u0432\u043e\u0434.\n\n\u0427\u0435\u043c \u0436\u0435 \u044d\u0442\u043e \u043f\u043b\u043e\u0445\u043e? \u0410 \u0442\u0435\u043c, \u0447\u0442\u043e \u0445\u0430\u043a\u0435\u0440, \u043f\u043e\u043f\u0440\u043e\u0431\u043e\u0432\u0430\u0432 \u043d\u0435\u0441\u043a\u043e\u043b\u044c\u043a\u043e \u0440\u0430\u0437 \u043f\u043e\u0434\u0440\u044f\u0434 (\u0441\u0440\u0435\u0434\u043d\u0435\u0435 \u043e\u0436\u0438\u0434\u0430\u0435\u043c\u043e\u0435 \u043a\u043e\u043b\u0438\u0447\u0435\u0441\u0442\u0432\u043e \u043f\u043e\u043f\u044b\u0442\u043e\u043a \u0440\u0430\u0432\u043d\u044f\u0435\u0442\u0441\u044f 256), \u043c\u043e\u0436\u0435\u0442 \u043e\u0431\u043e\u0439\u0442\u0438 \u043f\u0440\u043e\u0446\u0435\u0441\u0441 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438, \u043f\u043e\u0441\u043a\u043e\u043b\u044c\u043a\u0443 \u043e\u0434\u0438\u043d \u0438\u0437 \u043a\u043b\u044e\u0447\u0435\u0432\u044b\u0445 \u0435\u0433\u043e \u043f\u0430\u0440\u0430\u043c\u0435\u0442\u0440\u043e\u0432, ClientCredential, \u0432\u044b\u0447\u0438\u0441\u043b\u044f\u0435\u0442\u0441\u044f \u043a\u0430\u043a \u0440\u0430\u0437 \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e ComputeNetlogonCredential. \u0422\u043e \u0435\u0441\u0442\u044c \u0432 \u0441\u0440\u0435\u0434\u043d\u0435\u043c \u0432 1 \u0438\u0437 256 \u043f\u043e\u043f\u044b\u0442\u043e\u043a \u0441\u0435\u0440\u0432\u0435\u0440 \u043f\u0440\u0438 \u043f\u043e\u043b\u0443\u0447\u0435\u043d\u0438\u0438 \u043a\u043b\u0438\u0435\u043d\u0442\u0441\u043a\u043e\u0433\u043e \u0437\u0430\u043f\u0440\u043e\u0441\u0430 \u0438\u0437 8 \u043d\u0443\u043b\u0435\u0439 \u0431\u0443\u0434\u0435\u0442 \u043e\u0436\u0438\u0434\u0430\u0442\u044c ClientCredential \u0442\u0430\u043a\u0436\u0435 \u0438\u0437 8 \u043d\u0443\u043b\u0435\u0439.\n\n\u0410 \u043f\u043e\u0441\u043a\u043e\u043b\u044c\u043a\u0443 \u0430\u043a\u043a\u0430\u0443\u043d\u0442 \u043f\u043e\u0434\u043a\u043b\u044e\u0447\u0430\u044e\u0449\u0435\u0433\u043e\u0441\u044f \u043a\u043e\u043c\u043f\u044c\u044e\u0442\u0435\u0440\u0430 \u043d\u0435 \u0431\u043b\u043e\u043a\u0438\u0440\u0443\u0435\u0442\u0441\u044f \u0432 \u0441\u043b\u0443\u0447\u0430\u0435 \u043d\u0435\u0432\u0435\u0440\u043d\u043e\u0433\u043e \u043e\u0442\u0432\u0435\u0442\u0430, \u0442\u043e \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e \u043f\u0440\u043e\u0441\u0442\u043e\u0439 \u043f\u043e\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u044c\u043d\u043e\u0441\u0442\u0438 \u043f\u043e\u043f\u044b\u0442\u043e\u043a \u043d\u0430\u043f\u0438\u0445\u0430\u0442\u044c \u0441\u0435\u0440\u0432\u0435\u0440\u0443 8 \u043d\u0443\u043b\u0435\u0439, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u0437\u0430\u0439\u043c\u0435\u0442 \u043e\u043a\u043e\u043b\u043e 3 \u0441\u0435\u043a\u0443\u043d\u0434, \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a \u043f\u0440\u043e\u0439\u0434\u0435\u0442 \u043f\u0440\u043e\u0446\u0435\u0441\u0441 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438. \n\n\u0412 \u0434\u0430\u043b\u044c\u043d\u0435\u0439\u0448\u0435\u043c \u0445\u0430\u043a\u0435\u0440 \u043f\u0440\u0435\u0434\u043f\u0440\u0438\u043c\u0435\u0442 \u0435\u0449\u0435 \u043d\u0435\u0441\u043a\u043e\u043b\u044c\u043a\u043e \u0442\u0440\u044e\u043a\u043e\u0432, \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u044b\u0445 \u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c\u044e ComputeNetlogonCredential, \u0447\u0442\u043e\u0431\u044b \u043f\u043e\u043b\u043d\u043e\u0446\u0435\u043d\u043d\u043e \u0432\u0437\u044f\u0442\u044c \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u043b\u0435\u0440 \u0434\u043e\u043c\u0435\u043d\u0430 \u043f\u043e\u0434 \u0441\u0432\u043e\u044e \u0432\u043b\u0430\u0441\u0442\u044c.\n\n\u0415\u0434\u0438\u043d\u0441\u0442\u0432\u0435\u043d\u043d\u043e\u0435 \u043e\u0433\u0440\u0430\u043d\u0438\u0447\u0435\u043d\u0438\u0435 \u043d\u0430 \u043f\u0440\u0438\u043c\u0435\u043d\u0435\u043d\u0438\u0435 \u0430\u0442\u0430\u043a\u0438 - \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a \u0434\u043e\u043b\u0436\u0435\u043d \u0441\u043e\u0432\u0435\u0440\u0448\u0430\u0442\u044c \u0435\u0435 \u0438\u0437\u043d\u0443\u0442\u0440\u0438 \u0441\u0435\u0442\u0438, \u043f\u0440\u0435\u0434\u0432\u0430\u0440\u0438\u0442\u0435\u043b\u044c\u043d\u043e \u0441\u043a\u043e\u043c\u043f\u0440\u043e\u043c\u0435\u0442\u0438\u0440\u043e\u0432\u0430\u0432 \u043e\u0434\u043d\u0443 \u0438\u0437 \u043c\u0430\u0448\u0438\u043d. \u041d\u043e \u044d\u0442\u043e \u0437\u0430\u0434\u0430\u0447\u0430 \u0432\u043e \u043c\u043d\u043e\u0433\u0438\u0445 \u0441\u043b\u0443\u0447\u0430\u044f\u0445 \u0440\u0435\u0448\u0430\u0435\u043c\u0430\u044f.\n\n\u0412\u044b\u043f\u0443\u0449\u0435\u043d\u043d\u044b\u0439 Microsoft \u0432 \u0430\u0432\u0433\u0443\u0441\u0442\u0435 \u043f\u0430\u0442\u0447 \u0443\u0441\u0442\u0430\u043d\u0430\u0432\u043b\u0438\u0432\u0430\u0435\u0442 \u0437\u0430\u043f\u043b\u0430\u0442\u043a\u0443 \u043d\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c Zerologon, \u0434\u0435\u043b\u0430\u044f \u043e\u0431\u044f\u0437\u0430\u0442\u0435\u043b\u044c\u043d\u044b\u043c \u0432\u043a\u043b\u044e\u0447\u0435\u043d\u0438\u0435 \u043c\u0435\u0445\u0430\u043d\u0438\u0437\u043c\u0430 NRPC \u0442\u0440\u0430\u043d\u0441\u043f\u043e\u0440\u0442\u043d\u043e\u0433\u043e \u0448\u0438\u0444\u0440\u043e\u0432\u0430\u043d\u0438\u044f, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u0445\u0430\u043a\u0435\u0440 \u043c\u043e\u0433 \u043e\u0431\u043e\u0439\u0442\u0438, \u043f\u0440\u043e\u0441\u0442\u043e \u043e\u0442\u043a\u043b\u044e\u0447\u0438\u0432 \u0435\u0433\u043e \u0441\u043e \u0441\u0442\u043e\u0440\u043e\u043d\u044b \u043a\u043b\u0438\u0435\u043d\u0442\u0430 (\u0442\u0430\u043a\u043e\u0435 \u0434\u043e\u043f\u0443\u0441\u043a\u0430\u043b\u043e\u0441\u044c). \n\n\u0418\u043d\u0444\u043e\u0441\u0435\u043a \u044d\u043a\u0441\u043f\u0435\u0440\u0442\u044b \u043f\u0440\u0438\u0437\u043d\u0430\u044e\u0442 Zerologon \u0432\u0435\u0441\u044c\u043c\u0430 \u043f\u0440\u043e\u0441\u0442\u043e\u0439 \u043a \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u044e \u0438 \u043e\u0447\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c\u044e - \"This is really scary\". \u0427\u0442\u043e\u0431\u044b \u043d\u0435 \u0431\u044b\u043b\u043e \"scary\" \u043d\u0430\u0434\u043e \u043f\u0440\u043e\u0441\u0442\u043e \u0441\u0432\u043e\u0435\u0432\u0440\u0435\u043c\u0435\u043d\u043d\u043e \u0430\u043f\u0434\u0435\u0439\u0442\u0438\u0442\u044c \u0441\u0432\u043e\u0438 Windows Server.", "creation_timestamp": "2020-09-14T16:57:49.000000Z"}, {"uuid": "eb2fe7e0-a1c3-4ff5-a63b-db2d4598d249", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-1472", "type": "exploited", "source": "https://t.me/true_secator/969", "content": "Microsoft