yaracroft @venom@nanao.cybtex.fr

CVE-2021-22045 - VMware ESXi (7.0, 6.7 before ESXi670-202111101-SG and 6.5 before ESXi650-202110101-SG), VMware Workstation (16.2.0) and VMware Fusion (12.2.0) contains a heap-overflow vulnerability in CD-ROM device emulation. Someone with access to a VM with CD-ROM device emulation may be able to exploit it in conjunction with other issues to execute code on the hypervisor from a virtual machine. #vuln #vmware #software #informatique

https://www.vmware.com/security/advisories/VMSA-2022-0001.html

Purple Fox - The threat actors have noticed that the attacks generally take advantage of legitimate software for implementing malicious payloads. The vulnerability has been named CVE-2021-1732, and this vulnerability generally optimizes rootkit capabilities that are leveraged in their attacks. #windows #malware #worm #cyber #software #threats #powershell #vuln #telegram #rootkit #informatique

https://blog.minerva-labs.com/malicious-telegram-installer-drops-purple-fox-rootkit

CVE-2021-1732 Technical Analysis #vuln #microsoft #windows #informatique

https://www.mcafee.com/blogs/enterprise/mcafee-enterprise-atr/technical-analysis-of-cve-2021-1732/

📵 Persistence without « Persistence » : Meet The Ultimate Persistence Bug - « NoReboot » #apple #ios #iphones #vuln #informatique

https://blog.zecops.com/research/persistence-without-persistence-meet-the-ultimate-persistence-bug-noreboot/

Korean security researchers have discovered 2 major vulnerabilities revolving around the over-provisioning feature built into all modern SSDs. Anti-virus software can't find this malware by scanning the disk. #vuln #hardware #storage #firmware #informatique

https://arxiv.org/ftp/arxiv/papers/2112/2112.13923.pdf

🔌 Des millions de serveurs Microsoft Exchange cessent de transmettre les courriels à cause d'une erreur stupide sur un format de date. Plusieurs produits #Microsoft également perturbés. #microsoft #windows #date #vuln #mail #informatique

🔥 The FIP-FS Scan Process failed initialisation. Error: 0x80004005 « Unspecified error » #microsoft #windows #date #vuln #mail #informatique

https://jaapwesselius.com/2022/01/01/the-fip-fs-scan-process-failed-initialisation-mail-is-queued-on-exchange-servers/

CVE-2021-38687 : A stack buffer overflow vulnerability has been reported to affect QNAP NAS running Surveillance Station. #vuln #informatique

https://www.qnap.com/en/security-advisory/qsa-21-46

Full list of CVEs released by #Microsoft for December 2021 #vuln #informatique

https://www.zerodayinitiative.com/blog/2021/12/14/the-december-2021-security-update-review

#Microsoft has released fixes for 64 more vulnerabilities #vuln #informatique

https://news.sophos.com/en-us/2021/12/14/microsoft-wraps-up-2021-with-64-patched-vulnerabilities-including-windows-7-fixes/

360 Netlab published a blog disclosing #Mirai & #Muhstik #botnet samples propagating through Log4j2 RCE (CVE-2021-44228) #vuln #malware #informatique

https://blog.netlab.360.com/ten-families-of-malicious-samples-are-spreading-using-the-log4j2-vulnerability-now/

CVE-2021-4102 #Google #Chrome exploit ITW #vuln #browser #informatique

https://chromereleases.googleblog.com/2021/12/stable-channel-update-for-desktop_13.html

CVE-2021-44228 Vulnérabilité critique dans la bibliothèque de journalisation Apache log4j. Bibliothèque très souvent utilisée dans les projets de développement d'application #Java/J2EE.. Il est fortement recommandé d'utiliser la v2.15.0 de log4j dès que possible. #vuln #java #informatique

https://www.cert.ssi.gouv.fr/alerte/CERTFR-2021-ALE-022/

🔥 CVE-2021-44228 Apache Log4j RCE activement exploitée. #vuln #java #informatique

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44228

BurpLog4j2Scan is a Burp Suite Extension written in #JAVA which could be useful as scan log4j2rce #vuln #informatique

https://github.com/tangxiaofeng7/BurpLog4j2Scan

Hikvision video systems have become the targets of hackers in an attempt to conduct a cyberattack that has the role to drop a #DDoS botnet. The #botnet under discussion is dubbed #Moobot, being a #Mirai-based one. #vuln #cyber #threats #informatique

https://heimdalsecurity.com/blog/moobot-botnet-targets-unpatched-hikvision-video-systems/

CVE-2021-43267 : blasty-vs-tipc.c is a PoC for vulnerability found in net/tipc/crypto.c in the #Linux kernel before 5.14.16 #vuln #informatique

https://haxx.in/posts/pwning-tipc/

3 bugs (CVE-2021-1940, CVE-2021-1968 & CVE-2021-1969) in #Qualcomm NPU exploited together enables me (Man Yue Mo) to execute arbitrary code in the kernel from an untrusted app with ease. I'll then use these primitives to create a reverse root shell with SELinux disabled on #Samsung devices #vuln #informatique

https://securitylab.github.com/research/qualcomm_npu/

Sketch is a popular UI/UX design app for #Apple #macOS. This post covers a vulnerability in Sketch that I discovered back in July - CVE-2021-40531. In its simplest form, it is a macOS quarantine bypass, but in context it can be used for RCE #vuln #informatique

https://jonpalmisc.com/2021/11/22/cve-2021-40531

New PowerShortShell Stealer Exploits Recent #Microsoft MSHTML Vulnerability to Spy on Farsi Speakers. SafeBreach Labs analyzed the full attack chain, discovered new #phishing attacks which started in July 2021 and achieved the last and most interesting piece of the puzzle - the #PowerShell Stealer code - which we named PowerShortShell. #vuln #windows #cyber #threats #informatique

https://www.safebreach.com/blog/2021/new-powershortshell-stealer-exploits-recent-microsoft-mshtml-vulnerability-to-spy-on-farsi-speakers/