{"vulnerability": "CVE-2022-37969", "sightings": [{"uuid": "e444ee9c-de22-4f80-8b83-40d2d97fc551", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-37969", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2023-06-14T21:10:04.000000Z"}, {"uuid": "d423254d-c127-423c-8d52-fc1e6eb14f92", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-37969", "type": "seen", "source": "https://feedsin.space/feed/CISAKevBot/items/2971710", "content": "", "creation_timestamp": "2024-12-24T20:33:06.296136Z"}, {"uuid": "5978a3e5-fef1-4cf0-99d4-f51f2b37724c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "af0120d0-3dac-4a6a-974b-a9f33d2a9846", "vulnerability": "CVE-2022-37969", "type": "seen", "source": "https://vulnerability.circl.lu/bundle/fdda4963-0aa7-4d15-8a8f-969db8f304ca", "content": "", "creation_timestamp": "2025-02-28T23:49:13.272798Z"}, {"uuid": "2187a6e2-77fa-455d-8cea-374c95348b8f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-37969", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2025-02-23T02:10:38.000000Z"}, {"uuid": "ea87b759-b819-4c25-8b82-0587b7487217", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-37969", "type": "seen", "source": "https://bsky.app/profile/symbion.bsky.social/post/3menzo3vwj22j", "content": "", "creation_timestamp": "2026-02-12T12:48:32.313757Z"}, {"uuid": "03383939-3934-41a6-b2cf-aed64be66280", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-37969", "type": "seen", "source": "https://bsky.app/profile/symbion.bsky.social/post/3menzo3w4ek2j", "content": "", "creation_timestamp": "2026-02-12T12:48:32.892145Z"}, {"uuid": "1e321444-3177-4eff-9432-bb530cf02451", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-37969", "type": "seen", "source": "https://bsky.app/profile/symbion.bsky.social/post/3menzo3w5ds2j", "content": "", "creation_timestamp": "2026-02-12T12:48:33.519471Z"}, {"uuid": "9b79ec87-286f-4a9b-95d1-21d140d78a12", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-37969", "type": "seen", "source": "https://bsky.app/profile/symbion.bsky.social/post/3menzo3w5dt2j", "content": "", "creation_timestamp": "2026-02-12T12:48:34.088265Z"}, {"uuid": "f840a826-e7c2-4bc3-b9d3-7df801e70ef8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-37969", "type": "seen", "source": "https://bsky.app/profile/symbion.bsky.social/post/3menzo3w6d32j", "content": "", "creation_timestamp": "2026-02-12T12:48:34.635165Z"}, {"uuid": "15b89ada-71a4-47d1-b1df-d174c05535f8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-37969", "type": "seen", "source": "https://t.me/avleonovrus/102", "content": "\u0414\u0430\u0432\u0430\u0439\u0442\u0435 \u043f\u043e\u0441\u043c\u043e\u0442\u0440\u0438\u043c \u043d\u0430 \u0441\u0435\u043d\u0442\u044f\u0431\u0440\u044c\u0441\u043a\u0438\u0439 Microsoft Patch Tuesday. \u0412 \u044d\u0442\u043e\u0442 \u0440\u0430\u0437 \u043a\u043e\u043c\u043f\u0430\u043a\u0442\u043d\u0435\u043d\u044c\u043a\u043e. \u0412\u0441\u0435\u0433\u043e 63 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438. \u0421 \u0443\u0447\u0435\u0442\u043e\u043c \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0432\u044b\u0448\u0435\u0434\u0448\u0438\u0445 \u043c\u0435\u0436\u0434\u0443 \u0430\u0432\u0433\u0443\u0441\u0442\u043e\u0432\u0441\u043a\u0438\u043c \u0438 \u0441\u0435\u043d\u0442\u044f\u0431\u0440\u044c\u0441\u043a\u0438\u043c Patch Tuesday (\u043a\u0430\u043a \u043e\u0431\u044b\u0447\u043d\u043e, \u0432 Microsoft Edge), \u043f\u043e\u043b\u0443\u0447\u0430\u0435\u0442\u0441\u044f 90. \u0412\u0435\u0441\u044c\u043c\u0430 \u0438 \u0432\u0435\u0441\u044c\u043c\u0430 \u043d\u0435\u043c\u043d\u043e\u0433\u043e.\n\n1. \u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0441 \u043f\u0443\u0431\u043b\u0438\u0447\u043d\u044b\u043c\u0438 \u044d\u043a\u0441\u043f\u043b\u043e\u0438\u0442\u0430\u043c\u0438 \u043f\u043e\u043a\u0430 \u043d\u0435\u0442. \u0415\u0441\u0442\u044c 3 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0434\u043b\u044f \u043a\u043e\u0442\u043e\u0440\u044b\u0445 \u0441\u0443\u0449\u0435\u0441\u0442\u0432\u0443\u0435\u0442 Proof-of-Concept Exploit \u043f\u043e \u0434\u0430\u043d\u043d\u044b\u043c \u0438\u0437 CVSS\n\nElevation of Privilege - Kerberos (CVE-2022-33679)\nElevation of Privilege - Azure Guest Configuration and Azure Arc-enabled servers (CVE-2022-38007)\nElevation of Privilege - Windows GDI (CVE-2022-34729)\n\n\u041d\u043e \u0432\u0435\u0440\u043e\u044f\u0442\u043d\u043e\u0441\u0442\u044c, \u0447\u0442\u043e \u044d\u0442\u043e \u0434\u043e\u043a\u0440\u0443\u0442\u044f\u0442 \u0434\u043e \u0431\u043e\u0435\u0432\u043e\u0433\u043e \u0441\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u044f \u043d\u0435\u0432\u044b\u0441\u043e\u043a\u0430.\n\n2. \u0415\u0441\u0442\u044c 3 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0441 \u043f\u0440\u0438\u0437\u043d\u0430\u043a\u043e\u043c \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0432\u0436\u0438\u0432\u0443\u044e\n\nElevation of Privilege - Windows Common Log File System Driver (CVE-2022-37969). \u041c\u043e\u0436\u043d\u043e \u043f\u043e\u0434\u043d\u044f\u0442\u044c \u043f\u0440\u0430\u0432\u0430 \u0434\u043e SYSTEM. \u0417\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u0435\u0442 \u043c\u0430\u0441\u0441\u0443 \u0432\u0435\u0440\u0441\u0438\u0439 Windows, \u0435\u0441\u0442\u044c \u043f\u0430\u0442\u0447\u0438 \u0434\u0430\u0436\u0435 \u043f\u043e\u0434 EOL \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043a\u0438. \u041a\u0440\u043e\u043c\u0435 \u044d\u0442\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0431\u044b\u043b \u043f\u0443\u0447\u043e\u043a \u0432\u0438\u043d\u0434\u043e\u0432\u044b\u0445 EoP-\u0448\u0435\u043a \u0431\u0435\u0437 \u043f\u0440\u0438\u0437\u043d\u0430\u043a\u043e\u0432 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438, \u043d\u0430\u043f\u0440\u0438\u043c\u0435\u0440 Elevation of Privilege - Windows Kernel (CVE-2022-37956, CVE-2022-37957, CVE-2022-37964)\n\nSecurity Feature Bypass - Microsoft Edge (CVE-2022-2856, CVE-2022-3075). \u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 Edge \u044d\u0442\u043e \u043f\u043e \u0444\u0430\u043a\u0442\u0443 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 Chromium. \u041e\u0431\u0440\u0430\u0442\u043d\u0430\u044f \u0441\u0442\u043e\u0440\u043e\u043d\u0430 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u044f \u043e\u0434\u043d\u043e\u0433\u043e \u0438 \u0442\u043e\u0433\u043e \u0436\u0435 \u0434\u0432\u0438\u0436\u043a\u0430. \u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 Chrome \u0430\u0444\u0444\u0435\u043a\u0442\u044f\u0442 \u0442\u0430\u043a\u0436\u0435 Edge, Opera, Brave, Vivaldi \u0438 \u043f\u0440\u043e\u0447\u0435\u0435.\n\n3. RCE \u043e\u0442 \u043f\u043e\u0441\u043b\u0430\u043d\u043d\u043e\u0433\u043e IP \u043f\u0430\u043a\u0435\u0442\u0430 \ud83d\ude31\n\nRemote Code Execution - Windows TCP/IP (CVE-2022-34718). \"An unauthorized attacker can use it to execute arbitrary code on the attacked Windows computer with the IPSec service enabled by sending a specially crafted IPv6 packet to it. This vulnerability can only be exploited against systems with Internet Protocol Security (IPsec) enabled.\" IPsec \u0438 IPv6 \u0437\u043b\u043e, \u043b\u043e\u043b. \ud83d\ude42 \u041d\u043e \u0435\u0441\u043b\u0438 \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u043e, \u0442\u043e \u0441\u043a\u0432\u0435\u0440\u043d\u043e, \u0447\u0442\u043e \u0442\u0430\u043a\u043e\u0435 \u0432\u043e\u043e\u0431\u0449\u0435 \u0431\u044b\u0432\u0430\u0435\u0442.\n\n\u0418 \u044d\u0442\u043e \u0435\u0449\u0451 \u043d\u0435 \u0432\u0441\u0435, \u0435\u0441\u0442\u044c \u0435\u0449\u0451 Remote Code Execution - Windows Internet Key Exchange (IKE) Protocol Extensions (CVE-2022-34721, CVE-2022-34722). \"An unauthenticated attacker could send a specially crafted IP packet to a target machine that is running Windows and has IPSec enabled, which could enable a remote code execution exploitation.