{"vulnerability": "CVE-2023-3688", "sightings": [{"uuid": "6c9e0add-c5a0-4d5b-bd2f-14432461f83f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-36884", "type": "seen", "source": "https://infosec.exchange/users/edwardk/statuses/115015637473275530", "content": "", "creation_timestamp": "2025-08-12T11:49:11.474996Z"}, {"uuid": "ee38ad9e-0c8e-45c6-a7d6-bc6574fb7d8a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-36884", "type": "seen", "source": "https://threatintel.cc/2025/08/12/update-winrar-tools-now-romcom.html", "content": "", "creation_timestamp": "2025-08-12T09:49:06.000000Z"}, {"uuid": "203c1ad4-9bed-4106-9c09-24776f6d23d1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-36884", "type": "seen", "source": "https://bsky.app/profile/getpokemon7.bsky.social/post/3lwavijsimk2b", "content": "", "creation_timestamp": "2025-08-13T03:36:44.713746Z"}, {"uuid": "5bb2bd70-c90b-4ec5-a0f8-2c4a6d8e092a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-36884", "type": "seen", "source": "https://gist.github.com/zredlined/44192ca592721f64cf684ea0019540d0", "content": "", "creation_timestamp": "2025-08-18T15:53:12.000000Z"}, {"uuid": "bbd72d8d-0904-432d-bb2e-36ce2062d32c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-36880", "type": "seen", "source": "MISP/24306fae-b16b-4478-9297-d2973cdb583c", "content": "", "creation_timestamp": "2025-08-22T14:52:23.000000Z"}, {"uuid": "7734308c-46f5-4a54-a8c2-3c398f46b3ee", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "4f29edb9-4c4b-44ca-b041-9b050656b6ae", "vulnerability": "CVE-2023-36884", "type": "seen", "source": "https://poliverso.org/objects/0477a01e-1fdfda19-2805a58255f192e9", "content": "", "creation_timestamp": "2026-03-06T10:29:26.675490Z"}, {"uuid": "ee73870c-be80-4827-a4c3-a6cb893baa47", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-36884", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/4762", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2023\n\u63cf\u8ff0\uff1aScript to check for CVE-2023-36884\nURL\uff1ahttps://github.com/tarraschk/CVE-2023-36884-Checker\n\n\u6807\u7b7e\uff1a#CVE-2023", "creation_timestamp": "2023-07-17T14:11:42.000000Z"}, {"uuid": "b4a7ec81-7036-455c-9e98-eec14af770af", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-36884", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/4765", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2023\n\u63cf\u8ff0\uff1aCVE-2023-36884 \u4e34\u65f6\u8865\u4e01\nURL\uff1ahttps://github.com/or2me/CVE-2023-36884_patcher\n\n\u6807\u7b7e\uff1a#CVE-2023", "creation_timestamp": "2023-07-18T06:30:53.000000Z"}, {"uuid": "64f22f6b-57ff-452d-aa25-0b63008a7adb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-36884", "type": "exploited", "source": "https://t.me/itsec_news/3045", "content": "\u200b\u26a1\ufe0f\u0421\u0432\u0435\u0436\u0438\u0439 Patch Tuesday \u0443\u0441\u0442\u0440\u0430\u043d\u044f\u0435\u0442 87 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 Windows \u0438 \u043f\u0440\u043e\u0447\u0438\u0445 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u043e\u0432 Microsoft.\n\n\ud83d\udcac \n\u0412\u0447\u0435\u0440\u0430 Microsoft \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0430 \u043e\u0447\u0435\u0440\u0435\u0434\u043d\u043e\u0435 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0435 \u0434\u043b\u044f Windows \u0438 \u0440\u044f\u0434\u0430 \u043f\u0440\u043e\u0447\u0435\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f \u0432 \u0440\u0430\u043c\u043a\u0430\u0445 Patch Tuesday \u0438\u043b\u0438 \u00ab\u0432\u0442\u043e\u0440\u043d\u0438\u043a\u0430 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0439\u00bb \u2014 \u043a\u0440\u0443\u043f\u043d\u043e\u0433\u043e \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438, \u0432\u044b\u0445\u043e\u0434\u044f\u0449\u0435\u0433\u043e \u043e\u0431\u044b\u0447\u043d\u043e \u0432\u043e \u0432\u0442\u043e\u0440\u043e\u0439 \u0432\u0442\u043e\u0440\u043d\u0438\u043a \u043a\u0430\u0436\u0434\u043e\u0433\u043e \u043c\u0435\u0441\u044f\u0446\u0430.