Security Intelligence \u0441\u043e\u043e\u0431\u0449\u0430\u0435\u0442, \u0447\u0442\u043e \u043f\u0440\u044f\u043c\u043e \u0441\u0435\u0439\u0447\u0430\u0441 \u043d\u0430\u0431\u043b\u044e\u0434\u0430\u0435\u0442 \u0445\u0430\u043a\u0435\u0440\u0441\u043a\u0443\u044e \u0430\u043a\u0442\u0438\u0432\u043d\u043e\u0441\u0442\u044c \u043f\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u044e \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 CVE-2020-1472 aka Zerologon. \n\n\u041e\u0431 \u044d\u0442\u043e\u043c, \u0441\u043e\u0431\u0441\u0442\u0432\u0435\u043d\u043d\u043e, \u043c\u044b \u0438 \u0433\u043e\u0432\u043e\u0440\u0438\u043b\u0438. \u041a\u0442\u043e \u043d\u0435 \u0443\u0441\u043f\u0435\u043b \u043e\u0431\u043d\u043e\u0432\u0438\u0442\u044c \u0441\u0432\u043e\u0439 Windows Server - \u043f\u043e\u043b\u0443\u0447\u0438\u0442 \u0441\u043a\u043e\u043c\u043f\u0440\u043e\u043c\u0435\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u0443\u044e \u0441\u0435\u0442\u044c.", "creation_timestamp": "2020-09-24T08:36:39.000000Z"}, {"uuid": "b8b3c85a-efe5-45c5-9dd9-8c2e25cca5e5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-1472", "type": "seen", "source": "https://t.me/tomhunter/168", "content": "\u0415\u0441\u043b\u0438 \u0442\u044b \u0441\u0430\u043c\u043e\u0438\u0437\u043e\u043b\u0438\u0440\u0443\u0435\u0448\u044c\u0441\u044f \u0432 \u0441\u0432\u043e\u0435 \u0443\u0434\u043e\u0432\u043e\u043b\u044c\u0441\u0442\u0432\u0438\u0435 \u043d\u0430 \u0443\u0434\u0430\u043b\u0435\u043d\u043a\u0435 \u0441 \u043a\u043e\u0440\u043f\u043e\u0440\u0430\u0442\u0438\u0432\u043d\u043e\u0439 \u0440\u0430\u0431\u043e\u0447\u0435\u0439 \u043c\u0430\u0448\u0438\u043d\u043a\u043e\u0439, \u0442\u043e \u043d\u0430\u0432\u0435\u0440\u043d\u044f\u043a\u0430 \u043f\u0440\u043e\u0445\u043e\u0434\u0438\u0448\u044c \u0443\u0442\u0440\u0435\u043d\u043d\u0438\u0435 \u043e\u0431\u0435\u0434\u0435\u043d\u043d\u044b\u0435 \u043f\u0440\u0435\u0434\u0440\u0430\u0431\u043e\u0442\u043d\u044b\u0435 \u0440\u0438\u0442\u0443\u0430\u043b\u044b \u043b\u043e\u0433\u0438\u043d\u0430 \u0432 \u043a\u043e\u0440\u043f\u043e\u0440\u0430\u0442\u0438\u0432\u043d\u044b\u0439 \u0434\u043e\u043c\u0435\u043d. \u0410 \u0437\u043d\u0430\u0447\u0438\u0442, \u0442\u0435\u0431\u0435 \u0431\u0443\u0434\u0435\u0442 \u0438\u043d\u0442\u0435\u0440\u0435\u0441\u0435\u043d \u043e\u0434\u0438\u043d \u0438\u0437 \u0441\u043f\u043e\u0441\u043e\u0431\u043e\u0432, \u043a\u0430\u043a \u043c\u043e\u0433\u0443\u0442 \u0443\u0432\u0435\u0441\u0442\u0438 \u0442\u0432\u043e\u044e \u0443\u0447\u0435\u0442\u043a\u0443 \u0432\u043e \u0432\u0440\u0435\u043c\u044f \u044d\u0442\u043e\u0433\u043e \u043d\u0435\u0445\u0438\u0442\u0440\u043e\u0433\u043e \u043f\u0440\u043e\u0446\u0435\u0441\u0441\u0430.\n\n\u0415\u0441\u043b\u0438 \u0442\u044b \u0441\u0438\u0434\u0438\u0448\u044c \u0437\u0430 \u0441\u0432\u043e\u0438\u043c \u0441\u043e\u0431\u0441\u0442\u0432\u0435\u043d\u043d\u044b\u043c \u0430\u0440\u043c\u043e\u043c, \u0432\u0441\u0435 \u0440\u0430\u0432\u043d\u043e \u043f\u0440\u043e\u0447\u0438\u0442\u0430\u0439 \u043f\u043e\u0441\u0442, \u043d\u043e \u043c\u043e\u0436\u0435\u0448\u044c \u0441\u0434\u0435\u043b\u0430\u0442\u044c \u044d\u0442\u043e \u0431\u0435\u0437 \u0443\u0432\u0430\u0436\u0435\u043d\u0438\u044f.\n\n\u041d\u0430\u0447\u043d\u0451\u043c \u0441 \u0442\u043e\u0433\u043e, \u0447\u0442\u043e \u0443\u0447\u0451\u0442\u043d\u0430\u044f \u0437\u0430\u043f\u0438\u0441\u044c, \u043f\u043e\u0434 \u043a\u043e\u0442\u043e\u0440\u043e\u0439 \u0442\u044b \u0437\u0430\u0445\u043e\u0434\u0438\u0448\u044c \u043d\u0430 \u0441\u0432\u043e\u0439 \u043a\u043e\u043c\u043f\u044c\u044e\u0442\u0435\u0440, \u043c\u043e\u0436\u0435\u0442 \u0431\u044b\u0442\u044c \u0434\u0432\u0443\u0445 \u0442\u0438\u043f\u043e\u0432. \u0415\u0441\u043b\u0438 \u044d\u0442\u043e \u0442\u0432\u043e\u0435 \u043b\u043e\u043a\u0430\u043b\u044c\u043d\u043e\u0435 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u043e, \u0442\u043e \u0441\u043a\u043e\u0440\u0435\u0435 \u0432\u0441\u0435\u0433\u043e, \u0438 \u0443\u0447\u0451\u0442\u043a\u0430 \u0443 \u0442\u0435\u0431\u044f \u043b\u043e\u043a\u0430\u043b\u044c\u043d\u0430\u044f \u2014 \u0437\u0430\u0432\u0435\u0434\u0451\u043d\u043d\u0430\u044f \u043f\u0440\u044f\u043c\u043e \u043d\u0430 \u0442\u0432\u043e\u0435\u0439 \u043c\u0430\u0448\u0438\u043d\u043a\u0435. \u0415\u0441\u043b\u0438 \u0436\u0435 \u043b\u043e\u0433\u0438\u043d \u0438 \u043f\u0430\u0440\u043e\u043b\u044c \u0432\u044b\u0434\u0430\u043d\u044b \u0442\u0435\u0431\u0435 \u0432 \u0431\u043e\u043b\u044c\u0448\u043e\u0439 \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0438, \u0432 \u043a\u043e\u0442\u043e\u0440\u043e\u0439 \u0442\u044b \u0440\u0430\u0431\u043e\u0442\u0430\u0435\u0448\u044c, \u0442\u043e \u0442\u0430\u043a\u0430\u044f \u0443\u0447\u0451\u0442\u043a\u0430 \u0431\u0443\u0434\u0435\u0442 \u044f\u0432\u043b\u044f\u0442\u044c\u0441\u044f \u0434\u043e\u043c\u0435\u043d\u043d\u043e\u0439, \u0442\u043e \u0435\u0441\u0442\u044c \u0437\u0430\u0432\u0435\u0434\u0451\u043d\u043d\u043e\u0439 \u0432 \u0440\u0430\u043c\u043a\u0430\u0445 \u043d\u0435\u043a\u043e\u0442\u043e\u0440\u043e\u0439 \u0440\u0430\u0431\u043e\u0447\u0435\u0439 \u0433\u0440\u0443\u043f\u043f\u044b.\n\n\u0414\u043e\u043c\u0435\u043d\u043d\u044b\u0435 \u0443\u0447\u0451\u0442\u043d\u044b\u0435 \u0437\u0430\u043f\u0438\u0441\u0438 \u0443\u0434\u043e\u0431\u043d\u043e \u0441\u043e\u0437\u0434\u0430\u0432\u0430\u0442\u044c \u0438\u043c\u0435\u043d\u043d\u043e \u0434\u043b\u044f \u0431\u043e\u043b\u044c\u0448\u0438\u0445 \u0441\u0435\u0442\u0435\u0439, \u0432 \u043a\u043e\u0442\u043e\u0440\u044b\u0445 \u0432\u044b\u0434\u0435\u043b\u044f\u044e\u0442\u0441\u044f \u0446\u0435\u043b\u044b\u0435 \u0433\u0440\u0443\u043f\u043f\u044b \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439 (\u043f\u0440\u0438\u0432\u0435\u0442, \u0431\u0435\u0437\u043c\u043e\u043b\u0432\u043d\u044b\u0435 \u043a\u043e\u0440\u043f\u043e\u0440\u0430\u0442\u0438\u0432\u043d\u044b\u0435 \u043d\u043e\u0443\u043d\u0435\u0439\u043c\u044b) \u0441 \u0440\u0430\u0437\u043b\u0438\u0447\u043d\u044b\u043c\u0438 \u043f\u0440\u0430\u0432\u0430\u043c\u0438 \u0434\u043e\u0441\u0442\u0443\u043f\u0430. \u041f\u0440\u0438\u0434\u0443\u043c\u0430\u043d \u0442\u0430\u043a\u043e\u0439 \u043c\u0435\u0445\u0430\u043d\u0438\u0437\u043c \u0434\u043b\u044f \u0443\u043f\u0440\u043e\u0449\u0435\u043d\u0438\u044f \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0431\u043e\u043b\u044c\u0448\u0438\u043c \u043a\u043e\u043b\u0438\u0447\u0435\u0441\u0442\u0432\u043e\u043c \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439. \u0414\u043e\u0431\u0430\u0432\u0438\u043b \u043d\u043e\u0432\u043e\u0433\u043e \u0430\u0434\u043c\u0438\u043d\u0430 \u0432 \u0433\u0440\u0443\u043f\u043f\u0443 \"Admins\", \u0438 \u0432\u0441\u0435 \u043d\u0435\u043e\u0431\u0445\u043e\u0434\u0438\u043c\u044b\u0435 \u0434\u043e\u0441\u0442\u0443\u043f\u044b \u0438 \u043f\u0440\u0430\u0432\u0430 \u043d\u0430 \u0432\u0441\u0435\u0445 \u043c\u0430\u0448\u0438\u043d\u043a\u0430\u0445 \u0443 \u043d\u0435\u0433\u043e \u0443\u0436\u0435 \u0435\u0441\u0442\u044c.