{"vulnerability": "CVE-2021-4044", "sightings": [{"uuid": "1fec4c74-6ba1-4e7e-b525-296d001adbb6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-40444", "type": "seen", "source": "MISP/c6250a7a-63b1-4996-8734-3ab181e12e3e", "content": "", "creation_timestamp": "2021-09-17T13:28:19.000000Z"}, {"uuid": "536ef7cc-bc43-4d15-9105-1ff066f9a37b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-40444", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2021-11-20T09:53:52.000000Z"}, {"uuid": "1eed80cb-e621-495c-9586-fac4a22c22ec", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-40449", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2021-11-20T09:53:52.000000Z"}, {"uuid": "54baf3ea-f807-4578-8192-2b2f2a9ae629", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-40444", "type": "seen", "source": "MISP/0e364a41-87ba-499f-9fdb-431db5d5904b", "content": "", "creation_timestamp": "2021-10-20T11:54:14.000000Z"}, {"uuid": "8812d9aa-f22e-4a19-82df-cc66047cc34b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-40449", "type": "seen", "source": "MISP/1923bf2c-1042-4bf1-8f30-b7c658e32478", "content": "", "creation_timestamp": "2021-10-13T12:27:20.000000Z"}, {"uuid": "a755b1c6-0fc0-4ab6-8b55-a26cf73bf764", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-40444", "type": "seen", "source": "MISP/f5030aca-7d5a-43a4-ae03-8f4ac8e85422", "content": "", "creation_timestamp": "2021-11-08T08:58:18.000000Z"}, {"uuid": "9467ee8b-dc28-4a2e-a1e8-c0a7d628439a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-40444", "type": "seen", "source": "MISP/08b73391-3313-43b2-ba79-75bcbf606936", "content": "", "creation_timestamp": "2021-09-09T06:22:30.000000Z"}, {"uuid": "e7743fbe-7dce-4a1e-aa26-f51e33acb552", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-40444", "type": "seen", "source": "MISP/63ddead6-4b82-414c-ad8e-c516b950b446", "content": "", "creation_timestamp": "2021-10-25T22:32:43.000000Z"}, {"uuid": "9bb7dfee-4632-44d2-9daf-7ba51e8af93c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-40449", "type": "seen", "source": "MISP/63ddead6-4b82-414c-ad8e-c516b950b446", "content": "", "creation_timestamp": "2021-10-25T22:32:43.000000Z"}, {"uuid": "758c455d-47a9-4871-8d67-995dff4ed8cf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-40444", "type": "seen", "source": "MISP/3c9fa790-f4b2-44e5-bd3c-593bd7113bef", "content": "", "creation_timestamp": "2024-02-28T11:10:03.000000Z"}, {"uuid": "9b473eff-b3ea-43a0-b166-6f5394eb904e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-40444", "type": "seen", "source": "https://feedsin.space/feed/CISAKevBot/items/2971008", "content": "", "creation_timestamp": "2024-12-24T20:22:59.062226Z"}, {"uuid": "c10c2c3d-ec29-4cc4-b8d3-d5fd416d154f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-40449", "type": "seen", "source": "https://feedsin.space/feed/CISAKevBot/items/2971174", "content": "", "creation_timestamp": "2024-12-24T20:25:22.271075Z"}, {"uuid": "b2a8cb3a-dd44-4461-a334-03d071f1e047", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-40444", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-06T03:13:45.000000Z"}, {"uuid": "891d9034-a687-4d21-bde9-cbd2b8f36509", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-40449", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-06T03:13:45.000000Z"}, {"uuid": "a5c075a8-299c-4f63-9247-cf86b09595b5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-40444", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-23T04:10:40.000000Z"}, {"uuid": "e79bb167-102f-48a5-a0bb-a73a61857b3c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-40449", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-23T04:10:40.000000Z"}, {"uuid": "b9c85729-3d37-4824-8932-24ea97cd1a92", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-40447", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lhuyyopvam2m", "content": "", "creation_timestamp": "2025-02-11T06:14:39.386187Z"}, {"uuid": "b5f48b4c-3028-4fed-854b-da78a50868f9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-40444", "type": "seen", "source": "MISP/0e364a41-87ba-499f-9fdb-431db5d5904b", "content": "", "creation_timestamp": "2025-11-07T14:52:33.000000Z"}, {"uuid": "2030cc28-0543-4a0c-9edd-a6a3b0bac780", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-40449", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2025-02-23T02:09:57.000000Z"}, {"uuid": "65e7a9d3-b865-4456-868d-ab2623e615b6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-40444", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2025-02-23T02:09:57.000000Z"}, {"uuid": "ea5e26df-baf2-4d31-909d-3455bc7433e2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-40449", "type": "seen", "source": "https://poliverso.org/objects/0477a01e-919adc8a-067737fcfb8a4ad5", "content": "", "creation_timestamp": "2025-04-17T08:42:19.205320Z"}, {"uuid": "da4684b8-5e99-41d6-93a7-8d63ab63997d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-40449", "type": "seen", "source": "https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/local/cve_2021_40449.rb", "content": "", "creation_timestamp": "2021-11-09T18:01:52.000000Z"}, {"uuid": "6b03ec48-3136-41b1-953d-3f5ea9ec4abd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-40444", "type": "seen", "source": "https://infosec.exchange/users/saltmyhash/statuses/114039171548967342", "content": "", "creation_timestamp": "2025-02-21T01:01:38.398488Z"}, {"uuid": "d85e88f0-8f96-4c1e-81f2-476ef4488324", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-40444", "type": "seen", "source": "https://gist.github.com/semarainc/c058d1b57e5d6cd814be5ed74607bcc0", "content": "", "creation_timestamp": "2026-02-03T09:28:54.000000Z"}, {"uuid": "b2e481a9-1ab2-4fd3-a3ba-c1f61d0f06cc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-40444", "type": "seen", "source": "MISP/ab0b745f-bbd5-338e-8b92-97dd0c757e9d", "content": "", "creation_timestamp": "2025-08-31T03:00:57.000000Z"}, {"uuid": "cd61ee3a-c192-471d-9728-4fb8768280e4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-40444", "type": "seen", "source": "https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/fileformat/word_mshtml_rce.rb", "content": "", "creation_timestamp": "2021-12-08T23:05:35.000000Z"}, {"uuid": "07ff6efd-eb50-46b9-8b47-157cc0c49721", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-40444", "type": "seen", "source": "https://gist.github.com/emdnaia/e847d2f0ccf8257f8934004fa0206ab3", "content": "", "creation_timestamp": "2026-01-29T17:21:28.000000Z"}, {"uuid": "7c269797-9ed9-40ab-80ed-c804c1ace1e8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-40444", "type": "seen", "source": "https://gist.github.com/RakhithJK/c314170d725c0b6601300e898456a04e", "content": "", "creation_timestamp": "2026-02-20T15:52:08.000000Z"}, {"uuid": "0fe931eb-a1f6-4b15-a6b6-109d9ea4d3aa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2021-40449", "type": "seen", "source": "https://www.kyberturvallisuuskeskus.fi/fi/haavoittuvuus_32/2021", "content": "", "creation_timestamp": "2021-10-13T11:01:48.000000Z"}, {"uuid": "b5a64a62-75d2-43ec-9cbc-68e2d4b1f855", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-40444", "type": "seen", "source": "https://gist.github.com/onlypwns/be8b24417fad709634f0b88d49d7bfb9", "content": "", "creation_timestamp": "2026-02-21T09:31:45.000000Z"}, {"uuid": "8d31c434-3ef5-4583-9b3c-b19c5c49493e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2021-40444", "type": "seen", "source": "https://www.govcert.gov.hk/en/alerts_detail.php?id=649", "content": "", "creation_timestamp": "2021-09-15T04:00:00.000000Z"}, {"uuid": "c54ed495-4462-4ce3-8703-4ebb125565fd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2021-40449", "type": "seen", "source": "https://www.govcert.gov.hk/en/alerts_detail.php?id=672", "content": "", "creation_timestamp": "2021-10-15T04:00:00.000000Z"}, {"uuid": "5d0069d5-e27e-48aa-902d-bf461b126a90", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2021-40444", "type": "seen", "source": "https://www.govcert.gov.hk/en/alerts_detail.php?id=641", "content": "", "creation_timestamp": "2021-09-08T04:00:00.000000Z"}, {"uuid": "6697871f-df64-4e15-b2b6-2737aebde51f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-40444", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/676", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2021\n\u63cf\u8ff0\uff1aThis repo contain builders of cab file, html file, and docx file for CVE-2021-40444 exploit\nURL\uff1ahttps://github.com/Sirius-RJ/FullstackAcademy-Printernightmare-writeup-2105-E.C.A.R.", "creation_timestamp": "2021-10-11T21:47:47.000000Z"}, {"uuid": "5473fce6-d4c5-4656-9c46-d0fa4bfb4fdc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-40444", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/524", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2021\n\u63cf\u8ff0\uff1aMalicious document builder for CVE-2021-40444 \nURL\uff1ahttps://github.com/amartinsec/MSHTMHell", "creation_timestamp": "2021-09-14T13:51:10.000000Z"}, {"uuid": "4808050d-b9c8-4760-9090-590f1c4567c7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "af0120d0-3dac-4a6a-974b-a9f33d2a9846", "vulnerability": "CVE-2021-40444", "type": "seen", "source": "https://vulnerability.circl.lu/bundle/fdda4963-0aa7-4d15-8a8f-969db8f304ca", "content": "", "creation_timestamp": "2025-02-28T23:49:13.272798Z"}, {"uuid": "a298ab59-baae-4d5c-b692-0d4b8e788bd8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "af0120d0-3dac-4a6a-974b-a9f33d2a9846", "vulnerability": "CVE-2021-40449", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/19b353b2-50ad-4133-a3f8-2f562294a654", "content": "", "creation_timestamp": "2026-02-02T12:28:32.790984Z"}, {"uuid": "89815a79-7ee0-419c-9167-1a9a7ce4b547", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "af0120d0-3dac-4a6a-974b-a9f33d2a9846", "vulnerability": "CVE-2021-40444", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/bdc4327f-58b2-466a-ae76-b26643cb37fe", "content": "", "creation_timestamp": "2026-02-02T12:28:52.858004Z"}, {"uuid": "90585846-0f70-42da-a3dd-9a0e2258bb98", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-40449", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/705", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2021\n\u63cf\u8ff0\uff1aPoC (DoS) for CVE-2021-40449 - Win32k Elevation of Privilege Vulnerability (LPE)\nURL\uff1ahttps://github.com/ollypwn/CallbackHell", "creation_timestamp": "2021-10-16T16:27:58.000000Z"}, {"uuid": "be60c6fe-0a5a-45cc-86fd-8008357cd28c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-40444", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/702", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2021\n\u63cf\u8ff0\uff1aTIC4301 Project - CVE-2021-40444\nURL\uff1ahttps://github.com/factionsypho/TIC4301_Project", "creation_timestamp": "2021-10-16T08:55:46.000000Z"}, {"uuid": "d9081132-d9da-4149-8351-3d7e5c2f3874", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-40444", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/614", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2021\n\u63cf\u8ff0\uff1aMicrosoft MSHTML Remote Code Execution Vulnerability CVE-2021-40444\nURL\uff1ahttps://github.com/ozergoker/CVE-2021-40444", "creation_timestamp": "2021-09-29T11:45:16.000000Z"}, {"uuid": "4e1dbbc4-dadc-4314-aa90-c69d608747bf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-40449", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/706", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2021\n\u63cf\u8ff0\uff1aPoC (DoS) for CVE-2021-40449 - Win32k Elevation of Privilege Vulnerability (LPE)\nURL\uff1ahttps://github.com/ly4k/CallbackHell", "creation_timestamp": "2021-10-17T13:30:23.000000Z"}, {"uuid": "0f7ca9cb-59d3-441d-aba7-64e25ba99894", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-40444", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/613", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2021\n\u63cf\u8ff0\uff1aThis docx exploit uses res files inside Microsoft .docx file to execute malicious files. This exploit is related to CVE-2021-40444\nURL\uff1ahttps://github.com/LazarusReborn/Docx-Exploit-2021", "creation_timestamp": "2021-09-29T10:47:44.000000Z"}, {"uuid": "d9be169f-263c-4242-a7f1-98da8486fa44", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-40449", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/738", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2021\n\u63cf\u8ff0\uff1aMy exploit for CVE-2021-40449, a Windows LPE via a UAF in win32kfull!GreResetDCInternal.\nURL\uff1ahttps://github.com/hakivvi/CVE-2021-40449", "creation_timestamp": "2021-10-25T06:25:20.000000Z"}, {"uuid": "68512f4d-4f14-432a-a5bb-6e0a8aaab8ca", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-40444", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/781", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2021\n\u63cf\u8ff0\uff1aTIC4301 Project - CVE-2021-40444\nURL\uff1ahttps://github.com/factionsypho/TIC4301_Project", "creation_timestamp": "2021-10-31T06:39:06.000000Z"}, {"uuid": "29646154-a839-4421-80d9-b86f75debd70", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-40449", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/844", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2021\n\u63cf\u8ff0\uff1aExploit for CVE-2021-40449 - Win32k Elevation of Privilege Vulnerability (LPE)\nURL\uff1ahttps://github.com/ly4k/CallbackHell", "creation_timestamp": "2021-11-11T17:14:55.000000Z"}, {"uuid": "35556488-f061-4474-9359-84b7b725b4fd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-40444", "type": "published-proof-of-concept", "source": "https://t.me/cKure/7039", "content": "CVE-2021-40444 PoC\n\nhttps://github.com/lockedbyte/CVE-2021-40444", "creation_timestamp": "2021-09-11T09:01:03.000000Z"}, {"uuid": "276c99a2-dd68-475b-b044-02de64aa1592", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-40444", "type": "published-proof-of-concept", "source": "https://t.me/cKure/7061", "content": "\u25a0\u25a0\u25a0\u25a1\u25a1 Mapping and Pivoting from Cobalt Strike C2 Infrastructure Attributed to CVE-2021-40444.\n\nhttps://michaelkoczwara.medium.com/mapping-and-pivoting-cobalt-strike-c2-infrastructure-attributed-to-cve-2021-40444-438786fcd68a", "creation_timestamp": "2021-09-13T05:53:59.000000Z"}, {"uuid": "d90472f0-5259-48a4-a44c-cc05e284da7e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-40444", "type": "exploited", "source": "https://t.me/cKure/7059", "content": "\u25a0\u25a0\u25a0\u25a0\u25a1 CVE-2021-40444: Windows MSHTML zero-day exploits shared on hacking forums.\n\nhttps://www.bleepingcomputer.com/news/microsoft/windows-mshtml-zero-day-exploits-shared-on-hacking-forums/", "creation_timestamp": "2021-09-12T23:12:57.000000Z"}, {"uuid": "9da272b4-3311-4209-8835-52188335e387", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-40444", "type": "exploited", "source": "https://t.me/cKure/6992", "content": "\u25a0\u25a0\u25a0\u25a1\u25a1 Microsoft on Tuesday warned of an actively exploited zero-day flaw impacting Internet Explorer that's being used to hijack vulnerable Windows systems by leveraging weaponized Office documents.\nTracked as CVE-2021-40444 (CVSS score: 8.8), the remote code execution flaw is rooted in MSHTML (aka Trident), a proprietary browser engine for the now-discontinued Internet Explorer and which is used in Office to render web content inside Word, Excel, and PowerPoint documents.\n\nhttps://thehackernews.com/2021/09/new-0-day-attack-targeting-windows.html", "creation_timestamp": "2021-09-08T06:14:03.000000Z"}, {"uuid": "20f52baf-fc20-4fb7-a0f6-a485bf9780e3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-40444", "type": "seen", "source": "https://t.me/cKure/7037", "content": "CVE-2021-40444; a Half-Click exploit.", "creation_timestamp": "2021-09-11T07:29:52.000000Z"}, {"uuid": "11b3f820-9847-418e-9cc3-b58fde092482", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-40444", "type": "published-proof-of-concept", "source": "https://t.me/cKure/7035", "content": "\u25a0\u25a0\u25a0\u25a1\u25a1 CVE-2021-40444\n\nhttps://blog.nviso.eu/2021/09/09/kusto-hunting-query-for-cve-2021-40444", "creation_timestamp": "2021-09-11T05:58:37.000000Z"}, {"uuid": "b23a3595-fc58-4ccf-aea5-cea4817dfbec", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-40444", "type": "published-proof-of-concept", "source": "https://t.me/cKure/7027", "content": "\u25a0\u25a0\u25a0\u25a0\u25a0 CVE-2021-40444 Sample\n\nhttps://github.com/Udyz/CVE-2021-40444-Sample/blob/main/poc.html", "creation_timestamp": "2021-09-10T16:04:08.000000Z"}, {"uuid": "80d73a2d-9275-41a9-a146-4e42b621d7f9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-40444", "type": "seen", "source": "https://t.me/cKure/7007", "content": "\u25a0\u25a0\u25a0\u25a0\u25a0 CVE-2021-40444: Microsoft MSHTML Remote Code Execution Vulnerability\n\nhttps://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-40444", "creation_timestamp": "2021-09-09T08:15:52.000000Z"}, {"uuid": "6ea1100b-d1a3-4b14-a16b-c370582cfbac", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-40444", "type": "published-proof-of-concept", "source": "https://t.me/cKure/7058", "content": "\u25a0\u25a0\u25a0\u25a0\u25a0 Zero-Day technical analysis: Remote Code Execution 0-Day (CVE-2021-40444) Hits Windows, Triggered Via Office Docs.\n\nhttps://www.trendmicro.com/en_us/research/21/i/remote-code-execution-zero-day--cve-2021-40444--hits-windows--tr.html", "creation_timestamp": "2021-09-12T23:10:01.000000Z"}, {"uuid": "f082002b-da67-4dac-a6c8-24a120324c2d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-40449", "type": "published-proof-of-concept", "source": "https://t.me/cKure/7762", "content": "\u25a0\u25a0\u25a1\u25a1\u25a1 Exploit for CVE-2021-40449, a Windows LPE via a UAF in win32kfull!GreResetDCInternal.\n\nhttps://github.com/hakivvi/CVE-2021-40449", "creation_timestamp": "2021-10-25T06:31:51.000000Z"}, {"uuid": "61aed7aa-7bbc-4ee3-a84c-7a2ff7ed3fab", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-40444", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/1170", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2021\n\u63cf\u8ff0\uff1aCVE-2021-40444\nURL\uff1ahttps://github.com/34zY/Microsoft-Office-Word-MSHTML-Remote-Code-Execution-Exploit", "creation_timestamp": "2021-12-19T08:20:15.000000Z"}, {"uuid": "57042f98-b8d9-4ca9-a587-19f3a05b59bb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-40444", "type": "exploited", "source": "https://t.me/cKure/7136", "content": "\u25a0\u25a0\u25a1\u25a1\u25a1 CVE-2021-40444 exploitation: Researchers find connections to previous attacks.\n\nhttps://www.helpnetsecurity.com/2021/09/16/cve-2021-40444-exploitation/", "creation_timestamp": "2021-09-16T16:44:04.000000Z"}, {"uuid": "bd70d72a-748c-428f-95be-a586596acf95", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-40444", "type": "exploited", "source": "https://t.me/cKure/7126", "content": "Fully Weaponized CVE-2021-40444\n\nMalicious docx generator to exploit CVE-2021-40444 (Microsoft Office Word Remote Code Execution), works with arbitrary DLL files.\n\nhttps://github.com/klezVirus/CVE-2021-40444", "creation_timestamp": "2021-09-16T10:41:49.000000Z"}, {"uuid": "14d005ae-9214-4011-9511-b57b53d86343", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-40444", "type": "exploited", "source": "https://t.me/cKure/7113", "content": "\u25a0\u25a0\u25a0\u25a0\u25a1 Analyzing attacks that exploit the CVE-2021-40444 MSHTML vulnerability.\n\nhttps://www.microsoft.com/security/blog/2021/09/15/analyzing-attacks-that-exploit-the-mshtml-cve-2021-40444-vulnerability/", "creation_timestamp": "2021-09-16T06:17:30.000000Z"}, {"uuid": "0cb08c75-1b05-4c9b-b8a5-33f1e4cf09c9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-40449", "type": "published-proof-of-concept", "source": "https://t.me/cKure/7740", "content": "\u25a0\u25a0\u25a0\u25a0\u25a1 CVE-2021-40449 is a use-after-free in Win32k that allows for local privilege escalation.\n\nhttps://github.com/ly4k/CallbackHell", "creation_timestamp": "2021-10-24T05:09:23.000000Z"}, {"uuid": "67af0aa2-2959-4970-ab52-19d1cc17ed77", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-40449", "type": "published-proof-of-concept", "source": "https://t.me/cKure/7957", "content": "\u25a0\u25a0\u25a1\u25a1\u25a1 CVE-2021-40449\n\nhttps://kristal-g.github.io/2021/11/05/CVE-2021-40449_POC.html", "creation_timestamp": "2021-11-08T19:47:08.000000Z"}, {"uuid": "adbbc404-bc38-445f-a0b5-9757c86111cb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-40444", "type": "exploited", "source": "https://t.me/toolslounge/480", "content": "zero-day exploit for CVE-2021-40444\nhttps://github.com/lockedbyte/CVE-2021-40444", "creation_timestamp": "2021-09-16T18:46:22.000000Z"}, {"uuid": "ad917073-d1fe-4a4b-8962-b654e0cac027", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-40444", "type": "exploited", "source": "https://t.me/cKure/8450", "content": "\u25a0\u25a0\u25a0\u25a1\u25a1 CVE-2021-40444 exploit.\n\nhttps://github.com/34zY/Microsoft-Office-Word-MSHTML-Remote-Code-Execution-Exploit", "creation_timestamp": "2021-12-20T15:16:37.000000Z"}, {"uuid": "13fa2075-e754-4417-9817-9e4c7c7449b3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-40444", "type": "exploited", "source": "https://t.me/cKure/8448", "content": "\u25a0\u25a0\u25a0\u25a1\u25a1 Update on CVE-2021-40444 aka Log4shell.\n\nhttps://blogs.juniper.net/en-us/threat-research/log4j-vulnerability-attackers-shift-focus-from-ldap-to-rmi", "creation_timestamp": "2021-12-19T06:16:58.000000Z"}, {"uuid": "844af125-04a1-4c7e-bc88-653c259c8c67", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-40449", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/822", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2021\n\u63cf\u8ff0\uff1aExploit for CVE-2021-40449\nURL\uff1ahttps://github.com/Kristal-g/CVE-2021-40449_poc", "creation_timestamp": "2021-11-07T16:20:02.000000Z"}, {"uuid": "7be88e9d-016a-4d8f-9134-04649dc5df5e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-40444", "type": "seen", "source": "MISP/5180856b-d3c5-4036-9201-94693724365c", "content": "", "creation_timestamp": "2026-04-19T22:25:33.000000Z"}, {"uuid": "b96ebe50-9c27-4271-9ee1-42aabc1c2ab4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-40444", "type": "published-proof-of-concept", "source": "https://t.me/innostage_group/72", "content": "PHDays 11: \u0433\u0434\u0435 \u043d\u0430\u0439\u0442\u0438 \u0432\u044b\u0441\u0442\u0443\u043f\u043b\u0435\u043d\u0438\u044f \u0441\u043f\u0438\u043a\u0435\u0440\u043e\u0432 \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0438 \ud83e\uddd0\n\n\u041f\u0440\u0435\u0441\u0441-\u043a\u043e\u043d\u0444\u0435\u0440\u0435\u043d\u0446\u0438\u044f \u00ab\u041a\u0438\u0431\u0435\u0440\u0431\u0435\u0437 \u0432 \u043d\u043e\u0432\u044b\u0445 \u0440\u0435\u0430\u043b\u0438\u044f\u0445: \u0447\u0442\u043e \u0431\u0443\u0434\u0435\u0442 \u0434\u0430\u043b\u044c\u0448\u0435\u00bb \u0441 \u0443\u0447\u0430\u0441\u0442\u0438\u0435\u043c \u0410\u0439\u0434\u0430\u0440\u0430 \u0413\u0443\u0437\u0430\u0438\u0440\u043e\u0432\u0430 \ud83d\udc49\ud83c\udffc https://youtu.be/nQFQyUvCgAM\n\n\u042d\u0444\u0438\u0440 \u0432 \u0440\u0430\u0434\u0438\u043e\u0440\u0443\u0431\u043a\u0435. \u0410\u0439\u0434\u0430\u0440 \u0413\u0443\u0437\u0430\u0438\u0440\u043e\u0432 \u043f\u0440\u0438\u043d\u0438\u043c\u0430\u0435\u0442 \u0443\u0447\u0430\u0441\u0442\u0438\u0435 \u0432 \u0431\u0435\u0441\u0435\u0434\u0435 \u043d\u0430 \u0442\u0435\u043c\u0443 \u0438\u043c\u043f\u043e\u0440\u0442\u043e\u0437\u0430\u043c\u0435\u0449\u0435\u043d\u0438\u044f \ud83d\udc49\ud83c\udffc https://youtu.be/23V0Q8yxG0k\n\n\u041f\u0430\u043d\u0435\u043b\u044c\u043d\u0430\u044f \u0434\u0438\u0441\u043a\u0443\u0441\u0441\u0438\u044f \u00ab\u041e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u0435 \u0442\u0435\u0445\u043d\u043e\u043b\u043e\u0433\u0438\u0447\u0435\u0441\u043a\u043e\u0439 \u043d\u0435\u0437\u0430\u0432\u0438\u0441\u0438\u043c\u043e\u0441\u0442\u0438\u00bb \u0441 \u0443\u0447\u0430\u0441\u0442\u0438\u0435\u043c \u0421\u0435\u0440\u0433\u0435\u044f \u041a\u0438\u043a\u0438\u043b\u043e \ud83d\udc49\ud83c\udffc https://youtu.be/FrQX1_lsAjk\n\n\u042d\u043a\u0441\u043a\u0443\u0440\u0441\u0438\u044f \u0432 SOC Innostage, \u043a\u043e\u0442\u043e\u0440\u0443\u044e \u043f\u0440\u043e\u0432\u0435\u043b \u0410\u043d\u0442\u043e\u043d \u041a\u0443\u0437\u044c\u043c\u0438\u043d \ud83d\udc49\ud83c\udffc https://youtu.be/LcEVPV-K6qk\n\n\u041f\u0440\u0435\u0434\u0432\u0430\u0440\u0438\u0442\u0435\u043b\u044c\u043d\u044b\u0435 \u0438\u0442\u043e\u0433\u0438 \u043a\u0438\u0431\u0435\u0440\u0431\u0438\u0442\u0432\u044b \u0441 \u0410\u043b\u0435\u043a\u0441\u0435\u043c \u041b\u043e\u0431\u0437\u0438\u043d\u044b\u043c \ud83d\udc49\ud83c\udffc https://youtu.be/c4U5ELOvWEo\n\n\u0425\u0440\u0430\u043d\u0435\u043d\u0438\u0435 API-\u043a\u043b\u044e\u0447\u0435\u0439 - \u0434\u043e\u043a\u043b\u0430\u0434 \u0418\u043b\u044c\u0441\u0430\u0444\u0430 \u041d\u0430\u0431\u0438\u0443\u043b\u043b\u0438\u043d\u0430 \ud83d\udc49\ud83c\udffc https://youtu.be/jVoq2pJznpk\n\nCVE-2021-40444: \u043f\u043e\u0447\u0435\u043c\u0443 \u044d\u0442\u043e \u0432\u0430\u0436\u043d\u043e - \u0434\u043e\u043a\u043b\u0430\u0434 \u0410\u043b\u0435\u043a\u0441\u0430\u043d\u0434\u0440\u0430 \u0413\u043e\u043d\u0447\u0430\u0440\u043e\u0432\u0430 \ud83d\udc49\ud83c\udffc https://youtu.be/8e-VRSzRHVg\n\n#Innostage\u042d\u043a\u0441\u043f\u0435\u0440\u0442\u044b", "creation_timestamp": "2022-09-27T12:56:39.000000Z"}, {"uuid": "7593bbde-d67a-4a31-a676-e6b7085a4ff4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-40444", "type": "seen", "source": "https://t.me/innostage_group/45", "content": "\u0414\u043e\u043a\u043b\u0430\u0434\u044b PHDays - \u044d\u0442\u043e \u0432\u0441\u0435\u0433\u0434\u0430 \u0438\u043d\u0442\u0435\u0440\u0435\u0441\u043d\u043e, \u043f\u043e\u0437\u043d\u0430\u0432\u0430\u0442\u0435\u043b\u044c\u043d\u043e \u0438 \u043e\u0447\u0435\u043d\u044c \u0430\u043a\u0442\u0443\u0430\u043b\u044c\u043d\u043e\ud83d\udca5 \n\n\u041d\u0430 PHDays \u0442\u0440\u0430\u0434\u0438\u0446\u0438\u043e\u043d\u043d\u043e \u0431\u0443\u0434\u0435\u0442 \u043c\u043d\u043e\u0433\u043e \u0432\u044b\u0441\u0442\u0443\u043f\u043b\u0435\u043d\u0438\u0439 \u043e\u0442 \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u0438\u0441\u0442\u043e\u0432 \u043e\u0442\u0440\u0430\u0441\u043b\u0438. \u0422\u0435\u0445\u043d\u0438\u0447\u0435\u0441\u043a\u0438\u0435 \u044d\u043a\u0441\u043f\u0435\u0440\u0442\u044b \u0413\u041a Innostage \u0433\u043e\u0442\u043e\u0432\u044f\u0442 \u0434\u043e\u043a\u043b\u0430\u0434\u044b. \n\n\ud83d\ude0e\u0421\u043f\u0435\u0446\u0438\u0430\u043b\u0438\u0441\u0442 \u043f\u043e \u0442\u0435\u0441\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u044e \u043d\u0430 \u043f\u0440\u043e\u043d\u0438\u043a\u043d\u043e\u0432\u0435\u043d\u0438\u0435 \u0418\u043b\u044c\u0441\u0430\u0444 \u041d\u0430\u0431\u0438\u0443\u043b\u043b\u0438\u043d \u0440\u0430\u0441\u0441\u043a\u0430\u0436\u0435\u0442 \u043e \u0442\u043e\u043c, \u043f\u043e\u0447\u0435\u043c\u0443 \u043d\u0435 \u0441\u0442\u043e\u0438\u0442 \u0445\u0440\u0430\u043d\u0438\u0442\u044c API \u043a\u043b\u044e\u0447\u0438 \u0432 \u043e\u0442\u043a\u0440\u044b\u0442\u043e\u043c \u0432\u0438\u0434\u0435, \u0432\u0441\u0442\u0430\u0432\u043b\u044f\u0442\u044c \u0432 \u043a\u043e\u0434 \u0438\u043b\u0438 \u0432\u044b\u043a\u043b\u0430\u0434\u044b\u0432\u0430\u0442\u044c \u043d\u0430 GitHub. \n\n\ud83d\ude0e\u0410\u043b\u0435\u043a\u0441\u0430\u043d\u0434\u0440 \u0413\u043e\u043d\u0447\u0430\u0440\u043e\u0432, \u0438\u043d\u0436\u0435\u043d\u0435\u0440 \u0413\u041a Innostage \u0433\u043e\u0442\u043e\u0432\u0438\u0442 \u0432\u044b\u0441\u0442\u0443\u043f\u043b\u0435\u043d\u0438\u0435 \u043d\u0430 \u0442\u0435\u043c\u0443 \"CVE-2021-40444: \u0438 \u043f\u043e\u0447\u0435\u043c\u0443 \u044d\u0442\u043e \u0432\u0430\u0436\u043d\u043e\".  \n\n\u0417\u0434\u0435\u0441\u044c \u0432\u044b \u043c\u043e\u0436\u0435\u0442\u0435 \u043e\u0437\u043d\u0430\u043a\u043e\u043c\u0438\u0442\u044c\u0441\u044f \u0441 \u0432\u044b\u0441\u0442\u0443\u043f\u043b\u0435\u043d\u0438\u044f\u043c\u0438 \u0434\u0440\u0443\u0433\u0438\u0445 \u0434\u043e\u043a\u043b\u0430\u0434\u0447\u0438\u043a\u043e\u0432", "creation_timestamp": "2022-05-06T13:03:30.000000Z"}, {"uuid": "05ca37af-65ba-48f3-aa00-ef874c8e38ad", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-40444", "type": "exploited", "source": "https://t.me/secmedia/24", "content": "\u0418\u0411-\u044d\u043a\u0441\u043f\u0435\u0440\u0442\u044b \u0438\u0437 \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0438 SafeBreach Labs \u043f\u0440\u0435\u0434\u0443\u043f\u0440\u0435\u0434\u0438\u043b\u0438, \u0447\u0442\u043e \u0438\u0440\u0430\u043d\u0441\u043a\u0438\u0435 \u0445\u0430\u043a\u0435\u0440\u044b \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0442 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2021-40444 \u0434\u043b\u044f \u043a\u0440\u0430\u0436\u0438 \u0443\u0447\u0435\u0442\u043d\u044b\u0445 \u0434\u0430\u043d\u043d\u044b\u0445 \u043e\u0442 \u0430\u043a\u043a\u0430\u0443\u043d\u0442\u043e\u0432 Google \u0438 Instagram. \u0417\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u0432 \u043e\u0441\u043d\u043e\u0432\u043d\u043e\u043c \u0430\u0442\u0430\u043a\u0443\u044e\u0442 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439, \u0433\u043e\u0432\u043e\u0440\u044f\u0449\u0438\u0445 \u043d\u0430 \u0444\u0430\u0440\u0441\u0438.", "creation_timestamp": "2021-11-26T09:07:36.000000Z"}, {"uuid": "a6771c09-c9ad-4682-a290-360832cc10b9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-40444", "type": "published-proof-of-concept", "source": "https://t.me/codeby_sec/5002", "content": "\u200b\u200b\u0412\u0437\u043b\u043e\u043c \u043f\u043e\u0441\u0440\u0435\u0434\u0441\u0442\u0432\u043e\u043c CVE-2021-40444\n\n\u0421\u0435\u0433\u043e\u0434\u043d\u044f \u0445\u043e\u0447\u0443 \u043d\u0430\u0433\u043b\u044f\u0434\u043d\u043e \u043f\u043e\u043a\u0430\u0437\u0430\u0442\u044c \u0438 \u0440\u0430\u0441\u0441\u043a\u0430\u0437\u0430\u0442\u044c \u043e CVE-2021-40444. \u0415\u0441\u043b\u0438 \u043a\u043e\u0440\u043e\u0442\u043a\u043e, \u0442\u043e \u044d\u0442\u043e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 MSHTML (\u0434\u0432\u0438\u0436\u043e\u043a Internet Explorer \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442\u0441\u044f \u0432 \u0432\u043e\u0440\u0434\u0435) \u043e\u043d\u0430 \u0434\u0430\u0451\u0442 \u043d\u0430\u043c \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e\u0441\u0442\u044c \u0438\u0441\u043f\u043e\u043b\u043d\u0438\u0442\u044c \u043a\u043e\u0434 \u043d\u0430 \u0441\u0438\u0441\u0442\u0435\u043c\u0435 \u0436\u0435\u0440\u0442\u0432\u044b. \u0421\u0430\u043c\u0430 \u0440\u0435\u0430\u043b\u0438\u0437\u0430\u0446\u0438\u044f \u0432\u0437\u043b\u043e\u043c\u0430 \u043f\u043e\u0445\u043e\u0436\u0430 \u043d\u0430 CVE-2017-11882, \u043f\u0440\u043e \u043a\u043e\u0442\u043e\u0440\u0443\u044e \u0443\u0436\u0435 \u043f\u0438\u0441\u0430\u043b\u0438 \u043d\u0430 Codeby.\n\n\u0427\u0438\u0442\u0430\u0442\u044c: https://codeby.net/threads/vzlom-posredstvom-cve-2021-40444.78576/?amp=1\n\n#cve #word #hacking", "creation_timestamp": "2021-09-15T18:20:53.000000Z"}, {"uuid": "5c5e2846-9d35-4ad9-a868-f33f0fc476ba", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-40444", "type": "exploited", "source": "https://t.me/cyberfreek/1514", "content": "IT-\u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u0430 \u0424\u0421\u0411 (\u041d\u0430\u0446\u0438\u043e\u043d\u0430\u043b\u044c\u043d\u044b\u0439 \u043a\u043e\u043e\u0440\u0434\u0438\u043d\u0430\u0446\u0438\u043e\u043d\u043d\u044b\u0439 \u0446\u0435\u043d\u0442\u0440 \u043f\u043e \u043a\u043e\u043c\u043f\u044c\u044e\u0442\u0435\u0440\u043d\u044b\u043c \u0438\u043d\u0446\u0438\u0434\u0435\u043d\u0442\u0430\u043c (\u041d\u041a\u0426\u041a\u0418) \u043f\u0440\u0435\u0434\u0443\u043f\u0440\u0435\u0434\u0438\u043b\u0430 \u043e\u0431 \u043e\u043f\u0430\u0441\u043d\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \"\u043d\u0443\u043b\u0435\u0432\u043e\u0433\u043e \u0434\u043d\u044f\" \u0432 \u041f\u041e Microsoft, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043c\u043e\u0436\u0435\u0442 \u043f\u0440\u0438\u0432\u0435\u0441\u0442\u0438 \u043a \u043c\u0430\u0441\u0441\u043e\u0432\u043e\u043c\u0443 \u0437\u0430\u0440\u0430\u0436\u0435\u043d\u0438\u044e \u043a\u043e\u043c\u043f\u044c\u044e\u0442\u0435\u0440\u043d\u044b\u043c\u0438 \u0432\u0438\u0440\u0443\u0441\u0430\u043c\u0438. \u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2021-40444 \u0432 Microsoft MSHTML \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u0435\u0442 Microsoft Windows \u0432\u0435\u0440\u0441\u0438\u0439 7, 8.1, 10 \u0438 Microsoft Windows Server \u0432\u0435\u0440\u0441\u0438\u0439 2008, 2012, 2016, 2019, 2022. \u0417\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u0430\u043a\u0442\u0438\u0432\u043d\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0442 \u0435\u0435, \u0432\u043d\u0435\u0434\u0440\u044f\u044f \u0440\u0430\u0437\u043b\u0438\u0447\u043d\u043e\u0435 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u043e\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0435 \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u0435 \u0432 \u0445\u043e\u0434\u0435 \u0446\u0435\u043b\u0435\u0432\u044b\u0445 \u043a\u043e\u043c\u043f\u044c\u044e\u0442\u0435\u0440\u043d\u044b\u0445 \u0430\u0442\u0430\u043a.", "creation_timestamp": "2021-09-13T13:16:01.000000Z"}, {"uuid": "406ee3a6-3b2d-4c4e-867c-72d7cfc8134d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-40444", "type": "published-proof-of-concept", "source": "https://t.me/R0_Crew/2020", "content": "CVE-2021-40444 Analysis / Exploit \n\nhttps://forum.reverse4you.org/t/cve-2021-40444-analysis-exploit/17118\n\n#expdev #windows #cve #office #rce #exploit #hottabych", "creation_timestamp": "2022-03-25T18:56:01.000000Z"}, {"uuid": "84cdc50c-0051-4c4f-8560-71a425291875", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-40449", "type": "published-proof-of-concept", "source": "https://t.me/orderofsixangles/1628", "content": "https://bazaar.abuse.ch/browse/tag/CVE-2021-40449/", "creation_timestamp": "2021-10-13T09:10:32.000000Z"}, {"uuid": "51896112-5dbf-4b35-9b4e-fc8333ea4daf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-40444", "type": "exploited", "source": "https://t.me/ckuRED/16", "content": "Fully Weaponized CVE-2021-40444\n\nMalicious docx generator to exploit CVE-2021-40444 (Microsoft Office Word Remote Code Execution), works with arbitrary DLL files.\n\nhttps://github.com/klezVirus/CVE-2021-40444", "creation_timestamp": "2021-09-16T10:41:36.000000Z"}, {"uuid": "2d26fe6d-7bb5-4ceb-b730-58036cdd2d43", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-40444", "type": "published-proof-of-concept", "source": "https://t.me/ckuRED/11", "content": "CVE-2021-40444 PoC\n\nhttps://github.com/lockedbyte/CVE-2021-40444", "creation_timestamp": "2021-09-11T09:00:53.000000Z"}, {"uuid": "22f7c540-691b-42b1-913e-5d6cdedc1540", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-40444", "type": "seen", "source": "https://t.me/ckuRED/9", "content": "CVE-2021-40444; a Half-Click exploit.", "creation_timestamp": "2021-09-11T07:29:31.000000Z"}, {"uuid": "b40a57cc-b7c3-4adc-99ed-14555f27a558", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-40444", "type": "published-proof-of-concept", "source": "https://t.me/orderofsixangles/1589", "content": "\u0412\u043e\u0441\u043f\u0440\u043e\u0438\u0437\u0432\u0435\u0434\u0435\u043d\u0438\u0435 \u0443 \u0441\u0435\u0431\u044f \u043d\u0430 \u0432\u0438\u0440\u0442\u0443\u0430\u043b\u043a\u0435 CVE-2021-40444\n\nhttps://xret2pwn.github.io/CVE-2021-40444-Analysis-and-Exploit/\n\nhttps://github.com/felixweyne/imaginaryC2/tree/master/examples/use-case-10-CVE-2021-40444", "creation_timestamp": "2021-09-13T08:17:35.000000Z"}, {"uuid": "8ae2a198-1bc0-488e-9e29-83f9d13d6e19", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-40449", "type": "published-proof-of-concept", "source": "https://t.me/orderofsixangles/1672", "content": "\u041d\u043e\u0432\u044b\u0439 \u0431\u0435\u0441\u043f\u043b\u0430\u0442\u043d\u044b\u0439 \u043a\u0443\u0440\u0441 \u043d\u0430 opensecuritytraining - Architecture 4001: x86-64 Intel Firmware Attack & Defense\n\n\u0414\u0435\u0442\u0435\u043a\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0435 Mimikatz Skeleton Key \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e Volatility + \u043d\u0430\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u043f\u043b\u0430\u0433\u0438\u043d\u0430\n\n\u0418\u0441\u0445\u043e\u0434\u043d\u0438\u043a\u0438 \u0440\u0435\u0448\u0435\u043d\u0438\u0439 \u0434\u043b\u044f HackSys Extreme Vulnerable Driver (\u0432\u0438\u043d \u0434\u0440\u0430\u0439\u0432\u0435\u0440 \u0434\u043b\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438)\n\nLinux Forensics\n\n\u0421\u0442\u0430\u0442\u044c\u044f, \u043e\u0431\u0440\u0430\u0437\u0446\u044b, yara \u0434\u043b\u044f \u0431\u044d\u043a\u0434\u043e\u0440\u0430 NGLite\n\n\u0421\u0442\u0430\u0442\u044c\u044f + poc \u043f\u043e CVE-2021-40449 (use after free \u0432 win32kfull.sys)\n\n\u0414\u0432\u0435 \u043d\u0435 \u043e\u0447\u0435\u043d\u044c \u0436\u0435\u0441\u0442\u043a\u0438\u0435, \u043d\u043e \u0438\u043d\u0442\u0435\u0440\u0435\u0441\u043d\u044b\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 Mcafee Agent \u0438 McAfee Drive Encryption\n\n\u0415\u0449\u0435 \u043e\u0434\u0438\u043d \u0431\u043b\u043e\u0433 \u0441\u043e \u0441\u0442\u0430\u0442\u044c\u044f\u043c\u0438 \u043f\u043e \u0430\u043d\u0430\u043b\u0438\u0437\u0443 \u043c\u0430\u043b\u0432\u0430\u0440\u0438\n\n\u0420\u0430\u0441\u0448\u0438\u0444\u0440\u043e\u0432\u043a\u0430 \u0442\u0440\u0430\u0444\u0444\u0438\u043a\u0430 cobalt strike (\u0441\u0442\u0430\u0442\u044c\u044f + \u0432\u0438\u0434\u0435\u043e)", "creation_timestamp": "2021-11-09T15:26:34.000000Z"}, {"uuid": "da142953-ad3a-430e-b628-4a31d8e9101f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-40444", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/541", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2021\n\u63cf\u8ff0\uff1aCVE-2021-40444 - Custom CAB templates from MakeCAB\nURL\uff1ahttps://github.com/Udyz/CVE-2021-40444-CAB", "creation_timestamp": "2021-09-16T10:19:46.000000Z"}, {"uuid": "5a77dee5-a68d-409a-9983-797927bcafe8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-40444", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/538", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2021\n\u63cf\u8ff0\uff1aCVE-2021-40444 - MS Office Word RCE Exploit\nURL\uff1ahttps://github.com/klezVirus/CVE-2021-40444", "creation_timestamp": "2021-09-16T07:20:18.000000Z"}, {"uuid": "aa097344-8b4e-4bbf-a7dc-2db1468aeb99", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-40449", "type": "exploited", "source": "https://t.me/orderofsixangles/1644", "content": "Reproduction and analysis of Windows local privilege escalation vulnerability (CVE-2021-40449) used in targeted attacks in the wild\n\nhttps://translate.google.com/translate?sl=zh-CN&tl=en&u=https://mp.weixin.qq.com/s/AcFS0Yn9SDuYxFnzbBqhkQ", "creation_timestamp": "2021-10-22T05:24:57.000000Z"}, {"uuid": "6ebb55b1-cc13-4e95-b920-38499bd92a29", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-40444", "type": "exploited", "source": "https://t.me/BleepingComputer/10474", "content": "Windows MSHTML zero-day exploits shared on hacking forums\n\nThreat actors are sharing working Windows CVE-2021-40444 MSHTML zero-day exploits on hacking forums, allowing other hackers to start exploiting the new vulnerability in their own attacks. [...]