\"\n\n4. Denial of Service - Windows DNS Server (CVE-2022-34724). \u0421 \u043e\u0434\u043d\u043e\u0439 \u0441\u0442\u043e\u0440\u043e\u043d\u044b \u0442\u043e\u043b\u044c\u043a\u043e DoS, \u0441 \u0434\u0440\u0443\u0433\u043e\u0439 \u0441\u0442\u043e\u0440\u043e\u043d\u044b \u0440\u0430\u0431\u043e\u0442\u0443 \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0438 \u043c\u043e\u0436\u043d\u043e \u043d\u0435\u043f\u043b\u043e\u0445\u043e \u0442\u0430\u043a \u043f\u0430\u0440\u0430\u043b\u0438\u0437\u043e\u0432\u0430\u0442\u044c.\n\n5. Memory Corruption - ARM processor (CVE-2022-23960). \u0424\u0438\u043a\u0441 \u0434\u043b\u044f \u043e\u0447\u0435\u0440\u0435\u0434\u043d\u043e\u0433\u043e Spectre, \u043d\u0430 \u044d\u0442\u043e\u0442 \u0440\u0430\u0437 Spectre-BHB. \u041f\u0440\u043e \u043f\u0440\u0430\u043a\u0442\u0438\u0447\u0435\u0441\u043a\u0443\u044e \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0431\u0435\u043b\u044c\u043d\u043e\u0441\u0442\u044c \u0432\u0438\u0434\u0438\u043c\u043e \u0433\u043e\u0432\u043e\u0440\u0438\u0442\u044c \u043d\u0435 \u043f\u0440\u0438\u0445\u043e\u0434\u0438\u0442\u0441\u044f, \u0442\u0430\u043a \u0436\u0435 \u043a\u0430\u043a \u0438 \u0432 \u0441\u043b\u0443\u0447\u0430\u0435 \u043e\u0441\u0442\u0430\u043b\u044c\u043d\u044b\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0442\u0438\u043f\u0430 Spectre, \u043d\u043e \u043f\u0440\u0430\u043a\u0442\u0438\u0447\u0435\u0441\u043a\u0438 \u0432\u0441\u0435 \u043e\u0431\u0437\u043e\u0440\u0449\u0438\u043a\u0438 \u043d\u0430 \u044d\u0442\u0443 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432\u043d\u0438\u043c\u0430\u043d\u0438\u0435 \u043e\u0431\u0440\u0430\u0442\u0438\u043b\u0438.\n\n\u041f\u043e\u043b\u043d\u044b\u0439 \u043e\u0442\u0447\u0435\u0442 Vulristics: https://avleonov.com/vulristics_reports/ms_patch_tuesday_september2022_report_with_comments_ext_img.html\n\n@avleonovrus #Microsoft #PatchTuesday #Vulristics", "creation_timestamp": "2023-09-21T09:16:46.000000Z"}, {"uuid": "cbdef280-c102-45b6-8928-44b8e96b2b4e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "af0120d0-3dac-4a6a-974b-a9f33d2a9846", "vulnerability": "CVE-2022-37969", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/e3f5458f-f0c6-421d-b3ac-b46caa31d380", "content": "", "creation_timestamp": "2026-02-02T12:27:13.333684Z"}, {"uuid": "85cd4dca-dd93-4702-9ba9-ca65d88c9490", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-37969", "type": "seen", "source": "https://t.me/itsec_news/4791", "content": "\u200b\u26a1\ufe0f\u041f\u0440\u0438\u043d\u0442\u0435\u0440 \u043a\u0430\u043a \u0438\u043d\u0441\u0442\u0440\u0443\u043c\u0435\u043d\u0442: \u043d\u043e\u0432\u044b\u0439 \u043c\u0435\u0442\u043e\u0434 \u0448\u0430\u043d\u0442\u0430\u0436\u0430 BianLian \u043e\u0445\u0432\u0430\u0442\u0438\u043b \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0443\u044e \u0438\u043d\u0444\u0440\u0430\u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u0443\n\n\ud83d\udcac \u0424\u0411\u0420 \u0441\u043e\u0432\u043c\u0435\u0441\u0442\u043d\u043e \u0441 \u0430\u0433\u0435\u043d\u0442\u0441\u0442\u0432\u043e\u043c CISA \u0438 \u0410\u0432\u0441\u0442\u0440\u0430\u043b\u0438\u0439\u0441\u043a\u0438\u043c \u0446\u0435\u043d\u0442\u0440\u043e\u043c \u043a\u0438\u0431\u0435\u0440\u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (ACSC) \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0438 \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u043e\u043d\u043d\u044b\u0439 \u0431\u044e\u043b\u043b\u0435\u0442\u0435\u043d\u044c \u043e \u043c\u0435\u0442\u043e\u0434\u0430\u0445, \u0442\u0430\u043a\u0442\u0438\u043a\u0435 \u0438 \u043f\u0440\u043e\u0446\u0435\u0434\u0443\u0440\u0430\u0445 (TTPs), \u0430 \u0442\u0430\u043a\u0436\u0435 \u0438\u043d\u0434\u0438\u043a\u0430\u0442\u043e\u0440\u0430\u0445 \u043a\u043e\u043c\u043f\u0440\u043e\u043c\u0435\u0442\u0430\u0446\u0438\u0438 (IOC), \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u044b\u0445 \u0441 \u0433\u0440\u0443\u043f\u043f\u0438\u0440\u043e\u0432\u043a\u043e\u0439 BianLian. \u0413\u0440\u0443\u043f\u043f\u0430 \u0438\u0437\u0432\u0435\u0441\u0442\u043d\u0430 \u0440\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u043a\u043e\u0439 \u0438 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435\u043c \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c-\u0432\u044b\u043c\u043e\u0433\u0430\u0442\u0435\u043b\u0435\u0439, \u0430 \u0442\u0430\u043a\u0436\u0435 \u0432\u044b\u043c\u043e\u0433\u0430\u0442\u0435\u043b\u044c\u0441\u0442\u0432\u043e\u043c.\n\nBianLian \u0430\u043a\u0442\u0438\u0432\u043d\u043e \u0434\u0435\u0439\u0441\u0442\u0432\u0443\u0435\u0442 \u0441 2022 \u0433\u043e\u0434\u0430, \u0430\u0442\u0430\u043a\u0443\u044f \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438 \u0432\u0430\u0436\u043d\u044b\u0435 \u0441\u0435\u043a\u0442\u043e\u0440\u044b \u0438\u043d\u0444\u0440\u0430\u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u044b \u0432 \u0421\u0428\u0410 \u0438 \u0410\u0432\u0441\u0442\u0440\u0430\u043b\u0438\u0438, \u0432\u043a\u043b\u044e\u0447\u0430\u044f \u043f\u0440\u0435\u0434\u043f\u0440\u0438\u044f\u0442\u0438\u044f \u043f\u0440\u043e\u0444\u0435\u0441\u0441\u0438\u043e\u043d\u0430\u043b\u044c\u043d\u044b\u0445 \u0443\u0441\u043b\u0443\u0433 \u0438 \u0441\u0442\u0440\u043e\u0438\u0442\u0435\u043b\u044c\u043d\u043e\u0439 \u043e\u0442\u0440\u0430\u0441\u043b\u0438. \u0418\u0437\u043d\u0430\u0447\u0430\u043b\u044c\u043d\u043e \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b\u0438 \u0434\u0432\u043e\u0439\u043d\u0443\u044e \u0441\u0445\u0435\u043c\u0443 \u0432\u044b\u043c\u043e\u0433\u0430\u0442\u0435\u043b\u044c\u0441\u0442\u0432\u0430: \u0448\u0438\u0444\u0440\u043e\u0432\u0430\u043b\u0438 \u0434\u0430\u043d\u043d\u044b\u0435 \u0438 \u0443\u0433\u0440\u043e\u0436\u0430\u043b\u0438 \u0438\u0445 \u043f\u0443\u0431\u043b\u0438\u043a\u0430\u0446\u0438\u0435\u0439. \u041e\u0434\u043d\u0430\u043a\u043e \u0441 \u044f\u043d\u0432\u0430\u0440\u044f 2023 \u0433\u043e\u0434\u0430 \u043e\u0441\u043d\u043e\u0432\u043d\u044b\u043c \u043c\u0435\u0442\u043e\u0434\u043e\u043c \u0441\u0442\u0430\u043b \u0441\u0431\u043e\u0440 \u0438 \u0432\u044b\u043c\u043e\u0433\u0430\u0442\u0435\u043b\u044c\u0441\u0442\u0432\u043e \u0434\u0430\u043d\u043d\u044b\u0445 \u0431\u0435\u0437 \u0448\u0438\u0444\u0440\u043e\u0432\u0430\u043d\u0438\u044f, \u0430 \u0441 \u044f\u043d\u0432\u0430\u0440\u044f 2024 \u0433\u043e\u0434\u0430 \u0448\u0438\u0444\u0440\u043e\u0432\u0430\u043d\u0438\u0435 \u043f\u043e\u043b\u043d\u043e\u0441\u0442\u044c\u044e \u0438\u0441\u043a\u043b\u044e\u0447\u0435\u043d\u043e \u0438\u0437 \u0441\u0445\u0435\u043c \u0430\u0442\u0430\u043a.\n\n\u0414\u043b\u044f \u043f\u0440\u043e\u043d\u0438\u043a\u043d\u043e\u0432\u0435\u043d\u0438\u044f \u0432 \u0441\u0435\u0442\u0438 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0442 \u0443\u043a\u0440\u0430\u0434\u0435\u043d\u043d\u044b\u0435 \u0443\u0447\u0435\u0442\u043d\u044b\u0435 \u0434\u0430\u043d\u043d\u044b\u0435 RDP, \u0430 \u0442\u0430\u043a\u0436\u0435 \u0430\u0442\u0430\u043a\u0438 \u0441 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435\u043c \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 ProxyShell. \u041f\u043e\u0441\u043b\u0435 \u0434\u043e\u0441\u0442\u0443\u043f\u0430 \u043a \u0441\u0438\u0441\u0442\u0435\u043c\u0430\u043c \u0443\u0441\u0442\u0430\u043d\u0430\u0432\u043b\u0438\u0432\u0430\u044e\u0442\u0441\u044f \u0438\u043d\u0441\u0442\u0440\u0443\u043c\u0435\u043d\u0442\u044b \u0434\u043b\u044f \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u0433\u043e \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0438 \u043c\u0430\u0441\u043a\u0438\u0440\u043e\u0432\u043a\u0438 \u043a\u043e\u043c\u0430\u043d\u0434\u043d\u043e\u0433\u043e \u0446\u0435\u043d\u0442\u0440\u0430, \u0442\u0430\u043a\u0438\u0435 \u043a\u0430\u043a Ngrok \u0438 Rsocks. \u0417\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u0442\u0430\u043a\u0436\u0435 \u043f\u043e\u0432\u044b\u0448\u0430\u044e\u0442 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0438 \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 CVE-2022-37969 (\u043e\u0446\u0435\u043d\u043a\u0430 CVSS: 7.8), \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u044e\u0449\u0443\u044e \u0434\u0440\u0430\u0439\u0432\u0435\u0440 CLFS \u0432 Windows.