\n\n\u0422\u043e\u043b\u044c\u043a\u043e \u0447\u0442\u043e \u044f \u043f\u043e\u043f\u044b\u0442\u0430\u043b\u0441\u044f \u043d\u0430 \u043f\u0430\u043b\u044c\u0446\u0430\u0445 \u0438 \u043e\u0447\u0435\u043d\u044c \u043a\u0440\u0430\u0442\u043a\u043e \u043e\u043f\u0438\u0441\u0430\u0442\u044c \u043f\u0440\u0438\u043d\u0446\u0438\u043f \u0440\u0430\u0431\u043e\u0442\u044b \u0441\u043b\u0443\u0436\u0431\u044b MS Active Directory. \u0412 \u0441\u0430\u043c\u043e\u0439 \u0441\u043b\u0443\u0436\u0431\u0435 \u0437\u0430 \u0440\u0430\u0437\u0434\u0435\u043b\u0435\u043d\u0438\u0435 \u043a\u043e\u043c\u043f\u044c\u044e\u0442\u0435\u0440\u043e\u0432 \u043f\u043e \u0433\u0440\u0443\u043f\u043f\u0430\u043c-\u0434\u043e\u043c\u0435\u043d\u0430\u043c \u043e\u0442\u0432\u0435\u0447\u0430\u044e\u0442 \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u043b\u0435\u0440\u044b \u0434\u043e\u043c\u0435\u043d\u043e\u0432 (domain controller) \u0438 \u043e\u043d\u0438 \u0436\u0435 \u0441\u043b\u0435\u0434\u044f\u0442 \u0437\u0430 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0435\u0439 \u0438 \u043f\u043e\u0441\u043b\u0435\u0434\u0443\u044e\u0449\u0438\u043c \u0432\u044b\u0434\u0435\u043b\u0435\u043d\u0438\u0435\u043c \u043f\u0440\u0430\u0432 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f\u043c, \u043f\u043e\u0434\u043a\u043b\u044e\u0447\u0430\u044e\u0449\u0438\u043c\u0441\u044f \u043a \u044d\u0442\u043e\u0439 \u0433\u0440\u0443\u043f\u043f\u0435.\n\n\u041d\u043e \u043a\u0430\u043a \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u043b\u0435\u0440 \u0434\u043e\u043c\u0435\u043d\u0430 \u0443\u0437\u043d\u0430\u0435\u0442, \u0447\u0442\u043e \u0442\u044b \u043f\u044b\u0442\u0430\u0435\u0448\u044c\u0441\u044f \u0430\u0432\u0442\u043e\u0440\u0438\u0437\u043e\u0432\u0430\u0442\u044c\u0441\u044f \u043d\u0430 \u043e\u0434\u043d\u043e\u043c \u0438\u0437 \u043a\u043e\u043c\u043f\u044c\u044e\u0442\u0435\u0440\u043e\u0432 \u0435\u0433\u043e \u0433\u0440\u0443\u043f\u043f\u044b? \u0414\u043b\u044f \u044d\u0442\u0438\u0445 \u0446\u0435\u043b\u0435\u0439 \u0432 MS WIndows \u0435\u0441\u0442\u044c \u0441\u043b\u0443\u0436\u0431\u0430 Netlogon, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u0437\u0430\u0431\u0438\u0440\u0430\u0435\u0442 \u0443\u0447\u0451\u0442\u043d\u044b\u0435 \u0434\u0430\u043d\u043d\u044b\u0435, \u0432\u0432\u0435\u0434\u0451\u043d\u043d\u044b\u0435 \u043d\u0430 \u043a\u043e\u043d\u043a\u0440\u0435\u0442\u043d\u043e\u0439 \u043c\u0430\u0448\u0438\u043d\u043a\u0435, \u0434\u043e\u043d\u043e\u0441\u0438\u0442 \u0438\u0445 \u043f\u043e \u0448\u0438\u0444\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u043c\u0443 \u043a\u0430\u043d\u0430\u043b\u0443 \u0434\u043e \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u043b\u0435\u0440\u0430 \u0434\u043e\u043c\u0435\u043d\u0430, \u0430 \u043f\u043e\u0441\u043b\u0435 \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0438 \u0432\u043e\u0437\u0432\u0440\u0430\u0449\u0430\u0435\u0442 \u043f\u043e \u0442\u043e\u043c\u0443 \u0436\u0435 \u043a\u0430\u043d\u0430\u043b\u0443 \u043f\u0440\u0430\u0432\u0430 \u0434\u043e\u0441\u0442\u0443\u043f\u0430, \u0432\u044b\u0434\u0430\u043d\u043d\u044b\u0435 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044e.\n\n\u0410 \u0442\u0443\u0442 \u043d\u0430\u0441 \u043f\u043e\u0434\u0436\u0438\u0434\u0430\u0435\u0442 \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u044c! \u0418 \u0441\u043e\u0431\u0441\u0442\u0432\u0435\u043d\u043d\u043e \u0438\u043d\u0444\u043e\u043f\u043e\u0432\u043e\u0434 \u0432\u0441\u043f\u043e\u043c\u043d\u0438\u0442\u044c \u043f\u0440\u043e AD. \u0412 \u0430\u0432\u0433\u0443\u0441\u0442\u0435 Microsoft \u0432\u044b\u043a\u0430\u0442\u0438\u043b\u0438 \u0437\u0430\u043f\u043b\u0430\u0442\u043a\u0443 \u0434\u043b\u044f \u043d\u043e\u0432\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438, \u0438\u0437\u0432\u0435\u0441\u0442\u043d\u043e\u0439 \u043a\u0430\u043a Zerologon (CVE-2020-1472). \u0423\u0440\u043e\u0432\u0435\u043d\u044c \u043a\u043e\u0448\u043c\u0430\u0440\u043d\u043e\u0441\u0442\u0438 \u0443 \u044d\u0442\u043e\u0439 \u0434\u044b\u0440\u044b \u0431\u044b\u043b \u043e\u0446\u0435\u043d\u0451\u043d \u043d\u0430 \u0432\u0441\u0435 10 \u0443\u0436\u0430\u0441\u043e\u0432 \u043f\u0430\u0440\u0430\u043d\u043e\u0438\u043a\u0430 \u0438\u0437 10. \n\n\u0421\u0430\u043c\u0430 \u0438\u0434\u0435\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043a\u0440\u043e\u0435\u0442\u0441\u044f \u0432 \u0435\u0451 \u043d\u0430\u0437\u0432\u0430\u043d\u0438\u0438 \u2014 \u0441\u043f\u0430\u0441\u0438\u0431\u043e \u0432\u0441\u0435\u043c \u0446\u0435\u043d\u0438\u0442\u0435\u043b\u044f\u043c \u043a\u0430\u043b\u0430\u043c\u0431\u0443\u0440\u043e\u0432. \u0414\u0435\u043b\u043e \u0432 \u0442\u043e\u043c, \u0447\u0442\u043e \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a \u043c\u043e\u0436\u0435\u0442 \u0438\u043d\u0438\u0446\u0438\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u0441\u043e\u0435\u0434\u0438\u043d\u0435\u043d\u0438\u0435 \u043f\u043e Netlogon`\u0443 \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e \u043e\u043f\u0440\u0435\u0434\u0435\u043b\u0451\u043d\u043d\u043e\u0439 \u043f\u043e\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u044c\u043d\u043e\u0441\u0442\u0438 \u0441\u0438\u043c\u0432\u043e\u043b\u043e\u0432, \u043d\u0430\u0447\u0438\u043d\u0430\u044e\u0449\u0435\u0439\u0441\u044f \u0441 \u043d\u0443\u043b\u0435\u0439. \u042d\u0442\u0430 \u043d\u0435\u043e\u0447\u0435\u0432\u0438\u0434\u043d\u0430\u044f \u0445\u0438\u0442\u0440\u043e\u0441\u0442\u044c \u0441\u043e\u0431\u044a\u0451\u0442 \u0441 \u0442\u043e\u043b\u043a\u0443 \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u043b\u0435\u0440 \u0434\u043e\u043c\u0435\u043d\u0430, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u043d\u0430\u0434\u0435\u043b\u0438\u0442 \u0430\u0442\u0430\u043a\u0443\u044e\u0449\u0435\u0433\u043e \u043f\u0440\u0430\u0432\u0430\u043c\u0438 \u043f\u0440\u0438\u0432\u0435\u043b\u0438\u0433\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u0433\u043e \u0430\u043a\u043a\u0430\u0443\u043d\u0442\u0430 SYSTEM \u0438 \u0440\u0430\u0437\u0440\u0435\u0448\u0438\u0442 \u0441\u0431\u0438\u0432\u0430\u0442\u044c \u043f\u0430\u0440\u043e\u043b\u0438 \u043d\u0430 \u0430\u0434\u043c\u0438\u043d\u0441\u043a\u0438\u0445 \u0443\u0447\u0451\u0442\u043a\u0430\u0445.