\n\nhttps://www.bleepingcomputer.com/news/microsoft/windows-mshtml-zero-day-exploits-shared-on-hacking-forums/", "creation_timestamp": "2021-09-12T17:09:28.000000Z"}, {"uuid": "8e83e79a-561b-4f13-b606-a48b7f75a741", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-40444", "type": "exploited", "source": "https://t.me/BleepingComputer/10470", "content": "Windows MSHTML zero-day defenses bypassed as new info emerges\n\nNew details have emerged about the recent Windows CVE-2021-40444 zero-day vulnerability, how it is being exploited in attacks, and the threat actor's ultimate goal of taking over corporate networks. [...]\n\nhttps://www.bleepingcomputer.com/news/microsoft/windows-mshtml-zero-day-defenses-bypassed-as-new-info-emerges/", "creation_timestamp": "2021-09-10T06:42:24.000000Z"}, {"uuid": "5d64eae1-f9e6-452a-b01d-0a748e623c18", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-40444", "type": "exploited", "source": "https://t.me/BleepingComputer/10489", "content": "Microsoft fixes Windows CVE-2021-40444 MSHTML zero-day bug\n\nMicrosoft today fixed a high severity\u00a0zero-day vulnerability actively exploited in targeted attacks against Microsoft Office and Office 365 on Windows 10 computers. [...]\n\nhttps://www.bleepingcomputer.com/news/microsoft/microsoft-fixes-windows-cve-2021-40444-mshtml-zero-day-bug/", "creation_timestamp": "2021-09-14T21:39:44.000000Z"}, {"uuid": "20045cd2-01be-41a8-b6f9-6b8c20c61d38", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-40449", "type": "published-proof-of-concept", "source": "https://t.me/m1swarr1or/3", "content": "Gonna analyze really cool finding!\n\n0-day in win32k, October patch.\n\nCVE-2021-40449\n\nHere is sample from VX\nhttps://papers.vx-underground.org/archive/APTs/2021/2021.10.12/", "creation_timestamp": "2024-08-30T04:34:48.000000Z"}, {"uuid": "8f7953ff-902d-4403-bb7b-7f3eacbca288", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-40444", "type": "exploited", "source": "https://t.me/YouPentest/3327", "content": "\u0425\u0430\u043a\u0435\u0440\u044b \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0442 \u043e\u0448\u0438\u0431\u043a\u0443 Microsoft MSHTML, \u0447\u0442\u043e\u0431\u044b \u0443\u043a\u0440\u0430\u0441\u0442\u044c \u0443\u0447\u0435\u0442\u043a\u0438 Google \u0438 Instagram. \n\n\u0414\u043b\u044f \u044d\u0442\u043e\u0433\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442\u0441\u044f \u0441\u0442\u0438\u043b\u0435\u0440 \u043d\u0430 \u043e\u0441\u043d\u043e\u0432\u0435 PowerShell, \u043f\u043e\u043b\u0443\u0447\u0438\u0432\u0448\u0438\u0439 \u043d\u0430\u0437\u0432\u0430\u043d\u0438\u0435 PowerShortShell. \n\n\u0410\u0442\u0430\u043a\u0438 \u043d\u0430\u0446\u0435\u043b\u0435\u043d\u044b \u043d\u0430 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439 Windows \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0445 \u0432\u043b\u043e\u0436\u0435\u043d\u0438\u0439 Winword, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0442 \u043e\u0448\u0438\u0431\u043a\u0443 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u0433\u043e \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u043a\u043e\u0434\u0430 (RCE) Microsoft MSHTML CVE-2021-40444.", "creation_timestamp": "2021-11-25T06:46:06.000000Z"}, {"uuid": "53c3bfdf-00d5-4333-8578-5428313e393e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-40444", "type": "published-proof-of-concept", "source": "https://t.me/YouPentest/3114", "content": "\u042d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f CVE-2021-40444 \u0447\u0435\u0440\u0435\u0437 (Microsoft Office Word Remote Code Execution)\n\n\u0418\u0441\u0442\u043e\u0447\u043d\u0438\u043a:\nhttps://codeby.net/media/ehkspluatacija-cve-2021-40444-cherez-microsoft-office-word-remote-code-execution.327/\n\n\u0414\u043e\u043f\u043e\u043b\u043d\u0438\u0442\u0435\u043b\u044c\u043d\u044b\u0435 \u043c\u0430\u0442\u0435\u0440\u0438\u0430\u043b\u044b:\nCVE-2021-40444 - Fully Weaponized Microsoft Office Word RCE Exploit\nhttps://github.com/klezVirus/CVE-2021-40444\n\n#\u0432\u0438\u0434\u0435\u043e #pentest #guide #cve #metasploit #office #windows #exploit", "creation_timestamp": "2021-11-07T05:55:39.000000Z"}, {"uuid": "942ed508-be7e-4d1f-84bf-92d22575cf9f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-40444", "type": "published-proof-of-concept", "source": "https://t.me/CherepawwkaChannel/178", "content": "\u0423\u0440\u043e\u043a\u0438 \u0444\u043e\u0440\u0435\u043d\u0437\u0438\u043a\u0438. \u0418\u0449\u0435\u043c \u0443\u043b\u0438\u043a\u0438 \u0432 \u0441\u0435\u0442\u0435\u0432\u043e\u043c \u0442\u0440\u0430\u0444\u0438\u043a\u0435\nhttps://telegra.ph/Haker---Uroki-forenziki-Ishchem-uliki-v-setevom-trafike-07-11\n\n\u041e\u0447\u0435\u043d\u044c \u0445\u043e\u0440\u043e\u0448\u0430\u044f \u0441\u0442\u0430\u0442\u044c\u044f, \u0432\u0437\u044f\u0442\u0430\u044f \u043e\u0442\u0441\u044e\u0434\u0430. \u0410\u0432\u0442\u043e\u0440 \u043f\u0440\u0438 \u043f\u043e\u043c\u043e\u0449\u0438 \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u0438\u0437\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0445 \u0438\u043d\u0441\u0442\u0440\u0443\u043c\u0435\u043d\u0442\u043e\u0432 (\u0430\u043d\u0430\u043b\u0438\u0437\u0430\u0442\u043e\u0440 \u0442\u0440\u0430\u0444\u0438\u043a\u0430, \u0434\u0438\u0437\u0435\u0441\u0441\u0435\u043c\u0431\u043b\u0435\u0440, \u0443\u0442\u0438\u043b\u0438\u0442\u0430 \u0434\u043b\u044f \u0430\u043d\u0430\u043b\u0438\u0437\u0430 \u0448\u0435\u043b\u043b-\u043a\u043e\u0434\u043e\u0432 \u0438 \u0442.\u0434.) \u0440\u0430\u0441\u0441\u043c\u0430\u0442\u0440\u0438\u0432\u0430\u0435\u0442 \u044d\u0442\u0430\u043f\u044b \u0430\u0442\u0430\u043a\u0438, \u0437\u0430\u043a\u043b\u044e\u0447\u0430\u044e\u0449\u0435\u0439\u0441\u044f \u0432 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 CVE-2021-40444, \u043f\u043e\u0434\u0440\u043e\u0431\u043d\u043e \u043e\u043f\u0438\u0441\u044b\u0432\u0430\u044f \u043a\u0430\u0436\u0434\u044b\u0439 \u0448\u0430\u0433 \u0440\u0430\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u043d\u0438\u044f.\n\u0420\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u044e \u043a \u0438\u0437\u0443\u0447\u0435\u043d\u0438\u044e \u0441\u0438\u043d\u0438\u043c \u043a\u043e\u043c\u0430\u043d\u0434\u0430\u043c.\n#DRIF #\u0431\u043b\u044e\u0442\u0438\u043c", "creation_timestamp": "2023-07-30T00:43:31.000000Z"}, {"uuid": "4bbac7d1-6c31-41ba-bfe7-73c0fc5ca77e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-40444", "type": "exploited", "source": "https://t.me/cyberbannews_ir/3886", "content": "\ud83d\uded1\u0647\u0634\u062f\u0627\u0631 \u0645\u0627\u06cc\u06a9\u0631\u0648\u0633\u0627\u0641\u062a \u062f\u0631 \u0645\u0648\u0631\u062f \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc \u062c\u062f\u06cc\u062f \u0628\u0627 \u062e\u0637\u0631 \u0628\u0627\u0644\u0627\n\n \u0645\u0631\u06a9\u0632 \u0627\u0645\u0646\u06cc\u062a \u0633\u0627\u06cc\u0628\u0631\u06cc \u0627\u0633\u062a\u0631\u0627\u0644\u06cc\u0627 (ACSC) \u0646\u0633\u0628\u062a \u0628\u0647 \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc \u0628\u0627 \u0631\u06cc\u0633\u06a9 \u0628\u0627\u0644\u0627 \u062f\u0631 \u0645\u0624\u0644\u0641\u0647 \u0645\u0648\u062c\u0648\u062f \u062f\u0631 \u062a\u0645\u0627\u0645 \u0646\u0633\u062e\u0647\u200c\u0647\u0627\u06cc \u00abMicrosoft Windows\u00bb\u060c \u06a9\u0647 \u0634\u0627\u06cc\u062f \u0628\u0647\u200c\u0648\u0633\u06cc\u0644\u0647 \u0639\u0648\u0627\u0645\u0644 \u0633\u0627\u06cc\u0628\u0631\u06cc \u0645\u062e\u0631\u0628 \u0645\u0648\u0631\u062f \u0633\u0648\u0621\u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0642\u0631\u0627\u0631 \u06af\u06cc\u0631\u062f\u060c \u0647\u0634\u062f\u0627\u0631 \u062f\u0627\u062f.\n\n\u0627\u06cc\u0646 \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc\u060c \u06a9\u0647 \u00abCVE-2021-40444\u00bb \u0646\u0627\u0645 \u062f\u0627\u0631\u062f\u060c \u0628\u0647 \u0627\u06cc\u0646 \u0645\u0639\u0646\u06cc \u0627\u0633\u062a \u06a9\u0647 \u06cc\u06a9 \u0639\u0627\u0645\u0644 \u0633\u0627\u06cc\u0628\u0631\u06cc \u0645\u06cc\u200c\u062a\u0648\u0627\u0646\u062f \u06cc\u06a9 \u0633\u0646\u062f \u0645\u062e\u0631\u0628 \u0627\u06cc\u062c\u0627\u062f \u0648 \u06a9\u0627\u0631\u0628\u0631 \u0645\u0627\u06cc\u06a9\u0631\u0648\u0633\u0627\u0641\u062a \u0648\u06cc\u0646\u062f\u0648\u0632 \u0631\u0627 \u0645\u062a\u0642\u0627\u0639\u062f \u06a9\u0646\u062f \u06a9\u0647 \u0622\u0646 \u0631\u0627 \u0628\u0647 \u0639\u0646\u0648\u0627\u0646 \u0628\u062e\u0634\u06cc \u0627\u0632 \u06a9\u0645\u067e\u06cc\u0646 \u0627\u0633\u067e\u06cc\u0631 \u0641\u06cc\u0634\u06cc\u0646\u06af \u0628\u0627\u0632 \u06a9\u0646\u062f.\n\n\u0645\u0627\u06cc\u06a9\u0631\u0648\u0633\u0627\u0641\u062a \u062f\u0631 \u062d\u0627\u0644 \u062d\u0627\u0636\u0631 \u0627\u0632 \u062d\u0645\u0644\u0627\u062a \u0647\u062f\u0641\u0645\u0646\u062f \u0628\u0631\u0627\u06cc \u0633\u0648\u0621\u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0627\u0632 \u0627\u06cc\u0646 \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc \u0622\u06af\u0627\u0647 \u0627\u0633\u062a\u060c \u0627\u0645\u0627 \u0641\u0639\u0644\u0627\u064b \u0647\u06cc\u0686 \u067e\u0686\u06cc \u062f\u0631 \u062f\u0633\u062a\u0631\u0633 \u0646\u062f\u0627\u0631\u062f.\n\n\u0628\u0627 \u0627\u06cc\u0646 \u062d\u0627\u0644\u060c \u0645\u0627\u06cc\u06a9\u0631\u0648\u0633\u0627\u0641\u062a \u0628\u0631\u062e\u06cc \u06a9\u0627\u0647\u0634\u200c\u0647\u0627\u06cc \u0645\u0648\u0642\u062a \u0631\u0627 \u0634\u0646\u0627\u0633\u0627\u06cc\u06cc \u06a9\u0631\u062f\u0647 \u06a9\u0647 \u0645\u0634\u062a\u0631\u06cc\u0627\u0646 \u0645\u06cc\u200c\u062a\u0648\u0627\u0646\u0646\u062f \u0622\u0646\u0647\u0627 \u0631\u0627 \u0628\u0631\u0627\u06cc \u062c\u0644\u0648\u06af\u06cc\u0631\u06cc \u0627\u0632 \u0633\u0648\u0621\u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0628\u0647 \u06a9\u0627\u0631 \u06af\u06cc\u0631\u0646\u062f. \u0645\u0631\u06a9\u0632 \u0627\u0645\u0646\u06cc\u062a \u0633\u0627\u06cc\u0628\u0631\u06cc \u0627\u0633\u062a\u0631\u0627\u0644\u06cc\u0627 \u0628\u0647 \u0645\u0634\u062a\u0631\u06cc\u0627\u0646 \u062a\u0648\u0635\u06cc\u0647 \u06a9\u0631\u062f \u06a9\u0647 \u0627\u06cc\u0646 \u0631\u0627\u0647\u200c\u062d\u0644\u200c\u0647\u0627 \u0631\u0627 \u0628\u0631\u0631\u0633\u06cc \u0648 \u062f\u0631 \u0635\u0648\u0631\u062a \u0627\u0645\u06a9\u0627\u0646 \u0622\u0646\u0647\u0627 \u0631\u0627 \u0627\u062c\u0631\u0627 \u06a9\u0646\u0646\u062f.\n\n\u06a9\u0627\u0631\u0634\u0646\u0627\u0633\u0627\u0646 \u0645\u0639\u062a\u0642\u062f\u0646\u062f \u06a9\u0647 \u0645\u0634\u062a\u0631\u06cc\u0627\u0646 \u0647\u0645\u0686\u0646\u06cc\u0646 \u0628\u0627\u06cc\u062f \u0628\u0647 \u062a\u0648\u0635\u06cc\u0647\u200c\u0647\u0627\u06cc \u0627\u0645\u0646\u06cc\u062a\u06cc \u0645\u0627\u06cc\u06a9\u0631\u0648\u0633\u0627\u0641\u062a \u062f\u0631\u0645\u0648\u0631\u062f \u0627\u0646\u062a\u0634\u0627\u0631 \u067e\u0686 \u0628\u0631\u0627\u06cc \u0631\u0641\u0639 \u0627\u06cc\u0646 \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc \u062a\u0648\u062c\u0647 \u06a9\u0646\u0646\u062f.\n\n#\u0627\u0645\u0646\u06cc\u062a_\u0633\u0627\u06cc\u0628\u0631\u06cc\n\n@cyberbannews_ir", "creation_timestamp": "2021-09-09T05:21:47.000000Z"}, {"uuid": "1d163e08-d754-4600-a763-81a58e0b7ac4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-40444", "type": "published-proof-of-concept", "source": "https://t.me/purple_medved/253", "content": "\u0410\u043d\u0430\u043b\u0438\u0437 TTPs APT \u0433\u0440\u0443\u043f\u043f\u0438\u0440\u043e\u0432\u043e\u043a \u043d\u0430 \u043e\u0441\u043d\u043e\u0432\u0435 TI \u043e\u0442\u0447\u0435\u0442\u043e\u0432, \u0430 \u0442\u0430\u043a\u0436\u0435 \u0440\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u043a\u0430 \u0438 \u0442\u0435\u0441\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0435 \u0430\u0442\u043e\u043c\u0430\u0440\u043d\u044b\u0445 \u0442\u0435\u0441\u0442-\u043a\u0435\u0439\u0441\u043e\u0432 \u0434\u043b\u044f \u0440\u0435\u0430\u043b\u0438\u0437\u0443\u0435\u043c\u044b\u0445 \u0441\u0446\u0435\u043d\u0430\u0440\u0438\u0435\u0432 \u0432\u0441\u0435\u0433\u0434\u0430 \u0437\u0430\u043d\u0438\u043c\u0430\u0435\u0442 \u043e\u043f\u0440\u0435\u0434\u0435\u043b\u0435\u043d\u043d\u043e\u0435 \u0432\u0440\u0435\u043c\u044f \u043d\u0430 \u044d\u0442\u0430\u043f\u0435 \u043f\u043e\u0434\u0433\u043e\u0442\u043e\u0432\u043a\u0438 \u043a \u043f\u0440\u043e\u0432\u0435\u0434\u0435\u043d\u0438\u044e Purple Teaming. \u041f\u043e\u044d\u0442\u043e\u043c\u0443 \u043c\u044b \u0432\u0441\u0435\u0433\u0434\u0430 \u0441\u0442\u0430\u0440\u0430\u0435\u043c\u0441\u044f \u0441\u043d\u0430\u0447\u0430\u043b\u0430 \u043d\u0430\u0439\u0442\u0438 \u043d\u043e\u0440\u043c\u0430\u043b\u044c\u043d\u0443\u044e \u0430\u043d\u0430\u043b\u0438\u0442\u0438\u043a\u0443 \u0441 \u0442\u0435\u0445\u043d\u0438\u0447\u0435\u0441\u043a\u0438\u043c\u0438 \u043f\u043e\u0434\u0440\u043e\u0431\u043d\u043e\u0441\u0442\u044f\u043c\u0438, \u0431\u0435\u0437 \u043c\u0430\u0440\u043a\u0435\u0442\u0438\u043d\u0433\u043e\u0432\u043e\u0439 \u0432\u043e\u0434\u044b \u0438 \"highly sophisticated\" \u0444\u043e\u0440\u043c\u0443\u043b\u0438\u0440\u043e\u0432\u043e\u043a\ud83d\ude0e \u041d\u0435\u0434\u0430\u0432\u043d\u043e \u043c\u043d\u0435 \u043d\u0430 \u0433\u043b\u0430\u0437\u0430 \u043f\u043e\u043f\u0430\u043b\u0441\u044f \u043e\u0447\u0435\u043d\u044c \u043f\u043e\u043b\u0435\u0437\u043d\u044b\u0439 \u0440\u0435\u043f\u043e\u0437\u0438\u0442\u043e\u0440\u0438\u0439, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u0445\u043e\u0442\u0435\u043b\u043e\u0441\u044c \u0431\u044b \u043f\u043e\u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u043e\u0432\u0430\u0442\u044c \u0432 \u044d\u0442\u043e\u0439 \u0437\u0430\u043c\u0435\u0442\u043a\u0435.\n\n\u0410\u0432\u0442\u043e\u0440 \u0434\u0435\u0442\u0430\u043b\u044c\u043d\u043e \u0440\u0430\u0437\u0431\u0438\u0440\u0430\u0435\u0442 \u043e\u0442\u0447\u0435\u0442\u044b \u0438 \u043f\u0443\u0431\u043b\u0438\u043a\u0443\u0435\u0442 \u0433\u043e\u0442\u043e\u0432\u044b\u0439 \u043f\u043b\u0430\u043d \u0438 \u043d\u0435\u043e\u0431\u0445\u043e\u0434\u0438\u043c\u044b\u0435 \u0438\u043d\u0441\u0442\u0440\u0443\u043c\u0435\u043d\u0442\u044b \u0434\u043b\u044f \u043f\u0440\u043e\u0432\u0435\u0434\u0435\u043d\u0438\u044f \u0441\u0438\u043c\u0443\u043b\u044f\u0446\u0438\u0438 \u0441\u0446\u0435\u043d\u0430\u0440\u0438\u044f \u0432 \u0444\u043e\u0440\u043c\u0430\u0442\u0435 Purple Teaming. \n\u041d\u0430 \u043f\u0440\u0438\u043c\u0435\u0440\u0435 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0435\u0433\u043e - Fancy Bear APT28 Adversary Simulation:\n\n\ud83d\udfe3 Create dll downloads files through base64, This is to download two files the first is (dfsvc.dll) the second is (Stager.dll)\n\ud83d\udfe3 Exploiting CVE-2021-40444 to inject the DLL file into Word File and create an execution for DLL by opening Word File\n\ud83d\udfe3 Word File is running and the actual payload is downloaded through DLLDownloader.dll and we have two files Stager.dll and dfsvc.dll\n\ud83d\udfe3 The Stager decrypts the actual payload and runs it which in turn is responsible for command and control\n\ud83d\udfe3 Data exfiltration over OneDrive API C2. This integrates OneDrive API functionality to facilitate communication between the compromised system and the attacker-controlled server thereby potentially hiding the traffic within legitimate OneDrive communication\n\ud83d\udfe3 Get Command and Control through payload uses the OneDrive API to upload data including command output to OneDrive, the payload calculates the CRC32 checksum of the MachineGuid and includes it in the communication with the server for identification purposes\n\n\u0412 \u0438\u0442\u043e\u0433\u0435 \u043f\u043e\u043b\u0443\u0447\u0430\u0435\u0442\u0441\u044f \u0433\u043e\u0442\u043e\u0432\u044b\u0439 \u0441\u0446\u0435\u043d\u0430\u0440\u0438\u0439, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u043c\u043e\u0436\u043d\u043e \u043a\u0430\u0441\u0442\u043e\u043c\u0438\u0437\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u0438 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u0434\u043b\u044f \u043f\u0440\u043e\u0432\u0435\u0434\u0435\u043d\u0438\u044f Purple Teaming.", "creation_timestamp": "2024-06-13T10:28:01.000000Z"}, {"uuid": "0180ac19-b3a6-4ffb-8448-f342e8c4b4c5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-40444", "type": "seen", "source": "https://t.me/deeptoweb/1806", "content": "\u0424\u0421\u0411 \u043f\u0440\u0435\u0434\u0443\u043f\u0440\u0435\u0434\u0438\u043b\u0430 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439 Windows \u043e \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \n\n\u041d\u0430\u0446\u0438\u043e\u043d\u0430\u043b\u044c\u043d\u044b\u0439 \u043a\u043e\u043e\u0440\u0434\u0438\u043d\u0430\u0446\u0438\u043e\u043d\u043d\u044b\u0439 \u0446\u0435\u043d\u0442\u0440 \u043f\u043e \u043a\u043e\u043c\u043f\u044c\u044e\u0442\u0435\u0440\u043d\u044b\u043c \u0438\u043d\u0446\u0438\u0434\u0435\u043d\u0442\u0430\u043c, \u0441\u043e\u0437\u0434\u0430\u043d\u043d\u044b\u0439 \u043f\u043e \u043f\u0440\u0438\u043a\u0430\u0437\u0443 \u0424\u0421\u0411, \u043f\u0440\u0435\u0434\u0443\u043f\u0440\u0435\u0434\u0438\u043b \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439 Windows \u043e\u0431 \u043e\u043f\u0430\u0441\u043d\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432\u043e \u0432\u0441\u0435\u0445 \u0430\u043a\u0442\u0443\u0430\u043b\u044c\u043d\u044b\u0445 \u0432\u0435\u0440\u0441\u0438\u044f\u0445 \u0441\u0438\u0441\u0442\u0435\u043c\u044b.\n\u0412 \u0434\u0432\u0438\u0436\u043a\u0435 Internet Explorer \u043d\u0430\u0448\u043b\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043d\u0443\u043b\u0435\u0432\u043e\u0433\u043e \u0434\u043d\u044f CVE-2021-40444. \u0421 \u0435\u0451 \u043f\u043e\u043c\u043e\u0449\u044c\u044e \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u043c\u043e\u0433\u0443\u0442 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e \u0437\u0430\u043f\u0443\u0441\u0442\u0438\u0442\u044c \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0439 \u043a\u043e\u0434.\n\u0414\u043b\u044f \u0430\u0442\u0430\u043a\u0438 \u0441\u043e\u0437\u0434\u0430\u0435\u0442\u0441\u044f \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u044c\u043d\u044b\u0439 \u0434\u043e\u043a\u0443\u043c\u0435\u043d\u0442 Microsoft Office, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u0434\u043e\u043b\u0436\u0435\u043d \u043f\u043e\u043f\u0430\u0441\u0442\u044c \u043d\u0430 \u043a\u043e\u043c\u043f\u044c\u044e\u0442\u0435\u0440 \u0436\u0435\u0440\u0442\u0432\u044b. \u041d\u0430\u043f\u0440\u0438\u043c\u0435\u0440, \u0447\u0435\u0440\u0435\u0437 \u0440\u0430\u0441\u0441\u044b\u043b\u043a\u0443 \u043f\u043e \u044d\u043b\u0435\u043a\u0442\u0440\u043e\u043d\u043d\u043e\u0439 \u043f\u043e\u0447\u0442\u0435. \u0412 \u0444\u0430\u0439\u043b \u0432\u0441\u0442\u0440\u043e\u0435\u043d \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0439 \u044d\u043b\u0435\u043c\u0435\u043d\u0442 \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f ActiveX, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u0438 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0437\u0430\u043f\u0443\u0441\u0442\u0438\u0442\u044c \u043a\u043e\u0434.\n\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u0435\u0442 Windows 7, 8.1, 10 \u0438 Windows Server 2008, 2012, 2016, 2019 \u0438 2022.\nMicrosoft \u0437\u043d\u0430\u0435\u0442 \u043e \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u0435 \u0438 \u0443\u0436\u0435 \u0433\u043e\u0442\u043e\u0432\u0438\u0442 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u0434\u043b\u044f \u0435\u0451 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f.\n\u041f\u043e\u043a\u0430 \u0447\u0442\u043e \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f\u043c \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442\u0441\u044f \u043e\u0431\u043d\u043e\u0432\u0438\u0442\u044c \u0430\u043d\u0442\u0438\u0432\u0438\u0440\u0443\u0441, \u0430 \u0442\u0430\u043a\u0436\u0435 \u0437\u0430\u043f\u0440\u0435\u0442\u0438\u0442\u044c \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043a\u0443 \u043d\u043e\u0432\u044b\u0445 \u044d\u043b\u0435\u043c\u0435\u043d\u0442\u043e\u0432 \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f ActiveX.", "creation_timestamp": "2021-09-13T13:28:04.000000Z"}, {"uuid": "c4a18db0-f383-4bcb-acd8-489ee11b43b9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-40444", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/536", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2021\n\u63cf\u8ff0\uff1aThis repo contain builders of cab file, html file, and docx file for CVE-2021-40444 exploit\nURL\uff1ahttps://github.com/aslitsecurity/CVE-2021-40444_builders", "creation_timestamp": "2021-09-15T16:38:42.000000Z"}, {"uuid": "1de74162-a2c3-4dd5-ae5f-a1a82ebbe186", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-40444", "type": "exploited", "source": "https://t.me/CherepawwkaChannel/255", "content": "\u0410\u043d\u0430\u043b\u0438\u0437 TTPs APT \u0433\u0440\u0443\u043f\u043f\u0438\u0440\u043e\u0432\u043e\u043a \u043d\u0430 \u043e\u0441\u043d\u043e\u0432\u0435 TI \u043e\u0442\u0447\u0435\u0442\u043e\u0432, \u0430 \u0442\u0430\u043a\u0436\u0435 \u0440\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u043a\u0430 \u0438 \u0442\u0435\u0441\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0435 \u0430\u0442\u043e\u043c\u0430\u0440\u043d\u044b\u0445 \u0442\u0435\u0441\u0442-\u043a\u0435\u0439\u0441\u043e\u0432 \u0434\u043b\u044f \u0440\u0435\u0430\u043b\u0438\u0437\u0443\u0435\u043c\u044b\u0445 \u0441\u0446\u0435\u043d\u0430\u0440\u0438\u0435\u0432 \u0432\u0441\u0435\u0433\u0434\u0430 \u0437\u0430\u043d\u0438\u043c\u0430\u0435\u0442 \u043e\u043f\u0440\u0435\u0434\u0435\u043b\u0435\u043d\u043d\u043e\u0435 \u0432\u0440\u0435\u043c\u044f \u043d\u0430 \u044d\u0442\u0430\u043f\u0435 \u043f\u043e\u0434\u0433\u043e\u0442\u043e\u0432\u043a\u0438 \u043a \u043f\u0440\u043e\u0432\u0435\u0434\u0435\u043d\u0438\u044e Purple Teaming. \u041f\u043e\u044d\u0442\u043e\u043c\u0443 \u043c\u044b \u0432\u0441\u0435\u0433\u0434\u0430 \u0441\u0442\u0430\u0440\u0430\u0435\u043c\u0441\u044f \u0441\u043d\u0430\u0447\u0430\u043b\u0430 \u043d\u0430\u0439\u0442\u0438 \u043d\u043e\u0440\u043c\u0430\u043b\u044c\u043d\u0443\u044e \u0430\u043d\u0430\u043b\u0438\u0442\u0438\u043a\u0443 \u0441 \u0442\u0435\u0445\u043d\u0438\u0447\u0435\u0441\u043a\u0438\u043c\u0438 \u043f\u043e\u0434\u0440\u043e\u0431\u043d\u043e\u0441\u0442\u044f\u043c\u0438, \u0431\u0435\u0437 \u043c\u0430\u0440\u043a\u0435\u0442\u0438\u043d\u0433\u043e\u0432\u043e\u0439 \u0432\u043e\u0434\u044b \u0438 \"highly sophisticated\" \u0444\u043e\u0440\u043c\u0443\u043b\u0438\u0440\u043e\u0432\u043e\u043a\ud83d\ude0e \u041d\u0435\u0434\u0430\u0432\u043d\u043e \u043c\u043d\u0435 \u043d\u0430 \u0433\u043b\u0430\u0437\u0430 \u043f\u043e\u043f\u0430\u043b\u0441\u044f \u043e\u0447\u0435\u043d\u044c \u043f\u043e\u043b\u0435\u0437\u043d\u044b\u0439 \u0440\u0435\u043f\u043e\u0437\u0438\u0442\u043e\u0440\u0438\u0439, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u0445\u043e\u0442\u0435\u043b\u043e\u0441\u044c \u0431\u044b \u043f\u043e\u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u043e\u0432\u0430\u0442\u044c \u0432 \u044d\u0442\u043e\u0439 \u0437\u0430\u043c\u0435\u0442\u043a\u0435.\n\n\u0410\u0432\u0442\u043e\u0440 \u0434\u0435\u0442\u0430\u043b\u044c\u043d\u043e \u0440\u0430\u0437\u0431\u0438\u0440\u0430\u0435\u0442 \u043e\u0442\u0447\u0435\u0442\u044b \u0438 \u043f\u0443\u0431\u043b\u0438\u043a\u0443\u0435\u0442 \u0433\u043e\u0442\u043e\u0432\u044b\u0439 \u043f\u043b\u0430\u043d \u0438 \u043d\u0435\u043e\u0431\u0445\u043e\u0434\u0438\u043c\u044b\u0435 \u0438\u043d\u0441\u0442\u0440\u0443\u043c\u0435\u043d\u0442\u044b \u0434\u043b\u044f \u043f\u0440\u043e\u0432\u0435\u0434\u0435\u043d\u0438\u044f \u0441\u0438\u043c\u0443\u043b\u044f\u0446\u0438\u0438 \u0441\u0446\u0435\u043d\u0430\u0440\u0438\u044f \u0432 \u0444\u043e\u0440\u043c\u0430\u0442\u0435 Purple Teaming. \n\u041d\u0430 \u043f\u0440\u0438\u043c\u0435\u0440\u0435 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0435\u0433\u043e - Fancy Bear APT28 Adversary Simulation:\n\n\ud83d\udfe3 Create dll downloads files through base64, This is to download two files the first is (dfsvc.dll) the second is (Stager.dll)\n\ud83d\udfe3 Exploiting CVE-2021-40444 to inject the DLL file into Word File and create an execution for DLL by opening Word File\n\ud83d\udfe3 Word File is running and the actual payload is downloaded through DLLDownloader.dll and we have two files Stager.dll and dfsvc.dll\n\ud83d\udfe3 The Stager decrypts the actual payload and runs it which in turn is responsible for command and control\n\ud83d\udfe3 Data exfiltration over OneDrive API C2. This integrates OneDrive API functionality to facilitate communication between the compromised system and the attacker-controlled server thereby potentially hiding the traffic within legitimate OneDrive communication\n\ud83d\udfe3 Get Command and Control through payload uses the OneDrive API to upload data including command output to OneDrive, the payload calculates the CRC32 checksum of the MachineGuid and includes it in the communication with the server for identification purposes\n\n\u0412 \u0438\u0442\u043e\u0433\u0435 \u043f\u043e\u043b\u0443\u0447\u0430\u0435\u0442\u0441\u044f \u0433\u043e\u0442\u043e\u0432\u044b\u0439 \u0441\u0446\u0435\u043d\u0430\u0440\u0438\u0439, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u043c\u043e\u0436\u043d\u043e \u043a\u0430\u0441\u0442\u043e\u043c\u0438\u0437\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u0438 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u0434\u043b\u044f \u043f\u0440\u043e\u0432\u0435\u0434\u0435\u043d\u0438\u044f Purple Teaming.", "creation_timestamp": "2024-06-13T10:28:37.000000Z"}, {"uuid": "b0cd9870-f4af-4900-9b7c-94a269b0699a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-40444", "type": "exploited", "source": "https://t.me/cyberbannews_ir/3892", "content": "\ud83d\uded1\u0647\u0634\u062f\u0627\u0631 \u0645\u0627\u06cc\u06a9\u0631\u0648\u0633\u0627\u0641\u062a \u062f\u0631 \u0645\u0648\u0631\u062f \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc \u062c\u062f\u06cc\u062f \u0628\u0627 \u062e\u0637\u0631 \u0628\u0627\u0644\u0627\n\n\u0645\u0631\u06a9\u0632 \u0627\u0645\u0646\u06cc\u062a \u0633\u0627\u06cc\u0628\u0631\u06cc \u0627\u0633\u062a\u0631\u0627\u0644\u06cc\u0627 (ACSC) \u0646\u0633\u0628\u062a \u0628\u0647 \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc \u0628\u0627 \u0631\u06cc\u0633\u06a9 \u0628\u0627\u0644\u0627 \u062f\u0631 \u0645\u0624\u0644\u0641\u0647 \u0645\u0648\u062c\u0648\u062f \u062f\u0631 \u062a\u0645\u0627\u0645 \u0646\u0633\u062e\u0647\u200c\u0647\u0627\u06cc \u00abMicrosoft Windows\u00bb\u060c \u06a9\u0647 \u0634\u0627\u06cc\u062f \u0628\u0647\u200c\u0648\u0633\u06cc\u0644\u0647 \u0639\u0648\u0627\u0645\u0644 \u0633\u0627\u06cc\u0628\u0631\u06cc \u0645\u062e\u0631\u0628 \u0645\u0648\u0631\u062f \u0633\u0648\u0621\u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0642\u0631\u0627\u0631 \u06af\u06cc\u0631\u062f\u060c \u0647\u0634\u062f\u0627\u0631 \u062f\u0627\u062f.\n\n\u0627\u06cc\u0646 \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc\u060c \u06a9\u0647 \u00abCVE-2021-40444\u00bb \u0646\u0627\u0645 \u062f\u0627\u0631\u062f\u060c \u0628\u0647 \u0627\u06cc\u0646 \u0645\u0639\u0646\u06cc \u0627\u0633\u062a \u06a9\u0647 \u06cc\u06a9 \u0639\u0627\u0645\u0644 \u0633\u0627\u06cc\u0628\u0631\u06cc \u0645\u06cc\u200c\u062a\u0648\u0627\u0646\u062f \u06cc\u06a9 \u0633\u0646\u062f \u0645\u062e\u0631\u0628 \u0627\u06cc\u062c\u0627\u062f \u0648 \u06a9\u0627\u0631\u0628\u0631 \u0645\u0627\u06cc\u06a9\u0631\u0648\u0633\u0627\u0641\u062a \u0648\u06cc\u0646\u062f\u0648\u0632 \u0631\u0627 \u0645\u062a\u0642\u0627\u0639\u062f \u06a9\u0646\u062f \u06a9\u0647 \u0622\u0646 \u0631\u0627 \u0628\u0647 \u0639\u0646\u0648\u0627\u0646 \u0628\u062e\u0634\u06cc \u0627\u0632 \u06a9\u0645\u067e\u06cc\u0646 \u0627\u0633\u067e\u06cc\u0631 \u0641\u06cc\u0634\u06cc\u0646\u06af \u0628\u0627\u0632 \u06a9\u0646\u062f.\n\n\u0645\u0627\u06cc\u06a9\u0631\u0648\u0633\u0627\u0641\u062a \u062f\u0631 \u062d\u0627\u0644 \u062d\u0627\u0636\u0631 \u0627\u0632 \u062d\u0645\u0644\u0627\u062a \u0647\u062f\u0641\u0645\u0646\u062f \u0628\u0631\u0627\u06cc \u0633\u0648\u0621\u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0627\u0632 \u0627\u06cc\u0646 \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc \u0622\u06af\u0627\u0647 \u0627\u0633\u062a\u060c \u0627\u0645\u0627 \u0641\u0639\u0644\u0627\u064b \u0647\u06cc\u0686 \u067e\u0686\u06cc \u062f\u0631 \u062f\u0633\u062a\u0631\u0633 \u0646\u062f\u0627\u0631\u062f.\n\n\u0628\u0627 \u0627\u06cc\u0646 \u062d\u0627\u0644\u060c \u0645\u0627\u06cc\u06a9\u0631\u0648\u0633\u0627\u0641\u062a \u0628\u0631\u062e\u06cc \u06a9\u0627\u0647\u0634\u200c\u0647\u0627\u06cc \u0645\u0648\u0642\u062a \u0631\u0627 \u0634\u0646\u0627\u0633\u0627\u06cc\u06cc \u06a9\u0631\u062f\u0647 \u06a9\u0647 \u0645\u0634\u062a\u0631\u06cc\u0627\u0646 \u0645\u06cc\u200c\u062a\u0648\u0627\u0646\u0646\u062f \u0622\u0646\u0647\u0627 \u0631\u0627 \u0628\u0631\u0627\u06cc \u062c\u0644\u0648\u06af\u06cc\u0631\u06cc \u0627\u0632 \u0633\u0648\u0621\u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0628\u0647 \u06a9\u0627\u0631 \u06af\u06cc\u0631\u0646\u062f. \u0645\u0631\u06a9\u0632 \u0627\u0645\u0646\u06cc\u062a \u0633\u0627\u06cc\u0628\u0631\u06cc \u0627\u0633\u062a\u0631\u0627\u0644\u06cc\u0627 \u0628\u0647 \u0645\u0634\u062a\u0631\u06cc\u0627\u0646 \u062a\u0648\u0635\u06cc\u0647 \u06a9\u0631\u062f \u06a9\u0647 \u0627\u06cc\u0646 \u0631\u0627\u0647\u200c\u062d\u0644\u200c\u0647\u0627 \u0631\u0627 \u0628\u0631\u0631\u0633\u06cc \u0648 \u062f\u0631 \u0635\u0648\u0631\u062a \u0627\u0645\u06a9\u0627\u0646 \u0622\u0646\u0647\u0627 \u0631\u0627 \u0627\u062c\u0631\u0627 \u06a9\u0646\u0646\u062f.\n\n\u06a9\u0627\u0631\u0634\u0646\u0627\u0633\u0627\u0646 \u0645\u0639\u062a\u0642\u062f\u0646\u062f \u06a9\u0647 \u0645\u0634\u062a\u0631\u06cc\u0627\u0646 \u0647\u0645\u0686\u0646\u06cc\u0646 \u0628\u0627\u06cc\u062f \u0628\u0647 \u062a\u0648\u0635\u06cc\u0647\u200c\u0647\u0627\u06cc \u0627\u0645\u0646\u06cc\u062a\u06cc \u0645\u0627\u06cc\u06a9\u0631\u0648\u0633\u0627\u0641\u062a \u062f\u0631\u0645\u0648\u0631\u062f \u0627\u0646\u062a\u0634\u0627\u0631 \u067e\u0686 \u0628\u0631\u0627\u06cc \u0631\u0641\u0639 \u0627\u06cc\u0646 \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc \u062a\u0648\u062c\u0647 \u06a9\u0646\u0646\u062f.\n\n#\u0622\u0633\u06cc\u0628_\u067e\u0630\u06cc\u0631\u06cc\n\n@cyberbannews_ir", "creation_timestamp": "2021-09-11T02:02:58.000000Z"}, {"uuid": "47766072-f4ed-448a-9c2b-71e690beff2c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-40444", "type": "seen", "source": "https://t.me/alexmakus/4291", "content": "\u0422\u0430\u043a, \u0447\u0442\u043e \u043b\u0438, \u0442\u043e\u043b\u044c\u043a\u043e Apple \u0430\u043f\u0434\u0435\u0439\u0442\u044b \u0441 \u0444\u0438\u043a\u0441\u0430\u043c\u0438 \u0432\u044b\u043a\u0430\u0442\u044b\u0432\u0430\u0442\u044c? \u0412\u0447\u0435\u0440\u0430 patch Tuesday \u0443 Microsoft, \u043a\u0443\u0447\u0430 \u0444\u0438\u043a\u0441\u043e\u0432, \u0432\u043a\u043b\u044e\u0447\u0430\u044f \u0442\u0430\u043a\u0438\u0435, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0430\u043a\u0442\u0438\u0432\u043d\u043e \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u044e\u0442\u0441\u044f:\n\nhttps://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-40444\n\nhttps://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2021-36965\n\nhttps://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-38639\n\nhttps://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-36975\n\n\u0412\u044b \u0437\u043d\u0430\u0435\u0442\u0435, \u0432\u043e\u0442 \u044d\u0442\u043e \u0432\u0441\u0451.", "creation_timestamp": "2021-09-15T03:57:10.000000Z"}, {"uuid": "7cb880cf-ff74-4318-94e0-a16a30725263", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-40444", "type": "published-proof-of-concept", "source": "https://t.me/alexmakus/4280", "content": "\u041d\u043e \u043b\u0430\u0434\u043d\u043e \u043f\u0440\u043e Apple, \u043d\u043e\u0432\u0430\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 Windows 10 \u0438 \u0440\u0430\u0437\u043b\u0438\u0447\u043d\u044b\u0445 \u0432\u0435\u0440\u0441\u0438\u044f\u0445 Windows Server. \u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 MSHTL \u043a\u043e\u043c\u043f\u043e\u043d\u0435\u043d\u0442\u0435 Internet Explorer, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u043f\u043e\u0441\u0442\u0435\u043f\u0435\u043d\u043d\u043e \u0432\u044b\u043f\u0438\u043b\u0438\u0432\u0430\u044e\u0442, \u043d\u043e \u044d\u0442\u043e\u0442 \u043a\u043e\u043c\u043f\u043e\u043d\u0435\u043d\u0442 \u0442\u0430\u043a\u0436\u0435 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442\u0441\u044f \u0432 \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u044f\u0445 Microsoft Office \u0434\u043b\u044f \u043e\u0442\u0440\u0438\u0441\u043e\u0432\u043a\u0438 \u0432\u0435\u0431-\u043a\u043e\u043d\u0442\u0435\u043d\u0442\u0430. \u0417\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a \u043c\u043e\u0436\u0435\u0442 \u0441\u043e\u0437\u0434\u0430\u0442\u044c \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0439 \u044d\u043b\u0435\u043c\u0435\u043d\u0442 ActiveX, \u0438 \u0432\u0441\u0442\u0440\u043e\u0438\u0442\u044c \u0435\u0433\u043e \u0432 \u0434\u043e\u043a\u0443\u043c\u0435\u043d\u0442 Office, \u0437\u0430\u0442\u0435\u043c \u043e\u0441\u0442\u0430\u0451\u0442\u0441\u044f \u0442\u043e\u043b\u044c\u043a\u043e \u0443\u0431\u0435\u0434\u0438\u0442\u044c \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f \u043e\u0442\u043a\u0440\u044b\u0442\u044c \u0444\u0430\u0439\u043b (\u0447\u0442\u043e \u043e\u0431\u044b\u0447\u043d\u043e \u043d\u0435 \u0441\u043b\u043e\u0436\u043d\u043e). \u041f\u043e\u0441\u043b\u0435 \u044d\u0442\u043e\u0433\u043e, \u0435\u0441\u043b\u0438 \u044e\u0437\u0435\u0440 \u0441 \u0430\u0434\u043c\u0438\u043d\u0441\u043a\u0438\u043c\u0438 \u043f\u0440\u0430\u0432\u0430\u043c\u0438, \u0442\u043e \u00ab\u0437\u0430\u0445\u043e\u0434\u0438, \u043a\u0442\u043e \u0445\u043e\u0447\u0435\u0442\u00bb. \u041f\u0430\u0442\u0447\u0430 \u0434\u043b\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043f\u043e\u043a\u0430 \u043d\u0435 , \u043d\u043e \u043c\u043e\u0436\u043d\u043e \u043e\u0442\u043a\u043b\u044e\u0447\u0438\u0442\u044c \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043a\u0443 \u0432\u0441\u0435\u0445 \u043a\u043e\u043c\u043f\u043e\u043d\u0435\u043d\u0442\u043e\u0432 ActiveX \u0432 \u043d\u0430\u0441\u0442\u0440\u043e\u0439\u043a\u0430\u0445 Internet Explorer. \n\nhttps://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-40444\n\nhttps://us-cert.cisa.gov/ncas/current-activity/2021/09/07/microsoft-releases-mitigations-and-workarounds-cve-2021-40444", "creation_timestamp": "2021-09-10T05:27:14.000000Z"}, {"uuid": "c1784a33-d08d-48c5-904d-f7b3226618e7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-40444", "type": "exploited", "source": "Telegram/koX5CCK3-22_AwfYow_LNHD0nolV-ApG6ZwF09Ra5-Yk", "content": "", "creation_timestamp": "2021-11-25T23:34:42.000000Z"}, {"uuid": "7a954b26-5267-477f-b6ad-47a9eac4f234", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-40444", "type": "published-proof-of-concept", "source": "https://t.me/HackingPublicoficial/351", "content": "North Korea-related Malicious Document Files Using CVE-2021-40444 Vulnerability\n\nhttps://malware.news/t/north-korea-related-malicious-document-files-using-cve-2021-40444-vulnerability/54781", "creation_timestamp": "2021-12-13T21:29:03.000000Z"}, {"uuid": "b460cf0b-680c-4ab5-986b-c675b6f20b6b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-40444", "type": "seen", "source": "https://t.me/ctinow/39629", "content": "Windows CVE-2021-40444 defenses bypassed as new info emerges\n\nhttps://ift.tt/3lengtX", "creation_timestamp": "2021-09-09T22:41:33.000000Z"}, {"uuid": "21af0a89-6d49-4f04-b359-c21f2d332cc0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-40444", "type": "seen", "source": "https://t.me/ctinow/39577", "content": "Remote Code Execution 0-Day (CVE-2021-40444) Hits Windows, Triggered Via Office Docs\n\nhttps://ift.tt/3zYkcIv", "creation_timestamp": "2021-09-09T07:11:30.000000Z"}, {"uuid": "a8e78399-7e50-4ccf-8741-368b68e48640", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-4044", "type": "seen", "source": "https://t.me/ctinow/45581", "content": "Internet Bug Bounty: Invalid handling of X509_verify_cert() internal errors in libssl (CVE-2021-4044)\n\nhttps://ift.tt/33OsIhX", "creation_timestamp": "2022-01-21T02:16:17.000000Z"}, {"uuid": "fc954d3a-c291-4e70-8b94-10dd88dd27ee", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-40444", "type": "seen", "source": "https://t.me/ctinow/39821", "content": "Microsoft Patch Tuesday fixes CVE-2021-40444 MSHTML zero-day\n\nhttps://ift.tt/2XiETRr", "creation_timestamp": "2021-09-15T07:11:08.000000Z"}, {"uuid": "3d63f820-5064-4494-b65b-4c047e193335", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-40444", "type": "seen", "source": "https://t.me/ctinow/39807", "content": "Microsoft fixes Windows CVE-2021-40444 MSHTML zero-day bug\n\nhttps://ift.tt/2YYwUt5", "creation_timestamp": "2021-09-14T22:21:32.000000Z"}, {"uuid": "2603a877-7d48-4cfc-b837-e4847789c2c6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-40449", "type": "exploited", "source": "Telegram/ptU2jOr_NjUJth7vb8j26TK_ilkISYHEFJ0vHcBwW8Ir18lT", "content": "", "creation_timestamp": "2023-11-29T10:20:21.000000Z"}, {"uuid": "afb589f0-ad11-4629-a1ef-8208871ffaf4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-40449", "type": "seen", "source": "Telegram/0wYfslv8t2QNN9-2a2pLpVuKrMhkjy3ao1WFwKHc0JHD5w8R", "content": "", "creation_timestamp": "2023-11-29T10:20:07.000000Z"}, {"uuid": "54d54200-ce8e-4098-9dd4-73a82a6b7764", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-40444", "type": "exploited", "source": "https://t.me/ctinow/44356", "content": "Crooks bypass a Microsoft Office patch for CVE-2021-40444 to spread Formbook malware\n\nhttps://ift.tt/3pvPdAR", "creation_timestamp": "2021-12-23T15:56:30.000000Z"}, {"uuid": "49f896d9-d6d5-4eae-93f3-caf1c7116bb4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-40444", "type": "seen", "source": "https://t.me/ctinow/40543", "content": "FormBook Adds Latest Office 365 0-Day Vulnerability (CVE-2021-40444) to Its Arsenal\n\nhttps://ift.tt/3un288J", "creation_timestamp": "2021-09-29T15:16:30.000000Z"}, {"uuid": "4951fd0d-d0e7-42c0-b00a-c1ad7fef85f3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-40444", "type": "seen", "source": "https://t.me/ctinow/39948", "content": "Exploitation of the CVE-2021-40444 vulnerability in MSHTML\n\nhttps://ift.tt/3kfHMLm", "creation_timestamp": "2021-09-17T12:11:46.000000Z"}, {"uuid": "feadd708-8084-403e-b6a4-fa374ca93cb9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-40444", "type": "seen", "source": "https://t.me/ctinow/39947", "content": "Exploitation of the CVE-2021-40444 vulnerability in MSHTML\n\nhttps://ift.tt/3kfHMLm", "creation_timestamp": "2021-09-17T12:11:44.000000Z"}, {"uuid": "72f738f4-6447-48dc-84f9-b46c5b172a53", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-40444", "type": "seen", "source": "https://t.me/ctinow/39916", "content": "Microsoft warns of attacks exploiting recently patched Windows MSHTML CVE-2021-40444 bug\n\nhttps://ift.tt/3kicJ1e", "creation_timestamp": "2021-09-16T19:31:45.000000Z"}, {"uuid": "bf5478b4-a8ab-4e23-bf20-daf07e6cea48", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-40444", "type": "seen", "source": "https://t.me/ctinow/39871", "content": "Analyzing attacks that exploit the CVE-2021-40444 MSHTML vulnerability\n\nhttps://ift.tt/3tINhVX", "creation_timestamp": "2021-09-16T01:46:18.000000Z"}, {"uuid": "7f12381b-975f-418d-9fe5-f2a0288f0e71", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-40444", "type": "published-proof-of-concept", "source": "Telegram/7XG3Qhyveq0sd-sorvBusAou1bYnK4tFO-cr4qbsp7Vd2w0", "content": "", "creation_timestamp": "2024-08-28T07:50:25.000000Z"}, {"uuid": "aaf0d1b9-34c2-4302-9c14-e07304ea8d0f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-40444", "type": "published-proof-of-concept", "source": "https://t.me/BearC2/91", "content": "\u0421\u0438\u043c\u0443\u043b\u044f\u0446\u0438\u044f \u0430\u0442\u0430\u043a\u0438 APT28 Fancy Bear\n\n\u042d\u0442\u043e \u0441\u0438\u043c\u0443\u043b\u044f\u0446\u0438\u044f \u0430\u0442\u0430\u043a\u0438 \u0433\u0440\u0443\u043f\u043f\u044b Fancy Bear (APT28), \u043d\u0430\u0446\u0435\u043b\u0435\u043d\u043d\u043e\u0439 \u043d\u0430 \u0432\u044b\u0441\u043e\u043a\u043e\u043f\u043e\u0441\u0442\u0430\u0432\u043b\u0435\u043d\u043d\u044b\u0445 \u0433\u043e\u0441\u0443\u0434\u0430\u0440\u0441\u0442\u0432\u0435\u043d\u043d\u044b\u0445 \u0447\u0438\u043d\u043e\u0432\u043d\u0438\u043a\u043e\u0432 \u0417\u0430\u043f\u0430\u0434\u043d\u043e\u0439 \u0410\u0437\u0438\u0438 \u0438 \u0412\u043e\u0441\u0442\u043e\u0447\u043d\u043e\u0439 \u0415\u0432\u0440\u043e\u043f\u044b. \u041a\u0430\u043c\u043f\u0430\u043d\u0438\u044f \u0430\u0442\u0430\u043a\u0438 \u0431\u044b\u043b\u0430 \u0430\u043a\u0442\u0438\u0432\u043d\u0430 \u0441 \u043e\u043a\u0442\u044f\u0431\u0440\u044f \u043f\u043e \u043d\u043e\u044f\u0431\u0440\u044c 2021 \u0433\u043e\u0434\u0430. \u0426\u0435\u043f\u043e\u0447\u043a\u0430 \u0430\u0442\u0430\u043a\u0438 \u043d\u0430\u0447\u0438\u043d\u0430\u0435\u0442\u0441\u044f \u0441 \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f Excel-\u0437\u0430\u0433\u0440\u0443\u0437\u0447\u0438\u043a\u0430, \u043e\u0442\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043d\u043e\u0433\u043e \u0436\u0435\u0440\u0442\u0432\u0435 \u043f\u043e \u044d\u043b\u0435\u043a\u0442\u0440\u043e\u043d\u043d\u043e\u0439 \u043f\u043e\u0447\u0442\u0435, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u0435\u0442 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u0433\u043e \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u043a\u043e\u0434\u0430 MSHTML (CVE-2021-40444) \u0434\u043b\u044f \u0437\u0430\u043f\u0443\u0441\u043a\u0430 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u043e\u0433\u043e \u0438\u0441\u043f\u043e\u043b\u043d\u044f\u0435\u043c\u043e\u0433\u043e \u0444\u0430\u0439\u043b\u0430 \u0432 \u043f\u0430\u043c\u044f\u0442\u0438.