\n\n\u0414\u043b\u044f \u0441\u043a\u0440\u044b\u0442\u0438\u044f \u0441\u0432\u043e\u0435\u0439 \u0430\u043a\u0442\u0438\u0432\u043d\u043e\u0441\u0442\u0438 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0442 PowerShell \u0438 Windows Command Shell \u0434\u043b\u044f \u043e\u0442\u043a\u043b\u044e\u0447\u0435\u043d\u0438\u044f \u0430\u043d\u0442\u0438\u0432\u0438\u0440\u0443\u0441\u043d\u044b\u0445 \u0440\u0435\u0448\u0435\u043d\u0438\u0439 \u0438 \u0437\u0430\u0449\u0438\u0442\u044b, \u0430 \u0442\u0430\u043a\u0436\u0435 \u043e\u0431\u0444\u0443\u0441\u043a\u0430\u0446\u0438\u0438 \u0444\u0430\u0439\u043b\u043e\u0432. \u0414\u043e\u043f\u043e\u043b\u043d\u0438\u0442\u0435\u043b\u044c\u043d\u043e \u043f\u0440\u0438\u043c\u0435\u043d\u044f\u044e\u0442\u0441\u044f \u0438\u043d\u0441\u0442\u0440\u0443\u043c\u0435\u043d\u0442\u044b \u0434\u043b\u044f \u0441\u043a\u0430\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u044f \u0441\u0435\u0442\u0438, \u0442\u0430\u043a\u0438\u0435 \u043a\u0430\u043a Advanced Port Scanner, \u0438 \u0441\u043a\u0440\u0438\u043f\u0442\u044b \u0434\u043b\u044f \u0441\u0431\u043e\u0440\u0430 \u0443\u0447\u0435\u0442\u043d\u044b\u0445 \u0434\u0430\u043d\u043d\u044b\u0445 \u0438 \u0434\u0430\u043d\u043d\u044b\u0445 Active Directory.\n\n\u0413\u0440\u0443\u043f\u043f\u0430 BianLian \u0441\u043e\u0431\u0438\u0440\u0430\u0435\u0442 \u043a\u043e\u043d\u0444\u0438\u0434\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u044b\u0435 \u0444\u0430\u0439\u043b\u044b, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044f PowerShell-\u0441\u043a\u0440\u0438\u043f\u0442\u044b \u0434\u043b\u044f \u043f\u043e\u0438\u0441\u043a\u0430 \u0438 \u0441\u0436\u0430\u0442\u0438\u044f \u0434\u0430\u043d\u043d\u044b\u0445 \u043f\u0435\u0440\u0435\u0434 \u0438\u0445 \u043f\u0435\u0440\u0435\u0434\u0430\u0447\u0435\u0439 \u0447\u0435\u0440\u0435\u0437 FTP, Rclone \u0438\u043b\u0438 \u0441\u0435\u0440\u0432\u0438\u0441 Mega. \u0414\u043b\u044f \u0443\u0441\u0438\u043b\u0435\u043d\u0438\u044f \u0434\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u043d\u0430 \u0436\u0435\u0440\u0442\u0432 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u0440\u0430\u0441\u0441\u044b\u043b\u0430\u044e\u0442 \u0437\u0430\u043f\u0438\u0441\u043a\u0438 \u0441 \u0443\u0433\u0440\u043e\u0437\u0430\u043c\u0438 \u043d\u0430 \u043a\u043e\u0440\u043f\u043e\u0440\u0430\u0442\u0438\u0432\u043d\u044b\u0435 \u043f\u0440\u0438\u043d\u0442\u0435\u0440\u044b \u0438\u043b\u0438 \u0441\u0432\u044f\u0437\u044b\u0432\u0430\u044e\u0442\u0441\u044f \u0441 \u0441\u043e\u0442\u0440\u0443\u0434\u043d\u0438\u043a\u0430\u043c\u0438 \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0439 \u043f\u043e \u0442\u0435\u043b\u0435\u0444\u043e\u043d\u0443.\n\n\u0421\u043f\u0435\u0446\u0438\u0430\u043b\u0438\u0441\u0442\u044b \u0424\u0411\u0420, CISA \u0438 ACSC \u043f\u0440\u0438\u0437\u044b\u0432\u0430\u044e\u0442 \u043e\u0440\u0433\u0430\u043d\u0438\u0437\u0430\u0446\u0438\u0438 \u043f\u0440\u0438\u043c\u0435\u043d\u044f\u0442\u044c \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0438 \u0434\u043b\u044f \u043c\u0438\u043d\u0438\u043c\u0438\u0437\u0430\u0446\u0438\u0438 \u0440\u0438\u0441\u043a\u0430 \u0430\u0442\u0430\u043a. \u0421\u0440\u0435\u0434\u0438 \u043e\u0441\u043d\u043e\u0432\u043d\u044b\u0445 \u043c\u0435\u0440: \u0430\u0443\u0434\u0438\u0442 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u0433\u043e \u0434\u043e\u0441\u0442\u0443\u043f\u0430, \u0441\u0442\u0440\u043e\u0433\u0430\u044f \u0441\u0435\u0433\u043c\u0435\u043d\u0442\u0430\u0446\u0438\u044f \u0441\u0435\u0442\u0438, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u043c\u043d\u043e\u0433\u043e\u0444\u0430\u043a\u0442\u043e\u0440\u043d\u043e\u0439 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438 (MFA) \u0438 \u0440\u0435\u0433\u0443\u043b\u044f\u0440\u043d\u043e\u0435 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u0441\u0438\u0441\u0442\u0435\u043c. \u0422\u0430\u043a\u0436\u0435 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442\u0441\u044f \u0432\u0435\u0441\u0442\u0438 \u0440\u0435\u0437\u0435\u0440\u0432\u043d\u043e\u0435 \u043a\u043e\u043f\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0435 \u0434\u0430\u043d\u043d\u044b\u0445 \u0438 \u043f\u0440\u043e\u0432\u043e\u0434\u0438\u0442\u044c \u0440\u0435\u0433\u0443\u043b\u044f\u0440\u043d\u043e\u0435 \u0442\u0435\u0441\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0435 \u0437\u0430\u0449\u0438\u0442\u043d\u044b\u0445 \u043c\u0435\u0445\u0430\u043d\u0438\u0437\u043c\u043e\u0432 \u043d\u0430 \u0441\u043e\u043e\u0442\u0432\u0435\u0442\u0441\u0442\u0432\u0438\u0435 \u043c\u0435\u0442\u043e\u0434\u0430\u043c \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u043e\u0432, \u043e\u043f\u0438\u0441\u0430\u043d\u043d\u044b\u043c \u0432 \u0443\u0432\u0435\u0434\u043e\u043c\u043b\u0435\u043d\u0438\u0438.\n\n\ud83d\udd14 ITsec NEWS", "creation_timestamp": "2024-11-22T09:22:27.000000Z"}, {"uuid": "233e96dd-202f-4081-b041-911f5619d609", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2022-37969", "type": "seen", "source": "https://www.govcert.gov.hk/en/alerts_detail.php?id=870", "content": "", "creation_timestamp": "2022-09-14T04:00:00.000000Z"}, {"uuid": "950b11a3-7505-4c16-be35-049607ad06c3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-37969", "type": "published-proof-of-concept", "source": "Telegram/PnvX_MFpghLdid04MRKcqtLj_a1c3IhBEpnAhBD6iOR-ULc", "content": "", "creation_timestamp": "2025-11-25T15:00:07.000000Z"}, {"uuid": "31f294c9-3f8f-4679-8a29-1e09079de740", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-37969", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/7179", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-37969\n\ud83d\udd25 CVSS Score: 7.8 (cvssV3_1, Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C)\n\ud83d\udd39 Description: Windows Common Log File System Driver Elevation of Privilege Vulnerability\n\ud83d\udccf Published: 2022-09-13T18:42:12.000Z\n\ud83d\udccf Modified: 2025-03-11T16:10:46.928Z\n\ud83d\udd17 References:\n1. https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-37969", "creation_timestamp": "2025-03-11T16:40:32.000000Z"}, {"uuid": "a031b0ef-88ed-418c-bb1c-713fa928f721", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-37969", "type": "seen", "source": "https://t.me/alexmakus/4801", "content": "\u0432\u043e\u0443-\u0432\u043e\u0443, \u0442\u0430\u043c Microsoft \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0430 \u043f\u0430\u0442\u0447 \u0434\u043b\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u0435\u0442 \u043c\u0430\u0441\u0441\u0443 \u0432\u0435\u0440\u0441\u0438\u0439 Windows, \u0432\u043a\u043b\u044e\u0447\u0430\u044f Windows Server 2008 \u0438 Windows 7 (\u043a\u043e\u0442\u043e\u0440\u0443\u044e \u0443\u0431\u0440\u0430\u043b\u0438 \u0438\u0437 \u043f\u043e\u0434\u0434\u0435\u0440\u0436\u043a\u0438 \u0432 2020 \u0433\u043e\u0434\u0443)\n\nhttps://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-37969\n\n\u041d\u0430 \u044d\u0442\u043e\u043c \u0444\u043e\u043d\u0435 \u043d\u043e\u0432\u043e\u0441\u0442\u044c \u043f\u0440\u043e \u043f\u0430\u0442\u0447 \u0434\u043b\u044f \u0432\u0442\u043e\u0440\u043e\u0439 zero-day \u0434\u0430\u0436\u0435 \u043a\u0430\u043a\u0442\u043e \u0442\u0435\u0440\u044f\u0435\u0442\u0441\u044f \nhttps://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2022-23960", "creation_timestamp": "2022-09-14T15:33:40.000000Z"}, {"uuid": "59b15fda-aa3c-402d-a56e-9d5b6d639d00", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-37969", "type": "seen", "source": "https://t.me/arpsyndicate/977", "content": "#ExploitObserverAlert\n\nCVE-2022-37969\n\nDESCRIPTION: Exploit Observer has 13 entries related to CVE-2022-37969. Windows Common Log File System Driver Elevation of Privilege Vulnerability\n\nFIRST-EPSS: 0.001480000\nNVD-IS: 5.9\nNVD-ES: 1.8", "creation_timestamp": "2023-12-03T16:26:04.000000Z"}, {"uuid": "b2b2230e-4d9c-4b30-8c5d-494ee5b9c0ae", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-37969", "type": "published-proof-of-concept", "source": "https://t.me/ctinow/71994", "content": "Technical Analysis of Windows CLFS Zero-Day Vulnerability CVE-2022-37969 - Part 2: Exploit Analysis - Security Boulevard\n\nhttps://ift.tt/zBqES2b", "creation_timestamp": "2022-10-28T17:41:31.000000Z"}, {"uuid": "42649016-cfda-418e-b4bc-ead327e84d98", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-37969", "type": "published-proof-of-concept", "source": "https://t.me/ctinow/71990", "content": "Technical Analysis of Windows CLFS Zero-Day Vulnerability CVE-2022-37969 \u2013 Part 2: Exploit Analysis\n\nhttps://ift.tt/zBqES2b", "creation_timestamp": "2022-10-28T17:36:52.000000Z"}, {"uuid": "5e7e8860-db62-4f70-8cb2-38aa4b585461", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-37969", "type": "seen", "source": "https://t.me/ctinow/69292", "content": "Experts disclose technical details of now-patched CVE-2022-37969 Windows Zero-Day\n\nhttps://ift.tt/7tVagHp", "creation_timestamp": "2022-10-15T00:56:18.000000Z"}, {"uuid": "19df6f70-b10d-49ff-8761-66bb209d58e6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-37969", "type": "exploited", "source": "https://t.me/ctinow/63371", "content": "Microsoft fixes exploited zero-day in the Windows CLFS Driver (CVE-2022-37969)\n\nhttps://ift.tt/6RDFavC", "creation_timestamp": "2022-09-13T21:31:54.000000Z"}, {"uuid": "54585ad3-eed8-4933-90e5-1c539066eca0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-37969", "type": "published-proof-of-concept", "source": "https://t.me/dilagrafie/2894", "content": "25 Tools - Hackers Factory\n\n\u200b\u200bMobile Verification Toolkit\n\nMVT (Mobile Verification Toolkit) helps with conducting forensics of mobile devices in order to find signs of a potential compromise.\n\nhttps://github.com/mvt-project/mvt\n\n#cybersecurity #infosec #forensic\n\n\u200b\u200bHiding Shellcode In Plain Sight\n\nHiding shellcode in plain sight within a large memory region. Inspired by technique used by Raspberry Robin's Roshtyak\n\nhttps://github.com/LloydLabs/shellcode-plain-sight\n\n#cybersecurity #infosec\n\n\u200b\u200bUbSym\n\nA Unit-Based Symbolic Execution Method for Detecting Memory Corruption Vulnerabilities in Executable Codes.\n\nhttps://github.com/SoftwareSecurityLab/UbSym\n\n#cybersecurity #infosec\n\n\u200b\u200bLibAFL\n\nAdvanced Fuzzing Library - Slot your Fuzzer together in Rust! Scales across cores and machines. For Windows, Android, MacOS, Linux, no_std...\n\nhttps://github.com/AFLplusplus/LibAFL\n\n#cybersecurity #infosec\n\n\u200b\u200bWappalyzer\n\nWappalyzer identifies technologies on websites, such as CMS, web frameworks, ecommerce platforms, JavaScript libraries, analytics tools and more...\n\nhttps://github.com/wappalyzer/wappalyzer\n\nWeb:\nhttps://www.wappalyzer.com/\n\n#cybersecurity #infosec #bugbounty\n\n\u200b\u200bPocketSmali\n\nA modular and extendable Python tool for emulating simple SMALI code.\n\nhttps://github.com/user1342/PocketSmali\n\n#cybersecurity #infosec\n\n\u200b\u200bOpenCTI\n\nOpenCTI is an open source platform allowing organizations to manage their cyber threat intelligence knowledge and observables. It has been created in order to structure, store, organize and visualize technical and non-technical information about cyber threats.\n\nhttps://github.com/OpenCTI-Platform/opencti\n\n#cybersecurity #infosec\n\n\u200b\u200bFfufMaster Usage\n\nRun ffuf with the appropriate options to brute-force the directories using the awesome different wordlists.\n\nhttps://github.com/whalebone7/FfufMaster\n\n#infosec #pentesting #bugbounty\n\n\u200b\u200bbadger-builder\n\nbadger-builder is an AI-assisted tool for generating dynamic Brute Ratel C4 profiles. Simply provide badger-builder a flavor for your desired profile and it will prompt OpenAI for fitting configurations.\n\nListener/payload profile configs that are AI generated:\n\n\u2022 C2 URIs\n\u2022 Request/response HTTP headers\n\u2022 HTTP body data prepended and appended to C2 requests/responses\n\u2022 The server's empty-response HTTP body\n\nhttps://github.com/Tw1sm/badger-builder\n\n#infosec #pentesting #redteam\n\n\u200b\u200bCVE-2022-37969 \n\nUnderstanding the CVE-2022-37969 Windows Common Log File System Driver Local Privilege Escalation.\n\nhttps://github.com/fortra/CVE-2022-37969\n\n#infosec #cve #poc #exploit\n\n\u200b\u200bKoodousFinder\n\nA simple tool to allows users to search for and analyze android apps for potential security threats and vulnerabilities.\n\nhttps://github.com/teixeira0xfffff/KoodousFinder\n\n#infosec #pentesting\n\n\u200b\u200blldbinit\n\nA gdbinit clone for LLDB aka how to make LLDB a bit more useful and less crappy.\n\nhttps://github.com/gdbinit/lldbinit\n\n#cybersecurity #infosec\n\n\u200b\u200bScareCrow \n\nPayload creation framework designed around EDR bypass. \n\nIf you want to learn more about the techniques utilized in this framework please take a look at Part 1 and Part 2.\n\nhttps://github.com/optiv/ScareCrow\n\n#infosec #pentesting #redteam\n\n\u200b\u200bkali-linux-cheatsheet\n\nKali Linux Cheat Sheet for Penetration Testers.\n\nhttps://github.com/NoorQureshi/kali-linux-cheatsheet\n\n#cybersecurity #infosec #pentesting\n\n\u200b\u200bWindowSpy \ud83d\udc40\n\nA Cobalt Strike Beacon Object File meant for targeted user surveillance.\n\nhttps://github.com/CodeXTF2/WindowSpy\n\n#infosec #pentesting #redteam\n\n\u200b\u200bStriker C2\n\nStriker is a simple Command and Control (C2) program.\n\nhttps://github.com/4g3nt47/Striker\n\n#infosec #pentesting #redteam\n\n\u200b\u200bHandle-Ripper\n\nWindows handle hijacker.\n\nhttps://github.com/ZeroMemoryEx/Handle-Ripper\n\n#infosec #pentesting #redteam\n\nBearer\n\nCode security scanning tool (SAST) that discover, filter and prioritize security risks and vulnerabilities leading to sensitive data exposures (PII, PHI, PD).\n\nhttps://github.com/bearer/bearer\n\n#cybersecurity #infosec #pentesting\n\n\u200b\u200b1/2", "creation_timestamp": "2023-04-30T07:18:19.000000Z"}, {"uuid": "43aa6ad6-e256-413d-a2c3-24dd77ab494f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-37969", "type": "published-proof-of-concept", "source": "https://t.me/dxe_0x0/160", "content": "\u0412\u043e\u0442 \u0442\u0443\u0442 \u0430\u043d\u0430\u043b\u0438\u0437 \u0432\u0443\u043b\u043d\u044b CVE-2022-37969:\nhttps://www.zscaler.com/blogs/security-research/technical-analysis-windows-clfs-zero-day-vulnerability-cve-2022-37969-part\n\u0410 \u0432\u043e\u0442 \u0437\u0434\u0435\u0441\u044c \u0443\u0436\u0435 \u043e\u043f\u0438\u0441\u044b\u0432\u0430\u0435\u0442\u0441\u044f \u0430\u043d\u0430\u043b\u0438\u0437 \u0441\u043f\u043b\u043e\u0435\u043d\u0442\u0430, \u0447\u0442\u043e \u0432\u0435\u0441\u044c\u043c\u0430 \u043f\u043e\u043b\u0435\u0437\u043d\u043e (\u0430 \u0435\u0449\u0435 \u043e\u043d\u0438 \u0442\u0430\u043c \u0440\u0435\u0430\u043b\u0438\u0437\u043e\u0432\u0430\u043b\u0438 \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0443 \u043f\u043e UBR, \u0447\u0442\u043e \u043f\u043e\u043b\u0435\u0437\u043d\u043e \u043f\u043e\u0441\u043c\u043e\u0442\u0440\u0435\u0442\u044c, \u0434\u0430 \u0438 \u044d\u0442\u043e \u0442\u043e\u0436\u0435 \u043f\u0440\u0430\u0432\u0438\u043b\u044c\u043d\u044b\u0439 \u043f\u043e\u0434\u0445\u043e\u0434 \u043a \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0435 \u0431\u0438\u043b\u0434\u043e\u0432):\nhttps://www.zscaler.com/blogs/security-research/technical-analysis-windows-clfs-zero-day-vulnerability-cve-2022-37969-part2-exploit-analysis", "creation_timestamp": "2022-11-08T10:28:29.000000Z"}, {"uuid": "9dfdea78-65ff-4e3e-95eb-f01e38735cfc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-37969", "type": "published-proof-of-concept", "source": "https://t.me/dilagrafie/3103", "content": "Tools \ud83d\udd27 \ud83d\udd28 \ud83d\udd27  - Hackers Factory \n\n\u200b\u200bNosey Parker\n\nA command-line program that finds secrets and sensitive information in textual data and Git history.