\n\n\u041d\u0430\u0438\u0432\u043d\u043e \u043e\u0436\u0438\u0434\u0430\u043b\u043e\u0441\u044c, \u0447\u0442\u043e \u0437\u0430\u043f\u043b\u0430\u0442\u043a\u0443 \u043e\u0442 \u043c\u0435\u043b\u043a\u043e\u043c\u044f\u0433\u043a\u0438\u0445 \u0431\u044b\u0441\u0442\u0440\u043e-\u0440\u0435\u0448\u0438\u0442\u0435\u043b\u044c\u043d\u043e \u043f\u043e\u0441\u0442\u0430\u0432\u044f\u0442 \u0432\u0441\u0435 \u0438 \u0441\u0440\u0430\u0437\u0443. \u041d\u043e \u043e\u043a\u0430\u0437\u0430\u043b\u043e\u0441\u044c, \u0447\u0442\u043e \u044d\u0442\u043e \u043d\u0435 \u0442\u0430\u043a. Microsoft \u0431\u044a\u0451\u0442 \u0442\u0440\u0435\u0432\u043e\u0433\u0443. \u0417\u0430\u043f\u043b\u0430\u0442\u043a\u0438 \u043f\u043e\u0441\u0442\u0430\u0432\u0438\u043b\u0438 \u0434\u0430\u043b\u0435\u043a\u043e \u043d\u0435 \u0432\u0441\u0435. \u041d\u0435\u0432\u0435\u0440\u043e\u044f\u0442\u043d\u043e, \u043d\u043e \u0444\u0430\u043a\u0442!\n\n\u041a\u0441\u0442\u0430\u0442\u0438, \u043d\u044b\u043d\u0435\u0448\u043d\u044f\u044f \u0437\u0430\u043f\u043b\u0430\u0442\u043a\u0430 \u043e\u0442 CVE-2020-1472 \u2014 \u044d\u0442\u043e \u0438\u043c\u0435\u043d\u043d\u043e \u043a\u043e\u0441\u0442\u044b\u043b\u044c, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u0431\u043b\u043e\u043a\u0438\u0440\u0443\u0435\u0442 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u043a\u043e\u043d\u043a\u0440\u0435\u0442\u043d\u043e\u0439 \u0440\u0435\u0430\u043b\u0438\u0437\u0430\u0446\u0438\u0438 \u0430\u0442\u0430\u043a\u0438. \u041f\u0440\u0438 \u044d\u0442\u043e\u043c, \u043e\u043d \u0434\u043e\u043f\u0443\u0441\u043a\u0430\u0435\u0442 \u043f\u043e\u0434\u043a\u043b\u044e\u0447\u0435\u043d\u0438\u0435 \u043a \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u043b\u0435\u0440\u0443 \u0434\u043e\u043c\u0435\u043d\u0430 \u043c\u0430\u0448\u0438\u043d\u043e\u043a \u0441\u043e \u0441\u0442\u0430\u0440\u044b\u043c\u0438 (legacy) \u0441\u0438\u0441\u0442\u0435\u043c\u0430\u043c\u0438. \u041e\u0434\u043d\u0430\u043a\u043e \u0432 \u0436\u0443\u0440\u043d\u0430\u043b\u0430\u0445 \u0430\u0443\u0434\u0438\u0442\u0430 \u043f\u043e\u0434\u043a\u043b\u044e\u0447\u0435\u043d\u0438\u0439 \u043d\u0430 \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u043b\u0435\u0440\u0430\u0445 \u044d\u0442\u0438 \u043d\u0435\u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u044b\u0435 \u0441\u043e\u0435\u0434\u0438\u043d\u0435\u043d\u0438\u044f \u0444\u0438\u043a\u0441\u0438\u0440\u0443\u044e\u0442\u0441\u044f \u0438 \u0443\u0447\u0438\u0442\u044b\u0432\u0430\u044e\u0442\u0441\u044f.\n\n\u041a 9 \u0444\u0435\u0432\u0440\u0430\u043b\u044f 2021 \u0433\u043e\u0434\u0430 Microsoft \u043f\u0440\u043e\u0432\u0435\u0434\u0435\u0442 \u0440\u0430\u0437\u044a\u044f\u0441\u043d\u0438\u0442\u0435\u043b\u044c\u043d\u043e-\u043a\u0430\u0440\u0430\u0442\u0435\u043b\u044c\u043d\u0443\u044e \u0431\u0435\u0441\u0435\u0434\u0443 \u043e \u043d\u0435\u043e\u0431\u0445\u043e\u0434\u0438\u043c\u043e\u0441\u0442\u0438 \u0443\u0441\u0442\u0430\u043d\u0430\u0432\u043b\u0438\u0432\u0430\u0442\u044c \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u0438 \u043f\u0430\u0442\u0447\u0438 \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u0442 \u043f\u043e\u043b\u043d\u0443\u044e \u0432\u0435\u0440\u0441\u0438\u044e \u043f\u0430\u0442\u0447\u0430 \u0434\u043b\u044f \u0437\u0430\u0449\u0438\u0442\u044b \u043e\u0442 Zerologon, \u0432 \u043a\u043e\u0442\u043e\u0440\u043e\u043c, \u043a\u0440\u043e\u043c\u0435 \u0432\u0441\u0435\u0433\u043e \u043f\u0440\u043e\u0447\u0435\u0433\u043e, \u0431\u0443\u0434\u0435\u0442 \u0432\u043e\u043e\u0431\u0449\u0435 \u0437\u0430\u043f\u0440\u0435\u0449\u0435\u043d\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0441\u0442\u0430\u0440\u044b\u0445 \u0432\u0435\u0440\u0441\u0438\u0439 \u0441\u043b\u0443\u0436\u0431\u044b. \u0420\u0430\u0443\u043d\u0434!\n\n\u0418 \u043a \u044d\u0442\u043e\u043c\u0443 \u0442\u043e\u0436\u0435 \u043d\u0430\u0434\u043e \u0431\u044b\u0442\u044c \u0433\u043e\u0442\u043e\u0432\u044b\u043c\u0438.\n\n\u041a\u0441\u0442\u0430\u0442\u0438, \u0435\u0441\u043b\u0438 \u0442\u044b \u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0448\u044c\u0441\u044f \u0438\u0441\u043a\u043b\u044e\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e \u043b\u043e\u043a\u0430\u043b\u044c\u043d\u044b\u043c\u0438 \u0443\u0447\u0451\u0442\u043a\u0430\u043c\u0438, \u0442\u043e \u044d\u0442\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0442\u0435\u0431\u0435 \u043d\u0435 \u0441\u0442\u0440\u0430\u0448\u043d\u0430. \u041c\u043e\u0436\u0435\u0448\u044c \u0432\u043e\u0441\u043f\u0440\u0438\u043d\u0438\u043c\u0430\u0442\u044c \u044d\u0442\u0443 \u0441\u0442\u0430\u0442\u044c\u044e, \u043a\u0430\u043a \u0438\u0441\u043a\u043b\u044e\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e \u043f\u0440\u043e\u0441\u0432\u0435\u0442\u0438\u0442\u0435\u043b\u044c\u0441\u043a\u0443\u044e.", "creation_timestamp": "2020-11-11T18:40:22.000000Z"}, {"uuid": "0d0f9689-5b2e-4104-99b6-2da3fd86da2f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-1472", "type": "seen", "source": "https://t.me/LearnExploit/1583", "content": "CVE-2020-1472 - Netlogon Elevation of Privilege Vulnerability\n\nLink \n\u2014\u2014\u2014\u2014\u2014\u2014\u2067\n0Day.Today\n@LearnExploit\n@Tech_Army", "creation_timestamp": "2024-04-11T19:25:28.000000Z"}, {"uuid": "d7f22154-5cba-4206-a482-a3682d685fb9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-1472", "type": "seen", "source": "https://t.me/HackerOne/2732", "content": "Zerologon: Unauthenticated domain controller compromise by subverting Netlogon cryptography (CVE-2020-1472)\n\nhttps://www.secura.com/pathtoimg.php?id=2055", "creation_timestamp": "2020-09-14T17:11:38.000000Z"}, {"uuid": "4fcfd549-165e-4655-8088-7c1664134ab8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-1472", "type": "published-proof-of-concept", "source": "Telegram/gkfhdAVwawsafrkGE1Mwgdh3dAEK3lvSqdGyfRbpyGYsUw", "content": "", "creation_timestamp": "2020-09-17T10:56:34.000000Z"}, {"uuid": "f2be8808-2103-4363-bea0-1f08ef5ad54e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-1472", "type": "seen", "source": "https://t.me/cibsecurity/22224", "content": "\u274c Microsoft Implements Windows Zerologon Flaw \u2018Enforcement Mode\u2019 \u274c\n\nStarting Feb. 9, Microsoft will enable Domain Controller \u201cenforcement mode\u201d by default to address CVE-2020-1472.