\n\n\u0420\u0435\u043f\u043e\u0437\u0438\u0442\u043e\u0440\u0438\u0439 \u043d\u0430 GitHub: https://github.com/S3N4T0R-0X0/APT-Attack-Simulation/tree/main/Russian%20APT/APT28-Adversary-Simulation", "creation_timestamp": "2024-09-28T00:16:26.000000Z"}, {"uuid": "7d6b3c66-fc23-4182-aab8-d809b6e3ad37", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-40444", "type": "seen", "source": "https://t.me/arpsyndicate/912", "content": "#ExploitObserverAlert\n\nCVE-2021-40444\n\nDESCRIPTION: Exploit Observer has 223 entries related to CVE-2021-40444. Microsoft MSHTML Remote Code Execution Vulnerability\n\nFIRST-EPSS: 0.971910000\nNVD-IS: 5.9\nNVD-ES: 1.8", "creation_timestamp": "2023-12-03T01:43:57.000000Z"}, {"uuid": "fa1814ca-4f11-47dd-97c9-802533955c86", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-40449", "type": "exploited", "source": "Telegram/0N8hYoIZNVMzLz29O1HKlSbPUHPxGySFoEhQpN9rXpV6UQ", "content": "", "creation_timestamp": "2021-10-14T16:21:20.000000Z"}, {"uuid": "9e7950c1-3250-4c48-8bb1-0065f60f3a57", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-40444", "type": "published-proof-of-concept", "source": "https://t.me/breachdetector/49598", "content": "\u26a0 Detectada filtraci\u00f3n \u26a0\n{\n  \"site\": \"Raidforums\",\n  \"Threat Actor\": \"f41r3r79x0r\",\n  \"Content\": \"MACRO MALDOC CVE-2021-40444 FUD ( FREE REFUD WITHIN 1 WEEK)\u201d,\n  \"Detection Date\": \"19 Feb 2022 20:24\",\n  \"Type\": \"Data Leak\"\n}", "creation_timestamp": "2022-02-19T20:32:37.000000Z"}, {"uuid": "9206ecfc-0a8f-4a42-923b-a18c7cc2dc9f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-40444", "type": "published-proof-of-concept", "source": "https://t.me/breachdetector/49595", "content": "\u26a0 Detectada filtraci\u00f3n \u26a0\n{\n  \"site\": \"Raidforums\",\n  \"Threat Actor\": \"f41r3r79x0r\",\n  \"Content\": \"MACRO MALDOC CVE-2021-40444 FUD ( FREE REFUD WITHIN 1 WEEK)\u201d,\n  \"Detection Date\": \"19 Feb 2022 20:14\",\n  \"Type\": \"Data Leak\"\n}", "creation_timestamp": "2022-02-19T20:32:31.000000Z"}, {"uuid": "471c86a7-8507-4815-8acd-f914ab7ba904", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-40444", "type": "published-proof-of-concept", "source": "https://t.me/breachdetector/49884", "content": "\u26a0 Detectada filtraci\u00f3n \u26a0\n{\n  \"site\": \"Raidforums\",\n  \"Threat Actor\": \"f41r3r79x0r\",\n  \"Content\": \"MACRO MALDOC FUD + CVE-2021-40444 ( FREE REFUD WITHIN 1 WEEK)\u201d,\n  \"Detection Date\": \"20 Feb 2022 15:46\",\n  \"Type\": \"Data Leak\"\n}", "creation_timestamp": "2022-02-20T15:58:52.000000Z"}, {"uuid": "7771661f-57ba-4c00-8101-c51d1ecd34b3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-40444", "type": "published-proof-of-concept", "source": "https://t.me/cyberguerre/1394", "content": "\ud83d\udc41 \u0421\u043f\u0435\u0446\u0438\u0430\u043b\u0438\u0441\u0442\u044b PT Expert Security Center \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u043b\u0438 \u043d\u043e\u0432\u0443\u044e \u0433\u0440\u0443\u043f\u043f\u0438\u0440\u043e\u0432\u043a\u0443 Dark River, \u0430\u0442\u0430\u043a\u0443\u044e\u0449\u0443\u044e \u043f\u0440\u0435\u0434\u043f\u0440\u0438\u044f\u0442\u0438\u044f \u043e\u0431\u043e\u0440\u043e\u043d\u043d\u043e-\u043f\u0440\u043e\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u043e\u0433\u043e \u043a\u043e\u043c\u043f\u043b\u0435\u043a\u0441\u0430 \u043f\u0440\u0438 \u043f\u043e\u043c\u043e\u0449\u0438 \u0432\u044b\u0441\u043e\u043a\u043e\u0442\u0435\u0445\u043d\u043e\u043b\u043e\u0433\u0438\u0447\u043d\u043e\u0433\u043e \u043c\u043e\u0434\u0443\u043b\u044c\u043d\u043e\u0433\u043e \u0431\u044d\u043a\u0434\u043e\u0440\u0430, \u043d\u0430\u0437\u0432\u0430\u043d\u043d\u043e\u0433\u043e MataDoor. \u041f\u043e\u0434\u0440\u043e\u0431\u043d\u043e\u0441\u0442\u0438 \u2014 \u0432 \u043d\u0430\u0448\u0435\u043c \u043d\u043e\u0432\u043e\u043c \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u043d\u0438\u0438.\n\n\u0412\u043f\u0435\u0440\u0432\u044b\u0435 \u043d\u0430\u0448\u0438 \u044d\u043a\u0441\u043f\u0435\u0440\u0442\u044b \u0441\u0442\u043e\u043b\u043a\u043d\u0443\u043b\u0438\u0441\u044c \u0441 \u044d\u0442\u0438\u043c \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043e\u043c \u0432 \u043e\u043a\u0442\u044f\u0431\u0440\u0435 2022 \u0433\u043e\u0434\u0430 \u0432\u043e \u0432\u0440\u0435\u043c\u044f \u0440\u0430\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u043d\u0438\u044f \u0438\u043d\u0446\u0438\u0434\u0435\u043d\u0442\u0430 \u043d\u0430 \u043e\u0434\u043d\u043e\u043c \u0438\u0437 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u044b\u0445 \u043f\u0440\u0435\u0434\u043f\u0440\u0438\u044f\u0442\u0438\u0439.\n\n\ud83e\udd77 \u0421\u043f\u0435\u0446\u0438\u0444\u0438\u043a\u0430 \u0431\u044d\u043a\u0434\u043e\u0440\u0430 \u0432 \u0442\u043e\u043c, \u0447\u0442\u043e \u043e\u043d \u043e\u0442\u043b\u0438\u0447\u043d\u043e \u043c\u0430\u0441\u043a\u0438\u0440\u0443\u0435\u0442\u0441\u044f: \n\u2022 \u0438\u043c\u0435\u043d\u0430 \u0435\u0433\u043e \u0438\u0441\u043f\u043e\u043b\u043d\u044f\u0435\u043c\u044b\u0445 \u0444\u0430\u0439\u043b\u043e\u0432 \u043f\u043e\u0445\u043e\u0436\u0438 \u043d\u0430 \u043d\u0430\u0437\u0432\u0430\u043d\u0438\u044f \u043b\u0435\u0433\u0438\u0442\u0438\u043c\u043d\u043e\u0433\u043e \u041f\u041e, \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043b\u0435\u043d\u043d\u043e\u0433\u043e \u043d\u0430 \u0437\u0430\u0440\u0430\u0436\u0435\u043d\u043d\u044b\u0445 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430\u0445;\n\u2022 \u0440\u044f\u0434 \u043e\u0431\u0440\u0430\u0437\u0446\u043e\u0432 \u0438\u043c\u0435\u0435\u0442 \u0434\u0435\u0439\u0441\u0442\u0432\u0438\u0442\u0435\u043b\u044c\u043d\u0443\u044e \u0446\u0438\u0444\u0440\u043e\u0432\u0443\u044e \u043f\u043e\u0434\u043f\u0438\u0441\u044c;\n\u2022 \u0440\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u0447\u0438\u043a\u0438 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u0430 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b\u0438 \u0443\u0442\u0438\u043b\u0438\u0442\u044b-\u043f\u0440\u043e\u0442\u0435\u043a\u0442\u043e\u0440\u044b, \u0447\u0442\u043e\u0431\u044b \u0443\u0441\u043b\u043e\u0436\u043d\u0438\u0442\u044c \u0435\u0433\u043e \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0438\u0435 \u0438 \u0430\u043d\u0430\u043b\u0438\u0437.\n\n\u041d\u0430\u0448\u0438 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u0434\u043e\u043a\u0430\u0437\u0430\u043b\u0438, \u0447\u0442\u043e \u0432 \u0441\u043a\u043e\u043c\u043f\u0440\u043e\u043c\u0435\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u0443\u044e \u0441\u0438\u0441\u0442\u0435\u043c\u0443 MataDoor \u043f\u043e\u043f\u0430\u043b \u043f\u0440\u0438 \u043f\u043e\u043c\u043e\u0449\u0438 \u0444\u0438\u0448\u0438\u043d\u0433\u043e\u0432\u043e\u0433\u043e \u043f\u0438\u0441\u044c\u043c\u0430, \u043a\u0443\u0434\u0430 \u0431\u044b\u043b \u0432\u043b\u043e\u0436\u0435\u043d \u0444\u0430\u0439\u043b \u0444\u043e\u0440\u043c\u0430\u0442\u0430 DOCX. \u0412 \u043d\u0435\u043c \u0441\u043e\u0434\u0435\u0440\u0436\u0430\u043b\u0441\u044f \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442 \u0434\u043b\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 CVE-2021-40444, \u043e\u0441\u043e\u0431\u0435\u043d\u043d\u043e\u0441\u0442\u044c \u043a\u043e\u0442\u043e\u0440\u043e\u0433\u043e \u0432 \u0442\u043e\u043c, \u0447\u0442\u043e \u043e\u043d \u0430\u043a\u0442\u0438\u0432\u0438\u0440\u043e\u0432\u0430\u043b\u0441\u044f \u043f\u0440\u0438 \u0432\u043a\u043b\u044e\u0447\u0435\u043d\u0438\u0438 \u0440\u0435\u0436\u0438\u043c\u0430 \u0440\u0435\u0434\u0430\u043a\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u044f \u0434\u043e\u043a\u0443\u043c\u0435\u043d\u0442\u0430.\n\n\u041f\u043e\u0445\u043e\u0436\u0438\u0435 \u043f\u0438\u0441\u044c\u043c\u0430 \u0441 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430\u043c\u0438 \u0440\u0430\u0441\u0441\u044b\u043b\u0430\u043b\u0438\u0441\u044c \u043d\u0430 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0435 \u043f\u0440\u0435\u0434\u043f\u0440\u0438\u044f\u0442\u0438\u044f \u041e\u041f\u041a \u0432 \u0430\u0432\u0433\u0443\u0441\u0442\u0435-\u0441\u0435\u043d\u0442\u044f\u0431\u0440\u0435 2022 \u0433\u043e\u0434\u0430. \u042d\u0442\u043e \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u043f\u0440\u0435\u0434\u043f\u043e\u043b\u043e\u0436\u0438\u0442\u044c, \u0447\u0442\u043e \u0437\u0430 \u0432\u0441\u0435\u043c\u0438 \u0442\u043e\u0447\u0435\u0447\u043d\u044b\u043c\u0438 \u0430\u0442\u0430\u043a\u0430\u043c\u0438 \u0441\u0442\u043e\u0438\u0442 \u043e\u0434\u043d\u0430 \u0438 \u0442\u0430 \u0436\u0435 \u0433\u0440\u0443\u043f\u043f\u0438\u0440\u043e\u0432\u043a\u0430. \u041c\u044b \u043d\u0430\u0437\u0432\u0430\u043b\u0438 \u0435\u0435 Dark River \u2014 \u043f\u043e \u0438\u043c\u0435\u043d\u0438 River, \u0443\u043a\u0430\u0437\u0430\u043d\u043d\u043e\u043c\u0443 \u0432 \u043f\u043e\u043b\u0435 \u00ab\u0410\u0432\u0442\u043e\u0440\u00bb \u043d\u0435\u043a\u043e\u0442\u043e\u0440\u044b\u0445 \u0444\u0438\u0448\u0438\u043d\u0433\u043e\u0432\u044b\u0445 \u0434\u043e\u043a\u0443\u043c\u0435\u043d\u0442\u043e\u0432.\n\n\ud83d\udcac \u00ab\u0413\u043b\u0430\u0432\u043d\u0430\u044f \u043e\u0441\u043e\u0431\u0435\u043d\u043d\u043e\u0441\u0442\u044c \u0431\u044d\u043a\u0434\u043e\u0440\u0430 MataDoor \u0432 \u0442\u043e\u043c, \u0447\u0442\u043e \u043e\u043d \u0438\u043c\u0435\u0435\u0442 \u0441\u043b\u043e\u0436\u043d\u0443\u044e \u0430\u0440\u0445\u0438\u0442\u0435\u043a\u0442\u0443\u0440\u0443, \u2014 \u043f\u043e\u0434\u0447\u0435\u0440\u043a\u043d\u0443\u043b \u041c\u0430\u043a\u0441\u0438\u043c \u0410\u043d\u0434\u0440\u0435\u0435\u0432, \u0441\u0442\u0430\u0440\u0448\u0438\u0439 \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u0438\u0441\u0442 \u043e\u0442\u0434\u0435\u043b\u0430 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u043d\u0438\u044f \u0443\u0433\u0440\u043e\u0437 \u0418\u0411 Positive Technologies. \u2014 \u042d\u0442\u043e \u0445\u043e\u0440\u043e\u0448\u043e \u043f\u0440\u043e\u0440\u0430\u0431\u043e\u0442\u0430\u043d\u043d\u044b\u0439 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441, \u0441 \u0438\u043d\u0434\u0438\u0432\u0438\u0434\u0443\u0430\u043b\u044c\u043d\u043e\u0439 \u0440\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u043a\u043e\u0439 \u0432 \u043f\u043b\u0430\u043d\u0435 \u0442\u0440\u0430\u043d\u0441\u043f\u043e\u0440\u0442\u0430, \u0441\u043a\u0440\u044b\u0442\u043d\u043e\u0441\u0442\u0438 \u0438 \u0430\u0440\u0445\u0438\u0442\u0435\u043a\u0442\u0443\u0440\u044b. \u041e\u043d \u043c\u043e\u0436\u0435\u0442 \u0434\u0435\u0439\u0441\u0442\u0432\u043e\u0432\u0430\u0442\u044c \u0434\u0430\u0436\u0435 \u0432 \u043b\u043e\u0433\u0438\u0447\u0435\u0441\u043a\u0438 \u0438\u0437\u043e\u043b\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0445 \u0441\u0435\u0442\u044f\u0445, \u0432\u044b\u0442\u0430\u0441\u043a\u0438\u0432\u0430\u0442\u044c \u0438 \u043f\u0435\u0440\u0435\u0434\u0430\u0432\u0430\u0442\u044c \u0434\u0430\u043d\u043d\u044b\u0435 \u043e\u0442\u043a\u0443\u0434\u0430 \u0443\u0433\u043e\u0434\u043d\u043e\u00bb.\n\n\ud83d\udd10 \u0414\u043b\u044f \u0437\u0430\u0449\u0438\u0442\u044b \u043a\u043e\u0440\u043f\u043e\u0440\u0430\u0442\u0438\u0432\u043d\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c \u043e\u0442 \u0432\u043d\u0435\u0434\u0440\u0435\u043d\u0438\u044f \u0431\u044d\u043a\u0434\u043e\u0440\u0430 MataDoor \u044d\u043a\u0441\u043f\u0435\u0440\u0442\u044b Positive Technologies \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u044e\u0442 \u043f\u0440\u0438\u043d\u0438\u043c\u0430\u0442\u044c \u043f\u0440\u043e\u0430\u043a\u0442\u0438\u0432\u043d\u044b\u0435 \u043c\u0435\u0440\u044b. \u0418\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u043f\u0435\u0441\u043e\u0447\u043d\u0438\u0446\u0443 PT Sandbox \u0438 \u0441\u0438\u0441\u0442\u0435\u043c\u0443 \u043f\u043e\u0432\u0435\u0434\u0435\u043d\u0447\u0435\u0441\u043a\u043e\u0433\u043e \u0430\u043d\u0430\u043b\u0438\u0437\u0430 \u0441\u0435\u0442\u0435\u0432\u043e\u0433\u043e \u0442\u0440\u0430\u0444\u0438\u043a\u0430 PT Network Attack Discovery (PT NAD).\n\n@Positive_Technologies\n#Positive\u042d\u043a\u0441\u043f\u0435\u0440\u0442\u044b", "creation_timestamp": "2023-09-27T17:10:31.000000Z"}, {"uuid": "80a18091-f711-4455-b3ec-bebd7639737f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-40444", "type": "exploited", "source": "Telegram/9IkYRUSVAjNVZ3U5W60Yral5GvyToi8S0jPvpwWQQpLMsoQQ", "content": "", "creation_timestamp": "2024-04-20T20:39:22.000000Z"}, {"uuid": "376f7697-58e3-44e0-8b13-2e8f114dc040", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-40444", "type": "published-proof-of-concept", "source": "Telegram/vJIjzeK0cH5875gB7rg6VyGjiFZNrcUl0Nu_Q8n9T_Yj2g", "content": "", "creation_timestamp": "2021-12-03T19:39:06.000000Z"}, {"uuid": "57710c6a-7cf8-49e6-9a8f-71a8694371ee", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-40444", "type": "published-proof-of-concept", "source": "https://t.me/hacker_trick/210", "content": "#CVE-2021-40444--CABless\nModified code so that we don\u00b4t need to rely on CAB archives\nhttps://github.com/Edubr2020/CVE-2021-40444--CABless\n\n#CVE-2021-22005 \nVMWare-CVE-Check\n\nhttps://github.com/X1pe0/VMWare-CVE-Check", "creation_timestamp": "2021-09-23T23:56:55.000000Z"}, {"uuid": "685e75f7-2eca-4c2d-b488-0781d0da238f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-40444", "type": "published-proof-of-concept", "source": "https://t.me/hacker_trick/186", "content": "Latest Vulnerabilities and Exploits\n\nCVE-2021-3449 OpenSSL denial-of-service exploit\nhttps://github.com/terorie/cve-2021-3449\n\nProxyToken\nhttps://github.com/bhdresh/CVE-2021-33766-ProxyToken\n\nCVES Xstream-1.4.17\nhttps://github.com/zwjjustdoit/Xstream-1.4.17\n\nCVE-2021-36934/HiveNightmare/SeriousSAM\nhttps://github.com/cube0x0/CVE-2021-36934\n\nHow to exploit a vulnerable windows driver Exploit for AsrDrv104 sys\nhttps://github.com/stong/CVE-2020-15368\n\nCVE-2021-32537: an out-of-bounds memory access that leads to pool corruption in the Windows kernel\nhttps://github.com/0vercl0k/CVE-2021-32537\n\nCVE-2021-28476 a guest-to-host \"Hyper-V Remote Code Execution Vulnerability\" in vmswitch sys\nhttps://github.com/0vercl0k/CVE-2021-28476\n\nCVE-2021-40444 - Fully Weaponized Microsoft Office Word RCE Exploit\nhttps://github.com/klezVirus/CVE-2021-40444\n\nExploit Accsess network clients by sending packets in wirless TP-LINK and preparing for a mitm attack\nhttps://github.com/lhashashinl/CVE-2021-37152\n\nProof on Concept Exploit for CVE-2021-38647 (OMIGOD)\nhttps://github.com/horizon3ai/CVE-2021-38647\n\nProof of Concept Exploit for vCenter CVE-2021-21972\nhttps://github.com/horizon3ai/CVE-2021-21972\n\nProof-of-Concept (PoC) script to exploit Pulse Secure CVE-2021-22893\nhttps://github.com/ZephrFish/CVE-2021-22893\n\nCVE-2021-33766 (ProxyToken)\nhttps://github.com/demossl/CVE-2021-33766-ProxyToken\n\nCVE-2021-2456\nhttps://github.com/peterjson31337/CVE-2021-2456\n\nCVE-2021-38647 POC for RCE\nhttps://github.com/midoxnet/CVE-2021-38647\n\nCVE-2021-26084 (PoC) | Confluence Server Webwork OGNL injection\nhttps://github.com/alt3kx/CVE-2021-26084_PoC\nhttps://github.com/r0ckysec/CVE-2021-26084_Confluence\nhttps://github.com/march0s1as/CVE-2021-26084\n\n\nCVE-2021-21551 Dell Driver EoP\nhttps://github.com/ihack4falafel/Dell-Driver-EoP-CVE-2021-21551\n\nA basic PoC leak for CVE-2021-28663 (Internal of the Android kernel backdoor vulnerability)\nhttps://github.com/lntrx/CVE-2021-28663\n\nCVE-2021-40353 openSIS 8.0 SQL Injection\nhttps://github.com/5qu1n7/CVE-2021-40353\n\nCVE-2021-28476 Ubuntu 20.04\nhttps://github.com/sh4m2hwz/CVE-2021-28476-tools-env\n\nmy exp for chrome V8 CVE-2021-30551\nhttps://github.com/xmzyshypnc/CVE-2021-30551\n\nPOC of CVE-2021-2394\nhttps://github.com/lz2y/CVE-2021-2394\n\nWordPress Backup Guard Authenticated Remote Code Execution Exploit\nhttps://github.com/0dayNinja/CVE-2021-24155.rb\n\nExploit code for CVE-2021-33909,Just a dump of removed\nhttps://github.com/bbinfosec43/CVE-2021-33909", "creation_timestamp": "2021-09-18T23:06:09.000000Z"}, {"uuid": "7ddd9d7b-98f3-4a6c-8382-776cbd07f112", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-40444", "type": "published-proof-of-concept", "source": "https://t.me/hacker_trick/183", "content": "1_ Malicious docx generator to exploit CVE-2021-40444 (Microsoft Office Word Remote Code Execution)\n\nhttps://github.com/lockedbyte/CVE-2021-40444\n\nhttps://github.com/Udyz/CVE-2021-40444\n\nhttps://github.com/Udyz/CVE-2021-40444-Sample\n\n2_ Atlassian Confluence Pre-Auth RCE\n\nhttps://github.com/Udyz/CVE-2021-26084", "creation_timestamp": "2021-09-11T17:05:40.000000Z"}, {"uuid": "f438ebfe-bd73-4049-bec6-e48607215696", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-40444", "type": "seen", "source": "Telegram/_AGyd-jb8oHAAHKrYs_GCuAeltlnS2ecVTYz98b6pGCuvOaO", "content": "", "creation_timestamp": "2022-05-29T17:34:20.000000Z"}, {"uuid": "b43c422d-08a5-4f1c-86c9-4e39f4887517", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-40449", "type": "published-proof-of-concept", "source": "https://t.me/hacker_trick/407", "content": "#Exploit for #CVE-2021-40449\nWin32k Elevation\nhttps://github.com/Kristal-g/CVE-2021-40449_poc\n\n#poc for #CVE-2021-36799\nETS5 Password Recovery\nhttps://github.com/robertguetzkow/ets5-password-recovery\n\nA sample #poc for #CVE-2021-30657\naffecting MacOS\nhttps://github.com/shubham0d/CVE-2021-30657\n\n#Exploitation code for #CVE-2021-40539\nZoho ManageEngine ADSelfService Plus\nhttps://github.com/synacktiv/CVE-2021-40539\n\nVMWARE VCENTER SERVER VIRTUAL SAN HEALTH CHECK PLUG-IN RCE #CVE-2021-21985\nhttps://github.com/sknux/CVE-2021-21985_PoC", "creation_timestamp": "2021-11-10T09:32:12.000000Z"}, {"uuid": "be6527df-04f6-4303-bb7f-e2b0e7ccd670", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-40449", "type": "exploited", "source": "https://t.me/true_secator/6967", "content": "\u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u0438\u0437 \u041b\u0430\u0431\u043e\u0440\u0430\u0442\u043e\u0440\u0438\u0438 \u041a\u0430\u0441\u043f\u0435\u0440\u0441\u043a\u043e\u0433\u043e \u0441\u043e\u043e\u0431\u0449\u0430\u044e\u0442 \u043e\u0431 \u0430\u0442\u0430\u043a\u0430\u0445 \u043a\u0438\u0442\u0430\u0439\u0441\u043a\u043e\u0439 IronHusky \u043d\u0430 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0435 \u0438 \u043c\u043e\u043d\u0433\u043e\u043b\u044c\u0441\u043a\u0438\u0435 \u043f\u0440\u0430\u0432\u0438\u0442\u0435\u043b\u044c\u0441\u0442\u0432\u0435\u043d\u043d\u044b\u0435 \u0443\u0447\u0440\u0435\u0436\u0434\u0435\u043d\u0438\u044f \u0441 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435\u043c \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u043d\u043e\u0433\u043e RAT MysterySnail.\n\n\u041d\u043e\u0432\u044b\u0439 \u0438\u043c\u043f\u043b\u0430\u043d\u0442 \u0431\u044b\u043b \u043d\u0430\u0439\u0434\u0435\u043d \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u044f\u043c\u0438 \u0432 \u0445\u043e\u0434\u0435 \u0440\u0430\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u043d\u0438\u044f \u043d\u0435\u0434\u0430\u0432\u043d\u0438\u0445 \u0430\u0442\u0430\u043a, \u043a\u043e\u0433\u0434\u0430 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u0440\u0430\u0437\u0432\u0435\u0440\u0442\u044b\u0432\u0430\u043b\u0438 \u0442\u0440\u043e\u044f\u043d \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u043e\u0433\u043e \u0441\u043a\u0440\u0438\u043f\u0442\u0430 MMC, \u0437\u0430\u043c\u0430\u0441\u043a\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u0433\u043e \u043f\u043e\u0434 \u0434\u043e\u043a\u0443\u043c\u0435\u043d\u0442 Word, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u0437\u0430\u0433\u0440\u0443\u0436\u0430\u043b \u043f\u043e\u043b\u0435\u0437\u043d\u044b\u0435 \u043d\u0430\u0433\u0440\u0443\u0437\u043a\u0438 \u0432\u0442\u043e\u0440\u043e\u0433\u043e \u044d\u0442\u0430\u043f\u0430 \u0438 \u0441\u043e\u0445\u0440\u0430\u043d\u044f\u043b\u0441\u044f \u043d\u0430 \u0441\u043a\u043e\u043c\u043f\u0440\u043e\u043c\u0435\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c\u0430\u0445.\n\n\u041e\u0434\u043d\u043e\u0439 \u0438\u0437 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0445 \u043f\u043e\u043b\u0435\u0437\u043d\u044b\u0445 \u043d\u0430\u0433\u0440\u0443\u0437\u043e\u043a \u0431\u044b\u043b \u043d\u0435\u0438\u0437\u0432\u0435\u0441\u0442\u043d\u044b\u0439 \u043f\u0440\u043e\u043c\u0435\u0436\u0443\u0442\u043e\u0447\u043d\u044b\u0439 \u0431\u044d\u043a\u0434\u043e\u0440, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u043f\u043e\u043c\u043e\u0433\u0430\u043b \u043f\u0435\u0440\u0435\u0434\u0430\u0432\u0430\u0442\u044c \u0444\u0430\u0439\u043b\u044b \u043c\u0435\u0436\u0434\u0443 \u0441\u0435\u0440\u0432\u0435\u0440\u0430\u043c\u0438 \u04212 \u0438 \u0432\u0437\u043b\u043e\u043c\u0430\u043d\u043d\u044b\u043c\u0438 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430\u043c\u0438, \u0437\u0430\u043f\u0443\u0441\u043a\u0430\u0442\u044c \u043a\u043e\u043c\u0430\u043d\u0434\u043d\u044b\u0435 \u043e\u0431\u043e\u043b\u043e\u0447\u043a\u0438, \u0441\u043e\u0437\u0434\u0430\u0432\u0430\u0442\u044c \u043d\u043e\u0432\u044b\u0435 \u043f\u0440\u043e\u0446\u0435\u0441\u0441\u044b, \u0443\u0434\u0430\u043b\u044f\u0442\u044c \u0444\u0430\u0439\u043b\u044b \u0438 \u043c\u043d\u043e\u0433\u043e\u0435 \u0434\u0440.\n\n\u041f\u043e \u0434\u0430\u043d\u043d\u044b\u043c \u0442\u0435\u043b\u0435\u043c\u0435\u0442\u0440\u0438\u0438, \u044d\u0442\u0438 \u0444\u0430\u0439\u043b\u044b \u043e\u0441\u0442\u0430\u0432\u043b\u044f\u044e\u0442 \u0441\u043b\u0435\u0434\u044b \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u043e\u0433\u043e \u041f\u041e MysterySnail RAT, \u0438\u043c\u043f\u043b\u0430\u043d\u0442\u0430, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u041b\u041a \u043e\u043f\u0438\u0441\u0430\u043b\u0430 \u0435\u0449\u0435 \u0432 2021 \u0433\u043e\u0434\u0443.\n\n\u0412 \u043d\u0430\u0431\u043b\u044e\u0434\u0430\u0435\u043c\u044b\u0445 \u0441\u043b\u0443\u0447\u0430\u044f\u0445 \u0437\u0430\u0440\u0430\u0436\u0435\u043d\u0438\u0439 MysterySnail RAT \u0431\u044b\u043b \u043d\u0430\u0441\u0442\u0440\u043e\u0435\u043d \u043d\u0430 \u0441\u043e\u0445\u0440\u0430\u043d\u0435\u043d\u0438\u0435 \u043d\u0430 \u0441\u043a\u043e\u043c\u043f\u0440\u043e\u043c\u0435\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0445 \u043c\u0430\u0448\u0438\u043d\u0430\u0445 \u0432 \u043a\u0430\u0447\u0435\u0441\u0442\u0432\u0435 \u0441\u043b\u0443\u0436\u0431\u044b.\n\n\u041f\u0440\u0438\u043c\u0435\u0447\u0430\u0442\u0435\u043b\u044c\u043d\u043e, \u0447\u0442\u043e \u0432\u0441\u043a\u043e\u0440\u0435 \u043f\u043e\u0441\u043b\u0435 \u0442\u043e\u0433\u043e, \u043a\u0430\u043a \u0443\u0434\u0430\u043b\u043e\u0441\u044c \u0437\u0430\u0431\u043b\u043e\u043a\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u043d\u0435\u0434\u0430\u0432\u043d\u0438\u0435 \u0432\u0442\u043e\u0440\u0436\u0435\u043d\u0438\u044f, \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u044b\u0435 \u0441 MysterySnail RAT, \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u043f\u0440\u043e\u0434\u043e\u043b\u0436\u0438\u043b\u0438 \u0430\u0442\u0430\u043a\u0438, \u0437\u0430\u0434\u0435\u0439\u0441\u0442\u0432\u0443\u044f \u043c\u043e\u0434\u0435\u0440\u043d\u0438\u0437\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u0443\u044e \u0438 \u0431\u043e\u043b\u0435\u0435 \u043b\u0430\u0439\u0442\u043e\u0432\u0443\u044e \u0432\u0435\u0440\u0441\u0438\u044e, \u0441\u043e\u0441\u0442\u043e\u044f\u0449\u0443\u044e \u0438\u0437 \u043e\u0434\u043d\u043e\u0433\u043e \u043a\u043e\u043c\u043f\u043e\u043d\u0435\u043d\u0442\u0430, - MysteryMonoSnail.\n\n\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u043d\u0430\u044f \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u0430\u044f \u041f\u041e \u043f\u043e\u0434\u0434\u0435\u0440\u0436\u0438\u0432\u0430\u0435\u0442 \u0434\u0435\u0441\u044f\u0442\u043a\u0438 \u043a\u043e\u043c\u0430\u043d\u0434, \u0447\u0442\u043e \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u0443\u043f\u0440\u0430\u0432\u043b\u044f\u0442\u044c \u0441\u043b\u0443\u0436\u0431\u0430\u043c\u0438 \u043d\u0430 \u0441\u043a\u043e\u043c\u043f\u0440\u043e\u043c\u0435\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u043c \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0435, \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0442\u044c \u043a\u043e\u043c\u0430\u043d\u0434\u044b \u043e\u0431\u043e\u043b\u043e\u0447\u043a\u0438, \u0437\u0430\u043f\u0443\u0441\u043a\u0430\u0442\u044c \u0438 \u0437\u0430\u0432\u0435\u0440\u0448\u0430\u0442\u044c \u043f\u0440\u043e\u0446\u0435\u0441\u0441\u044b, \u0430 \u0442\u0430\u043a\u0436\u0435 \u0443\u043f\u0440\u0430\u0432\u043b\u044f\u0442\u044c \u0444\u0430\u0439\u043b\u0430\u043c\u0438 \u0438 \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0442\u044c \u0434\u0440\u0443\u0433\u0438\u0435 \u0434\u0435\u0439\u0441\u0442\u0432\u0438\u044f.\n\n\u041f\u043e\u0441\u043b\u0435\u0434\u043d\u044f\u044f \u0432\u0435\u0440\u0441\u0438\u044f \u0431\u044d\u043a\u0434\u043e\u0440\u0430 \u043f\u043e\u0445\u043e\u0436\u0430 \u043d\u0430 \u043e\u0440\u0438\u0433\u0438\u043d\u0430\u043b\u044c\u043d\u044b\u0439 MysterySnail RAT, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u041b\u041a\u00a0\u0432\u043f\u0435\u0440\u0432\u044b\u0435 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u043b\u0430 \u0432 \u043a\u043e\u043d\u0446\u0435 \u0430\u0432\u0433\u0443\u0441\u0442\u0430 2021 \u0433\u043e\u0434\u0430\u00a0\u0432 \u0445\u043e\u0434\u0435 \u0448\u0438\u0440\u043e\u043a\u043e\u043c\u0430\u0441\u0448\u0442\u0430\u0431\u043d\u044b\u0445 \u0448\u043f\u0438\u043e\u043d\u0441\u043a\u0438\u0445 \u0430\u0442\u0430\u043a \u043d\u0430 \u0418\u0422-\u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0438, \u0432\u043e\u0435\u043d\u043d\u044b\u0445 \u043f\u043e\u0434\u0440\u044f\u0434\u0447\u0438\u043a\u043e\u0432 \u0438 \u0434\u0438\u043f\u0443\u0447\u0440\u0435\u0436\u0434\u0435\u043d\u0438\u044f \u0432 \u0420\u043e\u0441\u0441\u0438\u0438 \u0438 \u041c\u043e\u043d\u0433\u043e\u043b\u0438\u0438.\n\n\u0412 \u0442\u043e \u0432\u0440\u0435\u043c\u044f \u0431\u044b\u043b\u043e \u0437\u0430\u043c\u0435\u0447\u0435\u043d\u043e, \u0447\u0442\u043e \u0445\u0430\u043a\u0435\u0440\u0441\u043a\u0430\u044f \u0433\u0440\u0443\u043f\u043f\u0430 IronHusky \u0440\u0430\u0437\u0432\u0435\u0440\u0442\u044b\u0432\u0430\u043b\u0430 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u043e\u0435 \u041f\u041e \u043d\u0430 \u0441\u0438\u0441\u0442\u0435\u043c\u0430\u0445, \u0432\u0437\u043b\u043e\u043c\u0430\u043d\u043d\u044b\u0445 \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e 0-day \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u043e\u0432, \u043d\u0430\u0446\u0435\u043b\u0435\u043d\u043d\u044b\u0445 \u043d\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0434\u0440\u0430\u0439\u0432\u0435\u0440\u0430 \u044f\u0434\u0440\u0430 Windows Win32k (CVE-2021-40449).\n\n\u041f\u0440\u0438 \u044d\u0442\u043e\u043c \u043a\u0438\u0442\u0430\u0439\u0441\u043a\u0430\u044f APT \u0431\u044b\u043b\u0430\u00a0\u0432\u043f\u0435\u0440\u0432\u044b\u0435 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0430 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u044f\u043c\u0438 \u0432 2017 \u0433\u043e\u0434\u0443\u00a0\u043f\u0440\u0438 \u0440\u0430\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u043d\u0438\u0438 \u043a\u0430\u043c\u043f\u0430\u043d\u0438\u0438, \u043d\u0430\u0446\u0435\u043b\u0435\u043d\u043d\u043e\u0439 \u043d\u0430 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0435 \u0438 \u043c\u043e\u043d\u0433\u043e\u043b\u044c\u0441\u043a\u0438\u0435 \u043f\u0440\u0430\u0432\u0438\u0442\u0435\u043b\u044c\u0441\u0442\u0432\u0435\u043d\u043d\u044b\u0435 \u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u044b \u0441 \u043a\u043e\u043d\u0435\u0447\u043d\u043e\u0439 \u0446\u0435\u043b\u044c\u044e \u0441\u0431\u043e\u0440\u0430 \u0440\u0430\u0437\u0432\u0435\u0434\u0434\u0430\u043d\u043d\u044b\u0445 \u043e \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u043e-\u043c\u043e\u043d\u0433\u043e\u043b\u044c\u0441\u043a\u0438\u0445 \u0432\u043e\u0435\u043d\u043d\u044b\u0445 \u043f\u0435\u0440\u0435\u0433\u043e\u0432\u043e\u0440\u0430\u0445.\n\n\u0413\u043e\u0434 \u0441\u043f\u0443\u0441\u0442\u044f \u041b\u041a \u0442\u0430\u043a\u0436\u0435\u00a0\u0437\u0430\u043c\u0435\u0442\u0438\u043b\u0430, \u0447\u0442\u043e \u0445\u0430\u043a\u0435\u0440\u044b\u00a0\u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u044e\u0442 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043f\u043e\u0432\u0440\u0435\u0436\u0434\u0435\u043d\u0438\u044f \u043f\u0430\u043c\u044f\u0442\u0438 Microsoft Office (CVE-2017-11882) \u0434\u043b\u044f \u0440\u0430\u0441\u043f\u0440\u043e\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f RAT, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043e\u0431\u044b\u0447\u043d\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0442\u0441\u044f \u043a\u0438\u0442\u0430\u0439\u0441\u043a\u0438\u043c\u0438 \u0445\u0430\u043a\u0435\u0440\u0441\u043a\u0438\u043c\u0438 \u0433\u0440\u0443\u043f\u043f\u0430\u043c\u0438, \u0432\u043a\u043b\u044e\u0447\u0430\u044f PoisonIvy \u0438 PlugX.\n\n\u0418\u043d\u0434\u0438\u043a\u0430\u0442\u043e\u0440\u044b \u043a\u043e\u043c\u043f\u0440\u043e\u043c\u0435\u0442\u0430\u0446\u0438\u0438 \u0438 \u0434\u043e\u043f\u043e\u043b\u043d\u0438\u0442\u0435\u043b\u044c\u043d\u044b\u0435 \u0442\u0435\u0445\u043d\u0438\u0447\u0435\u0441\u043a\u0438\u0435 \u043f\u043e\u0434\u0440\u043e\u0431\u043d\u043e\u0441\u0442\u0438 \u0430\u0442\u0430\u043a IronHusky \u0441 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435\u043c MysterySnail RAT - \u0432 \u043e\u0442\u0447\u0435\u0442\u0435.", "creation_timestamp": "2025-04-21T14:22:22.000000Z"}, {"uuid": "0714a195-0cd5-4bd2-9477-959cc9c1d1c1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-40449", "type": "published-proof-of-concept", "source": "https://t.me/hacker_trick/339", "content": "exploit for #CVE-2021-40449, a Windows LPE via a UAF in win32kfull!GreResetDCInternal\n\nhttps://github.com/hakivvi/CVE-2021-40449", "creation_timestamp": "2021-10-25T08:34:30.000000Z"}, {"uuid": "561ae66e-a273-4dd5-a5e6-5b567c007014", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-40449", "type": "published-proof-of-concept", "source": "https://t.me/hacker_trick/282", "content": "#poc (DoS) for CVE-2021-40449 - Win32k Elevation of Privilege Vulnerability (LPE)\n\nhttps://github.com/ollypwn/CallbackHell", "creation_timestamp": "2021-10-16T19:35:23.000000Z"}, {"uuid": "0098b03e-84e8-4526-9a2f-232b5edc6472", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-40444", "type": "published-proof-of-concept", "source": "Telegram/N3Dhtx86f5FloDusKLtwRjvF9l_DjB6egAEuwsrKtAXc", "content": "", "creation_timestamp": "2021-10-04T19:22:01.000000Z"}, {"uuid": "f9bf5909-9961-4e2b-897b-33ce0e1f3a2f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-40444", "type": "exploited", "source": "Telegram/NPG3KQ-G54-q68Z6VtRJ2n-qkwTdCfmP-7G4ZGlo_OVq", "content": "", "creation_timestamp": "2021-10-03T15:17:27.000000Z"}, {"uuid": "aca591fa-096e-4351-8b42-8f58fafc19ab", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-40444", "type": "published-proof-of-concept", "source": "https://t.me/sxcteam/742", "content": "CVE-2021-40444 PoC:-- Malicious docx generator to exploit CVE-2021-40444 (Microsoft Office Word Remote Code Execution).\n\nCreation of this Script is based on some reverse engineering over the sample used in-the-wild: 938545f7bbe40738908a95da8cdeabb2a11ce2ca36b0f6a74deda9378d380a52 (docx file)\n\nDisclaimer:- This project was created for educational purposes and should not be used in environments without legal authorization.\n\n#Download #Link:-\n\nhttps://github.com/lockedbyte/CVE-2021-40444\n\n#cybersecurity #CyberSecurityNews #infosec #infosecurity #cybersecurityawareness #informationsecurity #Pentesting #cybersecuritytraining #informationtechnology #bugbounty #ethicalhacking #EthicalHackingOnlineTraining #hacking #hackers #kalilinux  #onlinetraining #onlineclasses #AWS #cloudcomputing", "creation_timestamp": "2022-08-07T14:14:05.000000Z"}, {"uuid": "b47517b9-451b-47a6-b3bd-b7b212a3c016", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-40444", "type": "exploited", "source": "https://t.me/Cr0xCr0/304", "content": "zero-day exploit for CVE-2021-40444\nhttps://github.com/lockedbyte/CVE-2021-40444", "creation_timestamp": "2021-09-17T07:44:32.000000Z"}, {"uuid": "742c9fe5-f672-40bc-b3b9-9e6e4868ed41", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-40444", "type": "published-proof-of-concept", "source": "Telegram/D7-iC4UtRP-JTXX1FzkdRhRqg3vcBBeoatell7seT7TA", "content": "", "creation_timestamp": "2021-10-05T03:51:01.000000Z"}, {"uuid": "ff4e3f28-09d6-49ff-be1b-b799ecec0f18", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-40444", "type": "published-proof-of-concept", "source": "Telegram/P4B5ZiaoHRUwp70T1Ir79kbmXwRPX55y9lgSjflVfDR-", "content": "", "creation_timestamp": "2021-10-05T03:50:29.000000Z"}, {"uuid": "6c81687b-cffd-49c4-bddf-e5d353834ec5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-40449", "type": "published-proof-of-concept", "source": "https://t.me/auraxchan/29075", "content": "MysterySnail attacks with Windows zero-day: In late August and early September 2021, Kaspersky technologies detected attacks with the use of an elevation of privilege exploit on multiple Microsoft Windows servers. The exploit had numerous debug strings from an older, publicly known exploit for vulnerability CVE-2016-3309, but closer analysis revealed that it was a zero-day. We discovered that it was using a previously unknown vulnerability in the Win32k driver and exploitation relies heavily on a technique to leak the base addresses of kernel modules. We promptly reported these findings to Microsoft. The information disclosure portion of the exploit chain was identified as not bypassing a security boundary, and was therefore not fixed. Microsoft assigned CVE-2021-40449 to the use-after-free vulnerability in the Win32k kernel driver and it was patched on October 12, 2021, as a part of the October Patch Tuesday.\n\nhttps://securelist.com/mysterysnail-attacks-with-windows-zero-day/104509/\n\n@auraxchan", "creation_timestamp": "2021-10-13T17:48:51.000000Z"}, {"uuid": "cefd4f41-cc52-43bc-ab9d-870240dec05d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-40444", "type": "published-proof-of-concept", "source": "https://t.me/sxcteam/657", "content": "Alright - so I also managed to reproduce the CVE-2021-40444  and I have tried it on a Big Sur x86_64 MacOS and MS Word for Mac (ver 16.47)  - I have just used a dummy call  back to my internet facing Linux server in the word/_rels/document.xml.rels and it indeed works", "creation_timestamp": "2021-09-11T16:49:24.000000Z"}, {"uuid": "2e862f05-21b9-4402-bbd1-7f88c30f794d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-40444", "type": "seen", "source": "https://t.me/sxcteam/646", "content": "We have to say there are many unseen tricks in the entire of exploit\uff0cnow it's time for full chain code execution (#CVE-2021-40444)!!!", "creation_timestamp": "2021-09-11T05:55:01.000000Z"}, {"uuid": "d9397b2a-c6aa-40d6-9e07-d708a6723332", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-40444", "type": "exploited", "source": "https://t.me/true_secator/6124", "content": "\u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u0438\u0437 \u041b\u0430\u0431\u043e\u0440\u0430\u0442\u043e\u0440\u0438\u0438 \u041a\u0430\u0441\u043f\u0435\u0440\u0441\u043a\u043e\u0433\u043e \u0432\u044b\u043a\u0430\u0442\u0438\u043b\u0438 \u0430\u043d\u0430\u043b\u0438\u0442\u0438\u043a\u0443 \u043f\u043e \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430\u043c \u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044f\u043c \u0437\u0430 \u0432\u0442\u043e\u0440\u043e\u0439 \u043a\u0432\u0430\u0440\u0442\u0430\u043b 2024 \u0433\u043e\u0434\u0430, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u043e\u043a\u0430\u0437\u0430\u043b\u0441\u044f \u043d\u0430\u0441\u044b\u0449\u0435\u043d\u043d\u044b\u043c \u0441 \u0442\u043e\u0447\u043a\u0438 \u0437\u0440\u0435\u043d\u0438\u044f \u043d\u043e\u0432\u044b\u0445 \u043e\u0448\u0438\u0431\u043e\u043a \u0438 \u043c\u0435\u0442\u043e\u0434\u043e\u0432 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u0439 \u0438 \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c.