\n\nhttps://github.com/praetorian-inc/noseyparker\n\n#infosec #pentesting #bugbounty\n\n\u200b\u200b\ud83d\udee1 eBPFShield\n\nA high-performance security tool that utilizes eBPF and Python to provide real-time IP-Intelligence and DNS monitoring. \n\nhttps://github.com/sagarbhure/eBPFShield\n\n#cybersecurity #infosec\n\n\u200b\u200bNetSoc #OSINT\n\nTool focused on extracting information from an account in various Social Networks.\n\nhttps://github.com/XDeadHackerX/NetSoc_OSINT\n\n#cybersecurity #infosec\n\n\u200b\u200bcloudtoolkit\n\nCloud Penetration Testing Toolkit\n\nhttps://github.com/404tk/cloudtoolkit\n\n#cybersecurity #infosec #pentesting\n\n\u200b\u200bTomcatBackdoorPoC\n\nTomcat backdoor based on CS blog.\n\nhttps://github.com/HackingLZ/TomcatBackdoorPoC\n\nDetails:\nhttps://bit.ly/437Myhb\n\n#infosec #pentesting #redteam\n\n\u200b\u200bNoMoreCookies\n\nBrowser Protector against various stealers, written in C# &amp; C/C++. Works by hooking NtCreateFile and prevent accessing browser files, in addition to prevent it's unhooking. compatible with various games and software.\n\nhttps://github.com/AdvDebug/NoMoreCookies\n\n#cybersecurity #infosec\n\n\u200b\u200bCVE-2023-28252\n\nUnderstanding the cve-2022-37969 windows common log file system driver local privilege escalation.\n\nhttps://github.com/fortra/CVE-2023-28252\n\n#cve #cybersecurity #infosec\n\n\u200b\u200bCVE-2023-2982\n\nWordPress Social Login and Register (Discord, Google, Twitter, LinkedIn) &lt;= 7.6.4 - Authentication Bypass.\n\nhttps://github.com/RandomRobbieBF/CVE-2023-2982\n\n#cve #cybersecurity #infosec\n\n\u200b\u200bCVE-2023-3338\n\nPracticing different Linux kernel exploitation techniques with my DECnet vulnerability and null page mapping enabled.\n\nhttps://github.com/TurtleARM/CVE-2023-3338\n\n#cve #cybersecurity #infosec\n\n\u200b\u200bCVE-2020-9289\n\nDecrypt reversible secrets encrypted using the default hardcoded key related to CVE-2020-9289 on FortiAnalyzer/FortiManager (the only difference with CVE-2019-6693 is the encryption routine).\n\nhttps://github.com/synacktiv/CVE-2020-9289\n\n#cve #cybersecurity #infosec\n\n\u200b\u200bPDFator\n\nInfoSec project that consists of a Python script and a C application to generate an executable payload. The payload includes functionality to write and execute a PDF file and execute shellcode. Both the PDF file and shellcode are encrypted using XOR and decrypted at runtime.\n\nhttps://github.com/smokeme/PDFator\n\n#cybersecurity #infosec\n\n\u200b\u200bUscrapper \n\n#OSINT tool that allows users to extract various personal information from a website. It leverages web scraping techniques and regular expressions to extract email addresses, social media links, author names, geolocations, phone numbers, and usernames from both hyperlinked and non-hyperlinked sources on the webpage.\n\nhttps://github.com/z0m31en7/Uscrapper\n\n#cybersecurity #infosec\n\n\u200b\u200bGold Digger\n\nA simple tool used to help quickly discover sensitive information in files recursively. Originally written to assist in rapidly searching files obtained during a penetration test.\n\nhttps://github.com/ustayready/golddigger\n\n#infosec #pentesting #bugbounty\n\n\u200b\u200bLinux-Exploit-Detection\n\nLinux-based vulnerabilities (CVE) exploit detection through runtime security using Falco/Osquery/Yara/Rego/Sigma.\n\nhttps://github.com/Loginsoft-Research/Linux-Exploit-Detection\n\n#cybersecurity #infosec\n\n\u200b\u200bdynmx \n\nSignature-based detection of malware features based on Windows API call sequences. It's like YARA for sandbox API traces.\n\nhttps://github.com/0x534a/dynmx\n\n#cybersecurity #infosec\n\n\u200b\u200bjsluice\n\nExtract URLs, paths, secrets, and other interesting bits from JavaScript.\n\nhttps://github.com/BishopFox/jsluice\n\n#infosec #pentesting #bugbounty\n\nhttps://t.me/dilagrafie", "creation_timestamp": "2023-07-06T11:08:24.000000Z"}, {"uuid": "b6ad5b87-f58a-4030-aca3-70bc16da5e13", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-37969", "type": "published-proof-of-concept", "source": "https://t.me/true_secator/5243", "content": "\u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u0438\u0437 \u041b\u0430\u0431\u043e\u0440\u0430\u0442\u043e\u0440\u0438\u0438 \u041a\u0430\u0441\u043f\u0435\u0440\u0441\u043a\u043e\u0433\u043e \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u0438\u043b\u0438 \u043f\u043e\u0434\u0440\u043e\u0431\u043d\u044b\u0439 \u0440\u0430\u0437\u0431\u043e\u0440 \u0430\u0440\u0445\u0438\u0442\u0435\u043a\u0442\u0443\u0440\u044b Common Log File System (CLFS) \u0432 \u0447\u0430\u0441\u0442\u0438 \u0435\u0433\u043e \u043a\u043e\u043d\u0441\u0442\u0440\u0443\u043a\u0442\u0438\u0432\u043d\u044b\u0445 \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043a\u043e\u0432, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043f\u0440\u0438\u0432\u0435\u043b\u0438 \u043a \u043f\u043e\u044f\u0432\u043b\u0435\u043d\u0438\u044e \u0437\u0438\u0440\u043e\u0434\u0435\u0435\u0432, \u0443\u043c\u0435\u043b\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u043d\u044b\u0445 \u043e\u043f\u0435\u0440\u0430\u0442\u043e\u0440\u0430\u043c\u0438 ransomware \u0432 2022 \u0438 2023.\n\n\u041f\u043e\u0441\u043b\u0435\u0434\u043d\u0438\u0439 \u043e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u043b\u0441\u044f \u043a\u0430\u043a CVE-2023-28252\u00a0\u0438 \u0431\u044b\u043b \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d Microsoft \u043f\u043e\u0441\u043b\u0435 \u0442\u043e\u043b\u044c\u043a\u043e, \u043a\u0430\u043a \u043e \u043d\u0435\u043c \u0441\u043e\u043e\u0431\u0449\u0438\u043b\u0438 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438.\n\n\u041f\u0440\u0438\u0447\u0435\u043c \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u043d\u044b\u0439 0-day \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442 \u0431\u044b\u043b \u043f\u043e\u0445\u043e\u0436 \u043d\u0430 \u0434\u0440\u0443\u0433\u0438\u0435 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u044b \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u0438\u044f \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439 (EoP) \u0434\u043b\u044f Microsoft Windows, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043d\u0430\u0431\u043b\u044e\u0434\u0430\u043b\u0438\u0441\u044c \u0432 \u0430\u0442\u0430\u043a\u0430\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c-\u0432\u044b\u043c\u043e\u0433\u0430\u0442\u0435\u043b\u0435\u0439 \u043d\u0430 \u043f\u0440\u043e\u0442\u044f\u0436\u0435\u043d\u0438\u0438 \u0433\u043e\u0434\u0430.\n\n\u0412\u043e\u043e\u0431\u0449\u0435 \u0436\u0435 \u0441 \u0438\u044e\u043d\u044f 2022 \u0433\u043e\u0434\u0430 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b\u0438 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u044b \u043a\u0430\u043a \u043c\u0438\u043d\u0438\u043c\u0443\u043c \u0434\u043b\u044f\u00a0\u043f\u044f\u0442\u0438\u00a0\u0440\u0430\u0437\u043b\u0438\u0447\u043d\u044b\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0434\u0440\u0430\u0439\u0432\u0435\u0440\u043e\u0432 CLFS.