\n\n\ud83d\udcd6 Read\n\nvia \"Threat Post\".", "creation_timestamp": "2021-01-15T23:03:44.000000Z"}, {"uuid": "4796e17f-15b2-4f33-9996-d801d50c37df", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-1472", "type": "seen", "source": "https://t.me/haccking/103150", "content": "#\u041e\u0431\u0443\u0447\u0435\u043d\u0438\u0435\nZeroLogon \u0432 Windows Server. \u042d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f CVE-2020-1472", "creation_timestamp": "2021-12-23T14:01:44.000000Z"}, {"uuid": "9f8ab2de-4719-4307-8453-26d3287e4545", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-1472", "type": "exploited", "source": "https://t.me/haccking/92345", "content": "#\u041e\u0431\u0443\u0447\u0435\u043d\u0438\u0435\n\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c Zerologon: CVE-2020-1472\nhttps://telegra.ph/Uyazvimost-Zerologon-CVE-2020-1472-10-08", "creation_timestamp": "2020-10-09T12:00:17.000000Z"}, {"uuid": "6b673542-89a8-490e-bdb9-22841f5cc692", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-1472", "type": "published-proof-of-concept", "source": "https://t.me/SHATOOB/2885", "content": "\ud83c\udd94 @SHATOOB\n\n#CyberAttack\n#ZeroLogon\n\n\ud83c\udfa5 \u0646\u062d\u0648\u0647 Exploit \u06a9\u0631\u062f\u0646 \u0622\u0633\u06cc\u0628 \u067e\u0630\u06cc\u0631\u06cc ZeroLogon  \u062a\u0648\u0633\u0637 \u0645\u0647\u0627\u062c\u0645 \u0648 \u0627\u06cc\u062c\u0627\u062f \u062f\u0633\u062a\u0631\u0633\u06cc \u0628\u0647 \u0627\u06a9\u062a\u06cc\u0648 \u062f\u0627\u06cc\u0631\u06a9\u062a\u0648\u0631\u06cc\n\n\ud83d\udd3a\u062f\u0631\u06cc\u0627\u0641\u062a \u067e\u0686 \u0647\u0627\u06cc \u0627\u0645\u0646\u06cc\u062a\u06cc \u0627\u06cc\u0646 \u0622\u0633\u06cc\u0628 \u067e\u0630\u06cc\u0631\u06cc \u0627\u0632 \u0648\u0628 \u0633\u0627\u06cc\u062a \u0645\u0627\u06cc\u06a9\u0631\u0648\u0633\u0627\u0641\u062a\n\n\ud83c\udf10 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1472\n\n\u269c\ufe0f\u269c\ufe0f  \u0634\u0627\u062a\u0648\u0628 \u062f\u0631\u06cc\u0686\u0647 \u0627\u06cc \u0628\u0647 \u062f\u0646\u06cc\u0627\u06cc \u0631\u0627\u06cc\u0627\u0646\u0647 \u269c\ufe0f\u269c\ufe0f\n\n\ud83c\udd94 @SHATOOB", "creation_timestamp": "2020-10-16T13:00:48.000000Z"}, {"uuid": "95bf2595-d569-41f5-a8da-8a85b14f7bb3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-1472", "type": "exploited", "source": "https://t.me/information_security_channel/40368", "content": "CISA Issues Alert for Microsoft Netlogon Vulnerability\nhttps://www.darkreading.com/vulnerabilities---threats/cisa-issues-alert-for-microsoft-netlogon-vulnerability/d/d-id/1338920?_mc=rss_x_drr_edt_aud_dr_x_x-rss-simple\n\nCISA has issued an alert following the discovery of publicly available exploit code for Windows elevation of privilege flaw CVE-2020-1472.", "creation_timestamp": "2020-09-15T20:51:07.000000Z"}, {"uuid": "acf7bc77-d118-49ee-ac3f-71b47f18f98a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-1472", "type": "seen", "source": "https://t.me/information_security_channel/40489", "content": "Patch by Tonight: CISA Issues Emergency Directive for Critical Netlogon Flaw\nhttps://www.darkreading.com/vulnerabilities---threats/patch-by-tonight-cisa-issues-emergency-directive-for-critical-netlogon-flaw/d/d-id/1338971?_mc=rss_x_drr_edt_aud_dr_x_x-rss-simple\n\nThe directive requires all federal agencies to apply a patch for Windows Netlogon vulnerability CVE-2020-1472 by midnight on Sept. 21.", "creation_timestamp": "2020-09-21T17:20:38.000000Z"}, {"uuid": "c05f6ad8-286e-42b5-8be2-9a172c7b1355", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-1472", "type": "exploited", "source": "https://t.me/SHATOOB/2897", "content": "\ud83c\udd94 @SHATOOB\n\n#ZeroLogon\n\n\ud83d\udd3a\u0628\u06cc \u062a\u0641\u0627\u0648\u062a\u06cc \u0622\u0646\u062a\u06cc \u0648\u06cc\u0631\u0648\u0633 McAfee \u0646\u0633\u0628\u062a \u0628\u0647 \u062d\u0645\u0644\u0627\u062a ZeroLogon\n\n\ud83d\udd38 \u06cc\u06a9 \u0628\u0631\u0631\u0633\u06cc \u0627\u0646\u062c\u0627\u0645 \u0634\u062f\u0647 \u0646\u0634\u0627\u0646 \u0645\u06cc \u062f\u0647\u062f \u06a9\u0647 \u0622\u0646\u062a\u06cc \u0648\u06cc\u0631\u0648\u0633 McAfee \u0642\u0627\u062f\u0631 \u0628\u0647 \u062a\u0634\u062e\u06cc\u0635 \u062d\u0645\u0644\u0627\u062a ZeroLogon \u0646\u06cc\u0633\u062a . \u0627\u06cc\u0646 \u062f\u0631\u062d\u0627\u0644\u06cc\u0633\u062a \u06a9\u0647 \u062a\u0639\u062f\u0627\u062f \u0632\u06cc\u0627\u062f\u06cc \u0627\u0632 \u062f\u0633\u062a\u06af\u0627\u0647 \u0647\u0627\u06cc \u0645\u0647\u0645 \u062f\u0648\u0644\u062a\u06cc (\u0627\u0632\u062c\u0645\u0644\u0647 \u0628\u0631\u062e\u06cc \u0627\u0632 \u0633\u0627\u0632\u0645\u0627\u0646\u0647\u0627\u06cc \u0647\u062f\u0641 \u0642\u0631\u0627\u0631 \u06af\u0631\u0641\u062a\u0647 \u062f\u0631 \u062d\u0645\u0644\u0627\u062a \u0627\u062e\u06cc\u0631) \u0627\u0632 \u0622\u0646\u062a\u06cc \u0648\u06cc\u0631\u0648\u0633 McAfee \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0645\u06cc \u06a9\u0631\u062f\u0647 \u0627\u0646\u062f . \n\ud83d\udd38\u0645\u06a9\u0627\u0641\u06cc \u0628\u062f\u0644\u06cc\u0644 \u0627\u06cc\u0646\u06a9\u0647 IP\u0647\u0627\u06cc \u0627\u06cc\u0631\u0627\u0646 \u0631\u0627 \u0645\u0633\u062f\u0648\u062f \u06a9\u0631\u062f\u0647 \u0627\u0633\u062a \u0628\u0631\u0648\u0632\u0631\u0633\u0627\u0646\u06cc \u0647\u0627\u06cc \u0622\u0646 \u0628\u0635\u0648\u0631\u062a \u063a\u06cc\u0631\u0645\u0633\u062a\u0642\u06cc\u0645 \u0627\u0646\u062c\u0627\u0645 \u0645\u06cc \u0634\u0648\u062f . \u0639\u062f\u0645 \u0627\u062a\u0635\u0627\u0644 \u0622\u0646\u062a\u06cc \u0648\u06cc\u0631\u0648\u0633 \u0647\u0627 \u0628\u0647 \u0633\u0631\u0648\u06cc\u0633\u0647\u0627\u06cc Cloud \u0634\u0631\u06a9\u062a \u0633\u0627\u0632\u0646\u062f\u0647 \u0628\u0627\u0639\u062b \u062d\u0630\u0641 \u0628\u0631\u062e\u06cc \u0627\u0632 \u0642\u0627\u0628\u0644\u06cc\u062a\u0647\u0627\u06cc Protection \u0646\u0638\u06cc\u0631 Online Behavior \u0645\u06cc \u0634\u0648\u062f \u06a9\u0647 \u0639\u0645\u062f\u062a\u0627 \u0628\u0627\u0639\u062b \u0645\u06cc\u0634\u0648\u062f \u0622\u0646\u062a\u06cc \u0648\u06cc\u0631\u0648\u0633 \u062f\u0631 \u062a\u0634\u062e\u06cc\u0635 \u062a\u0647\u062f\u06cc\u062f\u0627\u062a \u0646\u0648\u0638\u0647\u0648\u0631 \u0646\u0627\u062a\u0648\u0627\u0646 \u0634\u0648\u062f . \n\ud83d\udd38\u0627\u0632 \u0633\u0648\u06cc \u062f\u06cc\u06af\u0631 \u0631\u062a\u0628\u0647 \u0647\u0627\u06cc \u0645\u06a9\u0627\u0641\u06cc \u062f\u0631 \u0631\u0646\u06a9\u06cc\u0646\u06af\u0647\u0627\u06cc \u0645\u0639\u062a\u0628\u0631 \u062c\u0647\u0627\u0646\u06cc \u062f\u0631 \u0633\u0627\u0644\u0647\u0627\u06cc \u0627\u062e\u06cc\u0631 \u06a9\u0627\u0647\u0634 \u0686\u0634\u0645\u06af\u06cc\u0631\u06cc \u062f\u0627\u0634\u062a\u0647 \u0627\u0633\u062a .\n\ud83d\udd38\u0642\u0627\u0628\u0644 \u0630\u06a9\u0631 \u0627\u0633\u062a \u06a9\u0647 \u0622\u0646\u062a\u06cc \u0648\u06cc\u0631\u0648\u0633 \u067e\u0627\u062f\u0648\u06cc\u0634 \u0646\u06cc\u0632 \u062f\u0631 \u0628\u0631\u0631\u0633\u06cc \u0647\u0627\u06cc \u0627\u0646\u062c\u0627\u0645 \u0634\u062f\u0647 \u0627\u0632 \u062a\u0627\u0631\u06cc\u062e 3 \u0622\u0628\u0627\u0646 \u0642\u0627\u062f\u0631 \u0628\u0647 \u062a\u0634\u062e\u06cc\u0635 \u062d\u0645\u0644\u0627\u062a ZeroLogon \u0627\u0633\u062a .