\n\n\u0412 \u043d\u043e\u0432\u043e\u043c \u043e\u0442\u0447\u0435\u0442\u0435 \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u043b\u0435\u043d\u0430 \u0441\u0442\u0430\u0442\u0438\u0441\u0442\u0438\u043a\u0430 \u043f\u0443\u0431\u043b\u0438\u043a\u0430\u0446\u0438\u0439 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u043d\u0438\u0439, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043c\u043e\u0433\u0443\u0442 \u0431\u044b\u0442\u044c \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u044b \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c\u0438 \u0434\u043b\u044f \u0430\u0442\u0430\u043a \u043d\u0430 \u0441\u0438\u0441\u0442\u0435\u043c\u044b, \u0430 \u0442\u0430\u043a\u0436\u0435 \u0441\u0442\u0430\u0442\u0438\u0441\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0435 \u0441\u0440\u0435\u0437\u044b \u043f\u043e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044f\u043c.\n\n\u041e\u0431\u0449\u0435\u0435 \u0447\u0438\u0441\u043b\u043e \u0437\u0430\u0440\u0435\u0433\u0438\u0441\u0442\u0440\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u043f\u0440\u0435\u0432\u044b\u0441\u0438\u043b\u043e \u043f\u043e\u043a\u0430\u0437\u0430\u0442\u0435\u043b\u0438 \u0437\u0430 \u0430\u043d\u0430\u043b\u043e\u0433\u0438\u0447\u043d\u044b\u0439 \u043f\u0435\u0440\u0438\u043e\u0434 \u043f\u0440\u0435\u0434\u044b\u0434\u0443\u0449\u0435\u0433\u043e \u0433\u043e\u0434\u0430, \u0441\u043e\u043e\u0442\u0432\u0435\u0442\u0441\u0442\u0432\u0443\u044f \u0434\u0438\u043d\u0430\u043c\u0438\u043a\u0435 \u043f\u0440\u043e\u0448\u043b\u043e\u0433\u043e \u043a\u0432\u0430\u0440\u0442\u0430\u043b\u0430.\n\n\u0414\u043e\u043b\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0441 PoC \u0438 \u043e\u0442\u043d\u043e\u0441\u044f\u0449\u0438\u0445\u0441\u044f \u043a \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u043c \u043d\u0435\u0437\u043d\u0430\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e \u0441\u043d\u0438\u0437\u0438\u043b\u0430\u0441\u044c \u043e\u0442\u043d\u043e\u0441\u0438\u0442\u0435\u043b\u044c\u043d\u043e 2023 \u0433\u043e\u0434\u0430. \u041f\u0440\u0438 \u044d\u0442\u043e\u043c \u043f\u043e \u0442\u0438\u043f\u0443 \u043f\u043e\u0434\u0430\u0432\u043b\u044f\u044e\u0449\u0435\u0435 \u0431\u043e\u043b\u044c\u0448\u0438\u043d\u0441\u0442\u0432\u043e \u043a\u043b\u0430\u0441\u0441\u0438\u0444\u0438\u0446\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0445 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u043e\u0442\u0441\u0442\u043e\u044f\u0442\u0441\u044f \u043a \u0432\u0435\u0431-\u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u044f\u043c.\n\n\u0422\u0430\u043a\u0438\u0435 \u043e\u0448\u0438\u0431\u043a\u0438 \u044f\u0432\u043b\u044f\u044e\u0442\u0441\u044f \u043d\u0430\u0438\u0431\u043e\u043b\u0435\u0435 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u043c\u0438, \u0442\u0430\u043a \u043a\u0430\u043a \u043a \u0447\u0438\u0441\u043b\u0443 \u0432\u0435\u0431-\u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u0439 \u043e\u0442\u043d\u043e\u0441\u0438\u0442\u0441\u044f \u041f\u041e \u0441 \u0434\u043e\u0441\u0442\u0443\u043f\u043e\u043c \u043a \u0447\u0443\u0432\u0441\u0442\u0432\u0438\u0442\u0435\u043b\u044c\u043d\u044b\u043c \u0434\u0430\u043d\u043d\u044b\u043c: \u0441\u0438\u0441\u0442\u0435\u043c\u044b \u043e\u0431\u043c\u0435\u043d\u0430 \u0444\u0430\u0439\u043b\u0430\u043c\u0438, \u043a\u043e\u043d\u0441\u043e\u043b\u0438 \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0434\u043e\u0441\u0442\u0443\u043f\u043e\u043c \u0447\u0435\u0440\u0435\u0437 VPN, \u0430 \u0442\u0430\u043a\u0436\u0435 \u043e\u0431\u043b\u0430\u0447\u043d\u044b\u043c\u0438 \u0438 IoT-\u0441\u0438\u0441\u0442\u0435\u043c\u0430\u043c\u0438.\n\n\u0421\u043e\u0433\u043b\u0430\u0441\u043d\u043e \u0434\u0430\u043d\u043d\u044b\u0445 \u0442\u0435\u043b\u0435\u043c\u0435\u0442\u0440\u0438\u0438 \u041b\u041a, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u043e\u0432 \u0434\u043b\u044f Windows \u043f\u0440\u043e\u0434\u043e\u043b\u0436\u0430\u0435\u0442 \u0440\u0430\u0441\u0442\u0438 \u0432 \u043f\u0435\u0440\u0432\u0443\u044e \u043e\u0447\u0435\u0440\u0435\u0434\u044c \u0437\u0430 \u0441\u0447\u0435\u0442 \u0444\u0438\u0448\u0438\u043d\u0433\u043e\u0432\u044b\u0445 \u0440\u0430\u0441\u0441\u044b\u043b\u043e\u043a \u0438 \u043f\u043e\u043f\u044b\u0442\u043e\u043a \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u043f\u0435\u0440\u0432\u043e\u043d\u0430\u0447\u0430\u043b\u044c\u043d\u044b\u0439 \u0434\u043e\u0441\u0442\u0443\u043f \u0432 \u0441\u0438\u0441\u0442\u0435\u043c\u044b \u043f\u0443\u0442\u0435\u043c \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439.\n\n\u041a \u043d\u0430\u0438\u0431\u043e\u043b\u0435\u0435 \u043f\u043e\u043f\u0443\u043b\u044f\u0440\u043d\u044b\u043c \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430\u043c \u0434\u043b\u044f \u044d\u0442\u043e\u0439 \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u044b \u043e\u0442\u043d\u043e\u0441\u044f\u0442\u0441\u044f \u0442\u0435, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0442 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u043e\u0432 Microsoft Office (CVE-2018-0802, CVE-2017-11882\u00a0, CVE-2017-0199\u00a0 \u0438 CVE-2021-40444\u00a0).\n\n\u041d\u0430\u0431\u0438\u0440\u0430\u044e\u0449\u0430\u044f \u043f\u043e\u043f\u0443\u043b\u044f\u0440\u043d\u043e\u0441\u0442\u044c \u0432 \u043a\u043e\u0440\u043f\u043e\u0440\u0430\u0442\u0438\u0432\u043d\u043e\u043c \u0441\u0435\u0433\u043c\u0435\u043d\u0442\u0435 \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u0430 Linux \u0442\u0430\u043a\u0436\u0435 \u043f\u043e\u043a\u0430\u0437\u044b\u0432\u0430\u0435\u0442 \u0440\u043e\u0441\u0442, \u043e\u0434\u043d\u0430\u043a\u043e \u0432 \u043f\u0440\u043e\u0442\u0438\u0432\u043e\u0432\u0435\u0441 Windows \u043e\u0441\u043d\u043e\u0432\u043d\u044b\u0435 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u044b \u043d\u0430\u0446\u0435\u043b\u0435\u043d\u044b \u043d\u0430 \u044f\u0434\u0440\u043e (CVE-2022-0847, CVE-2023-2640 \u0438 CVE-2021-4034), \u043f\u0440\u0435\u0438\u043c\u0443\u0449\u0435\u0441\u0442\u0432\u0435\u043d\u043d\u043e \u0440\u0435\u0430\u043b\u0438\u0437\u0443\u044f EoP.\n\n\u0422\u043e\u043f-10 \u0440\u0430\u0441\u043f\u0440\u043e\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u043d\u044b\u0445 \u0432 APT-\u0430\u0442\u0430\u043a\u0430\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0437\u043d\u0430\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e \u0438\u0437\u043c\u0435\u043d\u0438\u043b\u0441\u044f \u043e\u0442\u043d\u043e\u0441\u0438\u0442\u0435\u043b\u044c\u043d\u043e\u00a0\u043f\u0435\u0440\u0432\u043e\u0433\u043e \u043a\u0432\u0430\u0440\u0442\u0430\u043b\u0430, \u043d\u043e \u0447\u0430\u0449\u0435 \u0432\u0441\u0435\u0433\u043e \u0434\u043b\u044f \u0434\u043e\u0441\u0442\u0443\u043f\u0430 \u0432\u043e \u0432\u043d\u0443\u0442\u0440\u0435\u043d\u043d\u0438\u0435 \u0441\u0435\u0442\u0438 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u043e\u0432\u0430\u043b\u0438 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u044b\u0435 \u0438 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e-\u0430\u043f\u043f\u0430\u0440\u0430\u0442\u043d\u044b\u0435 \u0440\u0435\u0448\u0435\u043d\u0438\u044f \u0442\u0435\u0445 \u0436\u0435 \u0442\u0438\u043f\u043e\u0432: \u0441\u0435\u0440\u0432\u0438\u0441\u044b \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u0433\u043e \u0434\u043e\u0441\u0442\u0443\u043f\u0430, \u043c\u0435\u0445\u0430\u043d\u0438\u0437\u043c\u044b \u0440\u0430\u0437\u0433\u0440\u0430\u043d\u0438\u0447\u0435\u043d\u0438\u044f \u0434\u043e\u0441\u0442\u0443\u043f\u0430 \u0438 \u043e\u0444\u0438\u0441\u043d\u044b\u0435 \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u044f.\n\n\u0411\u043e\u043b\u044c\u0448\u043e\u0435 \u0440\u0430\u0441\u043f\u0440\u043e\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u0435 \u043f\u043e\u043b\u0443\u0447\u0438\u043b\u0438 \u0430\u0442\u0430\u043a\u0438 \u0441 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435\u043c Bring You Own Vulnerable Driver (BYOVD). \u041f\u0440\u0438\u0447\u0435\u043c \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043d\u0435\u043e\u0431\u044f\u0437\u0430\u0442\u0435\u043b\u044c\u043d\u043e \u0434\u043e\u043b\u0436\u043d\u0430 \u0431\u044b\u0442\u044c \u0441\u0432\u0435\u0436\u0435\u0439, \u043f\u043e\u0441\u043a\u043e\u043b\u044c\u043a\u0443 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u0441\u0430\u043c\u0438 \u0434\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u044e\u0442 \u043d\u0435\u043f\u0440\u043e\u043f\u0430\u0442\u0447\u0435\u043d\u043d\u044b\u0435 \u0434\u0440\u0430\u0439\u0432\u0435\u0440\u044b \u0432 \u0441\u0438\u0441\u0442\u0435\u043c\u0443.\n\n2023 \u0433\u043e\u0434 \u0441\u0442\u0430\u043b \u0441\u0430\u043c\u044b\u043c \u0431\u043e\u0433\u0430\u0442\u044b\u043c \u043d\u0430 \u043f\u0443\u0431\u043b\u0438\u043a\u0430\u0446\u0438\u0438 \u0438\u043d\u0441\u0442\u0440\u0443\u043c\u0435\u043d\u0442\u043e\u0432 \u0434\u043b\u044f \u0430\u0442\u0430\u043a \u043f\u043e\u0441\u0440\u0435\u0434\u0441\u0442\u0432\u043e\u043c BYOVD. \u041f\u0440\u0438 \u044d\u0442\u043e\u043c \u0437\u0430 \u043f\u0435\u0440\u0432\u0443\u044e \u043f\u043e\u043b\u043e\u0432\u0438\u043d\u0443 2024-\u0433\u043e \u0438\u0445 \u043e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043b\u0438 \u0431\u043e\u043b\u044c\u0448\u0435, \u0447\u0435\u043c \u0437\u0430 2021 \u0438 2022 \u0433\u043e\u0434\u044b, \u0432\u043c\u0435\u0441\u0442\u0435 \u0432\u0437\u044f\u0442\u044b\u0435. \u0412\u0442\u043e\u0440\u043e\u0439 \u043a\u0432\u0430\u0440\u0442\u0430\u043b \u0442\u0430\u043a\u0436\u0435 \u043e\u0442\u043c\u0435\u0442\u0438\u043b\u0441\u044f \u0440\u043e\u0441\u0442\u043e\u043c \u043f\u043e\u043a\u0430\u0437\u0430\u0442\u0435\u043b\u044f.\n\n\u041d\u0430\u0433\u043b\u044f\u0434\u043d\u0430\u044f \u0438\u043d\u0444\u043e\u0433\u0440\u0430\u0444\u0438\u043a\u0430 \u0438 \u043d\u0430\u0438\u0431\u043e\u043b\u0435\u0435 \u0438\u043d\u0442\u0435\u0440\u0435\u0441\u043d\u044b\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0431\u044b\u043b\u0438 \u0437\u0430\u0440\u0435\u0433\u0438\u0441\u0442\u0440\u0438\u0440\u043e\u0432\u0430\u043d\u044b \u0432\u043e \u0432\u0442\u043e\u0440\u043e\u043c \u043a\u0432\u0430\u0440\u0442\u0430\u043b\u0435 2024 \u0433\u043e\u0434\u0430 \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u043b\u0435\u043d\u044b \u0432 \u043e\u0442\u0447\u0435\u0442\u0435.", "creation_timestamp": "2024-08-22T19:40:05.000000Z"}, {"uuid": "460d0605-07df-4a25-8e71-12bae6d6f75d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-40449", "type": "published-proof-of-concept", "source": "Telegram/0rB2Bu1nk-CzrJ1qcJ0oZCcCC9fVdjW0U_6-s1WjUfTmAw", "content": "", "creation_timestamp": "2021-10-26T20:03:27.000000Z"}, {"uuid": "03f747f8-b119-44df-8c5c-c32aff799833", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-40444", "type": "published-proof-of-concept", "source": "https://t.me/crackcodes/707", "content": "https://github.com/klezVirus/CVE-2021-40444", "creation_timestamp": "2022-06-18T21:12:21.000000Z"}, {"uuid": "0ca6fae2-695d-4d97-a2fe-9d01e0b59b3d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-40444", "type": "seen", "source": "https://t.me/true_secator/5974", "content": "\u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 Trend Micro \u0441\u043e\u043e\u0431\u0449\u0430\u044e\u0442 \u043e\u0431 \u0430\u043a\u0442\u0438\u0432\u043d\u043e\u0441\u0442\u0438 APT Void Banshee, \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u043e\u0439 \u0441 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435\u043c \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 Microsoft MHTML \u0432 \u043a\u0430\u0447\u0435\u0441\u0442\u0432\u0435 \u043d\u0443\u043b\u044f \u0434\u043b\u044f \u0440\u0430\u0441\u043f\u0440\u043e\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f Atlantida Stealer.\n\n\u0417\u0430\u0434\u0435\u0439\u0441\u0442\u0432\u043e\u0432\u0430\u043d\u0438\u0435 CVE-2024-38112 \u0432 \u043c\u043d\u043e\u0433\u043e\u044d\u0442\u0430\u043f\u043d\u043e\u0439 \u0446\u0435\u043f\u043e\u0447\u043a\u0438 \u0430\u0442\u0430\u043a \u0441 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435\u043c \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u0441\u043e\u0437\u0434\u0430\u043d\u043d\u044b\u0445 \u0444\u0430\u0439\u043b\u043e\u0432 \u0438\u043d\u0442\u0435\u0440\u043d\u0435\u0442-\u044f\u0440\u043b\u044b\u043a\u043e\u0432 (URL) \u0432\u043f\u0435\u0440\u0432\u044b\u0435 \u0431\u044b\u043b\u043e \u0437\u0430\u043c\u0435\u0447\u0435\u043d\u043e \u043a \u0441\u0435\u0440\u0435\u0434\u0438\u043d\u0435 \u043c\u0430\u044f 2024 \u0433\u043e\u0434\u0430 \u043d\u0430\u0440\u044f\u0434\u0443 \u0441 \u0434\u0440\u0443\u0433\u0438\u043c\u0438 \u0441\u0446\u0435\u043d\u0430\u0440\u0438\u044f\u043c\u0438 \u043a\u0430\u043c\u043f\u0430\u043d\u0438\u0439 Atlantida.\n\n\u041f\u0440\u0438\u0447\u0435\u043c \u0440\u0430\u043d\u0435\u0435 \u0430\u043d\u0430\u043b\u043e\u0433\u0438\u0447\u043d\u0443\u044e \u043a\u0430\u043c\u043f\u0430\u043d\u0438\u044e \u043f\u043e \u0440\u0430\u0441\u043f\u0440\u043e\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044e \u0438\u043d\u0444\u043e\u0441\u0442\u0438\u043b\u043b\u0435\u0440\u0430 \u0441 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435\u043c \u0442\u043e\u0433\u043e \u0436\u0435 \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043a\u0430 \u0444\u0438\u043a\u0441\u0438\u0440\u043e\u0432\u0430\u043b\u0438 \u0432 Check Point.\n\n\u0421\u0430\u043c\u0430 CVE-2024-38112 \u0431\u044b\u043b\u0430 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0430 Microsoft \u0432 \u0440\u0430\u043c\u043a\u0430\u0445 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0439 Patch Tuesday \u043d\u0430 \u043f\u0440\u043e\u0448\u043b\u043e\u0439 \u043d\u0435\u0434\u0435\u043b\u0435. \u041f\u0440\u043e\u0431\u043b\u0435\u043c\u0430 \u043e\u043f\u0438\u0441\u044b\u0432\u0430\u0435\u0442\u0441\u044f \u043a\u0430\u043a \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0441\u043f\u0443\u0444\u0438\u043d\u0433\u0430 (\u043f\u043e \u0434\u0430\u043d\u043d\u044b\u043c ZDI - \u044d\u0442\u043e RCE) \u0432 \u0434\u0432\u0438\u0436\u043a\u0435 \u0431\u0440\u0430\u0443\u0437\u0435\u0440\u0430 MSHTML (\u043e\u043d \u0436\u0435 Trident), \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u043c\u043e\u043c \u0432 Internet Explorer.\n\n\u0426\u0435\u043f\u043e\u0447\u043a\u0438 \u0430\u0442\u0430\u043a \u0432\u043a\u043b\u044e\u0447\u0430\u044e\u0442 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0444\u0438\u0448\u0438\u043d\u0433\u043e\u0432\u044b\u0445 \u043f\u0438\u0441\u0435\u043c, \u0432 \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0432\u0441\u0442\u0440\u043e\u0435\u043d\u044b \u0441\u0441\u044b\u043b\u043a\u0438 \u043d\u0430 \u0444\u0430\u0439\u043b\u044b ZIP-\u0430\u0440\u0445\u0438\u0432\u043e\u0432, \u0440\u0430\u0437\u043c\u0435\u0449\u0435\u043d\u043d\u044b\u0435 \u043d\u0430 \u0444\u0430\u0439\u043b\u043e\u043e\u0431\u043c\u0435\u043d\u043d\u0438\u043a\u0430\u0445, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0441\u043e\u0434\u0435\u0440\u0436\u0430\u0442 URL-\u0444\u0430\u0439\u043b\u044b, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0449\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2024-38112 \u0434\u043b\u044f \u043f\u0435\u0440\u0435\u043d\u0430\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0436\u0435\u0440\u0442\u0432\u044b \u043d\u0430 \u0432\u0437\u043b\u043e\u043c\u0430\u043d\u043d\u044b\u0439 \u0441\u0430\u0439\u0442, \u043d\u0430 \u043a\u043e\u0442\u043e\u0440\u043e\u043c \u0440\u0430\u0437\u043c\u0435\u0449\u0435\u043d\u043e \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u043e\u0435 HTML-\u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u0435 (HTA).\n\n\u041e\u0442\u043a\u0440\u044b\u0442\u0438\u0435 \u0444\u0430\u0439\u043b\u0430 HTA \u043f\u0440\u0438\u0432\u043e\u0434\u0438\u0442 \u043a \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044e \u0441\u043a\u0440\u0438\u043f\u0442\u0430 Visual Basic (VBS), \u043a\u043e\u0442\u043e\u0440\u044b\u0439, \u0432 \u0441\u0432\u043e\u044e \u043e\u0447\u0435\u0440\u0435\u0434\u044c, \u0437\u0430\u0433\u0440\u0443\u0436\u0430\u0435\u0442 \u0438 \u0437\u0430\u043f\u0443\u0441\u043a\u0430\u0435\u0442 \u0441\u043a\u0440\u0438\u043f\u0442 PowerShell, \u043e\u0442\u0432\u0435\u0447\u0430\u044e\u0449\u0438\u0439 \u0437\u0430 \u0438\u0437\u0432\u043b\u0435\u0447\u0435\u043d\u0438\u0435 \u0437\u0430\u0433\u0440\u0443\u0437\u0447\u0438\u043a\u0430 \u0442\u0440\u043e\u044f\u043d\u0430 .NET, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u0432 \u043a\u043e\u043d\u0435\u0447\u043d\u043e\u043c \u0438\u0442\u043e\u0433\u0435 \u0440\u0435\u0430\u043b\u0438\u0437\u0443\u0435\u0442 \u043f\u0440\u043e\u0435\u043a\u0442 \u0448\u0435\u043b\u043b\u043a\u043e\u0434\u0430 Donut \u0434\u043b\u044f \u0440\u0430\u0441\u0448\u0438\u0444\u0440\u043e\u0432\u043a\u0438 \u0438 \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f Atlantida \u0432\u043d\u0443\u0442\u0440\u0438 \u043f\u0430\u043c\u044f\u0442\u0438 \u043f\u0440\u043e\u0446\u0435\u0441\u0441\u0430 RegAsm.exe.\n\nAtlantida, \u0441\u043e\u0437\u0434\u0430\u043d\u043d\u0430\u044f \u043f\u043e \u043e\u0431\u0440\u0430\u0437\u0446\u0443 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u043e\u0442\u043a\u0440\u044b\u0442\u044b\u043c \u0438\u0441\u0445\u043e\u0434\u043d\u044b\u043c \u043a\u043e\u0434\u043e\u043c NecroStealer \u0438 PredatorTheStealer, \u043f\u0440\u0435\u0434\u043d\u0430\u0437\u043d\u0430\u0447\u0435\u043d\u0430 \u0434\u043b\u044f \u0438\u0437\u0432\u043b\u0435\u0447\u0435\u043d\u0438\u044f \u0444\u0430\u0439\u043b\u043e\u0432, \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0441\u0442\u0432\u0430 \u0441\u043d\u0438\u043c\u043a\u043e\u0432 \u044d\u043a\u0440\u0430\u043d\u0430, \u0441\u043d\u044f\u0442\u0438\u044f \u0433\u0435\u043e\u043b\u043e\u043a\u0430\u0446\u0438\u0438 \u0438 \u043a\u0440\u0430\u0436\u0438 \u043a\u043e\u043d\u0444\u0438\u0434\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u044b\u0445 \u0434\u0430\u043d\u043d\u044b\u0445 \u0438\u0437 \u0431\u0440\u0430\u0443\u0437\u0435\u0440\u043e\u0432 \u0438 \u0434\u0440\u0443\u0433\u0438\u0445 \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u0439, \u0432\u043a\u043b\u044e\u0447\u0430\u044f Telegram, Steam, FileZilla, \u0430 \u0442\u0430\u043a\u0436\u0435 \u043a\u0440\u0438\u043f\u0442\u043e\u043a\u043e\u0448\u0435\u043b\u044c\u043a\u043e\u0432.\n\n\u0422\u0430\u043a\u0438\u043c \u043e\u0431\u0440\u0430\u0437\u043e\u043c, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044f \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u0441\u043e\u0437\u0434\u0430\u043d\u043d\u044b\u0435 URL-\u0444\u0430\u0439\u043b\u044b, \u0441\u043e\u0434\u0435\u0440\u0436\u0430\u0449\u0438\u0435 \u043e\u0431\u0440\u0430\u0431\u043e\u0442\u0447\u0438\u043a \u043f\u0440\u043e\u0442\u043e\u043a\u043e\u043b\u0430 MHTML \u0438 \u0434\u0438\u0440\u0435\u043a\u0442\u0438\u0432\u0443 x-usc!, Void Banshee \u043c\u043e\u0433\u043b\u0430 \u043f\u043e\u043b\u0443\u0447\u0430\u0442\u044c \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u0444\u0430\u0439\u043b\u0430\u043c HTML-\u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u0439 (HTA) \u0438 \u0437\u0430\u043f\u0443\u0441\u043a\u0430\u0442\u044c \u0438\u0445 \u043d\u0430\u043f\u0440\u044f\u043c\u0443\u044e \u0447\u0435\u0440\u0435\u0437 \u043e\u0442\u043a\u043b\u044e\u0447\u0435\u043d\u043d\u044b\u0439 \u043f\u0440\u043e\u0446\u0435\u0441\u0441 IE.\n\n\u042d\u0442\u043e\u0442 \u043c\u0435\u0442\u043e\u0434 \u0430\u043d\u0430\u043b\u043e\u0433\u0438\u0447\u0435\u043d CVE-2021-40444, \u0434\u0440\u0443\u0433\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 MSHTML, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u0442\u0430\u043a\u0436\u0435 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b\u0430\u0441\u044c \u0432 \u0430\u0442\u0430\u043a\u0430\u0445 \u0432 \u043a\u0430\u0447\u0435\u0441\u0442\u0432\u0435 0-day.\n\n\u041f\u0440\u043e Void Banshee \u0438\u0437\u0432\u0435\u0441\u0442\u043d\u043e \u043d\u0435\u043c\u043d\u043e\u0433\u043e\u0435, \u043a\u0440\u043e\u043c\u0435 \u0442\u043e\u0433\u043e, \u0447\u0442\u043e \u0433\u0440\u0443\u043f\u043f\u0430 \u0443\u0441\u043f\u0435\u043b\u0430 \u0443\u0441\u043f\u0435\u0448\u043d\u043e \u0430\u0442\u0430\u043a\u043e\u0432\u0430\u0442\u044c \u0440\u0435\u0433\u0438\u043e\u043d\u044b \u0421\u0435\u0432\u0435\u0440\u043d\u043e\u0439 \u0410\u043c\u0435\u0440\u0438\u043a\u0438, \u0415\u0432\u0440\u043e\u043f\u044b \u0438 \u042e\u0433\u043e-\u0412\u043e\u0441\u0442\u043e\u0447\u043d\u043e\u0439 \u0410\u0437\u0438\u0438 \u0441 \u0446\u0435\u043b\u044c\u044e \u043a\u0440\u0430\u0436\u0438 \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438 \u0438 \u043f\u043e\u043b\u0443\u0447\u0435\u043d\u0438\u044f \u0444\u0438\u043d\u0430\u043d\u0441\u043e\u0432\u043e\u0439 \u0432\u044b\u0433\u043e\u0434\u044b.", "creation_timestamp": "2024-07-16T16:23:38.000000Z"}, {"uuid": "359647d4-2e4f-465a-80a6-5ab090857bc6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-40444", "type": "seen", "source": "https://t.me/true_secator/3129", "content": "\u041d\u0430\u0441\u0442\u0443\u043f\u0430\u0442\u044c \u043d\u0430 \u0442\u0435 \u0436\u0435 \u0433\u0440\u0430\u0431\u043b\u0438 \u0432 \u043c\u0438\u0440\u0435 \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u043e\u043d\u043d\u043e\u0439 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 - \u043d\u043e\u0440\u043c\u0430\u043b\u044c\u043d\u0430\u044f \u043f\u0440\u0430\u043a\u0442\u0438\u043a\u0430, \u0430 \u201c\u043b\u0430\u0442\u0430\u0442\u044c \u0434\u044b\u0440\u044b\u201d \u043f\u043e\u0440\u043e\u0439, \u0441\u0442\u043e\u0438\u0442 \u0431\u043e\u043b\u0435\u0435 \u043e\u0441\u043d\u043e\u0432\u0430\u0442\u0435\u043b\u044c\u043d\u043e. \n\n\u0421\u043e\u0431\u0441\u0442\u0432\u0435\u043d\u043d\u043e \u043e \u0447\u0435\u043c \u0440\u0435\u0447\u044c, \u0430 \u0432\u043e\u0442 \u043e \u0447\u0435\u043c: \u043f\u043e \u0440\u0435\u0437\u0443\u043b\u044c\u0442\u0430\u0442\u0430\u043c \u0430\u043d\u0430\u043b\u0438\u0437\u0430 Google Project Zero \u0437\u0430 \u043f\u0435\u0440\u0432\u0443\u044e \u043f\u043e\u043b\u043e\u0432\u0438\u043d\u0443 2022 \u0433\u043e\u0434\u0430 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u043e \u0432 \u043e\u0431\u0449\u0435\u0439 \u0441\u043b\u043e\u0436\u043d\u043e\u0441\u0442\u0438 18 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u0435\u043c\u044b\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u043d\u0443\u043b\u0435\u0432\u043e\u0433\u043e \u0434\u043d\u044f, \u043f\u043e\u043b\u043e\u0432\u0438\u043d\u0430 \u0438\u0437 \u043a\u043e\u0442\u043e\u0440\u044b\u0445 \u0441\u0443\u0449\u0435\u0441\u0442\u0432\u0443\u0435\u0442 \u0438\u0437-\u0437\u0430 \u0442\u043e\u0433\u043e, \u0447\u0442\u043e \u043f\u0440\u0435\u0434\u044b\u0434\u0443\u0449\u0438\u0435 \u043e\u0448\u0438\u0431\u043a\u0438 \u043d\u0435 \u0431\u044b\u043b\u0438 \u0434\u043e\u043b\u0436\u043d\u044b\u043c \u043e\u0431\u0440\u0430\u0437\u043e\u043c \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u044b.\n\n\u041f\u043e \u0441\u043b\u043e\u0432\u0430\u043c \u044d\u043a\u0441\u043f\u0435\u0440\u0442\u0430 \u041c\u044d\u0434\u0434\u0438 \u0421\u0442\u043e\u0443\u043d\u0430 9 \u0438\u0437 \u0440\u0435\u0430\u043b\u044c\u043d\u044b\u0445 0-day, \u043d\u0430\u0431\u043b\u044e\u0434\u0430\u0432\u0448\u0438\u0445\u0441\u044f \u0434\u043e \u0441\u0438\u0445 \u043f\u043e\u0440 \u0432 \u044d\u0442\u043e\u043c \u0433\u043e\u0434\u0443, \u043c\u043e\u0436\u043d\u043e \u0431\u044b\u043b\u043e \u0431\u044b \u043f\u0440\u0435\u0434\u043e\u0442\u0432\u0440\u0430\u0442\u0438\u0442\u044c, \u0435\u0441\u043b\u0438 \u0431\u044b \u043e\u0440\u0433\u0430\u043d\u0438\u0437\u0430\u0446\u0438\u0438 \u043f\u0440\u0438\u043c\u0435\u043d\u044f\u043b\u0438 \u0431\u043e\u043b\u0435\u0435 \u043a\u043e\u043c\u043f\u043b\u0435\u043a\u0441\u043d\u044b\u0435 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f, \u0430 4 \u043e\u0448\u0438\u0431\u043a\u0438 2022 \u0433\u043e\u0434\u0430 \u044f\u0432\u043b\u044f\u044e\u0442\u0441\u044f \u0432\u0430\u0440\u0438\u0430\u043d\u0442\u0430\u043c\u0438 \u043d\u0443\u043b\u0435\u0432\u044b\u0445 \u0434\u043d\u0435\u0439 2021 \u0433\u043e\u0434\u0430 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u043c\u044b\u0445 \u0432 \u0434\u0438\u043a\u043e\u0439 \u043f\u0440\u0438\u0440\u043e\u0434\u0435.\n\n\u0421\u0430\u043c\u0430\u044f \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u044f\u044f \u0438\u0437 \u044d\u0442\u0438\u0445 \u043f\u0440\u043e\u0431\u043b\u0435\u043c \u2014 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c Follina \u0432 \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u0435 Windows, \u043e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u0435\u043c\u0430\u044f \u043a\u0430\u043a CVE-2022-30190, \u043f\u043e \u0441\u0443\u0442\u0438 \u0432\u0430\u0440\u0438\u0430\u043d\u0442 \u043d\u0443\u043b\u0435\u0432\u043e\u0433\u043e \u0434\u043d\u044f MSHTML, \u043e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u0435\u043c\u044b\u0439 \u043a\u0430\u043a CVE-2021-40444.\n\nCVE-2022-21882 \u2014 \u044d\u0442\u043e \u0435\u0449\u0435 \u043e\u0434\u043d\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c Windows, \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u043b\u044f\u044e\u0449\u0430\u044f \u0441\u043e\u0431\u043e\u0439 \u0440\u0430\u0437\u043d\u043e\u0432\u0438\u0434\u043d\u043e\u0441\u0442\u044c \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u0431\u044b\u043b\u0430 \u043d\u0435\u043f\u0440\u0430\u0432\u0438\u043b\u044c\u043d\u043e \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0430 \u0432 \u043f\u0440\u043e\u0448\u043b\u043e\u043c \u0433\u043e\u0434\u0443, \u0430 \u0438\u043c\u0435\u043d\u043d\u043e CVE-2021-1732 .\n\n\u041e\u0448\u0438\u0431\u043a\u0430 iOS IOMobileFrameBuffer (CVE-2022-22587) \u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c, \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u0430\u044f \u0441 \u043f\u0443\u0442\u0430\u043d\u0438\u0446\u0435\u0439 \u0442\u0438\u043f\u043e\u0432 \u0432 \u0434\u0432\u0438\u0436\u043a\u0435 Chrome V8 (CVE-2022-1096) \u2014 \u044d\u0442\u043e \u0434\u0432\u0435 \u0434\u0440\u0443\u0433\u0438\u0435 \u043e\u0448\u0438\u0431\u043a\u0438, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u044f\u0432\u043b\u044f\u044e\u0442\u0441\u044f \u0432\u0430\u0440\u0438\u0430\u043d\u0442\u0430\u043c\u0438 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u0435\u043c\u044b\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438, \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u043d\u044b\u0445 \u0432 \u043f\u0440\u043e\u0448\u043b\u043e\u043c \u0433\u043e\u0434\u0443 \u2014 CVE-2021-30983 \u0438 CVE-2021-30551 \u0441\u043e\u043e\u0442\u0432\u0435\u0442\u0441\u0442\u0432\u0435\u043d\u043d\u043e.\n\n\u0414\u0440\u0443\u0433\u0438\u043c\u0438 0-day 2022 \u0433\u043e\u0434\u0430, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u044f\u0432\u043b\u044f\u044e\u0442\u0441\u044f \u0432\u0430\u0440\u0438\u0430\u043d\u0442\u0430\u043c\u0438 \u043d\u0435\u043f\u0440\u0430\u0432\u0438\u043b\u044c\u043d\u043e \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u043d\u044b\u0445 \u0434\u0435\u0444\u0435\u043a\u0442\u043e\u0432 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438, \u044f\u0432\u043b\u044f\u044e\u0442\u0441\u044f CVE-2022-1364 (Chrome), CVE-2022-22620 (WebKit), CVE-2021-39793 (Google Pixel), CVE-2022-26134 (Atlassian Confluence) \u0438 CVE-2022-26925 (\u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c Windows \u0438\u0437\u0432\u0435\u0441\u0442\u043d\u0430\u044f \u043a\u0430\u043a PetitPotam).\n\n\u0412 \u043e\u0431\u0449\u0435\u043c \u0438\u0441\u043f\u0440\u0430\u0432\u0438\u043b\u0438 \u0442\u0430\u043a, \u0447\u0442\u043e \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u0441\u043c\u043e\u0433\u043b\u0438 \u0432\u0435\u0440\u043d\u0443\u0442\u044c\u0441\u044f \u0438 \u0430\u043a\u0442\u0438\u0432\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u043f\u0435\u0440\u0432\u043e\u043d\u0430\u0447\u0430\u043b\u044c\u043d\u0443\u044e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0434\u0440\u0443\u0433\u0438\u043c \u043f\u0443\u0442\u0435\u043c \u043b\u0438\u0431\u043e \u0441\u043d\u043e\u0432\u0430 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u0442\u0435 \u0436\u0435 \u043e\u0448\u0438\u0431\u043a\u0438.\n\n\u042d\u0442\u043e \u0432\u0441\u0435\u0433\u0434\u0430 \u0433\u0440\u043e\u043c\u043a\u043e \u0438 \u0431\u043e\u043b\u044c\u043d\u043e, \u043d\u043e \u043e\u0442\u0447\u0430\u0441\u0442\u0438 \u0445\u043e\u0440\u043e\u0448\u043e \u043a\u043e\u0433\u0434\u0430 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u044b 0-day \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u0432\u0430\u044e\u0442\u0441\u044f \u0432 \u0434\u0438\u043a\u043e\u0439 \u043f\u0440\u0438\u0440\u043e\u0434\u0435, \u0442\u0430\u043a \u043a\u0430\u043a \u044d\u0442\u043e \u043d\u0435\u0443\u0434\u0430\u0447\u0430 \u0434\u043b\u044f \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u043e\u0432, \u0430 \u0434\u043b\u044f \u0438\u043d\u0444\u043e\u0441\u0435\u043a \u0441\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u0430 \u044d\u0442\u043e \u043f\u043e\u0434\u0430\u0440\u043e\u043a, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0443\u0437\u043d\u0430\u0442\u044c \u043a\u0430\u043a \u043c\u043e\u0436\u043d\u043e \u0431\u043e\u043b\u044c\u0448\u0435 \u0438 \u043f\u0440\u0438\u043d\u044f\u0442\u044c \u0441\u043e\u043e\u0442\u0432\u0435\u0442\u0441\u0442\u0432\u0443\u044e\u0449\u0438\u0435 \u043c\u0435\u0440\u044b, \u0447\u0442\u043e\u0431\u044b \u0433\u0430\u0440\u0430\u043d\u0442\u0438\u0440\u043e\u0432\u0430\u0442\u044c, \u0447\u0442\u043e \u044d\u0442\u043e\u0442 \u0432\u0435\u043a\u0442\u043e\u0440 \u043d\u0435\u043b\u044c\u0437\u044f \u0431\u0443\u0434\u0435\u0442 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u0432 \u0431\u0443\u0434\u0443\u0449\u0435\u043c.\n\n\u0427\u0442\u043e\u0431\u044b \u0434\u043e\u043b\u0436\u043d\u044b\u043c \u043e\u0431\u0440\u0430\u0437\u043e\u043c \u0443\u0441\u0442\u0440\u0430\u043d\u044f\u0442\u044c \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043d\u0443\u043b\u0435\u0432\u043e\u0433\u043e \u0434\u043d\u044f, \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 Google \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u044e\u0442 \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u0438\u0441\u0442\u0430\u043c \u043f\u043e \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438, \u0440\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u0447\u0438\u043a\u0430\u043c \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c \u0438 \u0434\u0440\u0443\u0433\u0438\u043c \u043d\u0435\u0437\u0430\u0432\u0438\u0441\u0438\u043c\u044b\u043c \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u044f\u043c \u0432 \u043e\u0431\u043b\u0430\u0441\u0442\u0438 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0438\u043d\u0432\u0435\u0441\u0442\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u0432 \u0430\u043d\u0430\u043b\u0438\u0437 \u043e\u0441\u043d\u043e\u0432\u043d\u044b\u0445 \u043f\u0440\u0438\u0447\u0438\u043d \u0438 \u0432\u0430\u0440\u0438\u0430\u043d\u0442\u043e\u0432 \u0432\u043e\u0437\u043d\u0438\u043a\u043d\u043e\u0432\u0435\u043d\u0438\u044f \u043e\u0448\u0438\u0431\u043e\u043a, \u0430\u043d\u0430\u043b\u0438\u0437 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0439 \u0438 \u0430\u043d\u0430\u043b\u0438\u0437 \u043c\u0435\u0442\u043e\u0434\u043e\u0432 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u044f.", "creation_timestamp": "2022-07-04T20:00:05.000000Z"}, {"uuid": "4ab9cde7-4fe9-4c57-a379-cbec76fe7c14", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-40449", "type": "published-proof-of-concept", "source": "https://t.me/true_secator/4986", "content": "\u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u0438\u0437 \u041b\u0430\u0431\u043e\u0440\u0430\u0442\u043e\u0440\u0438\u0438 \u041a\u0430\u0441\u043f\u0435\u0440\u0441\u043a\u043e\u0433\u043e \u0441\u043e\u043e\u0431\u0449\u0430\u044e\u0442 \u043e\u0431 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u043d\u043e\u0439 \u0432\u0435\u0440\u0441\u0438\u0438 \u0431\u044d\u043a\u0434\u043e\u0440\u0430 MATA, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u0431\u044b\u043b\u0430 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0430 \u0432 \u0445\u043e\u0434\u0435 \u0430\u0442\u0430\u043a \u0432 \u043f\u0435\u0440\u0438\u043e\u0434 \u0441 \u0430\u0432\u0433\u0443\u0441\u0442\u0430 2022 \u043f\u043e \u043c\u0430\u0439 2023 \u0433\u043e\u0434\u0430, \u043d\u0430\u0446\u0435\u043b\u0435\u043d\u043d\u044b\u0445 \u043d\u0430 \u043d\u0435\u0444\u0442\u0435\u0433\u0430\u0437\u043e\u0432\u044b\u0435 \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0438 \u0438 \u043e\u0431\u043e\u0440\u043e\u043d\u043d\u0443\u044e \u043f\u0440\u043e\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u043e\u0441\u0442\u044c \u0432 \u0412\u043e\u0441\u0442\u043e\u0447\u043d\u043e\u0439 \u0415\u0432\u0440\u043e\u043f\u0435.\n\n\u0412 \u0445\u043e\u0434\u0435 \u043a\u0430\u043c\u043f\u0430\u043d\u0438\u0438 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b\u0438\u0441\u044c \u0446\u0435\u043b\u0435\u0432\u044b\u0435 \u0444\u0438\u0448\u0438\u043d\u0433\u043e\u0432\u044b\u0435 \u043f\u0438\u0441\u044c\u043c\u0430 \u0434\u043b\u044f \u0442\u043e\u0433\u043e, \u0447\u0442\u043e\u0431\u044b \u0437\u0430\u0441\u0442\u0430\u0432\u0438\u0442\u044c \u0436\u0435\u0440\u0442\u0432 \u0437\u0430\u0433\u0440\u0443\u0437\u0438\u0442\u044c \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0435 \u0438\u0441\u043f\u043e\u043b\u043d\u044f\u0435\u043c\u044b\u0435 \u0444\u0430\u0439\u043b\u044b, \u043a\u043e\u0442\u043e\u0440\u044b\u0435, \u0432 \u0441\u0432\u043e\u044e \u043e\u0447\u0435\u0440\u0435\u0434\u044c, \u0441 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435\u043c CVE-2021-26411 \u0432 Internet Explorer \u0438\u043d\u0438\u0446\u0438\u0438\u0440\u043e\u0432\u0430\u043b\u0438 \u0446\u0435\u043f\u043e\u0447\u043a\u0443 \u0437\u0430\u0440\u0430\u0436\u0435\u043d\u0438\u0439.\n\n\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u043d\u0430\u044f \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u0430 MATA \u0441\u043e\u0447\u0435\u0442\u0430\u0435\u0442 \u0432 \u0441\u0435\u0431\u0435 \u0437\u0430\u0433\u0440\u0443\u0437\u0447\u0438\u043a, \u043e\u0441\u043d\u043e\u0432\u043d\u043e\u0439 \u0442\u0440\u043e\u044f\u043d \u0438 \u0438\u043d\u0444\u043e\u043a\u0440\u0430\u0434 \u0434\u043b\u044f \u0431\u044d\u043a\u0434\u043e\u0440\u043e\u0432 \u0438 \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f \u0443\u0441\u0442\u043e\u0439\u0447\u0438\u0432\u043e\u0441\u0442\u0438 \u0432 \u0446\u0435\u043b\u0435\u0432\u044b\u0445 \u0441\u0435\u0442\u044f\u0445. \u041f\u0440\u0438\u0447\u0435\u043c \u0432\u0435\u0440\u0441\u0438\u044f MATA \u0432 \u044d\u0442\u0438\u0445 \u0430\u0442\u0430\u043a\u0430\u0445 \u0431\u044b\u043b\u0430 \u0430\u043d\u0430\u043b\u043e\u0433\u0438\u0447\u043d\u0430 \u043f\u0440\u0435\u0434\u044b\u0434\u0443\u0449\u0438\u043c, \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u044b\u043c \u0441 \u0441\u0435\u0432\u0435\u0440\u043e\u043a\u043e\u0440\u0435\u0439\u0441\u043a\u043e\u0439 Lazarus, \u043d\u043e \u0441 \u043d\u043e\u0432\u044b\u043c\u0438 \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e\u0441\u0442\u044f\u043c\u0438.\n\n\u0412\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u0430\u044f \u0430\u043a\u0442\u0438\u0432\u043d\u043e\u0441\u0442\u044c \u043f\u043e\u043f\u0430\u043b\u0430 \u0432 \u043f\u043e\u043b\u0435 \u0437\u0440\u0435\u043d\u0438\u044f \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439 \u0432 \u0441\u0435\u043d\u0442\u044f\u0431\u0440\u0435 2022 \u0433\u043e\u0434\u0430 \u043f\u043e\u0441\u043b\u0435 \u0438\u0437\u0443\u0447\u0435\u043d\u0438\u044f \u0434\u0432\u0443\u0445 \u043e\u0431\u0440\u0430\u0437\u0446\u043e\u0432 MATA, \u0432\u0437\u0430\u0438\u043c\u043e\u0434\u0435\u0439\u0441\u0442\u0432\u0443\u044e\u0449\u0438\u0445 \u0441 C2 \u0432\u043d\u0443\u0442\u0440\u0438 \u0432\u0437\u043b\u043e\u043c\u0430\u043d\u043d\u044b\u0445 \u0441\u0435\u0442\u0435\u0439 \u043e\u0440\u0433\u0430\u043d\u0438\u0437\u0430\u0446\u0438\u0438, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u043b\u044f\u043b\u0438 \u0441\u043e\u0431\u043e\u0439 \u0441\u0435\u0440\u0432\u0435\u0440\u044b \u0444\u0438\u043d\u0430\u043d\u0441\u043e\u0432\u043e\u0433\u043e \u041f\u041e, \u043f\u043e\u0434\u043a\u043b\u044e\u0447\u0435\u043d\u043d\u044b\u0435 \u043a \u043c\u043d\u043e\u0433\u043e\u0447\u0438\u0441\u043b\u0435\u043d\u043d\u044b\u043c \u0434\u043e\u0447\u0435\u0440\u043d\u0438\u043c \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u044f\u043c \u0446\u0435\u043b\u0435\u0432\u043e\u0439 \u043e\u0440\u0433\u0430\u043d\u0438\u0437\u0430\u0446\u0438\u0438.\n\n\u0420\u0430\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u043d\u0438\u0435 \u043f\u043e\u043a\u0430\u0437\u0430\u043b\u043e, \u0447\u0442\u043e \u0445\u0430\u043a\u0435\u0440\u044b \u043f\u043e\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u044c\u043d\u043e \u0440\u0430\u0441\u0448\u0438\u0440\u044f\u043b\u0438 \u0437\u043e\u043d\u0443 \u0441\u0432\u043e\u0435\u0433\u043e \u0432\u043b\u0438\u044f\u043d\u0438\u044f \u0441 \u043e\u0434\u043d\u043e\u0433\u043e \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u043b\u0435\u0440\u0430 \u0434\u043e\u043c\u0435\u043d\u0430 \u043d\u0430 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0441\u0442\u0432\u0435\u043d\u043d\u043e\u043c \u043f\u0440\u0435\u0434\u043f\u0440\u0438\u044f\u0442\u0438\u0438 \u0434\u043e \u0432\u0441\u0435\u0439 \u043a\u043e\u0440\u043f\u043e\u0440\u0430\u0442\u0438\u0432\u043d\u043e\u0439 \u0441\u0435\u0442\u0438.