\n\n\u0427\u0435\u0442\u044b\u0440\u0435 \u0438\u0437 \u0440\u0430\u0441\u0441\u043c\u0430\u0442\u0440\u0438\u0432\u0430\u0435\u043c\u044b\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439, \u0440\u0435\u0430\u043b\u0438\u0437\u043e\u0432\u0430\u043d\u043d\u044b\u0445 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c\u0438 (CVE-2022-24521, CVE-2022-37969, CVE-2023-23376, CVE-2023-28252), \u0431\u044b\u043b\u0438 \u0437\u0430\u0434\u0435\u0442\u0435\u043a\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u044b \u043a\u0430\u043a \u043d\u0443\u043b\u0435\u0432\u044b\u0435.\n\n\u041f\u0440\u0438\u0447\u0435\u043c \u0442\u0430\u043a\u043e\u0433\u043e \u043a\u043e\u043b\u0438\u0447\u0435\u0441\u0442\u0432\u0430 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u043e\u0432 \u0434\u0440\u0430\u0439\u0432\u0435\u0440\u043e\u0432 CLFS, \u0437\u0430\u043c\u0435\u0447\u0435\u043d\u043d\u044b\u0445 \u0432 \u0430\u043a\u0442\u0438\u0432\u043d\u044b\u0445 \u0430\u0442\u0430\u043a\u0430\u0445 \u0432 \u0442\u0435\u0447\u0435\u043d\u0438\u0435 \u0433\u043e\u0434\u0430, \u0440\u0430\u043d\u0435\u0435 \u043d\u0435 \u043d\u0430\u0431\u043b\u044e\u0434\u0430\u043b\u043e\u0441\u044c.\n\n\u041d\u0430 \u0441\u0430\u043c\u043e\u043c \u0434\u0435\u043b\u0435 \u043d\u0438\u0447\u0435\u0433\u043e \u0443\u0434\u0438\u0432\u0438\u0442\u0435\u043b\u044c\u043d\u043e, \u0437\u043d\u0430\u044f \u043a\u0430\u043a Microsoft \u0432\u0435\u0434\u0435\u0442 \u0440\u0430\u0431\u043e\u0442\u0443 \u043d\u0430\u0434 \u043e\u0448\u0438\u0431\u043a\u0430\u043c\u0438. \u041d\u0435\u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0438\u0437 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439, \u043a\u0430\u043a \u0432\u044b\u044f\u0441\u043d\u0438\u043b\u0438 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438, \u0431\u044b\u043b\u0438 \u0432\u0430\u0440\u0438\u0430\u043d\u0442\u0430\u043c\u0438 \u0440\u0430\u043d\u0435\u0435 \u0438\u0437\u0432\u0435\u0441\u0442\u043d\u044b\u0445 \u043f\u0440\u043e\u0431\u043b\u0435\u043c, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043d\u0435 \u0431\u044b\u043b\u0438 \u0438\u0437\u043d\u0430\u0447\u0430\u043b\u044c\u043d\u043e \u044d\u0444\u0444\u0435\u043a\u0442\u0438\u0432\u043d\u043e \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u044b.\n\n\u0410 \u0447\u0442\u043e \u043a\u0430\u0441\u0430\u0435\u0442\u0441\u044f Common Log File System (CLFS), \u0442\u043e \u044d\u0442\u043e \u0445\u043e\u0440\u043e\u0448\u0438\u0439 \u043f\u0440\u0438\u043c\u0435\u0440 \u0442\u043e\u0433\u043e, \u043a\u0430\u043a \u043d\u0435 \u0441\u043b\u0435\u0434\u0443\u0435\u0442 \u043f\u0440\u043e\u0435\u043a\u0442\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u0444\u043e\u0440\u043c\u0430\u0442 \u0444\u0430\u0439\u043b\u0430. \u0418 \u0441 \u043c\u043e\u043c\u0435\u043d\u0442\u0430 \u0432\u044b\u043f\u0443\u0441\u043a\u0430 \u043f\u0430\u0442\u0447\u0430 \u0434\u043b\u044f CVE-2023-28252 \u0432 \u0430\u043f\u0440\u0435\u043b\u0435 2023 \u0433\u043e\u0434\u0430 \u0432 \u043d\u0435\u043c \u0431\u044b\u043b\u043e \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043e \u0435\u0449\u0435 \u043d\u0435\u0441\u043a\u043e\u043b\u044c\u043a\u043e \u043f\u0440\u043e\u0431\u043b\u0435\u043c.\n\n\u0412\u043e\u0437\u0432\u0440\u0430\u0449\u0430\u044f\u0441\u044c \u043a \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u043d\u0438\u044e, \u043e\u043d\u043e \u043f\u043e\u043b\u0443\u0447\u0438\u043b\u043e\u0441\u044c \u0434\u043e\u0432\u043e\u043b\u044c\u043d\u043e \u0442\u0430\u043a\u0438 \u043e\u0431\u044a\u0435\u043c\u043d\u044b\u043c \u0438 \u0431\u044b\u043b\u043e \u0440\u0430\u0437\u0434\u0435\u043b\u0435\u043d\u043e \u043d\u0430 \u0448\u0435\u0441\u0442\u044c \u0447\u0430\u0441\u0442\u0435\u0439, \u043f\u0435\u0440\u0432\u0430\u044f (\u0447\u0430\u0441\u0442\u044c 1. Windows CLFS \u0438 \u043f\u044f\u0442\u044c \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u043e\u0432 \u043e\u043f\u0435\u0440\u0430\u0442\u043e\u0440\u043e\u0432-\u0432\u044b\u043c\u043e\u0433\u0430\u0442\u0435\u043b\u0435\u0439) \u0438\u0437 \u043a\u043e\u0442\u043e\u0440\u044b\u0445 \u043f\u043e\u0441\u0432\u044f\u0449\u0435\u043d\u0430 CLFS.\n\n\u041f\u044f\u0442\u044c \u0434\u0440\u0443\u0433\u0438\u0445 \u0432\u043a\u043b\u044e\u0447\u0430\u0442 \u043e\u0431\u0437\u043e\u0440 \u0444\u0430\u043a\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0445 \u043f\u0435\u0440\u0432\u043e\u043f\u0440\u0438\u0447\u0438\u043d \u0438 \u043e\u0431\u0441\u0442\u043e\u044f\u0442\u0435\u043b\u044c\u0441\u0442\u0432 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u044f \u043a\u043e\u043d\u043a\u0440\u0435\u0442\u043d\u044b\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439: \u0447\u0430\u0441\u0442\u044c 2: \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442 \u21161 - CVE-2022-24521, \u0447\u0430\u0441\u0442\u044c 3: \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442 \u21162 \u2014 \u0441\u0435\u043d\u0442\u044f\u0431\u0440\u044c 2022, \u0447\u0430\u0441\u0442\u044c 4: \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442 \u21163 \u2014 \u043e\u043a\u0442\u044f\u0431\u0440\u044c 2022, \u0447\u0430\u0441\u0442\u044c 5: \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442 \u21164 \u2014 CVE-2023-23376 \u0438 \u0447\u0430\u0441\u0442\u044c 6: \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442 \u21165 \u2014 CVE-2023-28252.", "creation_timestamp": "2023-12-25T17:10:05.000000Z"}, {"uuid": "c12d4a03-1c08-49fd-82ad-b4be80ec522e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-37969", "type": "seen", "source": "https://t.me/cibsecurity/49681", "content": "\u203c CVE-2022-35803 \u203c\n\nWindows Common Log File System Driver Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-37969.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-09-13T22:25:40.000000Z"}, {"uuid": "91fb19d3-d0c0-4dc7-acde-10d8caf00c20", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-37969", "type": "exploited", "source": "https://t.me/true_secator/4279", "content": "\u0420\u0435\u0448\u0438\u043b\u0438 \u043e\u0442\u0434\u0435\u043b\u044c\u043d\u043e \u043e\u0441\u0442\u0430\u043d\u043e\u0432\u0438\u0442\u044c\u0441\u044f \u043d\u0430 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043d\u043e\u0439 \u0430\u043f\u0440\u0435\u043b\u044c\u0441\u043a\u0438\u043c \u043f\u0430\u0442\u0447\u0435\u043c Microsoft 0-day \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u0438\u044f \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439 \u0432 Windows (CLFS), \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u0435\u0442 \u0432\u0441\u0435 \u043f\u043e\u0434\u0434\u0435\u0440\u0436\u0438\u0432\u0430\u0435\u043c\u044b\u0435 \u0441\u0435\u0440\u0432\u0435\u0440\u043d\u044b\u0435 \u0438 \u043a\u043b\u0438\u0435\u043d\u0442\u0441\u043a\u0438\u0435 \u0432\u0435\u0440\u0441\u0438\u0438 Windows \u0438 \u043c\u043e\u0436\u0435\u0442 \u0431\u044b\u0442\u044c \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0430 \u043b\u043e\u043a\u0430\u043b\u044c\u043d\u044b\u043c\u0438 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c\u0438 \u0432 \u0430\u0442\u0430\u043a\u0430\u0445 \u043d\u0438\u0437\u043a\u043e\u0439 \u0441\u043b\u043e\u0436\u043d\u043e\u0441\u0442\u0438.\n\n\u041d\u0430 \u0441\u0430\u043c\u043e\u043c \u0434\u0435\u043b\u0435 \u043b\u044c\u0432\u0438\u043d\u0443\u044e \u0434\u043e\u043b\u044e \u0440\u0430\u0431\u043e\u0442\u044b \u0432 \u043f\u0440\u043e\u0446\u0435\u0441\u0441\u0435 \u0440\u0430\u0441\u043a\u0440\u044b\u0442\u0438\u044f CVE-2023-28252 \u043f\u0440\u043e\u0434\u0435\u043b\u0430\u043b\u0438 \u044d\u043a\u0441\u043f\u0435\u0440\u0442\u044b \u0438\u0437 \u043a\u043e\u043c\u0430\u043d\u0434\u044b GReAT \u041b\u0430\u0431\u043e\u0440\u0430\u0442\u043e\u0440\u0438\u0438 \u041a\u0430\u0441\u043f\u0435\u0440\u0441\u043a\u043e\u0433\u043e \u043f\u043e\u043c\u0438\u043c\u043e \u0443\u043f\u043e\u043c\u0438\u043d\u0430\u0435\u043c\u044b\u0445 Mandiant \u0438 DBAPPSecurity WeBin.