\n\n\ud83d\udd3b \u0634\u0631\u06a9\u062a \u0645\u06a9\u0627\u0641\u06cc \u0628\u0639\u062f \u0627\u0632 76 \u0631\u0648\u0632 \u0627\u0632 \u06a9\u0634\u0641 \u0622\u0633\u06cc\u0628 \u067e\u0630\u06cc\u0631\u06cc ZeroLogon - CVE-2020-1472  \u062f\u0631 \u0627\u0637\u0644\u0627\u0639\u06cc\u0647 \u0627\u06cc \u0627\u0639\u0644\u0627\u0645 \u06a9\u0631\u062f \u06a9\u0647 \u0627\u0632 \u0627\u06cc\u0646 \u067e\u0633 Exploit \u0627\u06cc\u0646 \u0622\u0633\u06cc\u0628 \u067e\u0630\u06cc\u0631\u06cc \u0631\u0627 \u0634\u0646\u0627\u0633\u0627\u06cc\u06cc \u0645\u06cc \u06a9\u0646\u062f .\n\n\u269c\ufe0f\u269c\ufe0f  \u0634\u0627\u062a\u0648\u0628 \u062f\u0631\u06cc\u0686\u0647 \u0627\u06cc \u0628\u0647 \u062f\u0646\u06cc\u0627\u06cc \u0631\u0627\u06cc\u0627\u0646\u0647 \u269c\ufe0f\u269c\ufe0f\n\n\ud83c\udd94 @SHATOOB", "creation_timestamp": "2020-10-30T17:16:06.000000Z"}, {"uuid": "a09a6195-ccf6-4ae6-841a-9db7ce5acaeb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-1472", "type": "seen", "source": "https://t.me/haccking/5487", "content": "#\u041e\u0431\u0443\u0447\u0435\u043d\u0438\u0435\n\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c Zerologon: CVE-2020-1472\nhttps://telegra.ph/Uyazvimost-Zerologon-CVE-2020-1472-10-08", "creation_timestamp": "2020-10-09T14:00:14.000000Z"}, {"uuid": "57eaef41-8ff2-48ea-9a92-85302dd48f1a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-1472", "type": "seen", "source": "https://t.me/xakep_ru/9895", "content": "\u041f\u0440\u043e\u0431\u043b\u0435\u043c\u0430 Zerologon \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 \u0443\u0433\u0440\u043e\u0437\u0443 \u0434\u043b\u044f \u043d\u0435\u043a\u043e\u0442\u043e\u0440\u044b\u0445 NAS \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0441\u0442\u0432\u0430 Qnap\n\n\u041f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u0438\u0442\u0435\u043b\u0438 Qnap \u043f\u0440\u0435\u0434\u0443\u043f\u0440\u0435\u0434\u0438\u043b\u0438, \u0447\u0442\u043e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c Zerologon (CVE-2020-1472), \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043d\u0430\u044f Microsoft \u0432 \u0440\u0430\u043c\u043a\u0430\u0445 \u0430\u0432\u0433\u0443\u0441\u0442\u043e\u0432\u0441\u043a\u043e\u0433\u043e \u00ab\u0432\u0442\u043e\u0440\u043d\u0438\u043a\u0430 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0439\u00bb, \u043c\u043e\u0436\u0435\u0442 \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u043b\u044f\u0442\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u044c \u0434\u043b\u044f \u043d\u0435\u043a\u043e\u0442\u043e\u0440\u044b\u0445 \u043c\u043e\u0434\u0435\u043b\u0435\u0439 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432 \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0438.\n\nhttps://xakep.ru/2020/10/22/zerologon-qnap/", "creation_timestamp": "2020-10-22T19:05:11.000000Z"}, {"uuid": "6ebe57ed-21ea-46c5-a15e-b97e44adf3a9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-1472", "type": "seen", "source": "https://t.me/canyoupwnme/6577", "content": "CVE-2020-1472 | Netlogon Elevation of Privilege Vulnerability\nhttps://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1472", "creation_timestamp": "2020-08-12T22:06:57.000000Z"}, {"uuid": "a4d6b9df-e8fc-4e3f-927a-15a40795039c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-1472", "type": "published-proof-of-concept", "source": "https://t.me/canyoupwnme/6629", "content": "CVE-2020-1472\nhttps://github.com/SecuraBV/CVE-2020-1472", "creation_timestamp": "2020-09-13T19:13:40.000000Z"}, {"uuid": "e1336b64-d15a-4be5-bd30-c1d1db504b41", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-1472", "type": "exploited", "source": "https://t.me/haccking/7070", "content": "#\u041e\u0431\u0443\u0447\u0435\u043d\u0438\u0435\nZeroLogon \u0432 Windows Server. \u042d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f CVE-2020-1472", "creation_timestamp": "2021-12-23T15:01:44.000000Z"}, {"uuid": "7dd9ebdb-65ae-4f20-abca-4fe65c306493", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-1472", "type": "exploited", "source": "https://t.me/DC8044_Info/877", "content": "\u042d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044e CVE-2020-1472, aka ZeroLogon \u0434\u0435\u0442\u0435\u043a\u0442\u044f\u0442 \u043d\u0430 \u0445\u0430\u043d\u0438\u043f\u043e\u0442\u0430\u0445 in the wild.\nhttps://doublepulsar.com/in-the-wild-exploitation-of-zerologon-detected-over-the-internet-on-honeypot-f61e2700215b", "creation_timestamp": "2020-09-27T21:38:24.000000Z"}, {"uuid": "687e3207-3540-4df2-be93-15f3f52861be", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-1472", "type": "exploited", "source": "https://t.me/SecLabNews/8895", "content": "\u041a\u043e\u043c\u043f\u0430\u043d\u0438\u044f Microsoft \u043e\u0431\u043d\u043e\u0432\u0438\u043b\u0430 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0438 \u043f\u043e \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 Zerologon (CVE-2020-1472), \u0443\u0442\u043e\u0447\u043d\u0438\u0432 \u043f\u043e\u0440\u044f\u0434\u043e\u043a \u043c\u0435\u0440, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u043c\u043e\u0433\u0443\u0442 \u0440\u0435\u0430\u043b\u0438\u0437\u043e\u0432\u0430\u0442\u044c \u0434\u043b\u044f \u0437\u0430\u0449\u0438\u0442\u044b \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u0445 \u0441\u0435\u0440\u0432\u0435\u0440\u043e\u0432 Windows Server \u043e\u0442 \u0430\u0442\u0430\u043a, \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u044e\u0449\u0438\u0445 \u0434\u0430\u043d\u043d\u0443\u044e \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u0443.     \nMicrosoft\u00a0\u0440\u0430\u0437\u044a\u044f\u0441\u043d\u0438\u043b\u0430 \u043f\u043e\u0440\u044f\u0434\u043e\u043a \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 Zerologon", "creation_timestamp": "2020-10-06T07:09:51.000000Z"}, {"uuid": "4261ae9c-a42f-4f8d-9348-720e0895da11", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-1472", "type": "exploited", "source": "https://t.me/SecLabNews/8962", "content": "\u041a\u0430\u043a \u0441\u043e\u043e\u0431\u0449\u0430\u0435\u0442 \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u044f Microsoft, \u0438\u0440\u0430\u043d\u0441\u043a\u0430\u044f \u043a\u0438\u0431\u0435\u0440\u0448\u043f\u0438\u043e\u043d\u0441\u043a\u0430\u044f \u0433\u0440\u0443\u043f\u043f\u0438\u0440\u043e\u0432\u043a\u0430 MuddyWater (\u043e\u043d\u0430 \u0436\u0435 MERCURY, SeedWorm \u0438 TEMP.Zagros) \u0432 \u0442\u0435\u0447\u0435\u043d\u0438\u0435 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0438\u0445 \u0434\u0432\u0443\u0445 \u043d\u0435\u0434\u0435\u043b\u044c \u0430\u043a\u0442\u0438\u0432\u043d\u043e \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u0435\u0442 \u0432 \u0441\u0432\u043e\u0438\u0445 \u0430\u0442\u0430\u043a\u0430\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c ZeroLogon (CVE-2020-1472).     \n\u0418\u0440\u0430\u043d\u0441\u043a\u0438\u0435 \u0445\u0430\u043a\u0435\u0440\u044b \u0430\u043a\u0442\u0438\u0432\u043d\u043e \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u044e\u0442 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c ZeroLogon", "creation_timestamp": "2020-10-06T10:45:01.000000Z"}, {"uuid": "b57c9e01-88b4-48a3-b37e-cc9e6a548d87", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-1472", "type": "published-proof-of-concept", "source": "https://t.me/DC8044_Info/902", "content": "\u041d\u0430\u043f\u043e\u043c\u043d\u0438\u043c, \u0447\u0442\u043e \u0441\u0435\u0433\u043e\u0434\u043d\u044f \u0432 13 \u0447\u0430\u0441\u043e\u0432 \u043f\u043e \u041a\u0438\u0435\u0432\u0443 \u0426\u0410\u0420\u041a\u0410 \u043f\u0440\u043e\u0432\u043e\u0434\u0438\u0442 \u0430\u043a\u0442\u0443\u0430\u043b\u044c\u043d\u0435\u0439\u0448\u0438\u0439 \u0432\u0435\u0431\u0438\u043d\u0430\u0440 \u0441 \u0440\u0430\u0437\u0431\u043e\u0440\u043e\u043c \u043d\u0430\u0448\u0443\u043c\u0435\u0432\u0448\u0435\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 Zerologon (CVE-2020-1472), \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u0438\u0432\u043d\u044b\u0439 \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u043b\u0435\u0440\u0443 \u0434\u043e\u043c\u0435\u043d\u0430, \u0430 \u043e\u0442\u0442\u0443\u0434\u0430 - \u043a\u043e \u0432\u0441\u0435\u0439 \u0441\u0435\u0442\u0438. \u0420\u0430\u0441\u0441\u043a\u0430\u0437\u044b\u0432\u0430\u0442\u044c \u0431\u0443\u0434\u0435\u0442 \u044d\u043a\u0441\u043f\u0435\u0440\u0442 \u0426\u0410\u0420\u041a\u0410 \u0422\u0443\u0440\u0441\u0443\u043c\u0431\u0430\u0435\u0432 \u0414\u0430\u043d\u0438\u043b (Wilson).\n\u0421\u043e\u0434\u0435\u0440\u0436\u0430\u043d\u0438\u0435 \u0432\u0435\u0431\u0438\u043d\u0430\u0440\u0430:\n- \u0440\u0435\u0436\u0438\u043c\u044b \u0440\u0430\u0431\u043e\u0442\u044b \u0431\u043b\u043e\u0447\u043d\u044b\u0445 \u0448\u0438\u0444\u0440\u043e\u0432;\n- \u0440\u0430\u0437\u0431\u043e\u0440 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 Zerologon;\n- \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u044c \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438;\n- \u043b\u0438\u0447\u043d\u044b\u0439 \u043e\u043f\u044b\u0442 \u043f\u0440\u0438\u043c\u0435\u043d\u0435\u043d\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043d\u0430 \u0436\u0438\u0432\u043e\u043c \u043f\u0440\u043e\u0435\u043a\u0442\u0435.\nhttps://youtu.be/eJ6L8f6Sw_U", "creation_timestamp": "2020-10-01T10:30:32.000000Z"}, {"uuid": "4d55db42-61dd-4e68-947c-169e955db3e3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-1472", "type": "exploited", "source": "https://t.me/CyberSecurityTechnologies/1742", "content": "#exploit\nCVE-2020-1472: \nNetlogon (MS-NRPC) EoP Vulnerability\nhttps://www.secura.com/blog/zero-logon\n]-> test tool for CVE-2020-1472:\nhttps://github.com/SecuraBV/CVE-2020-1472\n]-> PoC for Zerologon:\nhttps://github.com/dirkjanm/CVE-2020-1472\n]-> Unauth Domain Controller compromise of the computer account password:\nhttps://github.com/blackarrowsec/redteam-research/tree/master/CVE-2020-1472", "creation_timestamp": "2024-10-28T16:04:45.000000Z"}, {"uuid": "b32fcce4-7898-47e1-9715-c26378fcfd6a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-1472", "type": "seen", "source": "https://t.me/Russian_OSINT/875", "content": "\u200b\u200b\ud83d\ude94 \u0424\u0411\u0420 \u043e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043b\u0438 \u0441\u043f\u0438\u0441\u043e\u043a 30 \u0441\u0430\u043c\u044b\u0445 \u043f\u043e\u043f\u0443\u043b\u044f\u0440\u043d\u044b\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0437\u0430 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0438\u0435 2 \u0433\u043e\u0434\u0430\n\nCVE-2021-26855: It is a Microsoft Exchange Server Remote Code Execution\nCVE-2021-26857: It is a Microsoft Exchange Server Remote Code Execution\nCVE-2021-26858: It is a Microsoft Exchange Server Remote Code Execution\nCVE-2021-27065: It is a Microsoft Exchange Server Remote Code Execution\nCVE-2021-22893: It is an Improper Authentication vulnerability that is marked as critical\nCVE-2021-22894: It is a buffer overflow vulnerability that enables an attacker to execute arbitrary code\nCVE-2021-22899: It is a command injection vulnerability that enables an attacker to execute remote code\nCVE-2021-22900: It is an Improper Control of Generation of Code vulnerability\nCVE-2021-27101: It is an Improper Neutralization of Special Elements used in an SQL Command\nCVE-2021-27102: It is an Improper Neutralization of Special Elements used in an OS Command\nCVE-2021-27103: It is a Server-Side Request Forgery (SSRF) vulnerability\nCVE-2021-27104: It is an Improper Neutralization of Special Elements used in an OS Command vulnerability\nCVE-2021-21985: It is an Improper Input Validation vulnerability\nCVE-2018-13379: It is an Improper Limitation of a Pathname to a Restricted Directory (\u2018Path Traversal\u2019)\nCVE-2020-12812: It is an Improper Authentication vulnerability\nCVE-2019-5591: It is a Missing Authentication for Critical Function vulnerability\nCVE-2019-19781: It is an Improper Limitation of a Pathname to a Restricted Directory \nCVE 2019-11510: It is an Improper Limitation of a Pathname to a Restricted Directory\nCVE 2018-13379: It is an Improper Limitation of a Pathname to a Restricted Directory \nCVE 2020-5902: It is an Inclusion of Functionality from Untrusted Control Sphere and Improper Limitation of a Pathname to a Restricted Directory vulnerability \nCVE 2020-15505: It is an Insufficient Information vulnerability\nCVE-2017-11882: It is a Microsoft Office Memory Corruption vulnerability that enables an attacker to execute arbitrary code.\nCVE-2019-11580: It is an Insufficient Information vulnerability\nCVE-2018-7600: It is an Improper Input Validation vulnerability\nCVE 2019-18935: It is a Deserialization of Untrusted Data vulnerability\nCVE-2019-0604: It is a Microsoft SharePoint Remote Code Execution Vulnerability\nCVE-2020-0787: It is a Windows Background Intelligent Transfer Service Elevation of Privilege vulnerability\nCVE-2020-1472: It is a Netlogon Elevation of Privilege vulnerability \nCVE-2020-15505: It is an Insufficient Information vulnerability\nCVE-2020-0688: It is a Use of Hard-coded Credentials vulnerability", "creation_timestamp": "2021-07-29T17:59:02.000000Z"}, {"uuid": "f7d15627-945b-4597-a857-708beaa50492", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-1472", "type": "exploited", "source": "https://t.me/CyberSecurityTechnologies/1946", "content": "#DFIR\nThe DFIR Report - Ryuk in 5 Hours:\n- Zerologon (CVE-2020-1472) exploited 2 hours after initial execution of Bazar; \n- Cobalt Strike & Bazar for C2; \n- AdFind, Net, Ping, Nltest & PowerShell for Discovery; \n- WMI & RDP for Execution; \n- Ryuk ransomware for Impact.