\n\n\u0410\u0442\u0430\u043a\u0430 \u043f\u0440\u043e\u0434\u043e\u043b\u0436\u0438\u043b\u0430\u0441\u044c \u0438 \u0445\u0430\u043a\u0435\u0440\u044b \u043f\u043e\u043b\u0443\u0447\u0430\u043b\u0438 \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u0434\u0432\u0443\u043c \u043f\u0430\u043d\u0435\u043b\u044f\u043c \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440\u0430 \u0440\u0435\u0448\u0435\u043d\u0438\u044f \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438: \u043e\u0434\u043d\u0430 \u0434\u043b\u044f \u0437\u0430\u0449\u0438\u0442\u044b \u043a\u043e\u043d\u0435\u0447\u043d\u044b\u0445 \u0442\u043e\u0447\u0435\u043a, \u0430 \u0434\u0440\u0443\u0433\u0430\u044f \u0434\u043b\u044f \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0438 \u0441\u043e\u043e\u0442\u0432\u0435\u0442\u0441\u0442\u0432\u0438\u044f, \u0437\u043b\u043e\u0443\u043f\u043e\u0442\u0440\u0435\u0431\u043b\u044f\u044f \u0438\u043c \u043e\u043d\u0438 \u043d\u0430\u0431\u043b\u044e\u0434\u0430\u043b\u0438 \u0437\u0430 \u0438\u043d\u0444\u0440\u0430\u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u043e\u0439 \u043e\u0440\u0433\u0430\u043d\u0438\u0437\u0430\u0446\u0438\u0438 \u0438 \u0440\u0430\u0441\u043f\u0440\u043e\u0441\u0442\u0440\u0430\u043d\u044f\u043b\u0438 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u043e\u0435 \u041f\u041e \u0441\u0440\u0435\u0434\u0438 \u0435\u0435 \u0434\u043e\u0447\u0435\u0440\u043d\u0438\u0445 \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0439.\n\n\u0412 \u0441\u043e\u043e\u0442\u0432\u0435\u0442\u0441\u0442\u0432\u0443\u044e\u0449\u0438\u0445 \u0441\u043b\u0443\u0447\u0430\u044f\u0445, \u043a\u043e\u0433\u0434\u0430 \u0446\u0435\u043b\u044c\u044e \u0431\u044b\u043b\u0438 \u0441\u0435\u0440\u0432\u0435\u0440\u044b Linux, \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b\u0438 \u0432\u0430\u0440\u0438\u0430\u043d\u0442 MATA \u0434\u043b\u044f Linux \u0432 \u0432\u0438\u0434\u0435 \u0444\u0430\u0439\u043b\u0430 ELF, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u043f\u043e \u0444\u0443\u043d\u043a\u0446\u0438\u043e\u043d\u0430\u043b\u044c\u043d\u043e\u0441\u0442\u0438 \u0430\u043d\u0430\u043b\u043e\u0433\u0438\u0447\u0435\u043d 3-\u043c\u0443 \u043f\u043e\u043a\u043e\u043b\u0435\u043d\u0438\u044e \u0438\u043c\u043f\u043b\u0430\u043d\u0442\u0430\u0442\u0430 Windows.\n\n\u041b\u0430\u0431\u043e\u0440\u0430\u0442\u043e\u0440\u0438\u044f \u041a\u0430\u0441\u043f\u0435\u0440\u0441\u043a\u043e\u0433\u043e \u0438\u0437\u0443\u0447\u0438\u043b\u0430 \u0442\u0440\u0438 \u043d\u043e\u0432\u044b\u0435 \u0432\u0435\u0440\u0441\u0438\u0438 MATA: \u043e\u0434\u043d\u0430 (v3) \u0432\u043e\u0437\u043d\u0438\u043a\u043b\u0430 \u0438\u0437 \u0432\u0442\u043e\u0440\u043e\u0433\u043e \u043f\u043e\u043a\u043e\u043b\u0435\u043d\u0438\u044f, \u043a\u043e\u0442\u043e\u0440\u043e\u0435 \u043d\u0430\u0431\u043b\u044e\u0434\u0430\u043b\u043e\u0441\u044c \u0432 \u043f\u0440\u043e\u0448\u043b\u044b\u0445 \u0430\u0442\u0430\u043a\u0430\u0445, \u0432\u0442\u043e\u0440\u0430\u044f (v4) \u043f\u043e\u043b\u0443\u0447\u0438\u043b\u0430 \u043d\u0430\u0437\u0432\u0430\u043d\u0438\u0435 MataDoor \u0438 \u0442\u0440\u0435\u0442\u044c\u044f (v5) \u0431\u044b\u043b\u0430 \u043d\u0430\u043f\u0438\u0441\u0430\u043d\u0430 \u0441 \u043d\u0443\u043b\u044f.\n\n\u041f\u043e\u0441\u043b\u0435\u0434\u043d\u044f\u044f \u0432\u0435\u0440\u0441\u0438\u044f MATA \u043f\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442\u0441\u044f \u0432 \u0444\u043e\u0440\u043c\u0435 DLL \u0438 \u043e\u0431\u043b\u0430\u0434\u0430\u0435\u0442 \u0440\u0430\u0441\u0448\u0438\u0440\u0435\u043d\u043d\u044b\u043c\u0438 \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e\u0441\u0442\u044f\u043c\u0438 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u0433\u043e \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f, \u043f\u043e\u0434\u0434\u0435\u0440\u0436\u0438\u0432\u0430\u0435\u0442 \u043c\u043d\u043e\u0433\u043e\u043f\u0440\u043e\u0442\u043e\u043a\u043e\u043b\u044c\u043d\u044b\u0435 (TCP, SSL, PSSL, PDTLS) \u0441\u043e\u0435\u0434\u0438\u043d\u0435\u043d\u0438\u044f \u0441 \u0441\u0435\u0440\u0432\u0435\u0440\u0430\u043c\u0438 \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0438 \u043f\u043e\u0434\u0434\u0435\u0440\u0436\u0438\u0432\u0430\u0435\u0442 \u043f\u0440\u043e\u043a\u0441\u0438 (SOCKS4, SOCKS5, HTTP+web, HTTP+NTLM) \u0434\u043b\u044f \u0441\u043e\u0437\u0434\u0430\u043d\u0438\u044f \u0446\u0435\u043f\u043e\u0447\u043a\u0438 \u0441\u0435\u0440\u0432\u0435\u0440\u043e\u0432.\n\n23 \u043a\u043e\u043c\u0430\u043d\u0434\u044b MATA \u043f\u044f\u0442\u043e\u0433\u043e \u043f\u043e\u043a\u043e\u043b\u0435\u043d\u0438\u044f \u0432\u043a\u043b\u044e\u0447\u0430\u044e\u0442 \u0434\u0435\u0439\u0441\u0442\u0432\u0438\u044f \u043f\u043e \u043d\u0430\u0441\u0442\u0440\u043e\u0439\u043a\u0435 \u043f\u043e\u0434\u043a\u043b\u044e\u0447\u0435\u043d\u0438\u044f, \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044e \u0438\u043c\u043f\u043b\u0430\u043d\u0442\u0430\u0442\u043e\u043c \u0438 \u043f\u043e\u043b\u0443\u0447\u0435\u043d\u0438\u044e \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438, \u0430 \u0434\u043e\u043f\u043e\u043b\u043d\u0438\u0442\u0435\u043b\u044c\u043d\u044b\u0435 \u043f\u043b\u0430\u0433\u0438\u043d\u044b \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0442 \u0437\u0430\u043f\u0443\u0441\u043a\u0430\u0442\u044c \u0435\u0449\u0435 75 \u043a\u043e\u043c\u0430\u043d\u0434, \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u044b\u0445 \u0441\u043e \u0441\u0431\u043e\u0440\u043e\u043c \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438, \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0435\u043c \u043f\u0440\u043e\u0446\u0435\u0441\u0441\u0430\u043c\u0438 \u0438 \u0444\u0430\u0439\u043b\u0430\u043c\u0438, \u0441\u0435\u0442\u0435\u0432\u043e\u0439 \u0440\u0430\u0437\u0432\u0435\u0434\u043a\u043e\u0439, \u0444\u0443\u043d\u043a\u0446\u0438\u044f\u043c\u0438 \u043f\u0440\u043e\u043a\u0441\u0438 \u0438 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u044b\u043c \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435\u043c \u043e\u0431\u043e\u043b\u043e\u0447\u043a\u0438.\n\n\u0418\u0437 \u0434\u0440\u0443\u0433\u0438\u0445 \u0438\u043d\u0442\u0435\u0440\u0435\u0441\u043d\u044b\u0445 \u043d\u0430\u0445\u043e\u0434\u043e\u043a - \u043d\u043e\u0432\u044b\u0439 \u043c\u043e\u0434\u0443\u043b\u044c \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u043e\u0433\u043e \u041f\u041e, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u043c\u043e\u0436\u0435\u0442 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u0441\u044a\u0435\u043c\u043d\u044b\u0435 \u043d\u043e\u0441\u0438\u0442\u0435\u043b\u0438 \u0434\u0430\u043d\u043d\u044b\u0445 \u0434\u043b\u044f \u0437\u0430\u0440\u0430\u0436\u0435\u043d\u0438\u044f \u0438\u0437\u043e\u043b\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c, \u0440\u0430\u0437\u043b\u0438\u0447\u043d\u044b\u0435 \u0438\u043d\u0444\u043e\u0441\u0442\u0438\u043b\u043b\u0435\u0440\u044b, \u0441\u043f\u043e\u0441\u043e\u0431\u043d\u044b\u0435 \u043f\u0435\u0440\u0435\u0445\u0432\u0430\u0442\u044b\u0432\u0430\u0442\u044c \u0443\u0447\u0435\u0442\u043d\u044b\u0435 \u0434\u0430\u043d\u043d\u044b\u0435, \u0444\u0430\u0439\u043b\u044b cookie, \u0441\u043d\u0438\u043c\u043a\u0438 \u044d\u043a\u0440\u0430\u043d\u0430 \u0438 \u0441\u043e\u0434\u0435\u0440\u0436\u0438\u043c\u043e\u0435 \u0431\u0443\u0444\u0435\u0440\u0430 \u043e\u0431\u043c\u0435\u043d\u0430, \u0430 \u0442\u0430\u043a\u0436\u0435 \u0438\u043d\u0441\u0442\u0440\u0443\u043c\u0435\u043d\u0442\u044b EDR/\u043e\u0431\u0445\u043e\u0434\u0430 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438.\n\n\u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u0441\u043e\u043e\u0431\u0449\u0430\u044e\u0442, \u0447\u0442\u043e \u0445\u0430\u043a\u0435\u0440\u044b \u043e\u0431\u043e\u0448\u043b\u0438 EDR \u0438 \u0438\u043d\u0441\u0442\u0440\u0443\u043c\u0435\u043d\u0442\u044b \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044f \u043e\u0431\u0449\u0435\u0434\u043e\u0441\u0442\u0443\u043f\u043d\u044b\u0439 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442 \u0434\u043b\u044f CVE-2021-40449, \u043f\u043e\u043b\u0443\u0447\u0438\u0432\u0448\u0438\u0439 \u043d\u0430\u0437\u0432\u0430\u043d\u0438\u0435\u00a0CallbackHell. \u0415\u0441\u043b\u0438 \u044d\u0442\u043e\u0442 \u043c\u0435\u0442\u043e\u0434 \u043e\u0431\u0445\u043e\u0434\u0430 \u043d\u0435 \u0440\u0430\u0431\u043e\u0442\u0430\u043b, \u043e\u043d\u0438 \u043f\u0435\u0440\u0435\u043a\u043b\u044e\u0447\u0430\u043b\u0438\u0441\u044c \u043d\u0430\u00a0\u0440\u0430\u043d\u0435\u0435 \u0437\u0430\u0434\u043e\u043a\u0443\u043c\u0435\u043d\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0435\u00a0\u043c\u0435\u0442\u043e\u0434\u044b BYOVD.\n\n\u041d\u0435\u0441\u043c\u043e\u0442\u0440\u044f \u043d\u0430 \u0442\u043e, \u0447\u0442\u043e \u041b\u041a \u0440\u0430\u043d\u0435\u0435 \u0441\u0432\u044f\u0437\u044b\u0432\u0430\u043b\u0430\u00a0MATA \u0441 Lazarus, \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u044f\u043c \u0441\u043b\u043e\u0436\u043d\u043e \u0441 \u0432\u044b\u0441\u043e\u043a\u043e\u0439 \u0441\u0442\u0435\u043f\u0435\u043d\u044c\u044e \u0434\u043e\u0441\u0442\u043e\u0432\u0435\u0440\u043d\u043e\u0441\u0442\u0438 \u0441\u0432\u044f\u0437\u0430\u0442\u044c \u043d\u0435\u0434\u0430\u0432\u043d\u043e \u043d\u0430\u0431\u043b\u044e\u0434\u0430\u0435\u043c\u0443\u044e \u0430\u043a\u0442\u0438\u0432\u043d\u043e\u0441\u0442\u044c.\n\n\u041d\u043e\u0432\u044b\u0435 \u0432\u0430\u0440\u0438\u0430\u043d\u0442\u044b \u0438 \u043c\u0435\u0442\u043e\u0434\u044b MATA, \u0442\u0430\u043a\u0438\u0435 \u043a\u0430\u043a \u0441\u0435\u0440\u0438\u0430\u043b\u0438\u0437\u0430\u0446\u0438\u044f TTLV, \u043c\u043d\u043e\u0433\u043e\u0443\u0440\u043e\u0432\u043d\u0435\u0432\u044b\u0435 \u043f\u0440\u043e\u0442\u043e\u043a\u043e\u043b\u044b \u0438 \u043c\u0435\u0445\u0430\u043d\u0438\u0437\u043c\u044b \u0440\u0443\u043a\u043e\u043f\u043e\u0436\u0430\u0442\u0438\u044f, \u0431\u043e\u043b\u0435\u0435 \u043f\u043e\u0445\u043e\u0436\u0438 \u043d\u0430 \u0442\u0435, \u0447\u0442\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0442\u0441\u044f \u0410\u0420\u0422 Purple, Magenta \u0438 Green Lambert.\n\n\u041a\u0440\u043e\u043c\u0435 \u0442\u043e\u0433\u043e, \u0440\u0430\u0437\u0432\u0435\u0440\u0442\u044b\u0432\u0430\u043d\u0438\u0435 \u043d\u0435\u0441\u043a\u043e\u043b\u044c\u043a\u0438\u0445 \u0444\u0440\u0435\u0439\u043c\u0432\u043e\u0440\u043a\u043e\u0432 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u043e\u0433\u043e \u041f\u041e \u0438 \u0432\u0435\u0440\u0441\u0438\u0439 \u0444\u0440\u0435\u0439\u043c\u0432\u043e\u0440\u043a\u0430 MATA \u0432 \u0440\u0430\u043c\u043a\u0430\u0445 \u043e\u0434\u043d\u043e\u0439 \u0430\u0442\u0430\u043a\u0438 \u0432\u0441\u0442\u0440\u0435\u0447\u0430\u0435\u0442\u0441\u044f \u043e\u0447\u0435\u043d\u044c \u0440\u0435\u0434\u043a\u043e, \u0447\u0442\u043e \u0443\u043a\u0430\u0437\u044b\u0432\u0430\u0435\u0442 \u043d\u0430 \u0434\u043e\u0441\u0442\u0430\u0442\u043e\u0447\u043d\u043e \u0440\u0435\u0441\u0443\u0440\u0441\u043d\u043e\u0433\u043e \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430.\n\n\u0414\u043e\u043f\u043e\u043b\u043d\u0438\u0442\u0435\u043b\u044c\u043d\u0430\u044f \u0442\u0435\u0445\u043d\u0438\u0447\u0435\u0441\u043a\u0430\u044f \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u0430 \u0432 \u043f\u043e\u043b\u043d\u043e\u043c \u043e\u0442\u0447\u0435\u0442\u0435.", "creation_timestamp": "2023-10-19T19:40:05.000000Z"}, {"uuid": "de8cde69-5be2-4876-96c5-59e1212c1bf0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-40444", "type": "published-proof-of-concept", "source": "Telegram/fQ4WVfD21fuxR0LrU5acosB0VqMSGGUlGzpr-Py_SWM_JQ", "content": "", "creation_timestamp": "2021-09-23T20:58:38.000000Z"}, {"uuid": "95d47782-dcb8-4929-b525-7b536a58d24d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-40444", "type": "published-proof-of-concept", "source": "Telegram/pW6qd0UFGaFYh1_MGKVi0bWIQjAJc4K90ksGatKVJL8noQ", "content": "", "creation_timestamp": "2021-09-11T19:02:48.000000Z"}, {"uuid": "b011e42a-f1fb-47ed-9b1c-ecb81b1f11ee", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-40444", "type": "seen", "source": "https://t.me/true_secator/2084", "content": "\u200b\u200b\u041e\u0447\u0435\u0440\u0435\u0434\u043d\u043e\u0439 zeroday \u0434\u043b\u044f \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439 Windows.\n\n\u041e\u0448\u0438\u0431\u043a\u0430 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u0433\u043e \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u043a\u043e\u0434\u0430 \u0441 \u0432\u044b\u0441\u043e\u043a\u043e\u0439 \u0441\u0442\u0435\u043f\u0435\u043d\u044c\u044e \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 CVE-2021-40444 (CVSS: 8,8) \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0430 \u0432 \u0434\u0432\u0438\u0436\u043a\u0435 \u0431\u0440\u0430\u0443\u0437\u0435\u0440\u0430 Windows MSHTML. \u041a\u043e\u043c\u043f\u0430\u043d\u0438\u044f \u0437\u0430\u044f\u0432\u0438\u043b\u0430, \u0447\u0442\u043e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442\u0441\u044f \u0432 \u0446\u0435\u043b\u0435\u0432\u044b\u0445 \u0430\u0442\u0430\u043a\u0430\u0445 \u043f\u043e\u0441\u0440\u0435\u0434\u0441\u0442\u0432\u043e\u043c \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u0441\u043e\u0437\u0434\u0430\u043d\u043d\u044b\u0445 \u0434\u043e\u043a\u0443\u043c\u0435\u043d\u0442\u043e\u0432 Microsoft Office, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0442\u00a0 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u0437\u0430\u0445\u0432\u0430\u0442\u0438\u0442\u044c \u0443\u044f\u0437\u0432\u0438\u043c\u0443\u044e \u0441\u0438\u0441\u0442\u0435\u043c\u0443.\n\n\u041f\u0440\u043e\u0431\u043b\u0435\u043c\u0430 \u043a\u0440\u043e\u0435\u0442\u0441\u044f \u0432 \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e\u0441\u0442\u0438 \u0441\u043e\u0437\u0434\u0430\u043d\u0438\u044f \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u043e\u0433\u043e \u044d\u043b\u0435\u043c\u0435\u043d\u0442\u0430 \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f ActiveX, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u0431\u0443\u0434\u0435\u0442 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c\u0441\u044f \u0434\u043e\u043a\u0443\u043c\u0435\u043d\u0442\u043e\u043c Microsoft Office (Word, Excel \u0438 PowerPoint), \u0433\u0434\u0435 \u0440\u0435\u0430\u043b\u0438\u0437\u043e\u0432\u0430\u043d \u043c\u0435\u0445\u0430\u043d\u0438\u0437\u043c \u0432\u0438\u0437\u0443\u0430\u043b\u0438\u0437\u0430\u0446\u0438\u0438 \u0431\u0440\u0430\u0443\u0437\u0435\u0440\u0430. \u0414\u0430, \u0434\u0430, \u0442\u043e\u0433\u043e \u0441\u0430\u043c\u043e\u0433\u043e \u0431\u0440\u0430\u0443\u0437\u0435\u0440\u0430 \u0434\u043b\u044f \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043a\u0438 \u0434\u0440\u0443\u0433\u0438\u0445 \u0431\u0440\u0430\u0443\u0437\u0435\u0440\u043e\u0432 - Internet Explorer. \u041a\u043e\u043d\u0435\u0447\u043d\u043e \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u043d\u0443\u0436\u043d\u043e \u0443\u0431\u0435\u0434\u0438\u0442\u044c \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f \u043e\u0442\u043a\u0440\u044b\u0442\u044c \u0434\u043e\u043a\u0443\u043c\u0435\u043d\u0442, \u043d\u043e \u044d\u0442\u043e \u0443\u0436\u0435 \u043a\u0430\u043a \u0433\u043e\u0432\u043e\u0440\u0438\u0442\u0441\u044f \u0434\u0435\u043b\u043e \u0442\u0435\u0445\u043d\u0438\u043a\u0438.\n\n\u0425\u043e\u0442\u044f \u043f\u0430\u0442\u0447 \u0435\u0449\u0435 \u043d\u0435 \u0434\u043e\u0441\u0442\u0443\u043f\u0435\u043d, Microsoft \u0437\u0430\u044f\u0432\u0438\u043b\u0430, \u0447\u0442\u043e \u043f\u043e \u0443\u043c\u043e\u043b\u0447\u0430\u043d\u0438\u044e Office \u043e\u0442\u043a\u0440\u044b\u0432\u0430\u0435\u0442 \u0434\u043e\u043a\u0443\u043c\u0435\u043d\u0442\u044b \u0438\u0437 \u0418\u043d\u0442\u0435\u0440\u043d\u0435\u0442\u0430 \u0432 \u0440\u0435\u0436\u0438\u043c\u0435 \u0437\u0430\u0449\u0438\u0449\u0435\u043d\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0441\u043c\u043e\u0442\u0440\u0430 \u0438\u043b\u0438 Application Guard \u0434\u043b\u044f Office, \u0447\u0442\u043e \u043f\u043e \u0437\u0430\u044f\u0432\u043b\u0435\u043d\u0438\u044e \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u0438\u0442\u0435\u043b\u0435\u0439 \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0438 \u0434\u043e\u043b\u0436\u043d\u043e \u043f\u0440\u0435\u0434\u043e\u0442\u0432\u0440\u0430\u0442\u0438\u0442\u044c \u0430\u0442\u0430\u043a\u0443. \u041e\u0434\u043d\u0430\u043a\u043e \u0443\u0436\u0435 \u043f\u0440\u043e\u0441\u043e\u0447\u0438\u043b\u0438\u0441\u044c \u0441\u0432\u0435\u0434\u0435\u043d\u0438\u044f, \u0447\u0442\u043e \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u043d\u044b\u0435 \u0430\u0442\u0430\u043a\u0438, \u043d\u0430\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u044b \u043f\u0440\u043e\u0442\u0438\u0432 \u043a\u043b\u0438\u0435\u043d\u0442\u043e\u0432, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0449\u0438\u0445 Microsoft 365 \u0438 Office 2019 \u0432 Windows 10.\n\n\u0412 \u0441\u0432\u043e\u044e \u043e\u0447\u0435\u0440\u0435\u0434\u044c \u0410\u0433\u0435\u043d\u0442\u0441\u0442\u0432\u043e \u043f\u043e \u043a\u0438\u0431\u0435\u0440\u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 CISA \u0443\u0436\u0435 \u043f\u0440\u0438\u0437\u0432\u0430\u043b\u043e \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439 \u0438 \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440\u043e\u0432 \u0440\u0435\u0430\u043b\u0438\u0437\u043e\u0432\u0430\u0442\u044c \u043d\u0435\u043e\u0431\u0445\u043e\u0434\u0438\u043c\u044b\u0435 \u043c\u0435\u0440\u044b \u0437\u0430\u0449\u0438\u0442\u044b, \u043f\u0440\u0435\u0434\u043b\u043e\u0436\u0435\u043d\u043d\u044b\u0435 Microsoft \u0432 \u0446\u0435\u043b\u044f\u0445 \u0441\u043d\u0438\u0436\u0435\u043d\u0438\u044f \u0440\u0438\u0441\u043a\u0430.", "creation_timestamp": "2021-09-09T09:21:50.000000Z"}, {"uuid": "64ee8aa3-81d2-412e-8ab6-c4018391fbbc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-40444", "type": "exploited", "source": "https://t.me/true_secator/2094", "content": "\u041d\u0435 \u043f\u0440\u043e\u0448\u043b\u043e \u0438 \u043d\u0435\u0434\u0435\u043b\u0438, \u043a\u0430\u043a \u043d\u0430 \u0442\u0435\u043d\u0435\u0432\u044b\u0445 \u0444\u043e\u0440\u0443\u043c\u0430\u0445 \u043f\u043e\u044f\u0432\u0438\u043b\u0441\u044f \u043c\u0430\u043d\u0443\u0430\u043b \u0434\u043b\u044f \u043c\u0430\u043c\u043a\u0438\u043d\u044b\u0445 \u0445\u0430\u0446\u043a\u0435\u0440\u043e\u0432 \u043f\u043e \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0437\u0435\u0440\u043e\u0434\u0435\u044f \u0432 Windows MSHTML, \u043e \u043a\u043e\u0442\u043e\u0440\u043e\u043c \u043c\u044b \u043f\u0438\u0441\u0430\u043b\u0438 \u0440\u0430\u043d\u0435\u0435. \u041f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u0438\u0442\u0435\u043b\u0438 \u043f\u043e\u0434\u043f\u043e\u043b\u044c\u043d\u043e\u0433\u043e \u0430\u043d\u0434\u0435\u0433\u0440\u0430\u0443\u043d\u0434\u0430 \u0430\u043a\u0442\u0438\u0432\u043d\u043e \u0434\u0435\u043b\u044f\u0442\u0441\u044f \u043c\u0430\u043d\u0443\u0430\u043b\u043e\u043c \u043f\u043e \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 CVE-2021-40444, \u0447\u0442\u043e \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0434\u0440\u0443\u0433\u0438\u043c \u0445\u0430\u043a\u0435\u0440\u0430\u043c \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u043d\u043e\u0432\u0443\u044e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 \u0441\u0432\u043e\u0438\u0445 \u0441\u043e\u0431\u0441\u0442\u0432\u0435\u043d\u043d\u044b\u0445 \u0430\u0442\u0430\u043a\u0430\u0445.\n\n\u041d\u0430\u043f\u043e\u043c\u0438\u043d\u0430\u0435\u043c, \u0447\u0442\u043e \u0432 \u043f\u0440\u043e\u0448\u043b\u044b\u0439 \u0432\u0442\u043e\u0440\u043d\u0438\u043a Microsoft \u0440\u0430\u0441\u043a\u0440\u044b\u043b\u0430 \u043d\u043e\u0432\u0443\u044e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043d\u0443\u043b\u0435\u0432\u043e\u0433\u043e \u0434\u043d\u044f \u0432 Windows MSHTML, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u0441\u043e\u0437\u0434\u0430\u0432\u0430\u0442\u044c \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0435 \u0434\u043e\u043a\u0443\u043c\u0435\u043d\u0442\u044b, \u0432\u043a\u043b\u044e\u0447\u0430\u044f \u0434\u043e\u043a\u0443\u043c\u0435\u043d\u0442\u044b Office \u0438 RTF, \u0434\u043b\u044f \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u0433\u043e \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u043a\u043e\u043c\u0430\u043d\u0434 \u043d\u0430 \u043a\u043e\u043c\u043f\u044c\u044e\u0442\u0435\u0440\u0435 \u0436\u0435\u0440\u0442\u0432\u044b. Microsoft \u043d\u0430 \u0441\u043a\u043e\u0440\u0443\u044e \u0440\u0443\u043a\u0443 \u043f\u0440\u0435\u0434\u043e\u0441\u0442\u0430\u0432\u0438\u043b\u0438 \u043c\u0435\u0440\u044b \u043f\u043e \u043f\u0440\u0435\u0434\u043e\u0442\u0432\u0440\u0430\u0449\u0435\u043d\u0438\u044e \u0435\u0435 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438. \u042d\u0442\u0438 \u043c\u0435\u0440\u044b \u0437\u0430\u0449\u0438\u0442\u044b \u0434\u043e\u043b\u0436\u043d\u044b \u0440\u0430\u0431\u043e\u0442\u0430\u0442\u044c \u043f\u0443\u0442\u0435\u043c \u0431\u043b\u043e\u043a\u0438\u0440\u043e\u0432\u043a\u0438 \u044d\u043b\u0435\u043c\u0435\u043d\u0442\u043e\u0432 \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f ActiveX \u0438 \u043f\u0440\u0435\u0434\u0432\u0430\u0440\u0438\u0442\u0435\u043b\u044c\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0441\u043c\u043e\u0442\u0440\u0430 \u0434\u043e\u043a\u0443\u043c\u0435\u043d\u0442\u043e\u0432 Word / RTF \u0432 \u043f\u0440\u043e\u0432\u043e\u0434\u043d\u0438\u043a\u0435 Windows.\n\n\u041e\u0434\u043d\u0430\u043a\u043e, \u0445\u0430\u043a\u0435\u0440\u044b \u0443\u0436\u0435 \u043c\u043e\u0434\u0438\u0444\u0438\u0446\u0438\u0440\u043e\u0432\u0430\u043b\u0438 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442 \u0442\u0430\u043a, \u0447\u0442\u043e\u0431\u044b \u043e\u043d \u043d\u0435 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b ActiveX, \u044d\u0444\u0444\u0435\u043a\u0442\u0438\u0432\u043d\u043e \u043e\u0431\u0445\u043e\u0434\u044f \u043f\u0440\u0435\u0434\u043b\u043e\u0436\u0435\u043d\u043d\u044b\u0435 \u043c\u0435\u0440\u044b \u0437\u0430\u0449\u0438\u0442\u044b \u043e\u0442 Microsoft. \u0420\u0435\u0431\u044f\u0442\u0430 \u043d\u0430 \u0441\u0430\u043c\u043e\u043c \u0434\u0435\u043b\u0435 \u0432\u044b\u0434\u0430\u044e\u0449\u0438\u0435\u0441\u044f, \u0440\u0430\u0437 \u0442\u0430\u043a \u0431\u044b\u0441\u0442\u0440\u043e \u0441\u043c\u043e\u0433\u043b\u0438 \u0432\u043e\u0441\u043f\u0440\u043e\u0438\u0437\u0432\u0435\u0441\u0442\u0438 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442 \u0441\u0430\u043c\u043e\u0441\u0442\u043e\u044f\u0442\u0435\u043b\u044c\u043d\u043e \u043d\u0430 \u043e\u0441\u043d\u043e\u0432\u0435 \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438 \u0438 \u043e\u0431\u0440\u0430\u0437\u0446\u043e\u0432 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0445 \u0434\u043e\u043a\u0443\u043c\u0435\u043d\u0442\u043e\u0432, \u0440\u0430\u0437\u043c\u0435\u0449\u0435\u043d\u043d\u044b\u0445 \u0432 \u0418\u043d\u0442\u0435\u0440\u043d\u0435\u0442\u0435 \u0441\u043e\u0431\u0441\u0442\u0432\u0435\u043d\u043d\u043e \u043f\u043e\u044d\u0442\u043e\u043c\u0443 \u0438 \u043d\u0430\u0447\u0430\u043b\u0438 \u0434\u0435\u043b\u0438\u0442\u044c\u0441\u044f \u043f\u043e\u0434\u0440\u043e\u0431\u043d\u044b\u043c\u0438 \u0440\u0443\u043a\u043e\u0432\u043e\u0434\u0441\u0442\u0432\u0430\u043c\u0438 \u0438 \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0435\u0439 \u043d\u0430 \u0445\u0430\u043a\u0435\u0440\u0441\u043a\u0438\u0445 \u0444\u043e\u0440\u0443\u043c\u0430\u0445.\n\n\u0412\u0441\u043f\u043b\u0435\u0441\u043a \u0445\u0430\u043a\u0435\u0440\u0441\u043a\u043e\u0439 \u0430\u043a\u0442\u0438\u0432\u043d\u043e\u0441\u0442\u0438 \u043e\u0447\u0435\u0432\u0438\u0434\u0435\u043d, \u0442\u0430\u043a \u043a\u0430\u043a \u0434\u043b\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 CVE-2021-40444 \u0434\u043e \u0441\u0438\u0445 \u043f\u043e\u0440 \u043d\u0435\u0442 \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u044b\u0445 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0439 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438, \u0430 \u043f\u0440\u0435\u0434\u043b\u043e\u0436\u0435\u043d\u043d\u044b\u0435 \u043a\u043e\u0440\u043f\u043e\u0440\u0430\u0446\u0438\u0435\u0439 Microsoft \u043c\u0435\u0440\u044b \u0443\u0436\u0435 \u043d\u0435 \u043e\u0441\u043e\u0431\u043e \u0442\u043e \u044d\u0444\u0444\u0435\u043a\u0442\u0438\u0432\u043d\u044b.", "creation_timestamp": "2021-09-13T13:45:49.000000Z"}, {"uuid": "1227aa27-c77f-4477-9357-4fa53cf566ea", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-40449", "type": "seen", "source": "https://t.me/true_secator/2209", "content": "Mayday! Mayday! \u0438\u0437 \u0420\u0435\u0434\u043c\u043e\u043d\u0434\u0430, \u0448\u0442\u0430\u0442\u0430 \u0412\u0430\u0448\u0438\u043d\u0433\u0442\u043e\u043d.\n \n\u041f\u043e\u0434\u044a\u0435\u0445\u0430\u043b \u0432\u0430\u0433\u043e\u043d \u0438 \u043c\u0430\u043b\u0435\u043d\u044c\u043a\u0430\u044f \u0442\u0435\u043b\u0435\u0436\u043a\u0430 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0439 \u043e\u0442 Microsoft \u0441 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f\u043c\u0438 \u043a\u0430\u043a \u043c\u0438\u043d\u0438\u043c\u0443\u043c 71 \u043e\u0448\u0438\u0431\u043a\u0438 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0432 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u0430\u0445 \u0438 \u043a\u043e\u043c\u043f\u043e\u043d\u0435\u043d\u0442\u0430\u0445 Windows. \u041d\u043e \u0432\u0438\u0448\u0435\u043d\u043a\u043e\u0439 \u043d\u0430 \u0442\u043e\u0440\u0442\u0435 \u0441\u0442\u0430\u043b\u043e \u0441\u0440\u043e\u0447\u043d\u043e\u0435 \u043f\u0440\u0435\u0434\u0443\u043f\u0440\u0435\u0436\u0434\u0435\u043d\u0438\u0435 \u043e \u0432\u044b\u044f\u0432\u043b\u0435\u043d\u043d\u044b\u0445 \u0444\u0430\u043a\u0442\u0430\u0445 \u043a\u0438\u0431\u0435\u0440\u0448\u043f\u0438\u043e\u043d\u0430\u0436\u0430 \u0441 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435\u043c 0-day \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439:\n \n- CVE-2021-40449 (CVSS: 7,8) - \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c Win32k, \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u0430\u044f \u0441 \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u0438\u0435\u043c \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439.\n- CVE-2021-41335 (CVSS: 7,8) - \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u044f\u0434\u0440\u0430 Windows, \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u0430\u044f \u0441 \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u0438\u0435\u043c \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439.\n- CVE-2021-40469 (CVSS: 7,2) - \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c Windows DNS Server, \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u0430\u044f \u0441 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u044b\u043c \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435\u043c \u043a\u043e\u0434\u0430.\n- CVE-2021-41338 (CVSS: 5,5) - \u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c, \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u0430\u044f \u0441 \u043e\u0431\u0445\u043e\u0434\u043e\u043c \u0444\u0443\u043d\u043a\u0446\u0438\u0439 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0432 \u043f\u0440\u0430\u0432\u0438\u043b\u0430\u0445 \u0431\u0440\u0430\u043d\u0434\u043c\u0430\u0443\u044d\u0440\u0430 Windows AppContainer.\n \n\u041f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u044c \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f, \u043f\u043e\u0434\u0442\u0432\u0435\u0440\u0434\u0438\u043b \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044e CVE-2021-40449 \u0432 \u0446\u0435\u043f\u043e\u0447\u043a\u0435 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u043e\u0432, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u0431\u044b\u043b\u0430 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0430 \u0441\u043e\u043e\u0442\u0435\u0447\u0435\u0441\u0442\u0432\u0435\u043d\u043d\u0438\u043a\u0430\u043c\u0438 \u0438\u0437 Kaspersky. \u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u043f\u0440\u044f\u043c\u043e \u043d\u0435 \u0437\u0430\u0432\u0435\u0440\u0438\u043b\u0438 \u0438 \u0441\u043e\u043e\u0431\u0449\u0438\u043b\u0438, \u0447\u0442\u043e \u0432\u0441\u0435 \u0443\u043a\u0430\u0437\u044b\u0432\u0430\u0435\u0442 \u043d\u0430 \u0442\u043e, \u0447\u0442\u043e, \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b\u0430\u0441\u044c APT IronHusky \u0438\u0437 \u041f\u043e\u0434\u043d\u0435\u0431\u0435\u0441\u043d\u043e\u0439, \u043d\u0430\u0446\u0435\u043b\u0435\u043d\u043d\u043e\u0439 \u043d\u0430 \u0418\u0422-\u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0438, \u0434\u0438\u043f\u043b\u043e\u043c\u0430\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0435 \u0443\u0447\u0440\u0435\u0436\u0434\u0435\u043d\u0438\u044f, \u0430 \u0442\u0430\u043a\u0436\u0435 \u0432\u043e\u0435\u043d\u043d\u044b\u0435 \u0438 \u043e\u0431\u043e\u0440\u043e\u043d\u043d\u044b\u0435 \u043f\u0440\u0435\u0434\u043f\u0440\u0438\u044f\u0442\u0438\u044f. \u0412 \u0442\u0435\u0445\u043d\u0438\u0447\u0435\u0441\u043a\u043e\u043c \u043e\u043f\u0438\u0441\u0430\u043d\u0438\u0438 \u0433\u043e\u0432\u043e\u0440\u0438\u0442\u0441\u044f, \u0447\u0442\u043e \u0446\u0435\u043f\u043e\u0447\u043a\u0438 \u0437\u0430\u0440\u0430\u0436\u0435\u043d\u0438\u044f \u043f\u0440\u0438\u0432\u043e\u0434\u044f\u0442 \u043a \u0440\u0430\u0437\u0432\u0435\u0440\u0442\u044b\u0432\u0430\u043d\u0438\u044e \u0442\u0440\u043e\u044f\u043d\u0430 \u0434\u043b\u044f \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u0433\u043e \u0434\u043e\u0441\u0442\u0443\u043f\u0430, \u0441\u043f\u043e\u0441\u043e\u0431\u043d\u043e\u0433\u043e \u0441\u043e\u0431\u0438\u0440\u0430\u0442\u044c \u0438 \u0444\u0438\u043b\u044c\u0442\u0440\u043e\u0432\u0430\u0442\u044c \u0441\u0438\u0441\u0442\u0435\u043c\u043d\u0443\u044e \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044e \u0438\u0437 \u0441\u043a\u043e\u043c\u043f\u0440\u043e\u043c\u0435\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0445 \u0445\u043e\u0441\u0442\u043e\u0432, \u043f\u0440\u0435\u0436\u0434\u0435 \u0447\u0435\u043c \u043e\u0431\u0440\u0430\u0449\u0430\u0442\u044c\u0441\u044f \u043a \u0441\u0432\u043e\u0435\u043c\u0443 \u0441\u0435\u0440\u0432\u0435\u0440\u0443 C2 \u0437\u0430 \u0434\u0430\u043b\u044c\u043d\u0435\u0439\u0448\u0438\u043c\u0438 \u0438\u043d\u0441\u0442\u0440\u0443\u043a\u0446\u0438\u044f\u043c\u0438.\n \n\u0414\u0432\u0435 \u0438\u0437 71 \u0437\u0430\u0434\u043e\u043a\u0443\u043c\u0435\u043d\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0438\u043c\u0435\u044e\u0442 \u043d\u0430\u0438\u0432\u044b\u0441\u0448\u0438\u0439 \u0440\u0435\u0439\u0442\u0438\u043d\u0433 \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u043e\u0441\u0442\u0438 \u043f\u043e \u0432\u0435\u0440\u0441\u0438\u0438 Microsoft. \u0414\u0440\u0443\u0433\u0438\u0435 \u043d\u0430\u0438\u0431\u043e\u043b\u0435\u0435 \u043e\u043f\u0430\u0441\u043d\u044b\u0435 \u043e\u0448\u0438\u0431\u043a\u0438 \u0432\u043a\u043b\u044e\u0447\u0430\u044e\u0442 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u0433\u043e \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u043a\u043e\u0434\u0430, \u0432\u043b\u0438\u044f\u044e\u0449\u0438\u0435 \u043d\u0430 Microsoft Exchange Server (CVE-2021-26427), Windows Hyper-V (CVE-2021-38672 \u0438 CVE-2021-40461), SharePoint Server (CVE-2021-40487 \u0438 CVE- 2021-41344) \u0438 Microsoft Word (CVE-2021-40486), \u0430 \u0442\u0430\u043a\u0436\u0435 \u043e\u0448\u0438\u0431\u043a\u0430 \u0440\u0430\u0441\u043a\u0440\u044b\u0442\u0438\u044f \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438 \u0432 Rich Text Edit Control (CVE-2021-40454).\n \n\u0410 CVE-2021-26427 \u0441 \u0440\u0435\u0439\u0442\u0438\u043d\u0433\u043e\u043c CVSS 9,0 \u043f\u0440\u044f\u043c \u043d\u0430\u0441\u0442\u043e\u043b\u044c\u043a\u043e \u0432\u043e\u0448\u043b\u0430 \u0445\u0430\u043a\u0435\u0440\u0430\u043c, \u0447\u0442\u043e \u0437\u0430\u0441\u0443\u0435\u0442\u0438\u043b\u0438\u0441\u044c \u0434\u0430\u0436\u0435 \u0440\u0435\u0431\u044f\u0442\u0430 \u0438\u0437 \u0410\u0433\u0435\u043d\u0442\u0441\u0442\u0432\u0430 \u043d\u0430\u0446\u0438\u043e\u043d\u0430\u043b\u044c\u043d\u043e\u0439 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0421\u0428\u0410 (NSA), \u043e\u0441\u043e\u0431\u043e \u043e\u0442\u043c\u0435\u0447\u0430\u044f \u0442\u0440\u0435\u043d\u0434 \u043d\u0430\u0446\u0435\u043b\u0438\u0432\u0430\u043d\u0438\u044f \u0445\u0430\u043a\u0435\u0440\u043e\u0432 \u043d\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u0435 \u0441\u0435\u0440\u0432\u0435\u0440\u0430 Exchange \u0434\u043b\u044f \u0432\u0445\u043e\u0434\u0430 \u0432 \u043f\u0435\u0440\u0438\u043c\u0435\u0442\u0440 \u0441\u0432\u043e\u0438\u0445 \u0436\u0435\u0440\u0442\u0432.\n \nMicrosoft \u0438 \u043f\u0435\u0440\u0435\u0434\u043e\u0432\u043e\u0439 \u0438\u043d\u0444\u043e\u0441\u0435\u043a \u0438\u0441\u0442\u0435\u0431\u043b\u0438\u0448\u043c\u0435\u043d\u0442 \u043f\u0440\u0438\u0437\u044b\u0432\u0430\u044e\u0442 \u043d\u0435\u043c\u0435\u0434\u043b\u0435\u043d\u043d\u043e \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u0438\u0442\u044c \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u0434\u0430\u0431\u044b \u0438\u0437\u0431\u0435\u0436\u0430\u0442\u044c \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u044b\u0445 \u043d\u0435\u0433\u0430\u0442\u0438\u0432\u043d\u044b\u0445 \u043f\u043e\u0441\u043b\u0435\u0434\u0441\u0442\u0432\u0438\u0439. \u041d\u0443, \u0430 \u043c\u044b, \u0432 \u0441\u0432\u043e\u044e \u043e\u0447\u0435\u0440\u0435\u0434\u044c, \u043f\u043e\u0434\u043e\u0436\u0434\u0451\u043c \u0432\u0435\u0441\u0442\u0435\u0439 \u043e\u0442 \u0442\u0435\u0445, \u043a\u0442\u043e \u043d\u0435 \u0443\u0441\u043f\u0435\u043b \u044d\u0442\u043e\u0433\u043e \u0441\u0434\u0435\u043b\u0430\u0442\u044c \u0432\u043e\u0432\u0440\u0435\u043c\u044f.", "creation_timestamp": "2021-10-13T15:52:05.000000Z"}, {"uuid": "6e8577e4-94fc-4da0-867f-882374f0bfea", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-40444", "type": "exploited", "source": "https://t.me/true_secator/2118", "content": "\u041f\u043e\u0434 \u0433\u043d\u0435\u0442\u043e\u043c \u043e\u0431\u0449\u0435\u0441\u0442\u0432\u0435\u043d\u043d\u043e\u0433\u043e \u0432\u043d\u0438\u043c\u0430\u043d\u0438\u044f \u0438 \u0432\u0441\u043f\u043b\u0435\u0441\u043a\u043e\u043c \u0438\u043d\u0446\u0438\u0434\u0435\u043d\u0442\u043e\u0432 Microsoft \u0442\u0430\u043a\u0438 \u043f\u0440\u043e\u043b\u0438\u043b\u0438 \u0441\u0432\u0435\u0442 \u0438 \u0440\u0430\u0441\u043a\u0440\u044b\u043b\u0438 \u043f\u043e\u0434\u0440\u043e\u0431\u043d\u043e\u0441\u0442\u0438 \u0446\u0435\u043b\u0435\u0432\u043e\u0439 \u0444\u0438\u0448\u0438\u043d\u0433-\u043a\u0430\u043c\u043f\u0430\u043d\u0438\u0438, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043d\u0443\u043b\u0435\u0432\u043e\u0433\u043e \u0434\u043d\u044f \u0432 MSHTML. Microsoft Threat Intelligence Center \u0441\u043e\u043e\u0431\u0449\u0430\u0435\u0442, \u0447\u0442\u043e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2021-40444 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b\u0430\u0441\u044c \u0434\u043b\u044f \u043d\u0430\u0447\u0430\u043b\u044c\u043d\u043e\u0433\u043e \u0434\u043e\u0441\u0442\u0443\u043f\u0430 \u0441 \u043f\u043e\u0441\u043b\u0435\u0434\u0443\u044e\u0449\u0438\u043c \u0440\u0430\u0437\u0432\u0435\u0440\u0442\u044b\u0432\u0430\u043d\u0438\u0435\u043c Cobalt Strike Beacon \u0432 \u0441\u043a\u043e\u043c\u043f\u0440\u043e\u043c\u0435\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c\u0430\u0445 Windows.\n \n\u041c\u0435\u0445\u0430\u043d\u0438\u0437\u043c \u0434\u043e\u0441\u0442\u0430\u0432\u043a\u0438 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u043e\u0432 \u0440\u0435\u0430\u043b\u0438\u0437\u043e\u0432\u0430\u043d \u043f\u0443\u0442\u0435\u043c \u043e\u0442\u043f\u0440\u0430\u0432\u043a\u0438 \u044d\u043b\u0435\u043a\u0442\u0440\u043e\u043d\u043d\u044b\u0445 \u043f\u0438\u0441\u0435\u043c, \u0432\u044b\u0434\u0430\u044e\u0449\u0438\u0445 \u0441\u0435\u0431\u044f \u0437\u0430 \u043a\u043e\u043d\u0442\u0440\u0430\u043a\u0442\u044b \u0438 \u044e\u0440\u0438\u0434\u0438\u0447\u0435\u0441\u043a\u0438\u0435 \u0441\u043e\u0433\u043b\u0430\u0448\u0435\u043d\u0438\u044f, \u0440\u0430\u0437\u043c\u0435\u0449\u0435\u043d\u043d\u044b\u0435 \u043d\u0430 \u0441\u0430\u0439\u0442\u0430\u0445 \u043e\u0431\u043c\u0435\u043d\u0430 \u0444\u0430\u0439\u043b\u0430\u043c\u0438. \u041e\u0442\u043a\u0440\u044b\u0442\u0438\u0435 \u0434\u043e\u043a\u0443\u043c\u0435\u043d\u0442\u0430, \u0437\u0430\u0440\u0430\u0436\u0435\u043d\u043d\u043e\u0433\u043e \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u043c \u041f\u041e, \u043f\u0440\u0438\u0432\u043e\u0434\u0438\u0442 \u043a \u0437\u0430\u0433\u0440\u0443\u0437\u043a\u0435 \u0444\u0430\u0439\u043b\u0430 \u0430\u0440\u0445\u0438\u0432\u0430 \u043a\u0430\u0431\u0438\u043d\u0435\u0442\u0430, \u0441\u043e\u0434\u0435\u0440\u0436\u0430\u0449\u0435\u0433\u043e DLL \u0441 \u0440\u0430\u0441\u0448\u0438\u0440\u0435\u043d\u0438\u0435\u043c \u0444\u0430\u0439\u043b\u0430 INF, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u043f\u0440\u0438 \u0440\u0430\u0441\u043f\u0430\u043a\u043e\u0432\u043a\u0435 \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u043b \u0444\u0443\u043d\u043a\u0446\u0438\u0438 \u0432 \u044d\u0442\u043e\u0439 DLL. \u0411\u0438\u0431\u043b\u0438\u043e\u0442\u0435\u043a\u0430, \u0432 \u0441\u0432\u043e\u044e \u043e\u0447\u0435\u0440\u0435\u0434\u044c, \u0438\u0437\u0432\u043b\u0435\u043a\u0430\u0435\u0442 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e \u0440\u0430\u0437\u043c\u0435\u0449\u0435\u043d\u043d\u044b\u0439 \u0448\u0435\u043b\u043b-\u043a\u043e\u0434 - \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044c\u0441\u043a\u0438\u0439 \u0437\u0430\u0433\u0440\u0443\u0437\u0447\u0438\u043a Cobalt Strike Beacon - \u0438 \u0437\u0430\u0433\u0440\u0443\u0436\u0430\u0435\u0442 \u0435\u0433\u043e \u0432 \u0438\u043d\u0441\u0442\u0440\u0443\u043c\u0435\u043d\u0442 \u0438\u043c\u043f\u043e\u0440\u0442\u0430 \u0430\u0434\u0440\u0435\u0441\u043e\u0432 Microsoft. \u041d\u0430\u0431\u043b\u044e\u0434\u0430\u0435\u043c\u044b\u0439 \u0432\u0435\u043a\u0442\u043e\u0440 \u0430\u0442\u0430\u043a\u0438 \u043e\u0441\u043d\u043e\u0432\u0430\u043d \u043d\u0430 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u043e\u043c \u044d\u043b\u0435\u043c\u0435\u043d\u0442\u0435 \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f ActiveX, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u043c\u043e\u0436\u0435\u0442 \u0431\u044b\u0442\u044c \u0437\u0430\u0433\u0440\u0443\u0436\u0435\u043d \u043c\u0435\u0445\u0430\u043d\u0438\u0437\u043c\u043e\u043c \u0432\u0438\u0437\u0443\u0430\u043b\u0438\u0437\u0430\u0446\u0438\u0438 \u0431\u0440\u0430\u0443\u0437\u0435\u0440\u0430 \u0441 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435\u043c \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u043e\u0433\u043e \u0434\u043e\u043a\u0443\u043c\u0435\u043d\u0442\u0430 Office.