\n\n0-day \u0432\u043f\u0435\u0440\u0432\u044b\u0435 \u0431\u044b\u043b\u0430 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0430 \u041b\u0430\u0431\u043e\u0440\u0430\u0442\u043e\u0440\u0438\u0435\u0439 \u041a\u0430\u0441\u043f\u0435\u0440\u0441\u043a\u043e\u0433\u043e \u0432 \u0444\u0435\u0432\u0440\u0430\u043b\u0435 2023 \u0433\u043e\u0434\u0430 \u0432 \u0440\u0430\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u043d\u0438\u044f \u0430\u0442\u0430\u043a, \u0432 \u0440\u0430\u043c\u043a\u0430\u0445 \u043a\u043e\u0442\u043e\u0440\u044b\u0445 \u043e\u043f\u0435\u0440\u0430\u0442\u043e\u0440\u044b \u043d\u0430 \u0441\u0435\u0440\u0432\u0435\u0440\u0430\u0445 Microsoft Windows \u043f\u044b\u0442\u0430\u043b\u0438\u0441\u044c \u0440\u0430\u0437\u0432\u0435\u0440\u043d\u0443\u0442\u044c \u043d\u043e\u0432\u0443\u044e \u0432\u0435\u0440\u0441\u0438\u044e Nokoyawa ransomware \u043d\u0430 \u043f\u0440\u0435\u0434\u043f\u0440\u0438\u044f\u0442\u0438\u044f\u0445 \u043c\u0430\u043b\u043e\u0433\u043e \u0438 \u0441\u0440\u0435\u0434\u043d\u0435\u0433\u043e \u0431\u0438\u0437\u043d\u0435\u0441\u0430 \u0432 \u0431\u043b\u0438\u0436\u043d\u0435\u0432\u043e\u0441\u0442\u043e\u0447\u043d\u043e\u043c \u0438 \u0441\u0435\u0432\u0435\u0440\u043e\u0430\u043c\u0435\u0440\u0438\u043a\u0430\u043d\u0441\u043a\u043e\u043c \u0440\u0435\u0433\u0438\u043e\u043d\u0430\u0445.\n\n\u041f\u043e \u0434\u0430\u043d\u043d\u044b\u043c \u041b\u0430\u0431\u043e\u0440\u0430\u0442\u043e\u0440\u0438\u0438 \u041a\u0430\u0441\u043f\u0435\u0440\u0441\u043a\u043e\u0433\u043e, \u0441\u0442\u043e\u044f\u0449\u0430\u044f \u0437\u0430 ransomware \u0433\u0440\u0443\u043f\u043f\u0430 \u0441 \u0438\u044e\u043d\u044f 2022 \u0433\u043e\u0434\u0430 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b\u0430  \u043a\u0430\u043a \u043c\u0438\u043d\u0438\u043c\u0443\u043c \u0435\u0449\u0435 \u043f\u044f\u0442\u044c \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u043e\u0432, \u043d\u0430\u0446\u0435\u043b\u0435\u043d\u043d\u044b\u0445 \u043d\u0430 \u0434\u0440\u0430\u0439\u0432\u0435\u0440 CLFS, \u0432 \u0445\u043e\u0434\u0435 \u0430\u0442\u0430\u043a \u043d\u0430 \u043e\u0442\u0440\u0430\u0441\u043b\u0435\u0432\u044b\u0435 \u043e\u0440\u0433\u0430\u043d\u0438\u0437\u0430\u0446\u0438\u0438 \u0432 \u0441\u0444\u0435\u0440\u0435 \u0442\u043e\u0440\u0433\u043e\u0432\u043b\u0438, \u044d\u043d\u0435\u0440\u0433\u0435\u0442\u0438\u043a\u0438, \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0441\u0442\u0432\u0430, \u0437\u0434\u0440\u0430\u0432\u043e\u043e\u0445\u0440\u0430\u043d\u0435\u043d\u0438\u044f \u0438 \u0440\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u043a\u0438 \u041f\u041e.\n\n\u0421 2018 \u0433\u043e\u0434\u0430 Redmond \u0438\u0441\u043f\u0440\u0430\u0432\u0438\u043b\u0430 \u043d\u0435 \u043c\u0435\u043d\u0435\u0435 32 \u043b\u043e\u043a\u0430\u043b\u044c\u043d\u044b\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u0438\u044f \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439 \u0432 \u0434\u0440\u0430\u0439\u0432\u0435\u0440\u0435 Windows CLFS, \u043f\u0440\u0438\u0447\u0435\u043c \u0442\u0440\u0438 \u0438\u0437 \u043d\u0438\u0445 (CVE-2022-24521, CVE-2022-37969 \u0438 CVE-2023-23376) \u0442\u0430\u043a\u0436\u0435 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b\u0438\u0441\u044c \u0432 \u0440\u0435\u0430\u043b\u044c\u043d\u044b\u0445 \u0443\u0441\u043b\u043e\u0432\u0438\u044f\u0445 \u0432 \u043a\u0430\u0447\u0435\u0441\u0442\u0432\u0435 0-day, \u043f\u0440\u0438 \u044d\u0442\u043e\u043c - \u043f\u0440\u0435\u0438\u043c\u0443\u0449\u0435\u0441\u0442\u0432\u0435\u043d\u043d\u043e \u0410\u0420\u0422.\n\n\u041d\u0435 \u0431\u0443\u0434\u0435\u043c \u043f\u043e\u0434\u0440\u043e\u0431\u043d\u043e \u043e\u0441\u0442\u0430\u043d\u0430\u0432\u043b\u0438\u0432\u0430\u0442\u044c\u0441\u044f \u043d\u0430 \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u043b\u0435\u043d\u043d\u043e\u0439 \u0432 \u043e\u0442\u0447\u0435\u0442\u0435 \u0442\u0435\u0445\u043d\u0438\u0447\u0435\u0441\u043a\u043e\u0439 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u044e\u0449\u0435\u0439 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u044b, \u0442\u0435\u043c \u0431\u043e\u043b\u0435\u0435 \u0447\u0442\u043e \u0432\u0441\u0435\u043c\u0438 \u043f\u043e\u0434\u0440\u043e\u0431\u043d\u043e\u0441\u0442\u044f\u043c\u0438 \u041b\u0430\u0431\u043e\u0440\u0430\u0442\u043e\u0440\u0438\u044f \u043e\u0431\u0435\u0449\u0430\u0435\u0442 \u043f\u043e\u0434\u0435\u043b\u0438\u0442\u044c\u0441\u044f \u0442\u043e\u043b\u044c\u043a\u043e \u0447\u0435\u0440\u0435\u0437 \u0434\u0435\u0432\u044f\u0442\u044c \u0434\u043d\u0435\u0439 \u043f\u043e\u0441\u043b\u0435 \u0432\u044b\u043f\u0443\u0441\u043a\u0430 \u043f\u0430\u0442\u0447\u0430.\n\n\u041e\u0442\u043c\u0435\u0442\u0438\u043c, \u0447\u0442\u043e \u043f\u043e \u043c\u043d\u0435\u043d\u0438\u044e \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439, \u043e\u0441\u043d\u043e\u0432\u043d\u043e\u0439 \u0446\u0435\u043b\u044c\u044e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u044f \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u043e\u0432 \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u0438\u044f \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439 \u0431\u044b\u043b\u043e \u0441\u043e\u0437\u0434\u0430\u043d\u0438\u0435 \u0434\u0430\u043c\u043f\u0430 \u0441\u043e\u0434\u0435\u0440\u0436\u0438\u043c\u043e\u0433\u043e \u043a\u0443\u0441\u0442\u0430 \u0440\u0435\u0435\u0441\u0442\u0440\u0430 HKEY_LOCAL_MACHINE\\SAM.\n\n\u0410 \u0447\u0442\u043e \u043a\u0430\u0441\u0430\u0435\u0442\u0441\u044f \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u043e\u0433\u043e \u041f\u041e, \u0442\u043e \u0432 \u043a\u0430\u0447\u0435\u0441\u0442\u0432\u0435 \u043e\u0441\u043d\u043e\u0432\u043d\u043e\u0433\u043e \u0438\u043d\u0441\u0442\u0440\u0443\u043c\u0435\u043d\u0442\u0430 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0442 Cobalt Strike BEACON. \u041e\u043d \u0437\u0430\u043f\u0443\u0441\u043a\u0430\u0435\u0442\u0441\u044f \u0441 \u043c\u043d\u043e\u0436\u0435\u0441\u0442\u0432\u043e\u043c \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044c\u0441\u043a\u0438\u0445 \u0437\u0430\u0433\u0440\u0443\u0437\u0447\u0438\u043a\u043e\u0432, \u043f\u0440\u0435\u0434\u043d\u0430\u0437\u043d\u0430\u0447\u0435\u043d\u043d\u044b\u0445 \u0434\u043b\u044f \u043f\u0440\u0435\u0434\u043e\u0442\u0432\u0440\u0430\u0449\u0435\u043d\u0438\u044f \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0438\u044f AV.\n\n\u0412 \u043d\u0435\u043a\u043e\u0442\u043e\u0440\u044b\u0445 \u0434\u0440\u0443\u0433\u0438\u0445 \u0430\u0442\u0430\u043a\u0430\u0445 \u0434\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 CLFS \u043c\u0430\u0448\u0438\u043d\u044b \u0436\u0435\u0440\u0442\u0432\u044b \u0431\u044b\u043b\u0438 \u0437\u0430\u0440\u0430\u0436\u0435\u043d\u044b \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u044c\u043d\u044b\u043c \u043c\u043e\u0434\u0443\u043b\u044c\u043d\u044b\u043c \u0431\u044d\u043a\u0434\u043e\u0440\u043e\u043c Pipemagic, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u0437\u0430\u043f\u0443\u0441\u043a\u0430\u043b\u0441\u044f \u0447\u0435\u0440\u0435\u0437 \u0441\u043a\u0440\u0438\u043f\u0442 MSBuild.\n\n\u0412 \u043a\u0430\u0447\u0435\u0441\u0442\u0432\u0435 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0435\u0439 \u043f\u043e\u043b\u0435\u0437\u043d\u043e\u0439 \u043d\u0430\u0433\u0440\u0443\u0437\u043a\u0438 \u0432 \u0430\u0442\u0430\u043a\u0430\u0445 \u0441 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435\u043c CVE-2023-28252 \u0441\u0443\u0431\u044a\u0435\u043a\u0442 \u043f\u044b\u0442\u0430\u043b\u0441\u044f \u0440\u0430\u0437\u0432\u0435\u0440\u043d\u0443\u0442\u044c Nokoyawa (\u0440\u0435\u0431\u0440\u0435\u043d\u0434\u0438\u043d\u0433 \u0448\u0438\u0444\u0440\u043e\u0432\u0430\u043b\u044c\u0449\u0438\u043a\u0430 JSWorm), \u043d\u043e \u0432 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u043d\u043e\u0439 \u0432\u0435\u0440\u0441\u0438\u0438.