\n\n\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u0437\u0430 \u0430\u0432\u0433\u0443\u0441\u0442 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u044f\u0435\u0442 87 \u043e\u0448\u0438\u0431\u043e\u043a \u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439, \u0432\u043a\u043b\u044e\u0447\u0430\u044f 2 \u0430\u043a\u0442\u0438\u0432\u043d\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u043c\u044b\u0435 \u0438 23 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0443\u0434\u0430\u043b\u0451\u043d\u043d\u043e\u0433\u043e \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u043a\u043e\u0434\u0430, \u0438\u0437 \u043a\u043e\u0442\u043e\u0440\u044b\u0445 \u043b\u0438\u0448\u044c 6 Microsoft \u043e\u0446\u0435\u043d\u0438\u043b\u0430 \u043a\u0430\u043a \u00ab\u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0435\u00bb.\n\n\u041a\u043e\u043b\u0438\u0447\u0435\u0441\u0442\u0432\u043e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0432 \u043a\u0430\u0436\u0434\u043e\u0439 \u043a\u0430\u0442\u0435\u0433\u043e\u0440\u0438\u0438 \u0443\u043a\u0430\u0437\u0430\u043d\u043e \u043d\u0438\u0436\u0435:\n18 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044f\u0445 \u0441 \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u0438\u0435\u043c \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439;\n3 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043e\u0431\u0445\u043e\u0434\u0430 \u0441\u0438\u0441\u0442\u0435\u043c \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438;\n23 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0443\u0434\u0430\u043b\u0451\u043d\u043d\u043e\u0433\u043e \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u043a\u043e\u0434\u0430;\n10 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044f\u0445 \u0440\u0430\u0441\u043a\u0440\u044b\u0442\u0438\u044f \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438;\n8 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0442\u0438\u043f\u0430 \u00ab\u041e\u0442\u043a\u0430\u0437 \u0432 \u043e\u0431\u0441\u043b\u0443\u0436\u0438\u0432\u0430\u043d\u0438\u0438\u00bb;\n12 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0441\u043f\u0443\u0444\u0438\u043d\u0433\u0430.\n\u042d\u0442\u043e\u0442 \u0441\u043f\u0438\u0441\u043e\u043a \u043d\u0435 \u0432\u043a\u043b\u044e\u0447\u0430\u0435\u0442 \u0434\u0432\u0435\u043d\u0430\u0434\u0446\u0430\u0442\u044c \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 Microsoft Edge \u043d\u0430 Chromium, \u0443\u0436\u0435 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043d\u044b\u0445 \u0440\u0430\u043d\u0435\u0435 \u0432 \u044d\u0442\u043e\u043c \u043c\u0435\u0441\u044f\u0446\u0435.\n\n\u0414\u0432\u0435 \u0430\u043a\u0442\u0438\u0432\u043d\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u043c\u044b\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438\n\u0412 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0435\u043c Patch Tuesday, \u043f\u043e\u043c\u0438\u043c\u043e \u043f\u0440\u043e\u0447\u0435\u0433\u043e, \u0431\u044b\u043b\u0438 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u044b \u0434\u0432\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043d\u0443\u043b\u0435\u0432\u043e\u0433\u043e \u0434\u043d\u044f, \u043e\u0431\u0435 \u0438\u0437 \u043a\u043e\u0442\u043e\u0440\u044b\u0445 \u0430\u043a\u0442\u0438\u0432\u043d\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b\u0438\u0441\u044c \u0432 \u0440\u0435\u0430\u043b\u044c\u043d\u044b\u0445 \u0430\u0442\u0430\u043a\u0430\u0445.\n\n\u0421\u0430\u043c\u0430 Microsoft \u043a\u043b\u0430\u0441\u0441\u0438\u0444\u0438\u0446\u0438\u0440\u0443\u0435\u0442 \u00ab\u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043d\u0443\u043b\u0435\u0432\u043e\u0433\u043e \u0434\u043d\u044f\u00bb, \u043a\u0430\u043a \u043f\u0443\u0431\u043b\u0438\u0447\u043d\u043e \u0440\u0430\u0441\u043a\u0440\u044b\u0442\u0443\u044e \u0438\u043b\u0438 \u0430\u043a\u0442\u0438\u0432\u043d\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u043c\u0443\u044e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0431\u0435\u0437 \u043e\u0444\u0438\u0446\u0438\u0430\u043b\u044c\u043d\u043e\u0433\u043e \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f.