\n \n\u0421\u0430\u043c\u043e\u0435 \u0438\u043d\u0442\u0435\u0440\u0435\u0441\u043d\u043e\u0435 \u0447\u0442\u043e \u044d\u0442\u0438 \u0437\u0430\u0433\u0440\u0443\u0437\u0447\u0438\u043a\u0438 \u0432\u0437\u0430\u0438\u043c\u043e\u0434\u0435\u0439\u0441\u0442\u0432\u043e\u0432\u0430\u043b\u0438 \u0441 \u0438\u043d\u0444\u0440\u0430\u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u043e\u0439, \u043a\u043e\u0442\u043e\u0440\u0443\u044e Microsoft \u0441\u0432\u044f\u0437\u044b\u0432\u0430\u0435\u0442 \u0441 \u043d\u0435\u0441\u043a\u043e\u043b\u044c\u043a\u0438\u043c\u0438 \u043a\u0438\u0431\u0435\u0440\u043f\u0440\u0435\u0441\u0442\u0443\u043f\u043d\u044b\u043c\u0438 \u043a\u0430\u043c\u043f\u0430\u043d\u0438\u044f\u043c\u0438, \u0432\u043a\u043b\u044e\u0447\u0430\u044f ransomware. \u0412 \u0445\u043e\u0434\u0435 \u043d\u0435\u0437\u0430\u0432\u0438\u0441\u0438\u043c\u043e\u0433\u043e \u0440\u0430\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u043d\u0438\u044f \u0434\u043e\u0447\u0435\u0440\u043d\u044f\u044f \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u044f Microsoft RiskIQ \u0441 \u0432\u044b\u0441\u043e\u043a\u043e\u0439 \u0441\u0442\u0435\u043f\u0435\u043d\u044c\u044e \u0443\u0432\u0435\u0440\u0435\u043d\u043d\u043e\u0441\u0442\u0438 \u0437\u0430\u044f\u0432\u0438\u043b\u0430, \u0447\u0442\u043e \u043a \u0430\u0442\u0430\u043a\u0430\u043c \u043f\u0440\u0438\u0447\u0430\u0441\u0442\u0435\u043d \u0441\u0438\u043d\u0434\u0438\u043a\u0430\u0442 Wizard Spider, \u043e\u0442\u043c\u0435\u0442\u0438\u0432, \u0447\u0442\u043e \u0441\u0435\u0442\u0435\u0432\u0430\u044f \u0438\u043d\u0444\u0440\u0430\u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u0430, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b\u0430\u0441\u044c \u0432 \u043f\u0440\u043e\u0448\u043b\u043e\u043c \u0434\u043b\u044f \u0434\u043e\u0441\u0442\u0430\u0432\u043a\u0438 \u043f\u043e\u043b\u0435\u0437\u043d\u043e\u0439 \u043d\u0430\u0433\u0440\u0443\u0437\u043a\u0438 BazaLoader \u0438 Trickbot, \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0438\u0432\u0430\u0435\u0442 \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0435 \u043c\u043e\u0434\u0443\u043b\u044f\u043c\u0438 Cobalt Strike Beacon \u0438 \u043e\u0445\u0432\u0430\u0442\u044b\u0432\u0430\u0435\u0442 \u0431\u043e\u043b\u0435\u0435 200 \u0430\u043a\u0442\u0438\u0432\u043d\u044b\u0445 \u0441\u0435\u0440\u0432\u0435\u0440\u043e\u0432.\n \n\u041d\u0435 \u043c\u0435\u043d\u0435\u0435 \u0441\u043c\u0435\u043b\u044b\u043c \u0441\u0442\u0430\u043b\u043e \u0438 \u0437\u0430\u044f\u0432\u043b\u0435\u043d\u0438\u0435 \u043e \u0442\u043e\u043c, \u0447\u0442\u043e \u0433\u043e\u0442\u043e\u0432\u044b\u0435 \u0438\u043d\u0441\u0442\u0440\u0443\u043c\u0435\u043d\u0442\u044b \u0441 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435\u043c \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 CVE-2021-40444 \u043d\u0430\u0448\u043b\u0438 \u0441\u0432\u043e\u0435 \u043f\u0440\u0438\u043c\u0435\u043d\u0435\u043d\u0438\u0435 \u0443 \u0410\u0420\u0422, \u043d\u0430\u0446\u0435\u043b\u0435\u043d\u043d\u044b\u0445 \u043d\u0430 \u0442\u0440\u0430\u0434\u0438\u0446\u0438\u043e\u043d\u043d\u044b\u0439 \u0448\u043f\u0438\u043e\u043d\u0430\u0436, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0442\u0430\u043a\u0436\u0435 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0442 \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u0438\u0440\u0443\u0435\u043c\u0443\u044e \u043f\u0440\u0435\u0441\u0442\u0443\u043f\u043d\u0438\u043a\u0430\u043c\u0438 \u0438\u043d\u0444\u0440\u0430\u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u0443, \u0447\u0442\u043e\u0431\u044b \u0432\u0432\u0435\u0441\u0442\u0438 \u0432 \u0437\u0430\u0431\u043b\u0443\u0436\u0434\u0435\u043d\u0438\u0435 \u0438 \u0437\u0430\u0442\u0440\u0443\u0434\u043d\u0438\u0442\u044c \u0430\u0442\u0440\u0438\u0431\u0443\u0446\u0438\u044e.", "creation_timestamp": "2021-09-17T18:14:11.000000Z"}, {"uuid": "96fee6f6-8bab-49eb-8f1b-3e1e579e7d66", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-40444", "type": "seen", "source": "https://t.me/true_secator/2104", "content": "\u041d\u0430\u043a\u043e\u043d\u0435\u0446-\u0442\u043e \u0432\u044b\u0448\u0435\u043b \u0434\u043e\u043b\u0433\u043e\u0436\u0434\u0430\u043d\u043d\u044b\u0439 \u0441\u0435\u043d\u0442\u044f\u0431\u0440\u044c\u0441\u043a\u0438\u0439 \u043f\u0430\u0442\u0447 \u043e\u0442 Microsoft, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u0437\u0430\u043a\u0440\u044b\u0432\u0430\u0435\u0442 60 \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043a\u043e\u0432 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438, \u0432 \u0442\u043e\u043c \u0447\u0438\u0441\u043b\u0435 2 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043d\u0443\u043b\u0435\u0432\u043e\u0433\u043e \u0434\u043d\u044f.\u00a0\n\n\u041a\u0430\u043c\u043d\u0435\u043c \u043f\u0440\u0435\u0442\u043a\u043d\u043e\u0432\u0435\u043d\u0438\u044f \u0441\u0442\u0430\u043b\u0430 \u0431\u0430\u0433\u0430 \u0432 Windows MSHTML, \u0438\u0437\u0432\u0435\u0441\u0442\u043d\u0430\u044f \u043a\u0430\u043a CVE-2021-40444, \u043c\u0430\u043d\u0443\u0430\u043b \u043f\u043e \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u043a\u043e\u0442\u043e\u0440\u043e\u0439 \u0441\u0442\u0430\u043b \u0430\u043a\u0442\u0438\u0432\u043d\u043e \u0440\u0430\u0441\u043f\u0440\u043e\u0441\u0442\u0440\u0430\u043d\u044f\u0442\u0441\u044f \u043d\u0430 \u0445\u0430\u043a\u0435\u0440\u0441\u043a\u0438\u0445 \u043f\u043b\u043e\u0449\u0430\u0434\u043a\u0430\u0445, \u0447\u0442\u043e \u0432\u044b\u0437\u0432\u0430\u043b\u043e \u0432\u043e\u043b\u043d\u0443 \u0438\u043d\u0446\u0438\u0434\u0435\u043d\u0442\u043e\u0432. \u0412\u0442\u043e\u0440\u043e\u0439 zeroday CVE-2021-36968 \u0441\u0432\u044f\u0437\u0430\u043d \u0441 \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u0438\u0435\u043c \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439 \u0432 Windows DNS \u0438\u043c\u0435\u0435\u0442 \u043b\u043e\u043a\u0430\u043b\u044c\u043d\u044b\u0439 \u0432\u0435\u043a\u0442\u043e\u0440 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0438 \u0434\u043b\u044f \u043e\u0431\u044b\u0447\u043d\u043e\u0433\u043e \u043e\u0431\u044b\u0432\u0430\u0442\u0435\u043b\u044f \u043d\u0435 \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438.\n\n\u041a\u0430\u043a \u0438\u0437\u0432\u0435\u0441\u0442\u043d\u043e, Microsoft \u0440\u0430\u0441\u043a\u0440\u044b\u043b\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 Windows MSHTML, \u0442\u043e\u043b\u044c\u043a\u043e \u043f\u043e\u0441\u043b\u0435 \u0442\u043e\u0433\u043e \u043a\u0430\u043a \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u0441\u0442\u0430\u043b\u0438 \u0430\u043a\u0442\u0438\u0432\u043d\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u0435\u0435 \u0432 \u0444\u0438\u0448\u0438\u043d\u0433\u043e\u0432\u044b\u0445 \u0430\u0442\u0430\u043a\u0430\u0445. \u042d\u0442\u0438 \u0430\u0442\u0430\u043a\u0438 \u0440\u0430\u0441\u043f\u0440\u043e\u0441\u0442\u0440\u0430\u043d\u044f\u043b\u0438 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0435 \u0434\u043e\u043a\u0443\u043c\u0435\u043d\u0442\u044b Word \u0441 \u043f\u043e\u043b\u0435\u0437\u043d\u043e\u0439 \u043d\u0430\u0433\u0440\u0443\u0437\u043a\u043e\u0439 CVE-2021-40444 \u0434\u043b\u044f \u0437\u0430\u0433\u0440\u0443\u0437\u043a\u0438 \u0438 \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u043e\u0433\u043e \u0444\u0430\u0439\u043b\u0430 DLL, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u0443\u0441\u0442\u0430\u043d\u0430\u0432\u043b\u0438\u0432\u0430\u043b Cobalt Strike \u043d\u0430 \u043a\u043e\u043c\u043f\u044c\u044e\u0442\u0435\u0440 \u0436\u0435\u0440\u0442\u0432\u044b, \u0447\u0442\u043e \u0441\u043e\u043e\u0442\u0432\u0435\u0442\u0441\u0442\u0432\u0435\u043d\u043d\u043e \u0434\u0430\u0432\u0430\u043b\u043e \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e\u0441\u0442\u044c \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u043f\u043e\u043b\u0443\u0447\u0430\u0442\u044c \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u044b\u0439 \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0443.\n\n\u0412\u0441\u043a\u043e\u0440\u0435 \u043f\u043e\u0441\u043b\u0435 \u0442\u043e\u0433\u043e, \u043a\u0430\u043a Microsoft \u0437\u0430\u044f\u0432\u0438\u043b\u0430 \u043e\u0431 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438, \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u0438 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u043d\u0430\u0447\u0430\u043b\u0438 \u0434\u0435\u043b\u0438\u0442\u044c\u0441\u044f \u0440\u0443\u043a\u043e\u0432\u043e\u0434\u0441\u0442\u0432\u043e\u043c \u043f\u043e \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438, \u0447\u0442\u043e \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u043b\u043e \u043b\u044e\u0431\u043e\u043c\u0443 \u043d\u0430\u0447\u0430\u0442\u044c \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u0435\u0435 \u0432 \u0430\u0442\u0430\u043a\u0430\u0445. \u0421\u0430\u043c\u043e\u0435 \u0438\u043d\u0442\u0435\u0440\u0435\u0441\u043d\u043e\u0435, \u0447\u0442\u043e \u044d\u043d\u0442\u0443\u0437\u0438\u0430\u0441\u0442\u0430\u043c \u0443\u0434\u0430\u043b\u043e\u0441\u044c \u043c\u043e\u0434\u0438\u0444\u0438\u0446\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u044d\u043a\u0441\u043f\u043b\u043e\u0438\u0442 \u0434\u043b\u044f \u043e\u0431\u0445\u043e\u0434\u0430 \u043f\u0440\u0435\u0434\u043b\u043e\u0436\u0435\u043d\u043d\u044b\u0445 Microsoft \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0439 \u043f\u043e \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0438 \u0431\u043e\u043b\u0435\u0435 \u0442\u043e\u0433\u043e \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u043b\u0438 \u043c\u043d\u043e\u0436\u0435\u0441\u0442\u0432\u043e \u0441\u0446\u0435\u043d\u0430\u0440\u0438\u0435\u0432 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u044f \u043e\u0448\u0438\u0431\u043a\u0438, \u0447\u0442\u043e \u043d\u0430 \u0434\u0430\u043d\u043d\u044b\u0439 \u043c\u043e\u043c\u0435\u043d\u0442 \u043f\u043e\u043a\u0430 \u043d\u0435\u044f\u0441\u043d\u043e - \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u044f\u0435\u0442 \u043b\u0438 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0432\u0441\u0435 \u043c\u0435\u0442\u043e\u0434\u044b. \n\n\u041a\u0430\u043a \u043c\u044b \u0437\u043d\u0430\u0435\u043c Microsoft \u043a\u043b\u0430\u0441\u0441\u0438\u0444\u0438\u0446\u0438\u0440\u0443\u0435\u0442 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c, \u043a\u0430\u043a \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043d\u0443\u043b\u0435\u0432\u043e\u0433\u043e \u0434\u043d\u044f, \u0442\u043e\u043b\u044c\u043a\u043e \u0435\u0441\u043b\u0438 \u043e\u043d\u0430 \u043f\u0443\u0431\u043b\u0438\u0447\u043d\u043e \u0440\u0430\u0441\u043a\u0440\u044b\u0442\u0430 \u0438\u043b\u0438 \u0430\u043a\u0442\u0438\u0432\u043d\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442\u0441\u044f \u0431\u0435\u0437 \u0432\u044b\u043f\u0443\u0441\u043a\u0430 \u043e\u0444\u0438\u0446\u0438\u0430\u043b\u044c\u043d\u044b\u0445 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0439 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438. \u041f\u043e\u044d\u0442\u043e\u043c\u0443 \u043d\u0430 \u0441\u043a\u043e\u043b\u044c\u043a\u043e \u043b\u043e\u043a\u0430\u043b\u0438\u0437\u043e\u0432\u0430\u043d\u044b \u0440\u0435\u0430\u043b\u044c\u043d\u044b\u0435 \u0443\u0433\u0440\u043e\u0437\u044b \u043e\u0441\u0442\u0430\u0451\u0442\u0441\u044f \u0442\u043e\u043b\u044c\u043a\u043e \u0433\u0430\u0434\u0430\u0442\u044c, \u043d\u043e \u043f\u0440\u0435\u043d\u0435\u0431\u0440\u0435\u0433\u0430\u0442\u044c \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f\u043c\u0438 \u0432\u0441\u0435 \u0436\u0435 \u043d\u0435 \u0441\u0442\u043e\u0438\u0442.\n\n\u0418\u043d\u0442\u0435\u0440\u0435\u0441\u043d\u044b\u0439 \u0444\u0430\u043a\u0442 \u0432 \u0442\u043e\u043c, \u0447\u0442\u043e Microsoft \u043d\u0435 \u043f\u0440\u0435\u0434\u043e\u0441\u0442\u0430\u0432\u0438\u043b\u0430 \u0434\u043e\u043f\u043e\u043b\u043d\u0438\u0442\u0435\u043b\u044c\u043d\u044b\u0445 \u0441\u0432\u0435\u0434\u0435\u043d\u0438\u0439 \u043e \u0440\u0435\u0430\u043b\u044c\u043d\u044b\u0445 \u0430\u0442\u0430\u043a\u0430\u0445 \u0438\u043b\u0438 \u043a\u0430\u043a\u0438\u0445-\u043b\u0438\u0431\u043e \u0438\u043d\u0434\u0438\u043a\u0430\u0442\u043e\u0440\u043e\u0432 \u043a\u043e\u043c\u043f\u0440\u043e\u043c\u0435\u0442\u0430\u0446\u0438\u0438, \u0447\u0442\u043e\u0431\u044b \u043f\u043e\u043c\u043e\u0447\u044c \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u0438\u0442\u0435\u043b\u044f\u043c \u0438\u043d\u0444\u043e\u0441\u0435\u043a\u0430 \u043d\u0430\u0439\u0442\u0438 \u043f\u0440\u0438\u0437\u043d\u0430\u043a\u0438 \u0437\u043b\u043e\u043d\u0430\u043c\u0435\u0440\u0435\u043d\u043d\u043e\u0439 \u0430\u043a\u0442\u0438\u0432\u043d\u043e\u0441\u0442\u0438. \n\n\u0422\u0435\u043c \u043d\u0435 \u043c\u0435\u043d\u0435\u0435, \u0432 \u0440\u0430\u0437\u0434\u0435\u043b\u0435 \u0430\u0442\u0440\u0438\u0431\u0443\u0446\u0438\u0438 \u0431\u044e\u043b\u043b\u0435\u0442\u0435\u043d\u044f Microsoft \u0441\u043e\u0434\u0435\u0440\u0436\u0438\u0442\u0441\u044f \u0434\u043e\u0441\u0442\u0430\u0442\u043e\u0447\u043d\u043e \u043f\u0440\u0438\u0437\u043d\u0430\u043a\u043e\u0432, \u043f\u043e \u043a\u043e\u0442\u043e\u0440\u044b\u043c \u043c\u043e\u0436\u043d\u043e \u043f\u0440\u0435\u0434\u043f\u043e\u043b\u043e\u0436\u0438\u0442\u044c, \u0447\u0442\u043e \u044d\u0442\u043e \u0440\u0430\u0431\u043e\u0442\u0430 APT-\u0441\u0443\u0431\u044a\u0435\u043a\u0442\u043e\u0432, \u0430 \u044d\u0442\u043e \u0443\u0436\u0435 \u0441\u043e\u0432\u0441\u0435\u043c \u0434\u0440\u0443\u0433\u0430\u044f \u0438\u0441\u0442\u043e\u0440\u0438\u044f \u0438 \u043d\u0435 \u043f\u0440\u043e \u043c\u0430\u043c\u043a\u0438\u043d\u044b\u0445 \u0445\u0430\u0446\u043a\u0435\u0440\u043e\u0432.", "creation_timestamp": "2021-09-15T13:29:06.000000Z"}, {"uuid": "2ae757e4-4fe4-46a1-bc9f-332f6b7675af", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-40444", "type": "exploited", "source": "https://t.me/true_secator/2559", "content": "\u041a\u0438\u0431\u0435\u0440\u0448\u043f\u0438\u043e\u043d\u0441\u043a\u0438\u0435 \u0438\u043d\u0442\u0440\u0438\u0433\u0438 \u043d\u0435 \u043f\u0435\u0440\u0435\u0441\u0442\u0430\u044e\u0442 \u0443\u0434\u0438\u0432\u043b\u044f\u0442\u044c \u0441\u0432\u043e\u0435\u0439 \u0438\u0437\u043e\u0449\u0440\u0435\u043d\u043d\u043e\u0441\u0442\u044c\u044e \u0438 \u0432\u044b\u0441\u043e\u043a\u0438\u043c \u0441\u0430\u043a\u0440\u0430\u043b\u044c\u043d\u044b\u043c \u0441\u043c\u044b\u0441\u043b\u043e\u043c \u0432 \u0443\u043c\u0430\u0445 \u043d\u0430\u0431\u043b\u044e\u0434\u0430\u044e\u0449\u0438\u0445 \u0437\u0430 \u043f\u0440\u043e\u0438\u0441\u0445\u043e\u0434\u044f\u0449\u0438\u043c.\n\n\u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u0438\u0437 Trellix (\u0434\u0435\u0442\u0438\u0449\u0435 McAfee Enterprise \u0438 FireEye) \u0440\u0430\u0441\u0441\u043a\u0430\u0437\u0430\u043b\u0438 \u043e \u043c\u043d\u043e\u0433\u043e\u044d\u0442\u0430\u043f\u043d\u043e\u0439 \u0448\u043f\u0438\u043e\u043d\u0441\u043a\u043e\u0439 \u043a\u0430\u043c\u043f\u0430\u043d\u0438\u0438, \u043d\u0430\u0446\u0435\u043b\u0435\u043d\u043d\u043e\u0439 \u043d\u0430 \u0432\u044b\u0441\u043e\u043a\u043e\u043f\u043e\u0441\u0442\u0430\u0432\u043b\u0435\u043d\u043d\u044b\u0445 \u0447\u0438\u043d\u043e\u0432\u043d\u0438\u043a\u043e\u0432, \u0434\u043e\u043b\u0436\u043d\u043e\u0441\u0442\u043d\u044b\u0445 \u043b\u0438\u0446, \u043a\u0443\u0440\u0438\u0440\u0443\u044e\u0449\u0438\u0445 \u043f\u043e\u043b\u0438\u0442\u0438\u043a\u0443 \u043d\u0430\u0446\u0438\u043e\u043d\u0430\u043b\u044c\u043d\u043e\u0439 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438, \u0430 \u0442\u0430\u043a\u0436\u0435 \u0441\u043e\u0442\u0440\u0443\u0434\u043d\u0438\u043a\u043e\u0432 \u043e\u0431\u043e\u0440\u043e\u043d\u043d\u043e\u0439 \u043f\u0440\u043e\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u043e\u0441\u0442\u0438 \u0432 \u0441\u0442\u0440\u0430\u043d\u0430\u0445 \u0417\u0430\u043f\u0430\u0434\u043d\u043e\u0439 \u0410\u0437\u0438\u0438.\n\n\u0425\u0430\u043a\u0435\u0440\u044b \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c MSHTML, \u0447\u0442\u043e\u0431\u044b \u0448\u043f\u0438\u043e\u043d\u0438\u0442\u044c \u0437\u0430 \u0441\u0432\u043e\u0438\u043c\u0438 \u0446\u0435\u043b\u044f\u043c\u0438. \u0410\u0442\u0430\u043a\u0430 \u0443\u043d\u0438\u043a\u0430\u043b\u044c\u043d\u0430 \u0442\u0435\u043c, \u0447\u0442\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442 Microsoft OneDrive \u0432 \u043a\u0430\u0447\u0435\u0441\u0442\u0432\u0435 \u0441\u0435\u0440\u0432\u0435\u0440\u0430 \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0438 \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u044f (C2) \u0438 \u0440\u0430\u0437\u0434\u0435\u043b\u0435\u043d\u0430 \u043d\u0430 \u0448\u0435\u0441\u0442\u044c \u044d\u0442\u0430\u043f\u043e\u0432, \u0447\u0442\u043e\u0431\u044b \u043e\u0441\u0442\u0430\u0432\u0430\u0442\u044c\u0441\u044f \u043c\u0430\u043a\u0441\u0438\u043c\u0430\u043b\u044c\u043d\u043e \u0441\u043a\u0440\u044b\u0442\u043e\u0439 \u2014 \u0433\u043e\u0432\u043e\u0440\u0438\u0442\u0441\u044f \u0432 \u043e\u0442\u0447\u0435\u0442\u0435 Trellix. \u0422\u0430\u043a\u043e\u0439 \u043f\u043e\u0434\u0445\u043e\u0434 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u043c \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u0430\u043c \u043e\u0441\u0442\u0430\u0432\u0430\u0442\u044c\u0441\u044f \u043d\u0435\u0437\u0430\u043c\u0435\u0447\u0435\u043d\u043d\u044b\u043c\u0438 \u0432 \u0441\u043a\u043e\u043c\u043f\u0440\u043e\u043c\u0435\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c\u0430\u0445, \u043f\u043e\u0441\u043a\u043e\u043b\u044c\u043a\u0443 \u043e\u043d\u0438 \u043f\u043e\u0434\u043a\u043b\u044e\u0447\u0430\u044e\u0442\u0441\u044f \u0442\u043e\u043b\u044c\u043a\u043e \u043a \u043b\u0435\u0433\u0438\u0442\u0438\u043c\u043d\u044b\u043c \u0434\u043e\u043c\u0435\u043d\u0430\u043c Microsoft \u0438 \u0441\u043e\u043e\u0442\u0432\u0435\u0442\u0441\u0442\u0432\u0435\u043d\u043d\u043e \u043d\u0435 \u043e\u0442\u043e\u0431\u0440\u0430\u0436\u0430\u044e\u0442 \u043f\u043e\u0434\u043e\u0437\u0440\u0438\u0442\u0435\u043b\u044c\u043d\u044b\u0439 \u0441\u0435\u0442\u0435\u0432\u043e\u0439 \u0442\u0440\u0430\u0444\u0438\u043a.\n\n\u041f\u0435\u0440\u0432\u044b\u0435 \u043f\u0440\u0438\u0437\u043d\u0430\u043a\u0438 \u0430\u043a\u0442\u0438\u0432\u043d\u043e\u0441\u0442\u0438, \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u044b\u0435 \u0441\u043e \u0448\u043f\u0438\u043e\u043d\u0441\u043a\u043e\u0439 \u0434\u0435\u044f\u0442\u0435\u043b\u044c\u043d\u043e\u0441\u0442\u044c\u044e, \u043f\u043e\u044f\u0432\u0438\u043b\u0438\u0441\u044c 18 \u0438\u044e\u043d\u044f 2021 \u0433\u043e\u0434\u0430, \u0430 21 \u0438 29 \u0441\u0435\u043d\u0442\u044f\u0431\u0440\u044f \u0431\u044b\u043b\u043e \u0437\u0430\u0440\u0435\u0433\u0438\u0441\u0442\u0440\u0438\u0440\u043e\u0432\u0430\u043d\u043e \u0443\u0436\u0435 \u0434\u0432\u0435 \u0436\u0435\u0440\u0442\u0432\u044b. \u0417\u0430\u0442\u0435\u043c \u0435\u0449\u0435 17 \u0437\u0430 \u043f\u0435\u0440\u0438\u043e\u0434 \u0441 6 \u043f\u043e 8 \u043e\u043a\u0442\u044f\u0431\u0440\u044f.\n\n\u0412\u0435\u043a\u0442\u043e\u0440 \u0430\u0442\u0430\u043a\u0438 \u043d\u0430\u0447\u0438\u043d\u0430\u043b\u0441\u044f \u0441 \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u0444\u0430\u0439\u043b\u0430 Microsoft Excel, \u0441\u043e\u0434\u0435\u0440\u0436\u0430\u0449\u0435\u0433\u043e \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442 \u0434\u043b\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u0433\u043e \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u043a\u043e\u0434\u0430 MSHTML (CVE-2021-40444), \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u043c\u043e\u0433\u043e \u0434\u043b\u044f \u0437\u0430\u043f\u0443\u0441\u043a\u0430 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u043e\u0433\u043e \u0431\u0438\u043d\u0430\u0440\u043d\u0438\u043a\u0430, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u0432 \u0441\u0432\u043e\u044e \u043e\u0447\u0435\u0440\u0435\u0434\u044c \u0434\u0435\u0439\u0441\u0442\u0432\u0443\u0435\u0442, \u043a\u0430\u043a \u0437\u0430\u0433\u0440\u0443\u0437\u0447\u0438\u043a \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u043e\u0433\u043e \u041f\u041e \u0442\u0440\u0435\u0442\u044c\u0435\u0439 \u0441\u0442\u0430\u0434\u0438\u0438, \u043f\u043e\u043b\u0443\u0447\u0438\u0432\u0448\u0438\u0439 \u043d\u0430\u0437\u0432\u0430\u043d\u0438\u0435 Graphite. \u0418\u0441\u043f\u043e\u043b\u043d\u044f\u0435\u043c\u044b\u0439 DLL-\u0444\u0430\u0439\u043b \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442 OneDrive \u0432 \u043a\u0430\u0447\u0435\u0441\u0442\u0432\u0435 C2-\u0441\u0435\u0440\u0432\u0435\u0440\u0430 \u0447\u0435\u0440\u0435\u0437 API Microsoft Graph \u0432 \u0446\u0435\u043b\u044f\u0445 \u0438\u0437\u0432\u043b\u0435\u0447\u0435\u043d\u0438\u044f \u0434\u043e\u043f\u043e\u043b\u043d\u0438\u0442\u0435\u043b\u044c\u043d\u043e\u0433\u043e \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u043e\u0433\u043e \u041f\u041e, \u043a\u043e\u0442\u043e\u0440\u043e\u0435 \u0432 \u043a\u043e\u043d\u0435\u0447\u043d\u043e\u043c \u0438\u0442\u043e\u0433\u0435 \u0437\u0430\u0433\u0440\u0443\u0436\u0430\u0435\u0442 \u0438 \u0437\u0430\u043f\u0443\u0441\u043a\u0430\u0435\u0442 \u043f\u0443\u0431\u043b\u0438\u0447\u043d\u044b\u0439 \u0445\u0430\u0446\u043a\u0435\u0440\u0441\u043a\u0438\u0439 \u0444\u0440\u0435\u0439\u043c\u0444\u043e\u0440\u043a Empire, \u0448\u0438\u0440\u043e\u043a\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u043c\u044b\u0439 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c\u0438 \u0434\u043b\u044f \u043f\u043e\u0441\u043b\u0435\u0434\u0443\u044e\u0449\u0438\u0445 \u0434\u0435\u0439\u0441\u0442\u0432\u0438\u0439.\n\n\u041a \u0441\u043e\u0436\u0430\u043b\u0435\u043d\u0438\u044e \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043e\u043a MSTHML \u043f\u0440\u043e\u0434\u043e\u043b\u0436\u0430\u0435\u0442 \u0430\u043a\u0442\u0438\u0432\u043d\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c\u0441\u044f \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c\u0438, \u043f\u0440\u0438 \u044d\u0442\u043e\u043c Microsoft \u0438 SafeBreach Labs \u0443\u0436\u0435 \u0440\u0430\u0441\u043a\u0440\u044b\u0432\u0430\u043b\u0438 \u043d\u0435\u0441\u043a\u043e\u043b\u044c\u043a\u043e \u043a\u0430\u043c\u043f\u0430\u043d\u0438\u0439, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0434\u043b\u044f \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043a\u0438 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u0438 \u0440\u0430\u0441\u043f\u0440\u043e\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044c\u0441\u043a\u0438\u0445 \u0437\u0430\u0433\u0440\u0443\u0437\u0447\u0438\u043a\u043e\u0432 Cobalt Strike Beacon, \u043e \u0447\u0435\u043c \u0438 \u043c\u044b \u0442\u0430\u043a\u0436\u0435 \u043f\u0438\u0441\u0430\u043b\u0438 \u0440\u0430\u043d\u0435\u0435.\n\n\u041d\u0435 \u043c\u0443\u0434\u0440\u0441\u0442\u0432\u0443\u044f \u043b\u0443\u043a\u0430\u0432\u043e, \u043d\u043e \u0441 \u043e\u043f\u0440\u0435\u0434\u0435\u043b\u0435\u043d\u043d\u043e\u0439 \u0434\u043e\u043b\u0435\u0439 \u0443\u0432\u0435\u0440\u0435\u043d\u043d\u043e\u0441\u0442\u0438 Trellix \u043f\u0440\u0438\u043f\u0438\u0441\u0430\u043b \u0438\u0437\u043e\u0449\u0440\u0435\u043d\u043d\u044b\u0435 \u0430\u0442\u0430\u043a\u0438 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u043e\u0439 \u0445\u0430\u043a\u0435\u0440\u0441\u043a\u043e\u0439 \u0433\u0440\u0443\u043f\u043f\u0435 APT28, \u0431\u043e\u043b\u044c\u0448\u0435 \u0438\u0437\u0432\u0435\u0441\u0442\u043d\u043e\u0439 \u043a\u043e\u043d\u0435\u0447\u043d\u043e \u043a\u0430\u043a Fancy Bear.\n\n\u0421\u043f\u0435\u0446\u0438\u0430\u043b\u0438\u0441\u0442\u044b \u0441\u0434\u0435\u043b\u0430\u043b\u0438 \u0442\u0430\u043a\u043e\u0435 \u0437\u0430\u043a\u043b\u044e\u0447\u0435\u043d\u0438\u0435 \u043d\u0430 \u043e\u0441\u043d\u043e\u0432\u0430\u043d\u0438\u0438 \u0441\u0445\u043e\u0434\u0441\u0442\u0432\u0430 \u0432 \u0438\u0441\u0445\u043e\u0434\u043d\u043e\u043c \u043a\u043e\u0434\u0435, \u0438\u043d\u0434\u0438\u043a\u0430\u0442\u043e\u0440\u0430\u0445 \u0430\u0442\u0430\u043a \u0438 \u0433\u0435\u043e\u043f\u043e\u043b\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0445 \u0446\u0435\u043b\u044f\u0445. \u0414\u043e\u0441\u043b\u043e\u0432\u043d\u043e \u044d\u0442\u043e \u0437\u0432\u0443\u0447\u0438\u0442 \u0442\u0430\u043a: with a low and moderate confidence, we believe, \u0441\u043e\u043a\u0440\u0430\u0449\u0430\u044f \u0434\u043e \u0430\u0431\u0431\u0440\u0435\u0432\u0438\u0430\u0442\u0443\u0440\u044b \u043f\u0435\u0440\u0432\u044b\u0445 \u0431\u0443\u043a\u0432 \u043f\u043e\u043b\u0443\u0447\u0430\u0435\u0442\u0441\u044f \u00abf..ck off\u00bb, \u043f\u0440\u043e\u0441\u0442\u0438\u0442\u0435 \u0437\u0430 \u043d\u0430\u0448 \u0430\u043d\u0433\u043b\u0438\u0439\u0441\u043a\u0438\u0439.\n\n\u0410 - \u0430\u0442\u0440\u0438\u0431\u0443\u0446\u0438\u044f.", "creation_timestamp": "2022-01-26T17:27:41.000000Z"}, {"uuid": "2b40b322-12ec-485c-a3be-ea7723e612dc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-40444", "type": "exploited", "source": "https://t.me/true_secator/2478", "content": "\u041d\u0438\u043a\u0442\u043e \u0438 \u043d\u0435 \u0441\u043e\u043c\u043d\u0435\u0432\u0430\u043b\u0441\u044f, \u0437\u043d\u0430\u044f \u043a\u0430\u043a Microsoft \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u044f\u044e\u0442 \u0441\u0432\u043e\u0438 \u043a\u043e\u0441\u044f\u043a\u0438, \u0434\u043e\u043f\u0443\u0441\u043a\u0430\u044f \u043f\u0440\u0438 \u044d\u0442\u043e\u043c \u043a\u0443\u0447\u0443 \u0434\u0440\u0443\u0433\u0438\u0445.\n \n\u0421\u043e\u0433\u043b\u0430\u0441\u043d\u043e \u0441\u0432\u0435\u0434\u0435\u043d\u0438\u044f\u043c Sophos, \u0445\u0430\u043a\u0435\u0440\u044b \u043d\u0430\u0448\u043b\u0438 \u0441\u043f\u043e\u0441\u043e\u0431 \u043e\u0431\u043e\u0439\u0442\u0438 \u043f\u0430\u0442\u0447 \u0434\u043b\u044f \u043d\u0435\u0434\u0430\u0432\u043d\u0435\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 Microsoft Office \u0438 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b\u0438 \u0435\u0433\u043e \u0434\u043b\u044f \u043a\u0440\u0430\u0442\u043a\u043e\u0432\u0440\u0435\u043c\u0435\u043d\u043d\u043e\u0433\u043e \u0440\u0430\u0441\u043f\u0440\u043e\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u043e\u0433\u043e \u041f\u041e Formbook.\n \n\u041e\u0448\u0438\u0431\u043a\u0430 CVE-2021-40444 (\u0441 \u043e\u0446\u0435\u043d\u043a\u043e\u0439 CVSS 8,8) \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u044e\u0449\u0430\u044f MSHTML \u043c\u043e\u0436\u0435\u0442 \u0431\u044b\u0442\u044c \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0430 \u0434\u043b\u044f \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u0433\u043e \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u043a\u043e\u0434\u0430 \u0432 \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c\u0430\u0445. \u0414\u043b\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u043d\u0435\u043e\u0431\u0445\u043e\u0434\u0438\u043c\u043e \u0434\u043e\u0431\u0438\u0442\u044c\u0441\u044f \u043e\u0442\u043a\u0440\u044b\u0442\u0438\u044f \u0436\u0435\u0440\u0442\u0432\u043e\u0439 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u043e\u0433\u043e \u0434\u043e\u043a\u0443\u043c\u0435\u043d\u0442\u0430.\n \n\u041e\u0431 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0441\u0442\u0430\u043b\u043e \u0438\u0437\u0432\u0435\u0441\u0442\u043d\u043e 7 \u0441\u0435\u043d\u0442\u044f\u0431\u0440\u044f, \u0441\u0440\u0430\u0437\u0443 \u043f\u043e\u0441\u043b\u0435 \u0432\u044b\u044f\u0432\u043b\u0435\u043d\u0438\u0438 \u0441\u0435\u0440\u0438\u0438 \u0430\u0442\u0430\u043a, \u0432 \u0440\u0435\u0437\u0443\u043b\u044c\u0442\u0430\u0442\u0435 \u0447\u0435\u0433\u043e \u043e\u043d\u0430 \u0431\u044b\u043b\u0430 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0430 \u0441\u0435\u043d\u0442\u044f\u0431\u0440\u044c\u0441\u043a\u0438\u043c Patch Tuesday. \u0422\u0430\u043a\u0436\u0435 \u0431\u044b\u043b \u043e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043d PoC, \u0432\u044b\u0437\u0432\u0430\u0432\u0448\u0438\u0439 \u0440\u0435\u0437\u043a\u0443\u044e \u0430\u043a\u0442\u0438\u0432\u0438\u0437\u0430\u0446\u0438\u044e \u043f\u043e\u043f\u044b\u0442\u043e\u043a \u0435\u0435 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0432 \u0434\u0438\u043a\u043e\u0439 \u043f\u0440\u0438\u0440\u043e\u0434\u0435.\n \n\u041f\u0440\u0435\u0434\u043e\u0441\u0442\u0430\u0432\u043b\u0435\u043d\u043d\u044b\u0439 Microsoft \u043f\u0430\u0442\u0447 \u043f\u0440\u0435\u0434\u043d\u0430\u0437\u043d\u0430\u0447\u0435\u043d \u0434\u043b\u044f \u043f\u0440\u0435\u0434\u043e\u0442\u0432\u0440\u0430\u0449\u0435\u043d\u0438\u044f \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u043a\u043e\u0434\u0430 \u0434\u043b\u044f \u0437\u0430\u0433\u0440\u0443\u0437\u043a\u0438 \u0430\u0440\u0445\u0438\u0432\u0430 Microsoft Cabinet (CAB), \u0441\u043e\u0434\u0435\u0440\u0436\u0430\u0449\u0435\u0433\u043e \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0439 \u0438\u0441\u043f\u043e\u043b\u043d\u044f\u0435\u043c\u044b\u0439 \u0444\u0430\u0439\u043b. \u041e\u0434\u043d\u0430\u043a\u043e \u043f\u043e\u0445\u043e\u0436\u0435, \u0447\u0442\u043e \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u043d\u0430\u0448\u043b\u0438 \u0441\u043f\u043e\u0441\u043e\u0431 \u043e\u0431\u043e\u0439\u0442\u0438 \u043f\u0430\u0442\u0447, \u0432\u043a\u043b\u044e\u0447\u0438\u0432 \u0434\u043e\u043a\u0443\u043c\u0435\u043d\u0442 Word \u0432 \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u0441\u043e\u0437\u0434\u0430\u043d\u043d\u044b\u0439 \u0430\u0440\u0445\u0438\u0432 RAR.\n \nSophos \u0443\u0442\u0432\u0435\u0440\u0436\u0434\u0430\u0435\u0442, \u0447\u0442\u043e \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u0440\u0430\u0441\u043f\u0440\u043e\u0441\u0442\u0440\u0430\u043d\u0438\u043b\u0438 \u0430\u0440\u0445\u0438\u0432\u044b \u0432 \u0440\u0430\u043c\u043a\u0430\u0445 \u043a\u0430\u043c\u043f\u0430\u043d\u0438\u0438 \u043f\u043e \u0440\u0430\u0441\u0441\u044b\u043b\u043a\u0435 \u0441\u043f\u0430\u043c\u0430 \u0432 \u043f\u0435\u0440\u0438\u043e\u0434 24 - 25 \u043e\u043a\u0442\u044f\u0431\u0440\u044f, \u043f\u043e\u0441\u043b\u0435 \u0447\u0435\u0433\u043e \u0431\u044b\u043b\u0430 \u0431\u044b\u0441\u0442\u0440\u043e \u0441\u0432\u0435\u0440\u043d\u0443\u0442\u0430, \u0447\u0442\u043e \u0443\u043a\u0430\u0437\u044b\u0432\u0430\u0435\u0442 \u043d\u0430 \u00ab\u043f\u0440\u043e\u0431\u043d\u044b\u0439 \u0437\u0430\u043f\u0443\u0441\u043a\u00bb. \u041f\u0440\u0438 \u044d\u0442\u043e\u043c \u0434\u043b\u044f \u0434\u043e\u0431\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u043e\u0433\u043e \u0434\u043e\u043a\u0443\u043c\u0435\u043d\u0442\u0430 Word \u0432 \u0430\u0440\u0445\u0438\u0432 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b\u0441\u044f PowerShell, \u0438 \u043a\u0430\u043a \u0442\u043e\u043b\u044c\u043a\u043e \u0436\u0435\u0440\u0442\u0432\u0430 \u043e\u0442\u043a\u0440\u044b\u0432\u0430\u043b\u0430 \u0435\u0433\u043e \u0434\u043b\u044f \u0434\u043e\u0441\u0442\u0443\u043f\u0430 \u043a \u0434\u043e\u043a\u0443\u043c\u0435\u043d\u0442\u0443, \u0441\u0446\u0435\u043d\u0430\u0440\u0438\u0439 \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u043b\u0441\u044f, \u0447\u0442\u043e \u043f\u0440\u0438\u0432\u043e\u0434\u0438\u043b\u043e \u043a \u0437\u0430\u0440\u0430\u0436\u0435\u043d\u0438\u044e \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u043c \u041f\u041e Formbook.\n \n\u0412\u043b\u043e\u0436\u0435\u043d\u0438\u044f \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u043b\u044f\u044e\u0442 \u0441\u043e\u0431\u043e\u0439 \u044d\u0441\u043a\u0430\u043b\u0430\u0446\u0438\u044e \u0437\u043b\u043e\u0443\u043f\u043e\u0442\u0440\u0435\u0431\u043b\u0435\u043d\u0438\u0439 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u043e\u043c \u0441 \u043e\u0448\u0438\u0431\u043a\u043e\u0439 -40444 \u0438 \u0434\u0435\u043c\u043e\u043d\u0441\u0442\u0440\u0438\u0440\u0443\u044e\u0442, \u0447\u0442\u043e \u0434\u0430\u0436\u0435 \u043f\u0430\u0442\u0447 \u043d\u0435 \u0432\u0441\u0435\u0433\u0434\u0430 \u043c\u043e\u0436\u0435\u0442 \u0441\u043c\u044f\u0433\u0447\u0438\u0442\u044c \u0434\u0435\u0439\u0441\u0442\u0432\u0438\u044f \u043c\u043e\u0442\u0438\u0432\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u0433\u043e \u0438 \u0434\u043e\u0441\u0442\u0430\u0442\u043e\u0447\u043d\u043e \u043a\u0432\u0430\u043b\u0438\u0444\u0438\u0446\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u0433\u043e \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430.\n \n\u041f\u043e \u0437\u0430\u044f\u0432\u043b\u0435\u043d\u0438\u044e \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0438, \u0430\u0442\u0430\u043a\u0430 \u0431\u044b\u043b\u0430 \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u0430, \u043f\u043e\u0442\u043e\u043c\u0443 \u0447\u0442\u043e \u043f\u0440\u0435\u0434\u043e\u0441\u0442\u0430\u0432\u043b\u0435\u043d\u043d\u044b\u0439 \u043f\u0430\u0442\u0447 \u0431\u044b\u043b \u0441\u043b\u0438\u0448\u043a\u043e\u043c \u0443\u0437\u043a\u043e\u0441\u043f\u0435\u0446\u0438\u0430\u043b\u0438\u0437\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u043c \u0438 \u043d\u0435 \u0443\u0447\u0438\u0442\u044b\u0432\u0430\u043b \u0434\u043e \u043a\u043e\u043d\u0446\u0430 \u0432\u0441\u0435\u0445 \u043e\u0441\u043e\u0431\u0435\u043d\u043d\u043e\u0441\u0442\u0435\u0439 \u043e\u0431\u0440\u0430\u0431\u043e\u0442\u043a\u0438 WinRAR \u0444\u0430\u0439\u043b\u043e\u0432.\n \n\u0427\u0435\u0433\u043e \u0438 \u0441\u043b\u0435\u0434\u043e\u0432\u0430\u043b\u043e \u043e\u0436\u0438\u0434\u0430\u0442\u044c.", "creation_timestamp": "2021-12-24T19:05:00.000000Z"}, {"uuid": "99589209-3130-4311-9687-dd669a99366d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-40444", "type": "exploited", "source": "https://t.me/NeKaspersky/1726", "content": "\u0421\u043e\u0433\u043b\u0430\u0441\u043d\u043e \u043d\u043e\u0432\u043e\u043c\u0443 \u043e\u0442\u0447\u0435\u0442\u0443 Trellix, \u0445\u0430\u043a\u0435\u0440\u044b \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0442 OneDrive \u0432 \u043a\u0430\u0447\u0435\u0441\u0442\u0432\u0435 C2 \u0434\u043b\u044f \u0430\u0442\u0430\u043a \u043d\u0430 \u0432\u044b\u0441\u043e\u043a\u043e\u043f\u043e\u0441\u0442\u0430\u0432\u043b\u0435\u043d\u043d\u044b\u0445 \u0447\u0438\u043d\u043e\u0432\u043d\u0438\u043a\u043e\u0432 \u0432 \u0417\u0430\u043f\u0430\u0434\u043d\u043e\u0439 \u0410\u0437\u0438\u0438.\n\n\u0412\u0440\u0435\u0434\u043e\u043d\u043e\u0441, \u043f\u043e\u043b\u0443\u0447\u0438\u0432\u0448\u0438\u0439 \u0438\u043c\u044f \u00abGraphite\u00bb \u0438\u0437-\u0437\u0430 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u044f Microsoft Graph API \u0434\u043b\u044f \u0432\u0437\u0430\u0438\u043c\u043e\u0434\u0435\u0439\u0441\u0442\u0432\u0438\u044f \u0441 OneDrive (\u0442\u043e\u043a\u0435\u043d, \u043a\u0441\u0442\u0430\u0442\u0438, \u0437\u0430\u0445\u0430\u0440\u0434\u043a\u043e\u0434\u0438\u043b\u0438), \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u0435\u0442 RCE \u0432 MSHTML (CVE-2021-40444) \u0434\u043b\u044f \u0437\u0430\u043f\u0443\u0441\u043a\u0430 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u043e\u0433\u043e \u0438\u0441\u043f\u043e\u043b\u043d\u044f\u0435\u043c\u043e\u0433\u043e \u0444\u0430\u0439\u043b\u0430 \u043d\u0435\u043f\u043e\u0441\u0440\u0435\u0434\u0441\u0442\u0432\u0435\u043d\u043d\u043e \u0432 \u043e\u043f\u0435\u0440\u0430\u0442\u0438\u0432\u043d\u043e\u0439 \u043f\u0430\u043c\u044f\u0442\u0438. \u0422\u0430\u043a\u043e\u0439 \u043f\u043e\u0434\u0445\u043e\u0434 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0438\u0437\u0431\u0435\u0436\u0430\u0442\u044c \u043f\u043e\u0434\u043e\u0437\u0440\u0435\u043d\u0438\u0439 \u043f\u0440\u0438 \u0430\u043d\u0430\u043b\u0438\u0437\u0435 \u0442\u0440\u0430\u0444\u0438\u043a\u0430, \u0442.\u043a. \u0437\u0430\u0440\u0430\u0436\u0435\u043d\u043d\u044b\u0439 \u043a\u043e\u043c\u043f\u044c\u044e\u0442\u0435\u0440 \u0441\u043e\u0435\u0434\u0438\u043d\u044f\u0435\u0442\u0441\u044f \u0442\u043e\u043b\u044c\u043a\u043e \u0441 \u0441\u0435\u0440\u0432\u0435\u0440\u0430\u043c\u0438 Microsoft. Trellix \u0441\u043e\u043e\u0431\u0449\u0438\u043b\u0438 ZDNet, \u0447\u0442\u043e \u0440\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u0447\u0438\u043a\u0438, \u0432\u0435\u0440\u043e\u044f\u0442\u043d\u043e, \u0432\u0434\u043e\u0445\u043d\u043e\u0432\u043b\u044f\u043b\u0438\u0441\u044c Empire OneDrive Stager, \u0442.\u043a. \u0444\u0443\u043d\u043a\u0446\u0438\u043e\u043d\u0430\u043b\u044c\u043d\u043e\u0441\u0442\u044c \u0438 \u0444\u0430\u0439\u043b\u043e\u0432\u0430\u044f \u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u0430 \u0443 \u043d\u0438\u0445 \u0441\u0445\u043e\u0436\u0438.\n\n\u041a\u0440\u0438\u0441\u0442\u0438\u0430\u043d \u0411\u0438\u043a, \u0432\u0435\u0434\u0443\u0449\u0438\u0439 \u043d\u0430\u0443\u0447\u043d\u044b\u0439 \u0441\u043e\u0442\u0440\u0443\u0434\u043d\u0438\u043a Trellix Threat Labs, \u043e\u0442\u043c\u0435\u0442\u0438\u043b, \u0447\u0442\u043e \u0430\u0442\u0430\u043a\u0430 \u043f\u0440\u043e\u0448\u043b\u0430 \u0443\u0441\u043f\u0435\u0448\u043d\u043e, \u043d\u043e \u043d\u0435 \u0441\u0442\u0430\u043b \u0434\u0435\u043b\u0438\u0442\u044c\u0441\u044f \u0434\u043e\u043f\u043e\u043b\u043d\u0438\u0442\u0435\u043b\u044c\u043d\u043e\u0439 \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0435\u0439 \u043e \u0446\u0435\u043b\u044f\u0445 \u0445\u0430\u043a\u0435\u0440\u043e\u0432, \u0437\u0430\u044f\u0432\u0438\u0432, \u0447\u0442\u043e \u0440\u0430\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u043d\u0438\u0435 \u0432\u0441\u0435 \u0435\u0449\u0435 \u043f\u0440\u043e\u0434\u043e\u043b\u0436\u0430\u0435\u0442\u0441\u044f. \u0421\u043e\u0433\u043b\u0430\u0441\u043d\u043e \u043e\u0442\u0447\u0435\u0442\u0443 Trellix, \u043f\u043e\u0434\u0433\u043e\u0442\u043e\u0432\u043a\u0430 \u043a \u0430\u0442\u0430\u043a\u0435 \u0432\u0435\u043b\u0430\u0441\u044c \u0432 \u0438\u044e\u043b\u0435 2021 \u0433\u043e\u0434\u0430, \u043f\u0440\u0438 \u044d\u0442\u043e\u043c \u0441\u0430\u043c\u0430 \u0430\u0442\u0430\u043a\u0430 \u043f\u0440\u043e\u0445\u043e\u0434\u0438\u043b\u0430 \u0441 \u0441\u0435\u043d\u0442\u044f\u0431\u0440\u044f \u043f\u043e 5 \u043d\u043e\u044f\u0431\u0440\u044f.