\n\n\u041a\u0430\u043a \u043f\u043e\u043a\u0430\u0437\u044b\u0432\u0430\u0435\u0442 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u043d\u0438\u0435 \u041b\u0430\u0431\u043e\u0440\u0430\u0442\u043e\u0440\u0438\u0438, \u043a\u0438\u0431\u0435\u0440\u043f\u0440\u0435\u0441\u0442\u0443\u043f\u043d\u044b\u0435 \u0433\u0440\u0443\u043f\u043f\u044b \u0441\u0442\u0430\u043d\u043e\u0432\u044f\u0442\u0441\u044f \u0432\u0441\u0435 \u0431\u043e\u043b\u0435\u0435 \u0438\u0437\u043e\u0449\u0440\u0435\u043d\u043d\u044b\u043c\u0438, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044f \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u044b \u043d\u0443\u043b\u0435\u0432\u043e\u0433\u043e \u0434\u043d\u044f \u0432 \u0441\u0432\u043e\u0438\u0445 \u0430\u0442\u0430\u043a\u0430\u0445, \u043f\u0440\u0438 \u0442\u043e\u043c, \u0447\u0442\u043e \u044d\u0442\u043e \u0431\u044b\u043b\u043e \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u043e, \u0432 \u043f\u0435\u0440\u0432\u0443\u044e \u043e\u0447\u0435\u0440\u0435\u0434\u044c, \u0442\u043e\u043b\u044c\u043a\u043e APT.\n\n\u0422\u0435\u043f\u0435\u0440\u044c \u0436\u0435 \u043a\u0438\u0431\u0435\u0440\u043f\u0440\u0435\u0441\u0442\u0443\u043f\u043d\u0438\u043a\u0438 \u0440\u0430\u0441\u043f\u043e\u043b\u0430\u0433\u0430\u044e\u0442 \u0432\u0441\u0435\u043c\u0438 \u043d\u0435\u043e\u0431\u0445\u043e\u0434\u0438\u043c\u044b\u043c\u0438 \u0440\u0435\u0441\u0443\u0440\u0441\u0430\u043c\u0438, \u0447\u0442\u043e\u0431\u044b \u0430\u043a\u0442\u0438\u0432\u043d\u043e \u0437\u0430\u0434\u0435\u0439\u0441\u0442\u0432\u043e\u0432\u0430\u0442\u044c 0-day \u0432 \u0441\u0432\u043e\u0438\u0445 \u0430\u0442\u0430\u043a\u0430\u0445.", "creation_timestamp": "2023-04-12T14:34:47.000000Z"}, {"uuid": "b393bd9f-9e47-40c6-a13b-d018a3310eab", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-37969", "type": "seen", "source": "https://t.me/true_secator/3412", "content": "\u041f\u043e\u0434\u043a\u0430\u0442\u0438\u043b \u0441\u0435\u043d\u0442\u044f\u0431\u0440\u044c\u0441\u043a\u0438\u0439 PatchTuesday \u043e\u0442 Microsoft, \u0432 \u043a\u043e\u0442\u043e\u0440\u043e\u043c \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u044b 2 \u0430\u043a\u0442\u0438\u0432\u043d\u043e \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u0435\u043c\u044b\u0439 0-day, \u0430 \u0442\u0430\u043a\u0436\u0435 \u0435\u0449\u0435 63 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 \u0448\u0438\u0440\u043e\u043a\u043e\u043c \u0441\u043f\u0435\u043a\u0442\u0440\u0435 \u043a\u043e\u043c\u043f\u043e\u043d\u0435\u043d\u0442\u043e\u0432 Windows, \u0432\u043a\u043b\u044e\u0447\u0430\u044f Dynamics CRM, SharePoint, Office \u0438 Office, \u0417\u0430\u0449\u0438\u0442\u043d\u0438\u043a\u0435 Windows \u0438 Microsoft Edge.\n\n\u0421\u0440\u0435\u0434\u0438 \u043d\u0438\u0445: 18 - \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u0438\u044f \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439, 1 - \u043e\u0431\u0445\u043e\u0434 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438, 30 - RCE, 7 - \u0440\u0430\u0441\u043a\u0440\u044b\u0442\u0438\u0435 \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438, 7 - DoS \u0438 16 \u0432 Edge (\u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 Chromium). 5 \u0438\u0437 63 \u043a\u043b\u0430\u0441\u0441\u0438\u0444\u0438\u0446\u0438\u0440\u0443\u044e\u0442\u0441\u044f \u043a\u0430\u043a \u00ab\u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0435\u00bb \u0438 \u0434\u043e\u043f\u0443\u0441\u043a\u0430\u044e\u0442 RCE.\n\n\u041e\u0434\u043d\u0430 \u0438\u0437 0-day \u043e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u0435\u0442\u0441\u044f \u043a\u0430\u043a CVE-2022-37969, \u0438\u043c\u0435\u0435\u0442 \u043e\u0446\u0435\u043d\u043a\u0443 CVSS 7,8 \u0438\u0437 10 \u0438 \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c\u044e \u0434\u0440\u0430\u0439\u0432\u0435\u0440\u0430 Common Log File System (CLFS). \u0417\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a, \u0443\u0441\u043f\u0435\u0448\u043d\u043e \u0432\u043e\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0432\u0448\u0438\u0439\u0441\u044f \u044d\u0442\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c\u044e, \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u0441\u0438\u0441\u0442\u0435\u043c\u043d\u044b\u0435 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0438.\n\n\u041e\u0431 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0441\u043e\u043e\u0431\u0449\u0438\u043b\u0438 \u043f\u0440\u0430\u043a\u0442\u0438\u0447\u0435\u0441\u043a\u0438 \u043e\u0434\u043d\u043e\u0432\u0440\u0435\u043c\u0435\u043d\u043d\u043e \u0440\u0435\u0441\u0435\u0440\u0447\u0435\u0440\u044b DBAPPSecurity, Mandiant, CrowdStrike \u0438 Zscaler, \u043f\u0440\u0435\u0434\u043f\u043e\u043b\u0430\u0433\u0430\u044f, \u0447\u0442\u043e \u043e\u043d\u0430 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b\u0430\u0441\u044c \u0432 \u0446\u0435\u043f\u043e\u0447\u043a\u0435 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u043e\u0432, \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u044b\u0445 \u0441 \u043e\u0433\u0440\u0430\u043d\u0438\u0447\u0435\u043d\u043d\u044b\u043c\u0438 \u0446\u0435\u043b\u0435\u0432\u044b\u043c\u0438 \u0430\u0442\u0430\u043a\u0430\u043c\u0438.\n\n\u041f\u0440\u0438 \u044d\u0442\u043e\u043c Mandiant \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u043b \u043e\u0448\u0438\u0431\u043a\u0443 \u0432 \u0445\u043e\u0434\u0435 \u043f\u043e\u0438\u0441\u043a\u0430 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u043e\u0432 Offensive Task Force. \u042d\u043a\u0441\u043f\u043b\u043e\u0439\u0442 \u0434\u043b\u044f CLFS \u044f\u0432\u043b\u044f\u0435\u0442\u0441\u044f \u0430\u0432\u0442\u043e\u043d\u043e\u043c\u043d\u044b\u043c, \u0430 \u043d\u0435 \u0447\u0430\u0441\u0442\u044c\u044e \u0446\u0435\u043f\u043e\u0447\u043a\u0438 (\u043d\u0430\u043f\u0440\u0438\u043c\u0435\u0440, \u0431\u0440\u0430\u0443\u0437\u0435\u0440 + EOP).\n\n\u0412 \u0441\u0432\u043e\u044e \u043e\u0447\u0435\u0440\u0435\u0434\u044c, Microsoft \u043d\u0435 \u0441\u0442\u0430\u043b\u0430 \u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u0442\u044c \u043d\u0438\u043a\u0430\u043a\u0438\u0445 \u0442\u0435\u0445\u043d\u0438\u0447\u0435\u0441\u043a\u0438\u0445 \u043f\u043e\u0434\u0440\u043e\u0431\u043d\u043e\u0441\u0442\u0435\u0439 \u043e\u0431 \u043e\u0448\u0438\u0431\u043a\u0435 \u0438\u043b\u0438 \u043a\u0430\u043a\u0438\u0445-\u043b\u0438\u0431\u043e \u0438\u043d\u0434\u0438\u043a\u0430\u0442\u043e\u0440\u043e\u0432 \u043a\u043e\u043c\u043f\u0440\u043e\u043c\u0435\u0442\u0430\u0446\u0438\u0438 (IOC).\n\n\u0414\u0440\u0443\u0433\u0430\u044f \u043f\u0443\u0431\u043b\u0438\u0447\u043d\u043e \u0440\u0430\u0441\u043a\u0440\u044b\u0442\u0430\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c Cache Speculation Restriction Vulnerable \u043e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u0435\u0442\u0441\u044f \u043a\u0430\u043a CVE-2022-23960.\n\n\u041f\u043e\u043b\u043d\u044b\u0439 \u0441\u043f\u0438\u0441\u043e\u043a \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043d\u044b\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u043b\u0435\u043d\u00a0\u0432 \u043e\u0442\u0447\u0435\u0442\u0435 (\u0437\u0434\u0435\u0441\u044c).", "creation_timestamp": "2022-09-14T12:37:36.000000Z"}, {"uuid": "fa32bc17-36fe-426c-8d8c-c480389a59d9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-37969", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/6985", "content": "#exploit\n1. CVE-2021-46422:\nTelesquare SDT-CW3B1 - OS command injection vulnerability\nhttps://github.com/Awei507/CVE-2021-46422\n\n2. CVE-2022-37969:\nTechnical Analysis of Windows CLFS Zero-Day Vulnerability\nhttps://www.zscaler.com/blogs/security-research/technical-analysis-windows-clfs-zero-day-vulnerability-cve-2022-37969-part", "creation_timestamp": "2022-10-16T13:45:01.000000Z"}]}