\n\n\u0414\u0432\u0435 \u0430\u043a\u0442\u0438\u0432\u043d\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u043c\u044b\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043d\u0443\u043b\u0435\u0432\u043e\u0433\u043e \u0434\u043d\u044f, \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043d\u044b\u0435 \u0432 \u043a\u0440\u0430\u0439\u043d\u0435\u043c Patch Tuesday, \u0432\u043a\u043b\u044e\u0447\u0430\u044e\u0442 \u0441\u043b\u0435\u0434\u0443\u044e\u0449\u0438\u0435:\n\n\u2022 ADV230003 \u2014 \u0443\u0433\u043b\u0443\u0431\u043b\u0435\u043d\u043d\u043e\u0435 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 Microsoft Office Defense \u0434\u043b\u044f \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u043e\u0431\u0445\u043e\u0434\u0430 \u0443\u0436\u0435 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043d\u043e\u0439 \u0440\u0430\u043d\u0435\u0435 \u0438 \u0430\u043a\u0442\u0438\u0432\u043d\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u043c\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0443\u0434\u0430\u043b\u0451\u043d\u043d\u043e\u0433\u043e \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u043a\u043e\u0434\u0430 CVE-2023-36884 . \u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u043b\u0430 \u0445\u0430\u043a\u0435\u0440\u0430\u043c \u0441\u043e\u0437\u0434\u0430\u0432\u0430\u0442\u044c \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u044c\u043d\u044b\u0435 \u0434\u043e\u043a\u0443\u043c\u0435\u043d\u0442\u044b Microsoft Office, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043c\u043e\u0433\u043b\u0438 \u043e\u0442\u043a\u0440\u044b\u0432\u0430\u0442\u044c\u0441\u044f \u0431\u0435\u0437 \u043e\u0442\u043e\u0431\u0440\u0430\u0436\u0435\u043d\u0438\u044f \u043f\u0440\u0435\u0434\u0443\u043f\u0440\u0435\u0436\u0434\u0435\u043d\u0438\u044f \u0441\u0438\u0441\u0442\u0435\u043c\u044b \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0438 \u0438\u043d\u0438\u0446\u0438\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u0443\u0434\u0430\u043b\u0451\u043d\u043d\u043e\u0435 \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435 \u043a\u043e\u0434\u0430.\n\n\u2022 CVE-2023-38180 \u2014 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c, \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u0430\u044f \u0441 \u043e\u0442\u043a\u0430\u0437\u043e\u043c \u0432 \u043e\u0431\u0441\u043b\u0443\u0436\u0438\u0432\u0430\u043d\u0438\u0438 \u0432 .NET \u0438 Visual Studio, \u043a\u043e\u0442\u043e\u0440\u0443\u044e \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u043c\u043e\u0433\u043b\u0438 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u0434\u043b\u044f \u043f\u0440\u043e\u0432\u0435\u0434\u0435\u043d\u0438\u044f DoS-\u0430\u0442\u0430\u043a.\n\n\u0420\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0438\n\u041a\u043e\u043c\u043f\u0430\u043d\u0438\u044f\u043c \u0438 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f\u043c \u0441\u043b\u0435\u0434\u0443\u0435\u0442 \u0432 \u043e\u0431\u044f\u0437\u0430\u0442\u0435\u043b\u044c\u043d\u043e\u043c \u043f\u043e\u0440\u044f\u0434\u043a\u0435 \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u0438\u0442\u044c \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 Patch Tuesday, \u0435\u0441\u043b\u0438 \u044d\u0442\u043e \u043d\u0435 \u043f\u0440\u043e\u0438\u0437\u043e\u0448\u043b\u043e \u0430\u0432\u0442\u043e\u043c\u0430\u0442\u0438\u0447\u0435\u0441\u043a\u0438. \u042d\u0442\u043e \u043f\u043e\u043c\u043e\u0436\u0435\u0442 \u043c\u0438\u043d\u0438\u043c\u0438\u0437\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u0440\u0438\u0441\u043a\u0438 \u043a\u043e\u043c\u043f\u0440\u043e\u043c\u0435\u0442\u0430\u0446\u0438\u0438 \u0441\u0438\u0441\u0442\u0435\u043c\u044b \u0438 \u0438\u0441\u043a\u043b\u044e\u0447\u0438\u0442\u044c \u043f\u043e\u0442\u0435\u0440\u044e \u0432\u0430\u0436\u043d\u044b\u0445 \u0434\u0430\u043d\u043d\u044b\u0445.