\n\n\u041f\u0435\u0440\u0432\u044b\u0439 \u044d\u0442\u0430\u043f \u0430\u0442\u0430\u043a\u0438, \u0432\u0435\u0440\u043e\u044f\u0442\u043d\u043e, \u0432\u043a\u043b\u044e\u0447\u0430\u043b \u0442\u0430\u0440\u0433\u0435\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u0443\u044e \u0444\u0438\u0448\u0438\u043d\u0433\u043e\u0432\u0443\u044e \u0440\u0430\u0441\u0441\u044b\u043b\u043a\u0443 \u043f\u043e \u044d\u043b\u0435\u043a\u0442\u0440\u043e\u043d\u043d\u043e\u0439 \u043f\u043e\u0447\u0442\u0435, \u0446\u0435\u043b\u044c \u043a\u043e\u0442\u043e\u0440\u043e\u0439 - \u0437\u0430\u0441\u0442\u0430\u0432\u0438\u0442\u044c \u0436\u0435\u0440\u0442\u0432 \u043e\u0442\u043a\u0440\u044b\u0442\u044c \u0444\u0430\u0439\u043b \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0439 Excel-\u0444\u0430\u0439\u043b \u00abparliament_rew.xlsx\u00bb. \u041f\u043e\u043c\u0438\u043c\u043e \u0433\u043e\u0441. \u0443\u0447\u0440\u0435\u0436\u0434\u0435\u043d\u0438\u0439 \u0430\u0442\u0430\u043a\u0443\u044e\u0449\u0438\u0435, \u0432\u0435\u0440\u043e\u044f\u0442\u043d\u043e, \u043f\u043e\u043b\u043e\u0436\u0438\u043b\u0438 \u0433\u043b\u0430\u0437 \u043d\u0430 \u043e\u0431\u043e\u0440\u043e\u043d\u043d\u0443\u044e \u043f\u0440\u043e\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u043e\u0441\u0442\u044c, \u043f\u043e\u0441\u043a\u043e\u043b\u044c\u043a\u0443 \u0434\u0440\u0443\u0433\u043e\u0439 \u0434\u043e\u043a\u0443\u043c\u0435\u043d\u0442 - \u00abMissions Budget.xlsx\u00bb - \u0441\u043e\u0434\u0435\u0440\u0436\u0430\u043b \u0442\u0435\u043a\u0441\u0442 \u00ab\u0412\u043e\u0435\u043d\u043d\u044b\u0435 \u0438 \u0433\u0440\u0430\u0436\u0434\u0430\u043d\u0441\u043a\u0438\u0435 \u043c\u0438\u0441\u0441\u0438\u0438 \u0438 \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u0438\u00bb \u0438 \u0431\u044e\u0434\u0436\u0435\u0442\u044b \u0432 \u0434\u043e\u043b\u043b\u0430\u0440\u0430\u0445 \u043d\u0430 \u0432\u043e\u0435\u043d\u043d\u044b\u0435 \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u0438 \u0432 \u043d\u0435\u043a\u043e\u0442\u043e\u0440\u044b\u0445 \u0441\u0442\u0440\u0430\u043d\u0430\u0445 \u043d\u0430 2022 \u0438 2023 \u0433\u043e\u0434\u044b.\n\n\u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u0437\u0430\u044f\u0432\u0438\u043b\u0438, \u0447\u0442\u043e \u0445\u043e\u0442\u044f \u043d\u0430 \u043e\u0441\u043d\u043e\u0432\u0435 \u0438\u043c\u0435\u044e\u0449\u0438\u0445\u0441\u044f \u0434\u043e\u043a\u0430\u0437\u0430\u0442\u0435\u043b\u044c\u0441\u0442\u0432 \u043f\u0440\u0438\u043f\u0438\u0441\u0430\u0442\u044c \u0430\u0442\u0430\u043a\u0443 \u0442\u043e\u0439 \u0438\u043b\u0438 \u0438\u043d\u043e\u0439 \u0433\u0440\u0443\u043f\u043f\u0438\u0440\u043e\u0432\u043a\u0435 \u0437\u0430\u0442\u0440\u0443\u0434\u043d\u0438\u0442\u0435\u043b\u044c\u043d\u043e, \u043f\u0440\u0443\u0444\u044b \u043a\u043e\u0441\u0432\u0435\u043d\u043d\u043e \u0443\u043a\u0430\u0437\u044b\u0432\u0430\u044e\u0442 \u043d\u0430 APT28. \u0412 \u0441\u043e\u043e\u0431\u0449\u0435\u043d\u0438\u0438 \u043e\u0442\u043c\u0435\u0447\u0430\u0435\u0442\u0441\u044f, \u0447\u0442\u043e \u043d\u0430\u043f\u0430\u0434\u0435\u043d\u0438\u044f \u043f\u0440\u043e\u0438\u0437\u043e\u0448\u043b\u0438 \u0432\u043e \u0432\u0440\u0435\u043c\u044f \u043e\u0431\u043e\u0441\u0442\u0440\u0435\u043d\u0438\u044f \u043e\u0442\u043d\u043e\u0448\u0435\u043d\u0438\u0439 \u043c\u0435\u0436\u0434\u0443 \u0410\u0440\u043c\u0435\u043d\u0438\u0435\u0439 \u0438 \u0410\u0437\u0435\u0440\u0431\u0430\u0439\u0434\u0436\u0430\u043d\u043e\u043c. \u041f\u043e \u0434\u0430\u043d\u043d\u044b\u043c Trellix, \u0445\u0430\u043a\u0435\u0440\u044b, \u0441\u0442\u043e\u044f\u0432\u0448\u0438\u0435 \u0437\u0430 \u043f\u0440\u043e\u0435\u043a\u0442\u043e\u043c, \u0440\u0430\u0431\u043e\u0442\u0430\u043b\u0438 \u0442\u043e\u043b\u044c\u043a\u043e \u0441 \u043f\u043e\u043d\u0435\u0434\u0435\u043b\u044c\u043d\u0438\u043a\u0430 \u043f\u043e \u043f\u044f\u0442\u043d\u0438\u0446\u0443, \u0430 \u0432\u0440\u0435\u043c\u0435\u043d\u043d\u044b\u0435 \u043c\u0435\u0442\u043a\u0438 \u043f\u043e\u043a\u0430\u0437\u044b\u0432\u0430\u044e\u0442, \u0447\u0442\u043e \u043e\u043d\u0438 \u0440\u0430\u0431\u043e\u0442\u0430\u043b\u0438 \u0442\u043e\u043b\u044c\u043a\u043e \u0432 \u043e\u0431\u044b\u0447\u043d\u044b\u0435 \u0440\u0430\u0431\u043e\u0447\u0438\u0435 \u0447\u0430\u0441\u044b \u0432 \u0447\u0430\u0441\u043e\u0432\u043e\u043c \u043f\u043e\u044f\u0441\u0435 GMT+3, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 (\u043c\u043e\u0441\u043a\u043e\u0432\u0441\u043a\u043e\u0435 \u0432\u0440\u0435\u043c\u044f, \u0422\u0443\u0440\u0446\u0438\u044f, \u0410\u0440\u0430\u0432\u0438\u044f, \u0412\u043e\u0441\u0442\u043e\u0447\u043d\u0430\u044f \u0410\u0444\u0440\u0438\u043a\u0430). \u0415\u0449\u0435 \u043e\u0434\u043d\u0438\u043c \u0438\u043d\u0442\u0435\u0440\u0435\u0441\u043d\u044b\u043c \u043e\u0442\u043a\u0440\u044b\u0442\u0438\u0435\u043c \u0432 \u0445\u043e\u0434\u0435 \u0440\u0430\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u043d\u0438\u044f \u0441\u0442\u0430\u043b CLSID-\u043a\u043b\u044e\u0447 D9144DCD-E998-4ECA-AB6A-DCD83CCBA16D, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u043c\u044b\u0439 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c\u0438 \u0434\u043b\u044f \u0437\u0430\u043a\u0440\u0435\u043f\u043b\u0435\u043d\u0438\u044f \u0432 \u0441\u0438\u0441\u0442\u0435\u043c\u0435, \u0442.\u043a. \u043e\u043d \u0440\u0430\u043d\u0435\u0435 \u0444\u0438\u0433\u0443\u0440\u0438\u0440\u043e\u0432\u0430\u043b \u0432 \u043e\u0442\u0447\u0435\u0442\u0435 ESET, \u0433\u0434\u0435 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u0443\u043f\u043e\u043c\u044f\u043d\u0443\u043b\u0438 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0443\u044e \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u044e, \u043d\u0430\u0446\u0435\u043b\u0435\u043d\u043d\u0443\u044e \u043d\u0430 \u0441\u0442\u0440\u0430\u043d\u044b \u0412\u043e\u0441\u0442\u043e\u0447\u043d\u043e\u0439 \u0415\u0432\u0440\u043e\u043f\u044b. \u0412 \u0434\u043e\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435 \u043a \u044d\u0442\u043e\u043c\u0443, \u0430\u043d\u0430\u043b\u0438\u0437 \u043a\u043e\u0434\u0430 \u043c\u0430\u043b\u0432\u0430\u0440\u0438 \u0432\u044b\u044f\u0432\u0438\u043b \u0441\u043e\u0432\u043f\u0430\u0434\u0435\u043d\u0438\u044f \u0441 \u043e\u0431\u0440\u0430\u0437\u0446\u0430\u043c\u0438, \u043f\u043e\u0439\u043c\u0430\u043d\u043d\u044b\u043c\u0438 \u0432 2018 \u0433\u043e\u0434\u0443 \u0438 \u043f\u0440\u0438\u043d\u0430\u0434\u043b\u0435\u0436\u0430\u0449\u0438\u043c\u0438 APT28.\n@NeKaspersky", "creation_timestamp": "2022-01-25T17:08:24.000000Z"}, {"uuid": "0c04575a-5ad9-4e08-a0ce-35304cb8bc68", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-40444", "type": "exploited", "source": "Telegram/t4gtokn8SpAMOCEn2HexTTtzMwSyrDM6ap-Kp2XCmg3aXg", "content": "", "creation_timestamp": "2021-11-04T14:49:58.000000Z"}, {"uuid": "58044b6c-64bb-479f-a857-dc0063c413f7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-40444", "type": "exploited", "source": "https://t.me/NeKaspersky/2007", "content": "\u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u043b\u0438 \u043d\u043e\u0432\u0443\u044e \u0433\u0440\u0443\u043f\u043f\u0438\u0440\u043e\u0432\u043a\u0443, \u043f\u0440\u0435\u0434\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u044e\u0449\u0443\u044e Conti \u0434\u043e\u0441\u0442\u0443\u043f \u0432 \u0441\u0435\u0442\u0438 \u043a\u043e\u0440\u043f\u043e\u0440\u0430\u0446\u0438\u0439\n\n\u0421 \u0442\u0430\u043a\u0438\u043c \u0437\u0430\u044f\u0432\u043b\u0435\u043d\u0438\u0435\u043c \u0432\u0447\u0435\u0440\u0430 \u0432\u044b\u0441\u0442\u0443\u043f\u0438\u043b\u0438 \u0412\u043b\u0430\u0434 \u0421\u0442\u043e\u043b\u044f\u0440\u043e\u0432 \u0438 Benoit Sevens \u0438\u0437 \u0433\u0443\u0433\u043b\u043e\u0432\u0441\u043a\u043e\u0439 Threat Analysis Group (TAG). \u041f\u043e \u0438\u0445 \u0441\u043b\u043e\u0432\u0430\u043c, \u042d\u043a\u0437\u043e\u0442\u0438\u0447\u0435\u0441\u043a\u0430\u044f \u041b\u0438\u043b\u0438\u044f (Exotic Lily) \u2014 \u0442\u0430\u043a \u0432 TAG \u043e\u043a\u0440\u0435\u0441\u0442\u0438\u043b\u0438 \u044d\u0442\u0438\u0445 \u0431\u0440\u043e\u043a\u0435\u0440\u043e\u0432 \u043d\u0430\u0447\u0430\u043b\u044c\u043d\u043e\u0433\u043e \u0434\u043e\u0441\u0442\u0443\u043f\u0430 \u2014 \u0431\u044b\u043b\u0430 \u0437\u0430\u043c\u0435\u0447\u0435\u043d\u0430 \u0432 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043d\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 (CVE-2021-40444) \u0432 \u0434\u0432\u0438\u0436\u043a\u0435 MSHTML \u0437\u0430 \u0430\u0432\u0442\u043e\u0440\u0441\u0442\u0432\u043e\u043c Microsoft \u0432 \u0440\u0430\u043c\u043a\u0430\u0445 \u0434\u043e\u0441\u0442\u0430\u0442\u043e\u0447\u043d\u043e \u043c\u0430\u0441\u0448\u0442\u0430\u0431\u043d\u044b\u0445 \u0444\u0438\u0448\u0438\u043d\u0433\u043e\u0432\u044b\u0445 \u043a\u0430\u043c\u043f\u0430\u043d\u0438\u0439: \u0435\u0436\u0435\u0434\u043d\u0435\u0432\u043d\u043e \u043e\u0442\u043f\u0440\u0430\u0432\u043b\u044f\u043b\u0438 5\u043a+ email-\u043e\u0432 \u0441 \u00ab\u0434\u0435\u043b\u043e\u0432\u044b\u043c\u0438 \u043f\u0440\u0435\u0434\u043b\u043e\u0436\u0435\u043d\u0438\u044f\u043c\u0438\u00bb 650 \u043e\u0440\u0433\u0430\u043d\u0438\u0437\u0430\u0446\u0438\u044f\u043c \u043f\u043e \u0432\u0441\u0435\u043c\u0443 \u043c\u0438\u0440\u0443.\n\n\u0412\u043f\u0435\u0440\u0432\u044b\u0435 \u0440\u0430\u0441\u0442\u0438\u0442\u0435\u043b\u044c\u043d\u044b\u0445 \u0440\u0435\u0431\u044f\u0442 \u0437\u0430\u043c\u0435\u0442\u0438\u043b\u0438 \u0435\u0449\u0435 \u0432 \u0441\u0435\u043d\u0442\u044f\u0431\u0440\u0435 2021 \u0433\u043e\u0434\u0430, \u043a\u043e\u0433\u0434\u0430 \u0442\u0435 \u0443\u0447\u0430\u0441\u0442\u0432\u043e\u0432\u0430\u043b\u0438 \u0432 \u0434\u0435\u043f\u043b\u043e\u0435 \u0440\u0430\u043d\u0441\u043e\u043c\u0432\u0430\u0440\u0438 Conti \u0438 Diavol. \u0418\u0437\u043d\u0430\u0447\u0430\u043b\u044c\u043d\u043e \u0440\u0430\u0441\u0441\u044b\u043b\u0430\u0435\u043c\u044b\u0439 \u0438\u043c\u0438 \u0441\u043f\u0430\u043c \u0431\u044b\u043b \u0434\u043e\u0441\u0442\u0430\u0442\u043e\u0447\u043d\u043e \u0442\u0430\u0440\u0433\u0435\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u043c (\u0438\u043d\u0442\u0435\u0440\u0435\u0441\u043e\u0432\u0430\u043b\u0438\u0441\u044c \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u044f\u043c\u0438 \u0438\u0437 \u0441\u0435\u043a\u0442\u043e\u0440\u0430 \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u043e\u043d\u043d\u044b\u0445 \u0442\u0435\u0445\u043d\u043e\u043b\u043e\u0433\u0438\u0439, \u043a\u0438\u0431\u0435\u0440\u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0438 \u0437\u0434\u0440\u0430\u0432\u043e\u043e\u0445\u0440\u0430\u043d\u0435\u043d\u0438\u044f), \u043d\u043e \u0443\u0436\u0435 \u0441 \u043d\u043e\u044f\u0431\u0440\u044f \u0442\u043e\u0433\u043e \u0436\u0435 \u0433\u043e\u0434\u0430 \u043e\u043d\u0438 \u043e\u0431\u0440\u0430\u0442\u0438\u043b\u0438 \u0432\u043d\u0438\u043c\u0430\u043d\u0438\u0435 \u043d\u0430 \u043a\u0443\u0434\u0430 \u0431\u043e\u043b\u0435\u0435 \u0448\u0438\u0440\u043e\u043a\u0438\u0439 \u0441\u043f\u0435\u043a\u0442\u0440 \u043e\u0440\u0433\u0430\u043d\u0438\u0437\u0430\u0446\u0438\u0439. \u0412\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0435 \u0441\u043e\u043e\u0431\u0449\u0435\u043d\u0438\u044f \u043e\u0442\u0441\u044b\u043b\u0430\u043b\u0438\u0441\u044c \u043e\u0442 \u043b\u0438\u0446\u0430 \u0440\u0430\u0437\u043b\u0438\u0447\u043d\u044b\u0445 \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0439. \u0414\u043e\u0441\u0442\u0430\u0442\u043e\u0447\u043d\u043e \u0447\u0430\u0441\u0442\u043e, \u043d\u0430\u043f\u0440\u0438\u043c\u0435\u0440, \u043c\u043e\u0448\u0435\u043d\u043d\u0438\u043a\u0438 \u043f\u0440\u0438\u0442\u0432\u043e\u0440\u044f\u043b\u0438\u0441\u044c \u0441\u043e\u0442\u0440\u0443\u0434\u043d\u0438\u043a\u0430\u043c\u0438 Amazon, \u043f\u0440\u0438 \u044d\u0442\u043e\u043c \u0441\u043e\u0437\u0434\u0430\u0432\u0430\u044f \u0432 LinkedIn \u043f\u043e\u0434\u0434\u0435\u043b\u044c\u043d\u044b\u0435 \u043f\u0440\u043e\u0444\u0438\u043b\u0438, \u0430\u0432\u0430\u0442\u0430\u0440\u043a\u0438 \u0434\u043b\u044f \u043a\u043e\u0442\u043e\u0440\u044b\u0445 \u0433\u0435\u043d\u0435\u0440\u0438\u0440\u043e\u0432\u0430\u043b\u0438\u0441\u044c \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e \u043d\u0435\u0439\u0440\u043e\u043d\u043e\u043a. \u0412 \u0434\u0440\u0443\u0433\u0438\u0445 \u0441\u043b\u0443\u0447\u0430\u044f\u0445 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b\u0438 \u0434\u0430\u043d\u043d\u044b\u0435 \u0440\u0435\u0430\u043b\u044c\u043d\u044b\u0445 \u0441\u043e\u0442\u0440\u0443\u0434\u043d\u0438\u043a\u043e\u0432, \u0432\u044b\u0442\u044f\u0433\u0438\u0432\u0430\u044f \u0438\u0445 \u0438\u0437 \u043f\u0440\u043e\u0444\u0438\u043b\u044c\u043d\u044b\u0445 \u0431\u0430\u0437 \u0434\u0430\u043d\u043d\u044b\u0445, \u0432\u0440\u043e\u0434\u0435 Rocketreach \u0438 CrunchBase.\n\n\u041a\u043e\u0433\u0434\u0430 \u0434\u0438\u0430\u043b\u043e\u0433 \u0441 \u0436\u0435\u0440\u0442\u0432\u043e\u0439 \u0443\u0436\u0435 \u043f\u043e\u0441\u0442\u0440\u043e\u0435\u043d, Exotic Lily \u043d\u0435 \u0441\u0442\u0435\u0441\u043d\u044f\u044f\u0441\u044c \u0433\u0440\u0443\u0437\u0438\u043b\u0438 \u043f\u043e\u043b\u0435\u0437\u043d\u0443\u044e \u043d\u0430\u0433\u0440\u0443\u0437\u043a\u0443 \u0432\u043e \u0432\u043f\u043e\u043b\u043d\u0435 \u0441\u0435\u0431\u0435 \u043b\u0435\u0433\u0438\u0442\u0438\u043c\u043d\u044b\u0435 \u043e\u0431\u043b\u0430\u0447\u043d\u044b\u0435 \u0444\u0430\u0439\u043b\u043e\u043e\u0431\u043c\u0435\u043d\u043d\u0438\u043a\u0438, \u0432\u0440\u043e\u0434\u0435 WeTransfer, Transfernow \u0438\u043b\u0438 OneDrive, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044f \u043f\u0440\u0438 \u044d\u0442\u043e\u043c \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e\u0441\u0442\u044c \u043f\u0435\u0440\u0435\u0447\u0438\u0441\u043b\u0435\u043d\u043d\u044b\u0445 \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c \u043e\u0442\u043f\u0440\u0430\u0432\u043b\u044f\u0442\u044c \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f\u043c, \u0441 \u043a\u043e\u0442\u043e\u0440\u044b\u043c\u0438 \u043f\u043e\u0434\u0435\u043b\u0438\u043b\u0438\u0441\u044c \u0444\u0430\u0439\u043b\u043e\u043c, \u0441\u043e\u043e\u0442\u0432\u0435\u0442\u0441\u0442\u0432\u0443\u044e\u0449\u0438\u0435 \u0443\u0432\u0435\u0434\u043e\u043c\u043b\u0435\u043d\u0438\u044f. \u0421\u043c\u044b\u0441\u043b \u043f\u043e\u0434\u043e\u0431\u043d\u044b\u0445 \u0434\u0435\u0439\u0441\u0442\u0432\u0438\u0439 \u0437\u0430\u043a\u043b\u044e\u0447\u0430\u0435\u0442\u0441\u044f \u0432 \u0442\u043e\u043c, \u0447\u0442\u043e \u043f\u0438\u0441\u044c\u043c\u043e, \u0441\u043e\u0434\u0435\u0440\u0436\u0430\u0449\u0435\u0435 \u0441\u0441\u044b\u043b\u043a\u0443, \u043f\u0440\u0438\u0445\u043e\u0434\u0438\u0442 \u043d\u0435 \u0441 \u0440\u0430\u043d\u0434\u043e\u043c\u043d\u043e\u0433\u043e \u043f\u043e\u0447\u0442\u043e\u0432\u043e\u0433\u043e \u0441\u0435\u0440\u0432\u0438\u0441\u0430, \u0437\u0430\u0440\u0435\u0433\u0438\u0441\u0442\u0440\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u0433\u043e 1.5 \u0434\u043d\u044f \u043d\u0430\u0437\u0430\u0434, \u043d\u043e \u043e\u0442 \u043b\u0438\u0446\u0430 \u043a\u0440\u0443\u043f\u043d\u043e\u0439 \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0438 \u0441 \u0445\u043e\u0440\u043e\u0448\u0435\u0439 \u0440\u0435\u043f\u0443\u0442\u0430\u0446\u0438\u0435\u0439, \u0447\u0442\u043e \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0443\u0441\u044b\u043f\u0438\u0442\u044c \u0431\u0434\u0438\u0442\u0435\u043b\u044c\u043d\u043e\u0441\u0442\u044c \u043d\u0435\u043a\u043e\u0442\u043e\u0440\u044b\u0445 \u0430\u043d\u0442\u0438-\u0441\u043f\u0430\u043c \u0441\u0438\u0441\u0442\u0435\u043c.\n\n\u0412 \u0441\u043b\u0443\u0447\u0430\u0435 \u0441 MSHTML \u0434\u0435\u043b\u0430\u043b\u0438 \u0441\u043b\u0435\u0433\u043a\u0430 \u0438\u043d\u0430\u0447\u0435: \u043f\u043e\u0441\u043a\u043e\u043b\u044c\u043a\u0443 \u0440\u0435\u0447\u044c \u0438\u0434\u0435\u0442 \u043e RCE-\u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438, \u043e\u0431\u0449\u0430\u0442\u044c\u0441\u044f \u0441 \u043a\u0435\u043c-\u0442\u043e \u043f\u043e \u043f\u043e\u0447\u0442\u0435 \u043d\u0435 \u0442\u0440\u0435\u0431\u0443\u0435\u0442\u0441\u044f, \u0442\u0430\u043a \u0447\u0442\u043e \u043f\u0440\u0438 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0431\u0435\u0437 \u043b\u0438\u0448\u043d\u0438\u0445 \u043f\u0440\u0435\u043b\u044e\u0434\u0438\u0439 \u0437\u0430\u0433\u0440\u0443\u0436\u0430\u043b\u0438 Bumblebee \u2014 \u043a\u0430\u0441\u0442\u043e\u043c\u043d\u044b\u0439 \u0434\u0440\u043e\u043f\u043f\u0435\u0440, \u0432 \u0437\u0430\u0434\u0430\u0447\u0438 \u043a\u043e\u0442\u043e\u0440\u043e\u0433\u043e \u0432\u0445\u043e\u0434\u0438\u0442 \u0441\u0431\u043e\u0440 \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438 \u043e \u0437\u0430\u0440\u0430\u0436\u0435\u043d\u043d\u043e\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u0435 \u0438 \u043e\u0442\u043f\u0440\u0430\u0432\u043a\u0430 \u0435\u0435 \u0434\u043e\u043c\u043e\u0439, \u0430 \u0442\u0430\u043a\u0436\u0435 \u043f\u043e\u043b\u0443\u0447\u0435\u043d\u0438\u0435 \u043e\u0442\u0442\u0443\u0434\u0430 \u043f\u043e\u043b\u0435\u0437\u043d\u043e\u0439 \u043d\u0430\u0433\u0440\u0443\u0437\u043a\u0438, \u0437\u0430\u043f\u0443\u0441\u043a\u0430\u0435\u043c\u043e\u0439 \u0432 \u0434\u0430\u043b\u044c\u043d\u0435\u0439\u0448\u0435\u043c.\n\n\u0417\u0430\u0431\u0430\u0432\u043d\u043e \u0438 \u0442\u043e, \u0447\u0442\u043e \u0430\u043d\u0430\u043b\u0438\u0437 \u0442\u0430\u0439\u043c\u043b\u0430\u0439\u043d\u0430 \u043a\u043e\u043c\u043c\u0443\u043d\u0438\u043a\u0430\u0446\u0438\u0439 \u0433\u0440\u0443\u043f\u043f\u0438\u0440\u043e\u0432\u043a\u0438, \u043f\u0440\u043e\u0432\u0435\u0434\u0435\u043d\u043d\u044b\u0439 TAG, \u0443\u043a\u0430\u0437\u044b\u0432\u0430\u0435\u0442, \u0447\u0442\u043e \u0435\u0435 \u0447\u043b\u0435\u043d\u044b \u0440\u0430\u0431\u043e\u0442\u0430\u044e\u0442 \u0432 \u043e\u0441\u043d\u043e\u0432\u043d\u043e\u043c \u0441 9 \u0434\u043e 5 \u043f\u043e \u0431\u0443\u0434\u043d\u044f\u043c, \u043f\u0440\u043e\u044f\u0432\u043b\u044f\u044f \u0434\u043e\u0441\u0442\u0430\u0442\u043e\u0447\u043d\u043e \u043c\u0430\u043b\u0443\u044e \u0430\u043a\u0442\u0438\u0432\u043d\u043e\u0441\u0442\u044c \u0432 \u0432\u044b\u0445\u043e\u0434\u043d\u044b\u0435 (\u043c\u043e\u0436\u0435\u0442 \u0435\u0449\u0435 \u0438 \u0432 \u043e\u0444\u0438\u0441 \u0445\u043e\u0434\u044f\u0442?), \u0438, \u0432\u0435\u0440\u043e\u044f\u0442\u043d\u043e, \u043d\u0430\u0445\u043e\u0434\u044f\u0442\u0441\u044f \u0432 \u0447\u0430\u0441\u043e\u0432\u043e\u043c \u043f\u043e\u044f\u0441\u0435 \u0426\u0435\u043d\u0442\u0440\u0430\u043b\u044c\u043d\u043e\u0439 \u0438\u043b\u0438 \u0412\u043e\u0441\u0442\u043e\u0447\u043d\u043e\u0439 \u0415\u0432\u0440\u043e\u043f\u044b.\n@NeKaspersky", "creation_timestamp": "2022-03-18T14:53:23.000000Z"}, {"uuid": "1dcaed54-ccba-406e-9dc9-0636d01c47aa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-40444", "type": "exploited", "source": "https://t.me/NeKaspersky/1224", "content": "\u0425\u0430\u043a\u0435\u0440\u044b \u043e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043b\u0438 \u0442\u0443\u0442\u043e\u0440\u0438\u0430\u043b \u043f\u043e \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 0-day \u0432 Windows MSHTML. \n\n\u0411\u043b\u0430\u0433\u043e\u0434\u0430\u0440\u044f \u044d\u0442\u043e\u043c\u0443 \u043c\u043d\u043e\u0433\u0438\u0435 \u0434\u0440\u0443\u0433\u0438\u0435 \u0445\u0430\u043a\u0435\u0440\u044b \u043c\u043e\u0433\u0443\u0442 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2021-40444 \u0432 \u0441\u0432\u043e\u0438\u0445 \u0430\u0442\u0430\u043a\u0430\u0445. \n\nMicrosoft \u0440\u0430\u0441\u043a\u0440\u044b\u043b\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043d\u0430 \u043f\u0440\u043e\u0448\u043b\u043e\u0439 \u043d\u0435\u0434\u0435\u043b\u0435. \u041e\u043d\u0430 \u0434\u0430\u0451\u0442 \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e\u0441\u0442\u044c \u0430\u0442\u0430\u043a\u0443\u044e\u0449\u0438\u043c \u0441\u043e\u0437\u0434\u0430\u0432\u0430\u0442\u044c \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0435 \u0434\u043e\u043a\u0443\u043c\u0435\u043d\u0442\u044b \u0434\u043b\u044f RCI. \n\nMicrosoft \u043f\u043e-\u0431\u044b\u0441\u0442\u0440\u043e\u043c\u0443 \u043f\u043e\u0434\u043e\u0433\u043d\u0430\u043b\u0438 \u0438\u043d\u0441\u0442\u0440\u0443\u043c\u0435\u043d\u0442\u044b, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043f\u043e\u043c\u043e\u0433\u0430\u044e\u0442 \u0437\u0430\u0449\u0438\u0442\u0438\u0442\u044c\u0441\u044f \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f\u043c \u043e\u0442 \u0430\u0442\u0430\u043a \u0441 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0435\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438, \u043d\u043e \u043f\u0440\u0435\u0434\u043f\u0440\u0438\u0438\u043c\u0447\u0438\u0432\u044b\u0435 \u0445\u0430\u043a\u0435\u0440\u044b \u0431\u044b\u0441\u0442\u0440\u043e \u043c\u043e\u0434\u0438\u0444\u0438\u0446\u0438\u0440\u043e\u0432\u0430\u043b\u0438 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442 \u0442\u0430\u043a, \u0447\u0442\u043e \u043c\u043e\u0436\u043d\u043e \u043e\u0431\u0445\u043e\u0434\u0438\u0442\u044c \u043c\u0435\u0440\u044b \u0437\u0430\u0449\u0438\u0442\u044b Microsoft. \n\n2021 \u0433\u043e\u0434 \u043c\u043e\u0436\u043d\u043e \u0441\u043c\u0435\u043b\u043e \u0437\u0430\u043f\u0438\u0441\u044b\u0432\u0430\u0442\u044c \u0432 \u0438\u0441\u0442\u043e\u0440\u0438\u044e, \u043a\u0430\u043a \u0433\u043e\u0434 \u043a\u0438\u0431\u0435\u0440\u0441\u0442\u0430\u0445\u0430\u043d\u043e\u0432\u0446\u0435\u0432. \u041f\u0440\u043e\u0434\u0443\u043a\u0442\u0438\u0432\u043d\u043e\u0441\u0442\u044c \u0443 \u0445\u0430\u043a\u0435\u0440\u043e\u0432 \u043d\u0430 \u043f\u0438\u043a\u0435.", "creation_timestamp": "2021-09-13T18:24:38.000000Z"}, {"uuid": "2527f9ff-5743-4f01-8ff2-04e72a4f6a1e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-40444", "type": "exploited", "source": "https://t.me/NeKaspersky/1592", "content": "\u041d\u043e\u0432\u044b\u0439 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u043e\u0431\u043e\u0439\u0442\u0438 \u0441\u0435\u043d\u0442\u044f\u0431\u0440\u044c\u0441\u043a\u0438\u0439 \u043f\u0430\u0442\u0447 \u0434\u043b\u044f MSHTML\n \n\u0415\u0449\u0435 \u0432 \u0441\u0435\u043d\u0442\u044f\u0431\u0440\u0435 \u044d\u0442\u043e\u0433\u043e \u0433\u043e\u0434\u0430 Microsoft \u043e\u0448\u0430\u0440\u0430\u0448\u0438\u043b\u0430 \u0432\u043b\u0430\u0434\u0435\u043b\u044c\u0446\u0435\u0432 \u0441\u0432\u043e\u0435\u0433\u043e \u041f\u041e \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0435\u0439 \u043e \u043d\u043e\u0432\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043d\u0443\u043b\u0435\u0432\u043e\u0433\u043e \u0434\u043d\u044f CVE-2021-40444. \u0421 \u0435\u0451 \u043f\u043e\u043c\u043e\u0449\u044c\u044e, \u043a\u0430\u043a \u0432\u044b \u043f\u043e\u043c\u043d\u0438\u0442\u0435, \u043c\u043e\u0436\u043d\u043e \u0431\u044b\u043b\u043e \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0442\u044c \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0439 \u043a\u043e\u0434. \u041d\u0430 \u0442\u043e\u0442 \u043c\u043e\u043c\u0435\u043d\u0442 \u043b\u0430\u0437\u0435\u0439\u043a\u0430 \u0443\u0436\u0435 \u0430\u043a\u0442\u0438\u0432\u043d\u043e \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u043e\u0432\u0430\u043b\u0430\u0441\u044c \u0432\u0441\u044f\u043a\u0438\u043c\u0438 \u0448\u0430\u043b\u0430\u043f\u0430\u044f\u043c\u0438, \u0430 Microsoft \u0441\u0442\u0430\u0440\u0430\u043b\u0438\u0441\u044c \u043a\u0430\u043a \u043c\u043e\u0436\u043d\u043e \u0431\u044b\u0441\u0442\u0440\u0435\u0435 \u043e\u0442 \u043d\u0435\u0451 \u0438\u0437\u0431\u0430\u0432\u0438\u0442\u044c\u0441\u044f. \n \n\u0414\u044b\u0440\u0443, \u043a \u0441\u043b\u043e\u0432\u0443, \u043d\u0430\u0448\u043b\u0438 \u0432 \u0431\u0440\u0430\u0443\u0437\u0435\u0440\u043d\u043e\u043c \u0434\u0432\u0438\u0436\u043a\u0435 \u0434\u043b\u044f Microsoft Internet Explorer (MSHTML). (\u041d\u0443 \u0434\u0430, \u043d\u0443 \u0434\u0430. \u041c\u0430\u043b\u043e \u0442\u043e\u0433\u043e, \u0447\u0442\u043e Internet Explorer \u044f\u0432\u043b\u044f\u0435\u0442\u0441\u044f \u043a\u043e\u043c\u043f\u043e\u043d\u0435\u043d\u0442\u043e\u043c \u0441\u043e\u0432\u0440\u0435\u043c\u0435\u043d\u043d\u044b\u0439 \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c(\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044c\u0441\u043a\u0438\u0445 \u0438 \u0441\u0435\u0440\u0432\u0435\u0440\u043d\u044b\u0445), \u0442\u0430\u043a \u0435\u0433\u043e \u0434\u0432\u0438\u0436\u043e\u043a \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442\u0441\u044f \u0435\u0449\u0451 \u0438 \u0434\u043b\u044f \u0440\u0430\u0431\u043e\u0442\u044b Microsoft Office).\n \n\u041d\u0435 \u0431\u0443\u0434\u0435\u043c \u043b\u0438\u0442\u044c \u0432\u043e\u0434\u0443, \u043f\u0435\u0440\u0435\u0439\u0434\u0451\u043c \u043a \u0441\u0443\u0442\u0438. \u041f\u0440\u0438\u043d\u0446\u0438\u043f \u0440\u0430\u0431\u043e\u0442\u044b \u0437\u0430\u043a\u043b\u044e\u0447\u0430\u043b\u0441\u044f \u0432\u043e \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u043e\u043c \u044d\u043b\u0435\u043c\u0435\u043d\u0442\u0435 ActiveX, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u0438 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u043b \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0442\u044c \u043a\u043e\u0434. \u0415\u0433\u043e \u0432\u043d\u0435\u0434\u0440\u044f\u043b\u0438 \u0432 \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u044c\u043d\u044b\u0439 \u0434\u043e\u043a\u0443\u043c\u0435\u043d\u0442 Microsoft Office \u0438 \u0440\u0430\u0441\u0441\u044b\u043b\u0430\u043b\u0438 \u043f\u043e \u044d\u043b\u0435\u043a\u0442\u0440\u043e\u043d\u043d\u044b\u043c \u043f\u043e\u0447\u0442\u0430\u043c. \u0414\u0430\u043b\u044c\u0448\u0435 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u043d\u0443\u0436\u043d\u043e \u0431\u044b\u043b\u043e \u0434\u043e\u0441\u0442\u0430\u0442\u044c \u0438\u0437 \u0442\u0435\u043c\u043d\u0438\u043a\u043e\u0432 \u0432\u0441\u0435 \u0441\u0432\u043e\u0438 \u043d\u0430\u0432\u044b\u043a\u0438 \u0441\u043e\u0446\u0438\u0430\u043b\u044c\u043d\u043e\u0439 \u0438\u043d\u0436\u0435\u043d\u0435\u0440\u0438\u0438 \u0438 \u0443\u0431\u0435\u0434\u0438\u0442\u044c \u043b\u043e\u0445\u0430 \u043e\u0442\u043a\u0440\u044b\u0442\u044c \u0444\u0430\u0439\u043b.\n \n\u0418 \u0432\u043e\u0442 \u043e\u0431\u043b\u0435\u0433\u0447\u0435\u043d\u0438\u0435. Microsoft \u0432\u044b\u043f\u0443\u0441\u043a\u0430\u0435\u0442 \u0441\u0435\u043d\u0442\u044f\u0431\u0440\u044c\u0441\u043a\u0438\u0439 \u043f\u0430\u0442\u0447 \u0438 \u0440\u0435\u0448\u0430\u0435\u0442 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u0443. \u041d\u043e Microsoft \u043d\u0435 \u0431\u044b\u043b\u0430 \u0431\u044b \u0441\u043e\u0431\u043e\u0439, \u0435\u0441\u043b\u0438 \u0431\u044b \u043d\u0435 \u043d\u0430\u0448\u0451\u043b\u0441\u044f \u0441\u043f\u043e\u0441\u043e\u0431 \u043e\u0431\u0445\u043e\u0434\u0430 \u0437\u0430\u0449\u0438\u0442\u044b. \u0414\u043b\u044f \u044d\u0442\u043e\u0433\u043e \u0434\u043e\u0441\u0442\u0430\u0442\u043e\u0447\u043d\u043e \u0431\u044b\u043b\u043e \u0443\u0431\u0440\u0430\u0442\u044c \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442 CVE-2021-40444 \u0432 RAR-\u0444\u0430\u0439\u043b. \n \n \u041e\u043a\u0430\u0437\u0430\u043b\u043e\u0441\u044c, \u0447\u0442\u043e \u0432\u043e \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0439 \u0444\u0430\u0439\u043b \u0431\u044b\u043b \u0434\u043e\u0431\u0430\u0432\u043b\u0435\u043d \u0441\u043a\u0440\u0438\u043f\u0442 Windows Script Host, \u0430 RAR-\u0444\u0430\u0439\u043b \u0441\u043e\u0434\u0435\u0440\u0436\u0438\u0442 \u0432\u0441\u0442\u0440\u043e\u0435\u043d\u043d\u044b\u0439 OLE-\u043e\u0431\u044a\u0435\u043a\u0442. \u0418 \u043a\u0430\u043a \u0432\u044b \u043f\u043e\u043d\u044f\u043b\u0438, \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u0430 \u0437\u0430\u043a\u043b\u044e\u0447\u0430\u0435\u0442\u0441\u044f \u043d\u0435 \u0432 CAB-\u0444\u0430\u0439\u043b\u0435, \u043a\u0430\u043a \u044d\u0442\u043e \u0431\u044b\u043b\u043e \u0440\u0430\u043d\u0435\u0435, \u0430 \u0432 \u0437\u0430\u0440\u0430\u043d\u0435\u0435 \u0438\u0441\u043a\u0440\u0438\u0432\u043b\u0435\u043d\u043d\u043e\u043c \u0430\u0440\u0445\u0438\u0432\u0435. \u041f\u0440\u0438 \u0435\u0433\u043e \u043e\u0442\u043a\u0440\u044b\u0442\u0438\u0438 \u0438 \u043f\u043e\u0441\u043b\u0435\u0434\u0443\u044e\u0449\u0435\u043c \u0432\u043a\u043b\u044e\u0447\u0435\u043d\u0438\u0438 \u0440\u0435\u0436\u0438\u043c\u0430 \u0440\u0435\u0434\u0430\u043a\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u044f \u0441 \u0437\u0430\u043f\u0443\u0441\u043a\u043e\u043c \u0430\u043a\u0442\u0438\u0432\u043d\u043e\u0433\u043e \u043a\u043e\u043d\u0442\u0435\u043d\u0442\u0430, \u0434\u0435\u043b\u043e \u043d\u0430\u0447\u0438\u043d\u0430\u0435\u0442 \u043f\u0430\u0445\u043d\u0443\u0442\u044c \u043d\u0435 \u0446\u0432\u0435\u0442\u0430\u043c\u0438. \n\u041d\u0430\u043f\u0438\u0441\u0430\u043d\u043d\u044b\u0439 PoC-\u043a\u043e\u0434 \u0432\u044b \u043c\u043e\u0436\u0435\u0442\u0435 \u043d\u0430\u0439\u0442\u0438 \u043d\u0430 GitHub. \n \n \u041e\u0434\u043d\u0430\u043a\u043e \u043d\u0435 \u0432\u0441\u0435 \u0442\u0430\u043a \u043f\u0435\u0447\u0430\u043b\u044c\u043d\u043e. \u0412\u0440\u0435\u0434\u043e\u043d\u043e\u0441 \u043c\u043e\u0433\u0443\u0442 \u043e\u0442\u043a\u0440\u044b\u0442\u044c \u0442\u043e\u043b\u044c\u043a\u043e \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u043d\u044b\u0435 WinRAR 6.10 beta 3, \u0430 \u0443 \u0432\u043b\u0430\u0434\u0435\u043b\u044c\u0446\u0435\u0432 \u0441\u0442\u0430\u0440\u044b\u0445 \u0432\u0435\u0440\u0441\u0438\u0439 \u0434\u0430\u0436\u0435 \u043d\u0435 \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u0441\u044f \u0437\u0430\u043f\u0443\u0441\u0442\u0438\u0442\u044c \u043c\u043e\u0434\u0438\u0444\u0438\u0446\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0439 \u0430\u0440\u0445\u0438\u0432\u043d\u044b\u0439 \u0444\u0430\u0439\u043b.\n@NeKaspersky", "creation_timestamp": "2022-02-04T18:39:32.000000Z"}, {"uuid": "2f264f90-9485-496c-99c5-b827c7e193ba", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-40444", "type": "published-proof-of-concept", "source": "https://t.me/reconshell/1140", "content": "Microsoft Office Word Exploit\n\n#MSHTML #RCE #Exploit #Microsoft\n#CVE-2021-40444 #RemoteCodeExecution\n\nhttps://reconshell.com/microsoft-word-exploit/", "creation_timestamp": "2021-12-20T19:48:01.000000Z"}, {"uuid": "98d3bfbf-a7ab-48c6-a2de-df9d2ee9eaac", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-40449", "type": "seen", "source": "https://t.me/reverse_dungeon/919", "content": "https://bazaar.abuse.ch/browse/tag/CVE-2021-40449/", "creation_timestamp": "2021-10-13T11:26:25.000000Z"}, {"uuid": "e5f2466e-a9b0-48b1-8822-a36517d203cc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-40444", "type": "published-proof-of-concept", "source": "Telegram/TamdMsi24WImky6H5uIqsJY8yfD4MhSC9MVjjy5jHRaSunA", "content": "", "creation_timestamp": "2021-10-01T09:10:09.000000Z"}, {"uuid": "a9197fd3-dea2-43bc-90d7-4a43c140d132", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-4044", "type": "seen", "source": "https://t.me/cibsecurity/33978", "content": "\u203c CVE-2021-4044 \u203c\n\nInternally libssl in OpenSSL calls X509_verify_cert() on the client side to verify a certificate supplied by a server. That function may return a negative return value to indicate an internal error (for example out of memory). Such a negative return value is mishandled by OpenSSL and will cause an IO function (such as SSL_connect() or SSL_do_handshake()) to not indicate success and a subsequent call to SSL_get_error() to return the value SSL_ERROR_WANT_RETRY_VERIFY. This return value is only supposed to be returned by OpenSSL if the application has previously called SSL_CTX_set_cert_verify_callback(). Since most applications do not do this the SSL_ERROR_WANT_RETRY_VERIFY return value from SSL_get_error() will be totally unexpected and applications may not behave correctly as a result. The exact behaviour will depend on the application but it could result in crashes, infinite loops or other similar incorrect responses. This issue is made more serious in combination with a separate bug in OpenSSL 3.0 that will cause X509_verify_cert() to indicate an internal error when processing a certificate chain. This will occur where a certificate does not include the Subject Alternative Name extension but where a Certificate Authority has enforced name constraints. This issue can occur even with valid chains. By combining the two issues an attacker could induce incorrect, application dependent behaviour. Fixed in OpenSSL 3.0.1 (Affected 3.0.0).\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-12-14T22:14:51.000000Z"}, {"uuid": "cc337832-baad-4c78-a686-162a23464865", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-40444", "type": "exploited", "source": "Telegram/smWrD73nCHhVL4jR2xa9FEpaSa_Ke6qKJtMu55OxAme9AtU", "content": "", "creation_timestamp": "2021-09-28T08:56:06.000000Z"}, {"uuid": "c562e5e3-f1c2-44e9-8b2c-2e345f402a30", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-40444", "type": "exploited", "source": "https://t.me/thehackernews/1496", "content": "Microsoft has issued an advisory WARNING its users about a new actively exploited ZERO-DAY vulnerability (CVE-2021-40444 // CVSS score: 8.8) that attackers are using to hijack Windows systems by leveraging weaponized Office documents.\n\nDetails: https://thehackernews.com/2021/09/new-0-day-attack-targeting-windows.html", "creation_timestamp": "2021-09-08T05:43:45.000000Z"}, {"uuid": "861b847a-110c-4b4c-8c90-2d51cf0027e1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-40444", "type": "exploited", "source": "https://t.me/theninjaway1337/1246", "content": "Hackers use PowerPoint files for 'mouseover' malware delivery\n\nThis article was updated on 9/29/22 with new information that Microsoft fixed a vulnerability in 2021 tracked as CVE-2021-40444 that also prevents this PowerPoint exploit from working. If you have installed Windows Updates since then, your device is secure.\nHackers believed to work for Russia have started using a new code execution technique that relies on mouse movement in Microsoft PowerPoint presentations to trigger a malicious PowerShell script.\n\nhttps://www.bleepingcomputer.com/news/security/hackers-use-powerpoint-files-for-mouseover-malware-delivery/", "creation_timestamp": "2023-02-10T22:15:06.000000Z"}, {"uuid": "d9521bae-f6d1-4830-b626-48070aba226a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-40444", "type": "seen", "source": "https://t.me/HackerOne/3173", "content": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-40444", "creation_timestamp": "2021-09-10T08:36:10.000000Z"}, {"uuid": "261a27c2-6c1a-41c0-afd0-1f320410330c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-40444", "type": "exploited", "source": "https://t.me/HackerOne/3177", "content": "https://www.trendmicro.com/en_us/research/21/i/remote-code-execution-zero-day--cve-2021-40444--hits-windows--tr.html", "creation_timestamp": "2021-09-13T17:25:39.000000Z"}, {"uuid": "2241cf6f-7b45-4141-a385-f020936253c9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-40444", "type": "exploited", "source": "https://t.me/thehackernews/3605", "content": "Cybercriminals are leveraging exploits for CVE-2021-40444 and CVE-2022-30190 to execute code through malicious Word files. Once opened, LokiBot malware is downloaded, logging keystrokes, capturing screenshots, and stealing data.  \n \nRead: https://thehackernews.com/2023/07/cybercriminals-exploit-microsoft-word.html", "creation_timestamp": "2023-07-17T11:34:30.000000Z"}, {"uuid": "7f4b661a-8a0f-47db-abfc-b0735ede87cb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-40444", "type": "exploited", "source": "https://t.me/St0rM66/450", "content": "\u0627\u064a\u0645\u064a\u0644 \u0635\u063a\u064a\u0631 \u0628\u064a\u062d\u062a\u0648\u064a \u0639\u0644\u0649 \u0645\u0644\u0641 Word \u0645\u0645\u0643\u0646 \u064a\u062a\u0628\u0639\u062a \u0644\u0627\u064a \u0634\u062e\u0635, \u0648\u0628\u0645\u062c\u0631\u062f \u062a\u0646\u0632\u064a\u0644 \u0648\u0641\u062a\u062d \u0645\u0644\u0641 \u0627\u0644\u0640 Word, \u0627\u0644\u0637\u0631\u0641 \u0627\u0644\u0627\u062e\u0631 \u0628\u064a\u0627\u062e\u062f Access \u0643\u0627\u0645\u0644 \u0639\u0644\u0649 \u062c\u0647\u0627\u0632\u0643, \u0628\u062f\u0648\u0646 \u0627\u0633\u062a\u062e\u062f\u0627\u0645 \u0645\u0627 \u064a\u0639\u0631\u0641 \u0628\u0625\u0633\u0645 \u0627\u0644\u0640 Macros.\n\n\u062b\u063a\u0631\u0629 \u062c\u062f\u064a\u062f\u0629 \u0645\u0639\u0631\u0648\u0641\u0629 \u0628\u0625\u0633\u0645 CVE-2021-40444.\n\n\u0627\u0644\u0640 Attack \u0628\u064a\u062d\u0635\u0644 \u0643\u0627\u0644\u0623\u062a\u064a:-\n\n- \u0645\u0644\u0641 Word \u0628\u064a\u062a\u0628\u0639\u062a \u0641\u064a \u0627\u064a\u0645\u064a\u0644.\n- \u0627\u0644\u0645\u0644\u0641 \u0628\u064a\u062a\u0645 \u062a\u0646\u0632\u064a\u0644\u0647 \u0648\u062a\u0634\u063a\u064a\u0644\u0647 \u0648\u0628\u0633\u0628\u0628 \u0627\u0646\u0647\u0627 \u062b\u063a\u0631\u0629 \u062c\u062f\u064a\u062f\u0629 \u0641\u0627 \u0628\u062a\u0643\u0648\u0646 \u063a\u064a\u0631 \u0645\u0639\u0631\u0648\u0641\u0629 \u0644\u0644\u0640 Antivirus.\n- \u0645\u0644\u0641 \u0627\u0644\u0640 Word \u0628\u064a\u0646\u0632\u0644 \u0645\u0644\u0641 \u0627\u062e\u0631 \u0628\u064a\u062d\u062a\u0648\u064a \u0639\u0644\u0649 \u0643\u0648\u062f Javascript.\n- \u0643\u0648\u062f \u0627\u0644\u0640 Javascript \u0628\u064a\u0646\u0632\u0644 \u0645\u0644\u0641 \u0627\u062e\u0631 \u0628\u064a\u062d\u062a\u0648\u0649 \u0639\u0644\u0649 DLL File.\n- \u0627\u0644\u0640 DLL File \u0628\u062f\u0648\u0631\u0647 \u0628\u064a\u0641\u062a\u062d \u0627\u062a\u0635\u0627\u0644 \u0645\u0639 \u0627\u0644\u0640 Attacker \u0645\u0646 \u062e\u0644\u0627\u0644 \u062a\u0648\u0644 \u0627\u0633\u0645\u0647\u0627 Cobalt Strike.\n\n\u062d\u0627\u0644\u064a\u0627 \u0634\u0631\u0643\u0629 \u0645\u064a\u0643\u0631\u0648\u0633\u0648\u0641\u062a \u0646\u0632\u0644\u062a \u0628\u0627\u062a\u0634 \u0644\u0644\u062b\u063a\u0631\u0629 \u062f\u064a.