\nhttps://thedfirreport.com/2020/10/18/ryuk-in-5-hours", "creation_timestamp": "2022-11-27T19:23:41.000000Z"}, {"uuid": "e074e92d-d747-4d1c-a3c3-db331f533845", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-1472", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/8709", "content": "#Blue_Team_Techniques\n1. Testing CVE-2022-44875\nhttps://github.com/c0d30d1n/CVE-2022-44875-Test\n2. Test tool for CVE-2020-1472 (Zerologon)\nhttps://github.com/SecuraBV/CVE-2020-1472\n3. Tool for scanning/exploiting the famous SQL injection vulnerability in more than millions of sites\nhttps://github.com/mr-sami-x/SQLi", "creation_timestamp": "2025-03-29T16:32:29.000000Z"}, {"uuid": "c15a6514-56f2-4794-8bf9-798cb3260563", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-1472", "type": "seen", "source": "https://t.me/CyberSecurityTechnologies/2708", "content": "#Analytics\n10 most exploited vulnerabilities of the week (feb 8-14)\nCVE-2020-1472 - Microsoft Zerologon\nhttps://t.me/cybersecuritytechnologies/1742\nCVE-2021-3156 - Heap-Based Buffer Overflow in Sudo\nhttps://t.me/cybersecuritytechnologies/2577\nCVE-2021-1732 - Windows kernel 0-day exploit is used by BITTER APT in targeted attack\nhttps://t.me/cybersecuritytechnologies/2679\nCVE-2020-2037 - Palo Alto PAN-OS vulnerability\nhttps://t.me/cybersecuritytechnologies/2687\nCVE-2021-24074, CVE-2021-24086, CVE-2021-24094 - Windows IPv4/IPv6 Stack RCE/DoS Vulnerabilities\nhttps://unit42.paloaltonetworks.com/cve-2021-24074-patch-tuesday\nCVE-2021-1782 - iOS\\iPadOS 14.3 kernel LPE vulnerability\nhttps://t.me/cybersecuritytechnologies/2694\nCVE-2021-21017 - Acrobat Reader DC\u00a0a heap-based buffer overflow vulnerability\nhttps://threatpost.com/critical-adobe-windows-flaw/163789\nCVE-2020-24581 - D-Link DSL-2888A AU_2.31_V1x - RCE\nhttps://t.me/cybersecuritytechnologies/2670", "creation_timestamp": "2021-02-15T11:00:19.000000Z"}, {"uuid": "acb2baad-6bf5-4afd-aa45-20d24c71e2d2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-1472", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/2358", "content": "#Analytics\nTop-10 exploited vulnerabilities in July-December 2020:\n1. CVE-2020-0601 - CurveBall CryptoAPI\nhttps://t.me/cybersecuritytechnologies/628\n2. CVE-2019-17026/CVE-2020-0674 - 0-Day Vulnerability in Mozilla Firefox\nhttps://t.me/cybersecuritytechnologies/914\n3. CVE-2020-0796 - Windows SMBv3 LPE exploit\nhttps://t.me/cybersecuritytechnologies/874\n4. CVE-2020-1472 - Microsoft Zerologon\nhttps://t.me/cybersecuritytechnologies/1742\n5. CVE-2020-5902/5903 - F5 BigIP TMUI Critical RCE\nhttps://t.me/cybersecuritytechnologies/1378\n6. CVE-2018-10561 - Dasan GPON Router Auth. Bypass\nhttps://t.me/cybersecuritytechnologies/51\n7. CVE-2020-1350 - Exploit SIGRed\nhttps://t.me/cybersecuritytechnologies/1422\n8. CVE-2020-15999 + CVE-2020-17087 = Win Kernel cng.sys buffer overflow 0-Day\nhttps://t.me/cybersecuritytechnologies/1960\nhttps://t.me/cybersecuritytechnologies/2010\n9. CVE-2020-16898 - \"Bad Neighbor\" RCE Vulnerability\nhttps://t.me/cybersecuritytechnologies/1912\n10. CVE-2020-1938 - \"Ghostcat\" Apache Tomcat\nhttps://t.me/cybersecuritytechnologies/705", "creation_timestamp": "2025-01-04T20:00:34.000000Z"}, {"uuid": "a0cb175a-aced-4629-b6c2-02c689bcd78b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-1472", "type": "exploited", "source": "https://t.me/suboxone_chatroom/132", "content": "Both Falcon identity protection modules provide Active Directory attack detections:\n\u2022 Account enumeration reconnaissance (BloodHound, Kerberoasting)\n\u2022 Bronze Bit (CVE-2020-17049)\n\u2022 Brute force attacks (LDAP simple bind, NTLM, Kerberos)\n\u2022 Credential scanning (on-premises)\n\u2022 Cloud-based (Azure AD) brute-force/credentials scanning\n\u2022 DCSync \u2014 Active Directory replication\n\u2022 DCShadow\n\u2022 Forged PAC for privilege escalation (Bulletin MS-14-068)\n\u2022 Golden Ticket\n\u2022 Hidden object detected\n\u2022 NTLM Relay Attack (including MS Exchange)\n\u2022 Overpass-the-Hash (Multiple methods - Mimikatz, CrackMapExec)\n\u2022 Pass-the-Hash (Impacket, CrackMapExec, Metasploit)\n\u2022 Pass-the-Ticket\n\u2022 Possible exploitation attempt (CredSSP) CVE-2018-0886\n\u2022 Remote execution attempts\n\u2022 Skeleton Key and Mimikatz Skeleton Key\n\u2022 Suspected NTLM authentication tampering (CVE-2019-1040)\n\u2022 ZeroLogin (CVE-2020-1472)", "creation_timestamp": "2024-12-27T11:55:02.000000Z"}, {"uuid": "0d1aabff-c793-457c-8a0e-bdcda038bcf4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-1472", "type": "seen", "source": "https://t.me/cibsecurity/14788", "content": "\ud83d\udd74 Patch by Tonight: CISA Issues Emergency Directive for Critical Netlogon Flaw \ud83d\udd74\n\nThe directive requires all federal agencies to apply a patch for Windows Netlogon vulnerability CVE-2020-1472 by midnight on Sept. 21.\n\n\ud83d\udcd6 Read\n\nvia \"Dark Reading: \".", "creation_timestamp": "2020-09-21T17:34:19.000000Z"}, {"uuid": "122a4960-8a62-457b-a3ea-f061ecf168d0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-1472", "type": "exploited", "source": "https://t.me/cibsecurity/14936", "content": "\u274c Zerologon Attacks Against Microsoft DCs Snowball in a Week \u274c\n\nThe attempted compromises, which could allow full control over Active Directory identity services, are flying thick and fast just a week after active exploits of CVE-2020-1472 were first flagged.\n\n\ud83d\udcd6 Read\n\nvia \"Threat Post\".", "creation_timestamp": "2020-09-29T20:38:27.000000Z"}, {"uuid": "e6bde413-0869-4dc2-a5a7-0d0d9fb9c202", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-1472", "type": "exploited", "source": "https://t.me/cibsecurity/15082", "content": "\u274c Microsoft Zerologon Flaw Under Attack By Iranian Nation-State Actors \u274c\n\nMicrosoft warns that the MERCURY APT has been actively exploiting CVE-2020-1472 in campaigns for the past two weeks.\n\n\ud83d\udcd6 Read\n\nvia \"Threat Post\".", "creation_timestamp": "2020-10-06T18:20:48.000000Z"}, {"uuid": "94253f7a-cee5-4247-8917-e506e103e14b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-1472", "type": "published-proof-of-concept", "source": "https://t.me/cibsecurity/14672", "content": "\ud83d\udd74 CISA Issues Alert for Microsoft Netlogon Vulnerability \ud83d\udd74\n\nCISA has issued an alert following the discovery of publicly available exploit code for Windows elevation of privilege flaw CVE-2020-1472.\n\n\ud83d\udcd6 Read\n\nvia \"Dark Reading: \".", "creation_timestamp": "2020-09-15T20:34:30.000000Z"}]}