\n\nhttps://www.microsoft.com/security/blog/2021/09/15/analyzing-attacks-that-exploit-the-mshtml-cve-2021-40444-vulnerability/", "creation_timestamp": "2021-09-19T15:46:26.000000Z"}, {"uuid": "9f577a63-d93d-4f0c-87eb-50d33cb4e490", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-40444", "type": "exploited", "source": "https://t.me/BlueRedTeam/1093", "content": "Mapping and Pivoting from Cobalt Strike C2 Infrastructure Attributed to CVE-2021-40444\nhttps://michaelkoczwara.medium.com/mapping-and-pivoting-cobalt-strike-c2-infrastructure-attributed-to-cve-2021-40444-438786fcd68a\n\n#Blue_Team_Techniques\n#Blue_Team \n@BlueRedTeam", "creation_timestamp": "2021-12-12T08:21:43.000000Z"}, {"uuid": "98f9b536-ba28-47ea-9e1d-0a0361ec593a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-40444", "type": "published-proof-of-concept", "source": "https://t.me/BlueRedTeam/1607", "content": "#exploit\n1. Unpacking CVE-2021-40444:\nA Deep Technical Analysis of an Office RCE Exploit\nhttps://billdemirkapi.me/unpacking-cve-2021-40444-microsoft-office-rce\n\n2. CVE-2021-38000:\nChrome Intents Logic Flaw\nhttps://googleprojectzero.github.io/0days-in-the-wild//0day-RCAs/2021/CVE-2021-38000.html\n\n@BlueRedTeam", "creation_timestamp": "2022-01-09T08:11:33.000000Z"}, {"uuid": "b8801a0b-6531-47af-9726-376cebbb97be", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-40444", "type": "exploited", "source": "https://t.me/xakep_ru/11630", "content": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 Microsoft MSHTML \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442\u0441\u044f \u0434\u043b\u044f \u043a\u0440\u0430\u0436\u0438 \u0443\u0447\u0435\u0442\u043d\u044b\u0445 \u0434\u0430\u043d\u043d\u044b\u0445 Google \u0438 Instagram\n\n\u0418\u0411-\u044d\u043a\u0441\u043f\u0435\u0440\u0442\u044b \u0438\u0437 \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0438 SafeBreach Labs \u043f\u0440\u0435\u0434\u0443\u043f\u0440\u0435\u0434\u0438\u043b\u0438, \u0447\u0442\u043e \u0438\u0440\u0430\u043d\u0441\u043a\u0438\u0435 \u0445\u0430\u043a\u0435\u0440\u044b \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0442 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2021-40444 \u0434\u043b\u044f \u043a\u0440\u0430\u0436\u0438 \u0443\u0447\u0435\u0442\u043d\u044b\u0445 \u0434\u0430\u043d\u043d\u044b\u0445 \u043e\u0442 \u0430\u043a\u043a\u0430\u0443\u043d\u0442\u043e\u0432 Google \u0438 Instagram. \u0417\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u0432 \u043e\u0441\u043d\u043e\u0432\u043d\u043e\u043c \u0430\u0442\u0430\u043a\u0443\u044e\u0442 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439, \u0433\u043e\u0432\u043e\u0440\u044f\u0449\u0438\u0445 \u043d\u0430 \u0444\u0430\u0440\u0441\u0438.\n\nhttps://xakep.ru/2021/11/25/cve-2021-40444-powershortshell/", "creation_timestamp": "2021-11-25T15:04:09.000000Z"}, {"uuid": "414c3bf6-d1c0-4533-b9d4-821fc33ef43b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-40444", "type": "exploited", "source": "https://t.me/xakep_ru/11283", "content": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 Windows MSHTML \u043e\u043a\u0430\u0437\u0430\u043b\u0430\u0441\u044c \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u0435\u0435, \u0447\u0435\u043c \u043f\u0440\u0435\u0434\u043f\u043e\u043b\u0430\u0433\u0430\u043b\u043e\u0441\u044c\n\n\u041f\u043e\u044f\u0432\u0438\u043b\u0438\u0441\u044c \u043d\u043e\u0432\u044b\u0435 \u043f\u043e\u0434\u0440\u043e\u0431\u043d\u043e\u0441\u0442\u0438 \u043e \u043d\u0430\u0439\u0434\u0435\u043d\u043d\u043e\u0439 \u043d\u0435\u0434\u0430\u0432\u043d\u043e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043d\u0443\u043b\u0435\u0432\u043e\u0433\u043e \u0434\u043d\u044f CVE-2021-40444 \u0438 \u043e \u0442\u043e\u043c, \u043a\u0430\u043a \u043e\u043d\u0430 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442\u0441\u044f \u0432 \u0442\u0430\u0440\u0433\u0435\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0445 \u0430\u0442\u0430\u043a\u0430\u0445.\n\nhttps://xakep.ru/2021/09/10/cve-2021-40444/", "creation_timestamp": "2022-12-21T07:43:57.000000Z"}, {"uuid": "b9fabe4c-572d-4d14-8714-0b533bf77971", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-40444", "type": "exploited", "source": "https://t.me/xakep_ru/11291", "content": "\u041e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043d \u044d\u043a\u0441\u043f\u043b\u043e\u0438\u0442 \u0434\u043b\u044f 0-day \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 Windows MSHTML\n\n\u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u043f\u0440\u0435\u0434\u0443\u043f\u0440\u0435\u0436\u0434\u0430\u044e\u0442, \u0447\u0442\u043e \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u0443\u0436\u0435 \u0434\u0435\u043b\u044f\u0442\u0441\u044f \u043d\u0430 \u0445\u0430\u043a\u0435\u0440\u0441\u043a\u0438\u0445 \u0444\u043e\u0440\u0443\u043c\u0430\u0445 \u0442\u0443\u0442\u043e\u0440\u0438\u0430\u043b\u0430\u043c\u0438 \u0438 \u044d\u043a\u0441\u043f\u043b\u043e\u0438\u0442\u0430\u043c\u0438 \u0434\u043b\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 CVE-2021-40444, \u0447\u0442\u043e \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0431\u043e\u043b\u044c\u0448\u0435\u043c\u0443 \u0447\u0438\u0441\u043b\u0443 \u0445\u0430\u043a\u0435\u0440\u043e\u0432 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u043d\u043e\u0432\u0443\u044e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 \u0441\u0432\u043e\u0438\u0445 \u0430\u0442\u0430\u043a\u0430\u0445.\n\nhttps://xakep.ru/2021/09/13/cve-2021-40444-exploits/", "creation_timestamp": "2021-09-13T17:33:48.000000Z"}, {"uuid": "4a66ae2e-4416-4819-854a-9b153111032e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-40444", "type": "exploited", "source": "https://t.me/SecLabNews/14344", "content": "\u0421\u043a\u0440\u044b\u0442\u043d\u044b\u0439 \u0438 \u043e\u043f\u0430\u0441\u043d\u044b\u0439: \u043a\u0430\u043a \u0431\u044d\u043a\u0434\u043e\u0440 MataDoor \u043f\u0440\u043e\u043d\u0438\u043a\u0430\u0435\u0442 \u0432 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0435 \u043e\u0431\u043e\u0440\u043e\u043d\u043d\u044b\u0435 \u0441\u0438\u0441\u0442\u0435\u043c\u044b\n\n\ud83d\udd24\u0411\u044d\u043a\u0434\u043e\u0440 MataDoor \u044f\u0432\u043b\u044f\u0435\u0442\u0441\u044f \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u043e\u043c \u043d\u043e\u0432\u043e\u0439 \u0433\u0440\u0443\u043f\u043f\u0438\u0440\u043e\u0432\u043a\u0438 Dark River, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u0446\u0435\u043b\u0435\u043d\u0430\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043d\u043e \u0430\u0442\u0430\u043a\u0443\u0435\u0442 \u043f\u0440\u0435\u0434\u043f\u0440\u0438\u044f\u0442\u0438\u044f \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u043e\u0433\u043e \u043e\u0431\u043e\u0440\u043e\u043d\u043d\u043e\u0433\u043e \u043a\u043e\u043c\u043f\u043b\u0435\u043a\u0441\u0430 \u0441 \u0446\u0435\u043b\u044c\u044e \u0448\u043f\u0438\u043e\u043d\u0430\u0436\u0430 \u0438 \u043a\u0440\u0430\u0436\u0438 \u043a\u043e\u043d\u0444\u0438\u0434\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u043e\u0439 \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438.\n\n\ud83d\udd24\u0411\u044d\u043a\u0434\u043e\u0440  \u0438\u043c\u0435\u0435\u0442 \u0441\u043b\u043e\u0436\u043d\u0443\u044e \u0430\u0440\u0445\u0438\u0442\u0435\u043a\u0442\u0443\u0440\u0443 \u0438 \u0442\u0440\u0430\u043d\u0441\u043f\u043e\u0440\u0442\u043d\u0443\u044e \u0441\u0438\u0441\u0442\u0435\u043c\u0443, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0442 \u0435\u043c\u0443 \u043d\u0435\u0437\u0430\u043c\u0435\u0442\u043d\u043e \u0434\u0435\u0439\u0441\u0442\u0432\u043e\u0432\u0430\u0442\u044c \u0432 \u0441\u043a\u043e\u043c\u043f\u0440\u043e\u043c\u0435\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u0439 \u0438\u043d\u0444\u0440\u0430\u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u0435 \u0438 \u043f\u0435\u0440\u0435\u0434\u0430\u0432\u0430\u0442\u044c \u0434\u0430\u043d\u043d\u044b\u0435 \u0434\u0430\u0436\u0435 \u0438\u0437 \u043b\u043e\u0433\u0438\u0447\u0435\u0441\u043a\u0438 \u0438\u0437\u043e\u043b\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0445 \u0441\u0435\u0442\u0435\u0439.\n\n\ud83d\udd24 MataDoor \u0440\u0430\u0441\u043f\u0440\u043e\u0441\u0442\u0440\u0430\u043d\u044f\u0435\u0442\u0441\u044f \u0447\u0435\u0440\u0435\u0437 \u0444\u0438\u0448\u0438\u043d\u0433\u043e\u0432\u044b\u0435 \u043f\u0438\u0441\u044c\u043c\u0430 \u0441 \u0434\u043e\u043a\u0443\u043c\u0435\u043d\u0442\u0430\u043c\u0438, \u0441\u043e\u0434\u0435\u0440\u0436\u0430\u0449\u0438\u043c\u0438 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u044b \u0434\u043b\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 CVE-2021-40444, \u0438 \u0445\u043e\u0440\u043e\u0448\u043e \u043c\u0430\u0441\u043a\u0438\u0440\u0443\u0435\u0442\u0441\u044f \u043f\u043e\u0434 \u043b\u0435\u0433\u0430\u043b\u044c\u043d\u043e\u0435 \u041f\u041e, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044f \u0443\u043f\u0430\u043a\u043e\u0432\u0449\u0438\u043a\u0438 \u0438 \u0446\u0438\u0444\u0440\u043e\u0432\u044b\u0435 \u043f\u043e\u0434\u043f\u0438\u0441\u0438.\n\n#MataDoor #DarkRiver #\u041e\u041f\u041a @SecLabNews", "creation_timestamp": "2023-09-27T08:18:54.000000Z"}, {"uuid": "595034fd-840f-4181-b1c2-44ba6cf74916", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-40444", "type": "exploited", "source": "https://t.me/SecLabNews/10928", "content": "\u0425\u0430\u043a\u0435\u0440\u044b \u0430\u0442\u0430\u043a\u043e\u0432\u0430\u043b\u0438 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0439 \u0433\u043e\u0441\u0443\u0434\u0430\u0440\u0441\u0442\u0432\u0435\u043d\u043d\u044b\u0439 \u0440\u0430\u043a\u0435\u0442\u043d\u044b\u0439 \u0446\u0435\u043d\u0442\u0440 \u0438 \u041c\u0412\u0414\n\n\u0412 \u0445\u043e\u0434\u0435 \u0430\u0442\u0430\u043a \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b\u0430\u0441\u044c \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c ( CVE-2021-40444 ) \u0432 Microsoft MHTML (Trident) \u2014 \u043f\u0440\u043e\u043f\u0440\u0438\u0435\u0442\u0430\u0440\u043d\u043e\u043c \u0434\u0432\u0438\u0436\u043a\u0435 \u0431\u0440\u0430\u0443\u0437\u0435\u0440\u0430 Internet Explorer.\n\n\u041f\u0435\u0440\u0432\u043e\u0435 \u0442\u0438\u043f \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u043e\u0433\u043e \u0434\u043e\u043a\u0443\u043c\u0435\u043d\u0442\u0430 \u0437\u0430\u043c\u0430\u0441\u043a\u0438\u0440\u043e\u0432\u0430\u043d \u043f\u043e\u0434 \u0432\u043d\u0443\u0442\u0440\u0435\u043d\u043d\u0435\u0435 \u0441\u043e\u043e\u0431\u0449\u0435\u043d\u0438\u0435 \u043e\u0442\u0434\u0435\u043b\u0430 \u043a\u0430\u0434\u0440\u043e\u0432 \u0410\u041e \u00ab\u0413\u0420\u0426 \u041c\u0430\u043a\u0435\u0435\u0432\u0430\u00bb - \u0441\u0442\u0440\u0430\u0442\u0435\u0433\u0438\u0447\u0435\u0441\u043a\u0438\u0439 \u0445\u043e\u043b\u0434\u0438\u043d\u0433 \u043e\u0431\u043e\u0440\u043e\u043d\u043d\u043e-\u043f\u0440\u043e\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u043e\u0433\u043e \u043a\u043e\u043c\u043f\u043b\u0435\u043a\u0441\u0430 \u0441\u0442\u0440\u0430\u043d\u044b \u0432 \u0440\u0430\u043a\u0435\u0442\u043d\u043e-\u043a\u043e\u0441\u043c\u0438\u0447\u0435\u0441\u043a\u043e\u0439 \u043e\u0442\u0440\u0430\u0441\u043b\u0438.\n\n\u0412\u0442\u043e\u0440\u043e\u0435 \u043f\u0438\u0441\u044c\u043c\u043e \u0431\u044b\u043b\u043e \u044f\u043a\u043e\u0431\u044b \u043e\u0442\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043e \u0438\u0437 \u041c\u0438\u043d\u0438\u0441\u0442\u0435\u0440\u0441\u0442\u0432\u0430 \u0432\u043d\u0443\u0442\u0440\u0435\u043d\u043d\u0438\u0445 \u0434\u0435\u043b \u0432 \u041c\u043e\u0441\u043a\u0432\u0435.\n\n\u0412 \u043e\u0431\u043e\u0438\u0445 \u0441\u043b\u0443\u0447\u0430\u044f\u0445 \u0441\u043e\u0442\u0440\u0443\u0434\u043d\u0438\u043a\u043e\u0432 \u043f\u0440\u043e\u0441\u044f\u0442 \u0437\u0430\u043f\u043e\u043b\u043d\u0438\u0442\u044c \u0444\u043e\u0440\u043c\u0443 \u0438\u043b\u0438 \u043e\u0442\u0432\u0435\u0442\u0438\u0442\u044c \u043d\u0430 \u043f\u0438\u0441\u044c\u043c\u043e.\n\nhttps://www.securitylab.ru/news/524957.php", "creation_timestamp": "2021-09-23T16:30:41.000000Z"}, {"uuid": "583ceaa9-d302-4049-90ba-12354f5e2380", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-40444", "type": "exploited", "source": "https://t.me/arvin_club/4644", "content": "New Cool vulnerability in MS Office which triggers without macro\nSo whole magic in this exploit happens while oppening the document, it loads html file which contains obfuscated JS\nhttps://vx-underground.org/tmp/CVE-2021-40444.rar\n\nhttps://www.youtube.com/watch?v=oM6UaaXJ46I", "creation_timestamp": "2021-09-10T22:43:07.000000Z"}, {"uuid": "7f688ed6-e460-4cdd-8794-1a528d1f2267", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-40444", "type": "exploited", "source": "https://t.me/S_E_Reborn/1019", "content": "\u0412\u043e\u0441\u043f\u0440\u043e\u0438\u0437\u0432\u0435\u0434\u0435\u043d\u0438\u0435 \u0443 \u0441\u0435\u0431\u044f \u043d\u0430 \u0432\u0438\u0440\u0442\u0443\u0430\u043b\u043a\u0435 CVE-2021-40444\n\nhttps://xret2pwn.github.io/CVE-2021-40444-Analysis-and-Exploit/\n\nhttps://github.com/felixweyne/imaginaryC2/tree/master/examples/use-case-10-CVE-2021-40444", "creation_timestamp": "2021-09-13T20:27:27.000000Z"}, {"uuid": "0a9ffae6-4cc8-4996-97da-3f7ee89bb9f1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-40449", "type": "published-proof-of-concept", "source": "https://t.me/S_E_Reborn/1264", "content": "\u041d\u043e\u0432\u044b\u0439 \u0431\u0435\u0441\u043f\u043b\u0430\u0442\u043d\u044b\u0439 \u043a\u0443\u0440\u0441 \u043d\u0430 opensecuritytraining - Architecture 4001: x86-64 Intel Firmware Attack & Defense\n\n\u0414\u0435\u0442\u0435\u043a\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0435 Mimikatz Skeleton Key \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e Volatility + \u043d\u0430\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u043f\u043b\u0430\u0433\u0438\u043d\u0430\n\n\u0418\u0441\u0445\u043e\u0434\u043d\u0438\u043a\u0438 \u0440\u0435\u0448\u0435\u043d\u0438\u0439 \u0434\u043b\u044f HackSys Extreme Vulnerable Driver (\u0432\u0438\u043d \u0434\u0440\u0430\u0439\u0432\u0435\u0440 \u0434\u043b\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438)\n\nLinux Forensics\n\n\u0421\u0442\u0430\u0442\u044c\u044f, \u043e\u0431\u0440\u0430\u0437\u0446\u044b, yara \u0434\u043b\u044f \u0431\u044d\u043a\u0434\u043e\u0440\u0430 NGLite\n\n\u0421\u0442\u0430\u0442\u044c\u044f + poc \u043f\u043e CVE-2021-40449 (use after free \u0432 win32kfull.sys)\n\n\u0414\u0432\u0435 \u043d\u0435 \u043e\u0447\u0435\u043d\u044c \u0436\u0435\u0441\u0442\u043a\u0438\u0435, \u043d\u043e \u0438\u043d\u0442\u0435\u0440\u0435\u0441\u043d\u044b\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 Mcafee Agent \u0438 McAfee Drive Encryption\n\n\u0415\u0449\u0435 \u043e\u0434\u0438\u043d \u0431\u043b\u043e\u0433 \u0441\u043e \u0441\u0442\u0430\u0442\u044c\u044f\u043c\u0438 \u043f\u043e \u0430\u043d\u0430\u043b\u0438\u0437\u0443 \u043c\u0430\u043b\u0432\u0430\u0440\u0438\n\n\u0420\u0430\u0441\u0448\u0438\u0444\u0440\u043e\u0432\u043a\u0430 \u0442\u0440\u0430\u0444\u0444\u0438\u043a\u0430 cobalt strike (\u0441\u0442\u0430\u0442\u044c\u044f + \u0432\u0438\u0434\u0435\u043e)", "creation_timestamp": "2021-11-09T16:33:13.000000Z"}, {"uuid": "95c1bb99-886a-4490-831f-381457a01d66", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-40444", "type": "exploited", "source": "https://t.me/S_E_Reborn/1554", "content": "\u041d\u0438\u043a\u0442\u043e \u0438 \u043d\u0435 \u0441\u043e\u043c\u043d\u0435\u0432\u0430\u043b\u0441\u044f, \u0437\u043d\u0430\u044f \u043a\u0430\u043a Microsoft \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u044f\u044e\u0442 \u0441\u0432\u043e\u0438 \u043a\u043e\u0441\u044f\u043a\u0438, \u0434\u043e\u043f\u0443\u0441\u043a\u0430\u044f \u043f\u0440\u0438 \u044d\u0442\u043e\u043c \u043a\u0443\u0447\u0443 \u0434\u0440\u0443\u0433\u0438\u0445.\n \n\u0421\u043e\u0433\u043b\u0430\u0441\u043d\u043e \u0441\u0432\u0435\u0434\u0435\u043d\u0438\u044f\u043c Sophos, \u0445\u0430\u043a\u0435\u0440\u044b \u043d\u0430\u0448\u043b\u0438 \u0441\u043f\u043e\u0441\u043e\u0431 \u043e\u0431\u043e\u0439\u0442\u0438 \u043f\u0430\u0442\u0447 \u0434\u043b\u044f \u043d\u0435\u0434\u0430\u0432\u043d\u0435\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 Microsoft Office \u0438 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b\u0438 \u0435\u0433\u043e \u0434\u043b\u044f \u043a\u0440\u0430\u0442\u043a\u043e\u0432\u0440\u0435\u043c\u0435\u043d\u043d\u043e\u0433\u043e \u0440\u0430\u0441\u043f\u0440\u043e\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u043e\u0433\u043e \u041f\u041e Formbook.\n \n\u041e\u0448\u0438\u0431\u043a\u0430 CVE-2021-40444 (\u0441 \u043e\u0446\u0435\u043d\u043a\u043e\u0439 CVSS 8,8) \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u044e\u0449\u0430\u044f MSHTML \u043c\u043e\u0436\u0435\u0442 \u0431\u044b\u0442\u044c \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0430 \u0434\u043b\u044f \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u0433\u043e \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u043a\u043e\u0434\u0430 \u0432 \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c\u0430\u0445. \u0414\u043b\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u043d\u0435\u043e\u0431\u0445\u043e\u0434\u0438\u043c\u043e \u0434\u043e\u0431\u0438\u0442\u044c\u0441\u044f \u043e\u0442\u043a\u0440\u044b\u0442\u0438\u044f \u0436\u0435\u0440\u0442\u0432\u043e\u0439 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u043e\u0433\u043e \u0434\u043e\u043a\u0443\u043c\u0435\u043d\u0442\u0430.\n \n\u041e\u0431 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0441\u0442\u0430\u043b\u043e \u0438\u0437\u0432\u0435\u0441\u0442\u043d\u043e 7 \u0441\u0435\u043d\u0442\u044f\u0431\u0440\u044f, \u0441\u0440\u0430\u0437\u0443 \u043f\u043e\u0441\u043b\u0435 \u0432\u044b\u044f\u0432\u043b\u0435\u043d\u0438\u0438 \u0441\u0435\u0440\u0438\u0438 \u0430\u0442\u0430\u043a, \u0432 \u0440\u0435\u0437\u0443\u043b\u044c\u0442\u0430\u0442\u0435 \u0447\u0435\u0433\u043e \u043e\u043d\u0430 \u0431\u044b\u043b\u0430 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0430 \u0441\u0435\u043d\u0442\u044f\u0431\u0440\u044c\u0441\u043a\u0438\u043c Patch Tuesday. \u0422\u0430\u043a\u0436\u0435 \u0431\u044b\u043b \u043e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043d PoC, \u0432\u044b\u0437\u0432\u0430\u0432\u0448\u0438\u0439 \u0440\u0435\u0437\u043a\u0443\u044e \u0430\u043a\u0442\u0438\u0432\u0438\u0437\u0430\u0446\u0438\u044e \u043f\u043e\u043f\u044b\u0442\u043e\u043a \u0435\u0435 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0432 \u0434\u0438\u043a\u043e\u0439 \u043f\u0440\u0438\u0440\u043e\u0434\u0435.\n \n\u041f\u0440\u0435\u0434\u043e\u0441\u0442\u0430\u0432\u043b\u0435\u043d\u043d\u044b\u0439 Microsoft \u043f\u0430\u0442\u0447 \u043f\u0440\u0435\u0434\u043d\u0430\u0437\u043d\u0430\u0447\u0435\u043d \u0434\u043b\u044f \u043f\u0440\u0435\u0434\u043e\u0442\u0432\u0440\u0430\u0449\u0435\u043d\u0438\u044f \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u043a\u043e\u0434\u0430 \u0434\u043b\u044f \u0437\u0430\u0433\u0440\u0443\u0437\u043a\u0438 \u0430\u0440\u0445\u0438\u0432\u0430 Microsoft Cabinet (CAB), \u0441\u043e\u0434\u0435\u0440\u0436\u0430\u0449\u0435\u0433\u043e \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0439 \u0438\u0441\u043f\u043e\u043b\u043d\u044f\u0435\u043c\u044b\u0439 \u0444\u0430\u0439\u043b. \u041e\u0434\u043d\u0430\u043a\u043e \u043f\u043e\u0445\u043e\u0436\u0435, \u0447\u0442\u043e \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u043d\u0430\u0448\u043b\u0438 \u0441\u043f\u043e\u0441\u043e\u0431 \u043e\u0431\u043e\u0439\u0442\u0438 \u043f\u0430\u0442\u0447, \u0432\u043a\u043b\u044e\u0447\u0438\u0432 \u0434\u043e\u043a\u0443\u043c\u0435\u043d\u0442 Word \u0432 \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u0441\u043e\u0437\u0434\u0430\u043d\u043d\u044b\u0439 \u0430\u0440\u0445\u0438\u0432 RAR.\n \nSophos \u0443\u0442\u0432\u0435\u0440\u0436\u0434\u0430\u0435\u0442, \u0447\u0442\u043e \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u0440\u0430\u0441\u043f\u0440\u043e\u0441\u0442\u0440\u0430\u043d\u0438\u043b\u0438 \u0430\u0440\u0445\u0438\u0432\u044b \u0432 \u0440\u0430\u043c\u043a\u0430\u0445 \u043a\u0430\u043c\u043f\u0430\u043d\u0438\u0438 \u043f\u043e \u0440\u0430\u0441\u0441\u044b\u043b\u043a\u0435 \u0441\u043f\u0430\u043c\u0430 \u0432 \u043f\u0435\u0440\u0438\u043e\u0434 24 - 25 \u043e\u043a\u0442\u044f\u0431\u0440\u044f, \u043f\u043e\u0441\u043b\u0435 \u0447\u0435\u0433\u043e \u0431\u044b\u043b\u0430 \u0431\u044b\u0441\u0442\u0440\u043e \u0441\u0432\u0435\u0440\u043d\u0443\u0442\u0430, \u0447\u0442\u043e \u0443\u043a\u0430\u0437\u044b\u0432\u0430\u0435\u0442 \u043d\u0430 \u00ab\u043f\u0440\u043e\u0431\u043d\u044b\u0439 \u0437\u0430\u043f\u0443\u0441\u043a\u00bb. \u041f\u0440\u0438 \u044d\u0442\u043e\u043c \u0434\u043b\u044f \u0434\u043e\u0431\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u043e\u0433\u043e \u0434\u043e\u043a\u0443\u043c\u0435\u043d\u0442\u0430 Word \u0432 \u0430\u0440\u0445\u0438\u0432 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b\u0441\u044f PowerShell, \u0438 \u043a\u0430\u043a \u0442\u043e\u043b\u044c\u043a\u043e \u0436\u0435\u0440\u0442\u0432\u0430 \u043e\u0442\u043a\u0440\u044b\u0432\u0430\u043b\u0430 \u0435\u0433\u043e \u0434\u043b\u044f \u0434\u043e\u0441\u0442\u0443\u043f\u0430 \u043a \u0434\u043e\u043a\u0443\u043c\u0435\u043d\u0442\u0443, \u0441\u0446\u0435\u043d\u0430\u0440\u0438\u0439 \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u043b\u0441\u044f, \u0447\u0442\u043e \u043f\u0440\u0438\u0432\u043e\u0434\u0438\u043b\u043e \u043a \u0437\u0430\u0440\u0430\u0436\u0435\u043d\u0438\u044e \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u043c \u041f\u041e Formbook.\n \n\u0412\u043b\u043e\u0436\u0435\u043d\u0438\u044f \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u043b\u044f\u044e\u0442 \u0441\u043e\u0431\u043e\u0439 \u044d\u0441\u043a\u0430\u043b\u0430\u0446\u0438\u044e \u0437\u043b\u043e\u0443\u043f\u043e\u0442\u0440\u0435\u0431\u043b\u0435\u043d\u0438\u0439 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u043e\u043c \u0441 \u043e\u0448\u0438\u0431\u043a\u043e\u0439 -40444 \u0438 \u0434\u0435\u043c\u043e\u043d\u0441\u0442\u0440\u0438\u0440\u0443\u044e\u0442, \u0447\u0442\u043e \u0434\u0430\u0436\u0435 \u043f\u0430\u0442\u0447 \u043d\u0435 \u0432\u0441\u0435\u0433\u0434\u0430 \u043c\u043e\u0436\u0435\u0442 \u0441\u043c\u044f\u0433\u0447\u0438\u0442\u044c \u0434\u0435\u0439\u0441\u0442\u0432\u0438\u044f \u043c\u043e\u0442\u0438\u0432\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u0433\u043e \u0438 \u0434\u043e\u0441\u0442\u0430\u0442\u043e\u0447\u043d\u043e \u043a\u0432\u0430\u043b\u0438\u0444\u0438\u0446\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u0433\u043e \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430.\n \n\u041f\u043e \u0437\u0430\u044f\u0432\u043b\u0435\u043d\u0438\u044e \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0438, \u0430\u0442\u0430\u043a\u0430 \u0431\u044b\u043b\u0430 \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u0430, \u043f\u043e\u0442\u043e\u043c\u0443 \u0447\u0442\u043e \u043f\u0440\u0435\u0434\u043e\u0441\u0442\u0430\u0432\u043b\u0435\u043d\u043d\u044b\u0439 \u043f\u0430\u0442\u0447 \u0431\u044b\u043b \u0441\u043b\u0438\u0448\u043a\u043e\u043c \u0443\u0437\u043a\u043e\u0441\u043f\u0435\u0446\u0438\u0430\u043b\u0438\u0437\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u043c \u0438 \u043d\u0435 \u0443\u0447\u0438\u0442\u044b\u0432\u0430\u043b \u0434\u043e \u043a\u043e\u043d\u0446\u0430 \u0432\u0441\u0435\u0445 \u043e\u0441\u043e\u0431\u0435\u043d\u043d\u043e\u0441\u0442\u0435\u0439 \u043e\u0431\u0440\u0430\u0431\u043e\u0442\u043a\u0438 WinRAR \u0444\u0430\u0439\u043b\u043e\u0432.\n \n\u0427\u0435\u0433\u043e \u0438 \u0441\u043b\u0435\u0434\u043e\u0432\u0430\u043b\u043e \u043e\u0436\u0438\u0434\u0430\u0442\u044c.", "creation_timestamp": "2021-12-26T12:47:42.000000Z"}, {"uuid": "c3ac933c-e607-46e2-8a88-5dc9da3462cf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-40444", "type": "exploited", "source": "Telegram/NFyFM27lNghIndaR6CImOqIbIX6WFvDPAqNbMXoU0V9ZOOkW", "content": "", "creation_timestamp": "2021-11-22T03:08:33.000000Z"}, {"uuid": "f85970cc-86aa-4174-b21d-c44cfc2d605e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-40444", "type": "exploited", "source": "Telegram/KIyepJj8ukD7DOqiNQyDI3uN8pScILVadywWv9k-RpHrXgsC", "content": "", "creation_timestamp": "2021-10-15T06:39:17.000000Z"}, {"uuid": "d410f247-a6f0-4f06-8d33-d22156857c34", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-40444", "type": "published-proof-of-concept", "source": "Telegram/Y8QMGzgEoUfdiP36vJGMZhOkREdfYUIJqZ1jIRdkQSGZ6zbc", "content": "", "creation_timestamp": "2021-10-04T06:06:56.000000Z"}, {"uuid": "52424175-2d3e-4823-bf08-c6aa87776ce2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-40444", "type": "seen", "source": "https://t.me/arvin_club/4636", "content": "#threatleak \n\nhttps://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-40444", "creation_timestamp": "2021-09-09T10:41:24.000000Z"}, {"uuid": "21222c4e-44c3-4774-89b9-547c8e8f9635", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-40444", "type": "published-proof-of-concept", "source": "https://t.me/arvin_club/4652", "content": "#threatleak \n\nhttps://www.trendmicro.com/en_us/research/21/i/remote-code-execution-zero-day--cve-2021-40444--hits-windows--tr.html", "creation_timestamp": "2021-09-13T07:35:14.000000Z"}, {"uuid": "5f79dc83-0832-40f6-a987-b70233d2941f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-40444", "type": "exploited", "source": "https://t.me/CyberSecurityTechnologies/4276", "content": "#exploit\nFull PoC with cab creation for CVE-2021-40444\nhttps://github.com/lockedbyte/CVE-2021-40444\n]-> https://github.com/Udyz/CVE-2021-40444-Sample/blob/main/poc.html", "creation_timestamp": "2021-09-11T13:27:29.000000Z"}, {"uuid": "49afa76c-86d2-4ac8-82ba-361082d889d4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-40444", "type": "seen", "source": "https://t.me/CyberSecurityTechnologies/5324", "content": "#Analytics\nTop 10 Most Used Vulns of the Month (Jan 1-31)\n\nCVE-2021-44228 - Apache Log4j2\nCVE-2021-40444 - Microsoft MSHTML RCE\nCVE-2021-4034 - LPE vuln was found on polkit's pkexec utility\nCVE-2022-0185 - Linux Kernel Container Escape in Kubernetes\nCVE-2022-21907 - HTTP Protocol Stack RCE\nCVE-2022-21882 - Win32k Window Object Type Confusion\nCVE-2021-20038 - SonicWall SMA-100 Unauth RCE\nCVE-2021-45467 - CWP CentOS Web Panel preauth RCE\nCVE-2021-42392 - Unauth RCE in H2 Database Console\nCVE-2022-21658 - Vulnerability in Rust", "creation_timestamp": "2024-10-15T10:29:54.000000Z"}, {"uuid": "0f8aa120-8ddc-40d2-8284-183e202dcc7e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-40449", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/4535", "content": "#exploit\nCVE-2021-40449:\nUse-after-free vulnerability in the NtGdiResetDC\nfunction of the Win32k driver\nhttps://github.com/ollypwn/CallbackHell", "creation_timestamp": "2021-10-17T14:12:01.000000Z"}, {"uuid": "8490b6ea-e5c3-4b0b-bb32-59a98d64a861", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-40444", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/5161", "content": "#exploit\n1. Unpacking CVE-2021-40444:\nA Deep Technical Analysis of an Office RCE Exploit\nhttps://billdemirkapi.me/unpacking-cve-2021-40444-microsoft-office-rce\n\n2. CVE-2021-38000:\nChrome Intents Logic Flaw\nhttps://googleprojectzero.github.io/0days-in-the-wild//0day-RCAs/2021/CVE-2021-38000.html", "creation_timestamp": "2022-01-09T12:07:01.000000Z"}, {"uuid": "d54c8f70-e849-412b-bcaa-cfbfdc963065", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-40444", "type": "seen", "source": "https://t.me/CyberSecurityTechnologies/4416", "content": "#Analytics\nTop 10 Most Used Vulns of the Month (Sep 1-30)\nCVE-2021-40444 - Microsoft MSHTML RCE\nhttps://t.me/cybersecuritytechnologies/4276\nCVE-2021-26084 - Confluence Server Webwork OGNL Inj\nhttps://t.me/cybersecuritytechnologies/4202\nCVE-2021-22005 - vCenter Server contains - arbitrary file upload\nhttps://t.me/cybersecuritytechnologies/4401\nCVE-2021-30860 - Zero-Click iPhone Exploit\nhttps://t.me/cybersecuritytechnologies/4318\nCVE-2021-38647 - OMIGOD RCE Vuln in Multiple Azure Linux Deployments\nhttps://t.me/cybersecuritytechnologies/4315\nCVE-2021-30632 - Out of bounds write in V8\nhttps://t.me/cybersecuritytechnologies/4342\nCVE-2021-33035 - Code Execution in Apache OpenOffice\nhttps://t.me/cybersecuritytechnologies/4329\nCVE-2021-38112 - AWS WorkSpaces Desktop Client RCE\nhttps://t.me/cybersecuritytechnologies/4358\nCVE-2021-30740 / CVE-2021-30768 - A malicious application may be able to execute arbitrary code with kernel privileges\nhttps://mobile.twitter.com/infinityABCDE/status/1437596340222038017", "creation_timestamp": "2021-10-01T11:01:01.000000Z"}, {"uuid": "3b7d5293-6acc-49d6-9bdf-8d362527e62d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-40444", "type": "exploited", "source": "https://t.me/CyberSecurityTechnologies/10767", "content": "#Malware_analysis\n1. InnoSetup Malware\nhttps://asec.ahnlab.com/en/67502\n2. MerkSpy Spyware:  Exploiting CVE-2021-40444 to Infiltrate Systems\nhttps://www.fortinet.com/blog/threat-research/merkspy-exploiting-cve-2021-40444-to-infiltrate-systems", "creation_timestamp": "2024-07-01T15:27:36.000000Z"}, {"uuid": "450bfed4-b101-4e0d-8a61-8d42e28a406d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-40444", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/4303", "content": "#Blue_Team_Techniques\nMapping and Pivoting from Cobalt Strike C2 Infrastructure Attributed to CVE-2021-40444\nhttps://michaelkoczwara.medium.com/mapping-and-pivoting-cobalt-strike-c2-infrastructure-attributed-to-cve-2021-40444-438786fcd68a", "creation_timestamp": "2021-09-15T11:03:01.000000Z"}, {"uuid": "5a9bbce6-67e4-4c60-82c0-6ade8279492c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-40449", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/4701", "content": "#Analytics\nTop 10 Most Used Vulns of the Month (Oct 1-31)\nCVE-2021-41773 - Apache 2.4.49 Path Traversal\nhttps://t.me/cybersecuritytechnologies/4454\nCVE-2021-26084 - Confluence Server Webwork OGNL Inj\nhttps://t.me/cybersecuritytechnologies/4202\nCVE-2021-42013 - Apache 2.4.50 Path Traversal\nhttps://t.me/cybersecuritytechnologies/4475\nCVE-2021-22205 - GitLab CE/EE RCE\nhttps://t.me/cybersecuritytechnologies/4602\nCVE-2021-40449 - UaF in the NtGdiResetDC function of the Win32k driver\nhttps://t.me/cybersecuritytechnologies/4535\nCVE-2021-40438 - SSRF in Apache2 mod_proxy\nhttps://t.me/cybersecuritytechnologies/4529\nCVE-2021-30858 - UaF in WebKit\nhttps://t.me/cybersecuritytechnologies/4545\nCVE-2021-30883 - iOS IOMFB vulnerability\nhttps://t.me/cybersecuritytechnologies/4497\nCVE-2021-30892 - Shrootless Vulnerability in MacOS\nhttps://t.me/cybersecuritytechnologies/4623\nCVE-2022-1337 - \"View Source\"\nhttps://mobile.twitter.com/megab0t_/status/1452848917205458945\nPoC: JavaScript:https://#%0aalert('xss')", "creation_timestamp": "2021-11-08T11:07:01.000000Z"}, {"uuid": "4694c3ad-b6bb-4e90-b213-418a7e2e1bac", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-40444", "type": "exploited", "source": "https://t.me/Rootsec_2/390", "content": "\ud83e\udd37\ud83c\udffc\u200d\u2642\ufe0fCVE-2023-36884 - \u043d\u0435 \u0441\u043a\u0430\u0437\u0430\u0442\u044c \u0447\u0442\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b\u043e\u0441\u044c \u043a\u0430\u043a\u0430\u044f-\u0442\u043e \u043d\u043e\u0432\u0430\u044f \u0442\u0435\u0445\u043d\u0438\u043a\u0430 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438, \u0434\u0430\u043d\u043d\u0430\u044f \u0431\u0430\u0433\u0430 \u0432 Office/Windows HTML \u043f\u043e\u0445\u043e\u0436\u0430 \u043d\u0430 \u0440\u0430\u043d\u0435\u0435 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u0435\u043c\u0443\u044e \u0431\u0430\u0433\u0443 \u0432 Microsoft MSHTML(CVE-2021-40444, RCE), \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u0442\u043e\u0436\u0435 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b\u0430\u0441\u044c \u0440\u0430\u043d\u0435\u0435 \u0432 \"\u0448\u043f\u0438\u043e\u043d\u0441\u043a\u043e\u0439\" \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0438.\n\n\u041d\u0438\u0436\u0435 \u043f\u0440\u0438\u043a\u043b\u0430\u0434\u044b\u0432\u0430\u044e \u0441\u043f\u0438\u0441\u043e\u043a \u0441\u0441\u044b\u043b\u043e\u043a \u0441 \u0430\u043d\u0430\u043b\u0438\u0437\u043e\u043c/\u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0435\u0439 CVE-2021-40444, \u0434\u043b\u044f \u0442\u0435\u0445 \u043a\u0442\u043e \u0432\u0434\u0440\u0443\u0433 \u0437\u0430\u0431\u044b\u043b:\n\ud83d\udcbeUnpacking CVE-2021-40444: A Deep Technical Analysis of an Office RCE Exploit\n\ud83d\udcbeAnalyzing attacks that exploit the CVE-2021-40444 MSHTML vulnerability\n\ud83d\udcbeCVE-2021-40444 Analysis/Exploit\n\ud83d\udcbeMicrosoft-Office-Word-MSHTML-Remote-Code-Execution-Exploit\n\ud83d\udcbeCVE-2021-40444 - Fully Weaponized Microsoft Office Word RCE Exploit \n\ud83d\udcbeMalicious docx generator to exploit CVE-2021-40444\n\ud83d\udcbeFull exploit (RCE w/ sandbox escape) only using 6 lines of javascript code(\u043e\u0431\u044f\u0437\u0430\u0442\u0435\u043b\u044c\u043d\u043e \u043a \u043f\u0440\u043e\u0447\u0442\u0435\u043d\u0438\u044e)", "creation_timestamp": "2024-08-16T08:08:29.000000Z"}, {"uuid": "34afb09b-b9d9-49ec-9be9-512e388dce6c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-40444", "type": "exploited", "source": "https://t.me/club31337/670", "content": "On CVE-2021-40444, a clear PoC which is called via mhmtl element on 'word/_rels/document.xml.rels' of a modified docx file.\n\n#PoC #cve\n\nhttps://github.com/Udyz/CVE-2021-40444-Sample/blob/main/poc.html", "creation_timestamp": "2024-11-09T01:34:01.000000Z"}, {"uuid": "f6ba53e0-9e2b-4bf3-bd08-8ede1f3782c7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-40444", "type": "exploited", "source": "Telegram/2MDyunBXcR_HsSE0q8PYgYVVhJF9rJCOJw8UjsBCVmAhPdI", "content": "", "creation_timestamp": "2021-09-09T16:31:32.000000Z"}, {"uuid": "9e089439-96a4-42a1-8987-bafe15573f37", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-40444", "type": "published-proof-of-concept", "source": "https://t.me/cyber0iq/18", "content": "Latest Vulnerabilities and Exploits\n\nCVE-2021-3449 OpenSSL denial-of-service exploit\nhttps://github.com/terorie/cve-2021-3449\n\nProxyToken\nhttps://github.com/bhdresh/CVE-2021-33766-ProxyToken\n\nCVES Xstream-1.4.17\nhttps://github.com/zwjjustdoit/Xstream-1.4.17\n\nCVE-2021-36934/HiveNightmare/SeriousSAM\nhttps://github.com/cube0x0/CVE-2021-36934\n\nHow to exploit a vulnerable windows driver Exploit for AsrDrv104 sys\nhttps://github.com/stong/CVE-2020-15368\n\nCVE-2021-32537: an out-of-bounds memory access that leads to pool corruption in the Windows kernel\nhttps://github.com/0vercl0k/CVE-2021-32537\n\nCVE-2021-28476 a guest-to-host \"Hyper-V Remote Code Execution Vulnerability\" in vmswitch sys\nhttps://github.com/0vercl0k/CVE-2021-28476\n\nCVE-2021-40444 - Fully Weaponized Microsoft Office Word RCE Exploit\nhttps://github.com/klezVirus/CVE-2021-40444\n\nExploit Accsess network clients by sending packets in wirless TP-LINK and preparing for a mitm attack\nhttps://github.com/lhashashinl/CVE-2021-37152\n\nProof on Concept Exploit for CVE-2021-38647 (OMIGOD)\nhttps://github.com/horizon3ai/CVE-2021-38647\n\nProof of Concept Exploit for vCenter CVE-2021-21972\nhttps://github.com/horizon3ai/CVE-2021-21972\n\nProof-of-Concept (PoC) script to exploit Pulse Secure CVE-2021-22893\nhttps://github.com/ZephrFish/CVE-2021-22893\n\nCVE-2021-33766 (ProxyToken)\nhttps://github.com/demossl/CVE-2021-33766-ProxyToken\n\nCVE-2021-2456\nhttps://github.com/peterjson31337/CVE-2021-2456\n\nCVE-2021-38647 POC for RCE\nhttps://github.com/midoxnet/CVE-2021-38647\n\nCVE-2021-26084 (PoC) | Confluence Server Webwork OGNL injection\nhttps://github.com/alt3kx/CVE-2021-26084_PoC\nhttps://github.com/r0ckysec/CVE-2021-26084_Confluence\nhttps://github.com/march0s1as/CVE-2021-26084\n\n\nCVE-2021-21551 Dell Driver EoP\nhttps://github.com/ihack4falafel/Dell-Driver-EoP-CVE-2021-21551\n\nA basic PoC leak for CVE-2021-28663 (Internal of the Android kernel backdoor vulnerability)\nhttps://github.com/lntrx/CVE-2021-28663\n\nCVE-2021-40353 openSIS 8.0 SQL Injection\nhttps://github.com/5qu1n7/CVE-2021-40353\n\nCVE-2021-28476 Ubuntu 20.04\nhttps://github.com/sh4m2hwz/CVE-2021-28476-tools-env\n\nmy exp for chrome V8 CVE-2021-30551\nhttps://github.com/xmzyshypnc/CVE-2021-30551\n\nPOC of CVE-2021-2394\nhttps://github.com/lz2y/CVE-2021-2394\n\nWordPress Backup Guard Authenticated Remote Code Execution Exploit\nhttps://github.com/0dayNinja/CVE-2021-24155.rb\n\nExploit code for CVE-2021-33909,Just a dump of removed\nhttps://github.com/bbinfosec43/CVE-2021-33909", "creation_timestamp": "2021-09-25T02:14:31.000000Z"}, {"uuid": "c5d31788-c306-4b44-84cf-55ff712373f3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-40444", "type": "published-proof-of-concept", "source": "https://t.me/cyber0iq/19", "content": "Latest Vulnerabilities and Exploits\n\nCVE-2021-3449 OpenSSL denial-of-service exploit\nhttps://github.com/terorie/cve-2021-3449\n\nProxyToken\nhttps://github.com/bhdresh/CVE-2021-33766-ProxyToken\n\nCVES Xstream-1.4.17\nhttps://github.com/zwjjustdoit/Xstream-1.4.17\n\nCVE-2021-36934/HiveNightmare/SeriousSAM\nhttps://github.com/cube0x0/CVE-2021-36934\n\nHow to exploit a vulnerable windows driver Exploit for AsrDrv104 sys\nhttps://github.com/stong/CVE-2020-15368\n\nCVE-2021-32537: an out-of-bounds memory access that leads to pool corruption in the Windows kernel\nhttps://github.com/0vercl0k/CVE-2021-32537\n\nCVE-2021-28476 a guest-to-host \"Hyper-V Remote Code Execution Vulnerability\" in vmswitch sys\nhttps://github.com/0vercl0k/CVE-2021-28476\n\nCVE-2021-40444 - Fully Weaponized Microsoft Office Word RCE Exploit\nhttps://github.com/klezVirus/CVE-2021-40444\n\nExploit Accsess network clients by sending packets in wirless TP-LINK and preparing for a mitm attack\nhttps://github.com/lhashashinl/CVE-2021-37152\n\nProof on Concept Exploit for CVE-2021-38647 (OMIGOD)\nhttps://github.com/horizon3ai/CVE-2021-38647\n\nProof of Concept Exploit for vCenter CVE-2021-21972\nhttps://github.com/horizon3ai/CVE-2021-21972\n\nProof-of-Concept (PoC) script to exploit Pulse Secure CVE-2021-22893\nhttps://github.com/ZephrFish/CVE-2021-22893\n\nCVE-2021-33766 (ProxyToken)\nhttps://github.com/demossl/CVE-2021-33766-ProxyToken\n\nCVE-2021-2456\nhttps://github.com/peterjson31337/CVE-2021-2456\n\nCVE-2021-38647 POC for RCE\nhttps://github.com/midoxnet/CVE-2021-38647\n\nCVE-2021-26084 (PoC) | Confluence Server Webwork OGNL injection\nhttps://github.com/alt3kx/CVE-2021-26084_PoC\nhttps://github.com/r0ckysec/CVE-2021-26084_Confluence\nhttps://github.com/march0s1as/CVE-2021-26084\n\n\nCVE-2021-21551 Dell Driver EoP\nhttps://github.com/ihack4falafel/Dell-Driver-EoP-CVE-2021-21551\n\nA basic PoC leak for CVE-2021-28663 (Internal of the Android kernel backdoor vulnerability)\nhttps://github.com/lntrx/CVE-2021-28663\n\nCVE-2021-40353 openSIS 8.0 SQL Injection\nhttps://github.com/5qu1n7/CVE-2021-40353\n\nCVE-2021-28476 Ubuntu 20.04\nhttps://github.com/sh4m2hwz/CVE-2021-28476-tools-env\n\nmy exp for chrome V8 CVE-2021-30551\nhttps://github.com/xmzyshypnc/CVE-2021-30551\n\nPOC of CVE-2021-2394\nhttps://github.com/lz2y/CVE-2021-2394\n\nWordPress Backup Guard Authenticated Remote Code Execution Exploit\nhttps://github.com/0dayNinja/CVE-2021-24155.rb\n\nExploit code for CVE-2021-33909,Just a dump of removed\nhttps://github.com/bbinfosec43/CVE-2021-33909", "creation_timestamp": "2021-09-25T02:15:23.000000Z"}, {"uuid": "9da7e9ed-7d85-466f-971d-99afab96ab76", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-40444", "type": "exploited", "source": "https://t.me/club31337/675", "content": "CVE-2021-40444 - Fully Weaponized Microsoft Office Word RCE Exploit\n\n#exploit #xpl #CVE\n\nhttps://github.com/klezVirus/CVE-2021-40444", "creation_timestamp": "2024-11-09T01:34:01.000000Z"}]}