\n\n\u041a\u0438\u0431\u0435\u0440\u043f\u0440\u0435\u0441\u0442\u0443\u043f\u043d\u0438\u043a\u0438 \u043d\u0435 \u0434\u0440\u0435\u043c\u043b\u044e\u0442, \u0438 \u043b\u044e\u0431\u0430\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043c\u043e\u0436\u0435\u0442 \u0431\u044b\u0442\u044c \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0430 \u0434\u043b\u044f \u0430\u0442\u0430\u043a\u0438. \u0420\u0435\u0433\u0443\u043b\u044f\u0440\u043d\u043e\u0435 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f \u2014 \u044d\u0442\u043e \u0442\u043e \u043d\u0435\u043c\u043d\u043e\u0433\u043e\u0435, \u0447\u0442\u043e \u043c\u044b \u043c\u043e\u0436\u0435\u043c \u0441\u0434\u0435\u043b\u0430\u0442\u044c, \u0447\u0442\u043e\u0431\u044b \u0445\u043e\u0442\u044c \u043a\u0430\u043a-\u0442\u043e \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u0441\u0438\u0442\u0443\u0430\u0446\u0438\u044e \u0438 \u043d\u0435 \u0434\u043e\u043f\u0443\u0441\u0442\u0438\u0442\u044c \u0432\u0437\u043b\u043e\u043c\u0430 \u043d\u0430\u0448\u0438\u0445 \u0441\u0438\u0441\u0442\u0435\u043c.\n\n\ud83d\udd14 ITsec NEWS", "creation_timestamp": "2023-08-09T12:30:05.000000Z"}, {"uuid": "1d4d6f30-de4c-4a41-bfad-fd5f91728aff", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-36884", "type": "exploited", "source": "https://t.me/itsec_news/4848", "content": "\u200b\u26a1\ufe0fAPT-\u0430\u0442\u0430\u043a\u0430 \u043a\u043e\u043c\u0431\u0438\u043d\u0438\u0440\u0443\u0435\u0442 Zero-day \u0438 Zero-click \u0432 \u0431\u0440\u0430\u0443\u0437\u0435\u0440\u0430\u0445 Firefox \u0438 Tor\n\n\ud83d\udcac \u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 ESET \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u043b\u0438 \u0440\u0430\u043d\u0435\u0435 \u043d\u0435\u0438\u0437\u0432\u0435\u0441\u0442\u043d\u0443\u044e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u0430\u0445 Mozilla, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b\u0430\u0441\u044c \u0432 \u0440\u0435\u0430\u043b\u044c\u043d\u044b\u0445 \u0430\u0442\u0430\u043a\u0430\u0445. \u042d\u0442\u043e \u0443\u0436\u0435 \u0432\u0442\u043e\u0440\u043e\u0439 \u0441\u043b\u0443\u0447\u0430\u0439 \u0432\u044b\u044f\u0432\u043b\u0435\u043d\u0438\u044f \u043f\u043e\u0434\u043e\u0431\u043d\u044b\u0445 \u0438\u043d\u0446\u0438\u0434\u0435\u043d\u0442\u043e\u0432: \u0440\u0430\u043d\u0435\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2023-36884 \u0432 Microsoft Word \u0431\u044b\u043b\u0430 \u0442\u0430\u043a\u0436\u0435 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0430 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c\u0438 \u0434\u043b\u044f \u0430\u0442\u0430\u043a.\n\n\u041d\u043e\u0432\u0430\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c, \u043f\u043e\u043b\u0443\u0447\u0438\u0432\u0448\u0430\u044f \u0438\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440 CVE-2024-9680 \u0438 \u043e\u0446\u0435\u043d\u043a\u0443 CVSS 9.8, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0439 \u043a\u043e\u0434 \u0432 \u043e\u0433\u0440\u0430\u043d\u0438\u0447\u0435\u043d\u043d\u043e\u043c \u043a\u043e\u043d\u0442\u0435\u043a\u0441\u0442\u0435 \u0431\u0440\u0430\u0443\u0437\u0435\u0440\u0430 Firefox, Thunderbird \u0438 Tor Browser. \u0421\u043e\u0447\u0435\u0442\u0430\u043d\u0438\u0435 \u0441 \u0434\u0440\u0443\u0433\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c\u044e \u0432 Windows (CVE-2024-49039, CVSS 8.8) \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0432\u044b\u0439\u0442\u0438 \u0437\u0430 \u043f\u0440\u0435\u0434\u0435\u043b\u044b \u043f\u0435\u0441\u043e\u0447\u043d\u0438\u0446\u044b \u0431\u0440\u0430\u0443\u0437\u0435\u0440\u0430 \u0438 \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0442\u044c \u043a\u043e\u0434 \u0441 \u043f\u0440\u0430\u0432\u0430\u043c\u0438 \u0442\u0435\u043a\u0443\u0449\u0435\u0433\u043e \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f. \u0414\u043b\u044f \u0443\u0441\u043f\u0435\u0448\u043d\u043e\u0439 \u0430\u0442\u0430\u043a\u0438 \u0434\u043e\u0441\u0442\u0430\u0442\u043e\u0447\u043d\u043e, \u0447\u0442\u043e\u0431\u044b \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044c \u043f\u043e\u0441\u0435\u0442\u0438\u043b \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u0443\u044e \u0441\u0442\u0440\u0430\u043d\u0438\u0446\u0443, \u043f\u043e\u0441\u043b\u0435 \u0447\u0435\u0433\u043e \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u043e\u0435 \u041f\u041e \u0430\u0432\u0442\u043e\u043c\u0430\u0442\u0438\u0447\u0435\u0441\u043a\u0438 \u0437\u0430\u0433\u0440\u0443\u0436\u0430\u0435\u0442\u0441\u044f \u0438 \u0437\u0430\u043f\u0443\u0441\u043a\u0430\u0435\u0442\u0441\u044f.\n\n\u041e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043f\u0440\u043e\u0438\u0437\u043e\u0448\u043b\u043e 8 \u043e\u043a\u0442\u044f\u0431\u0440\u044f 2024 \u0433\u043e\u0434\u0430. \u0410\u043d\u0430\u043b\u0438\u0437 \u043f\u043e\u043a\u0430\u0437\u0430\u043b, \u0447\u0442\u043e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 Mozilla \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u043e\u0448\u0438\u0431\u043a\u043e\u0439 \u0442\u0438\u043f\u0430 use-after-free \u0432 \u0430\u043d\u0438\u043c\u0430\u0446\u0438\u0438, \u0447\u0442\u043e \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u043b\u043e \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0442\u044c \u043a\u043e\u0434. \u0423\u0436\u0435 9 \u043e\u043a\u0442\u044f\u0431\u0440\u044f Mozilla \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0430 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438, \u0443\u0441\u0442\u0440\u0430\u043d\u0438\u0432\u0448\u0438\u0435 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u0443. \u0414\u043e\u043f\u043e\u043b\u043d\u0438\u0442\u0435\u043b\u044c\u043d\u043e \u0431\u044b\u043b \u0432\u044b\u044f\u0432\u043b\u0435\u043d \u0431\u0430\u0433 \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u0438\u044f \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439 \u0432 Windows Task Scheduler, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u043b \u0432\u044b\u0439\u0442\u0438 \u0438\u0437 \u043f\u0435\u0441\u043e\u0447\u043d\u0438\u0446\u044b \u0431\u0440\u0430\u0443\u0437\u0435\u0440\u0430. Microsoft \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0430 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0435 \u044d\u0442\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 12 \u043d\u043e\u044f\u0431\u0440\u044f.\n\n\u042d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0432\u043a\u043b\u044e\u0447\u0430\u043b\u0430 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0444\u0435\u0439\u043a\u043e\u0432\u044b\u0445 \u0441\u0430\u0439\u0442\u043e\u0432, \u043f\u0435\u0440\u0435\u043d\u0430\u043f\u0440\u0430\u0432\u043b\u044f\u044e\u0449\u0438\u0445 \u0436\u0435\u0440\u0442\u0432 \u043d\u0430 \u0441\u0435\u0440\u0432\u0435\u0440\u044b \u0441 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430\u043c\u0438. \u041f\u043e\u0441\u043b\u0435 \u0443\u0441\u043f\u0435\u0448\u043d\u043e\u0439 \u0430\u0442\u0430\u043a\u0438 \u043d\u0430 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430 \u0437\u0430\u0433\u0440\u0443\u0436\u0430\u043b\u0441\u044f \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0439 \u0431\u044d\u043a\u0434\u043e\u0440, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0438\u0439 \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0442\u044c \u043a\u043e\u043c\u0430\u043d\u0434\u044b \u0438 \u0437\u0430\u0433\u0440\u0443\u0436\u0430\u0442\u044c \u0434\u043e\u043f\u043e\u043b\u043d\u0438\u0442\u0435\u043b\u044c\u043d\u044b\u0435 \u043c\u043e\u0434\u0443\u043b\u0438.\n\n\u041f\u043e \u0434\u0430\u043d\u043d\u044b\u043c \u0430\u043d\u0430\u043b\u0438\u0437\u0430, \u0432 \u043e\u043a\u0442\u044f\u0431\u0440\u0435-\u043d\u043e\u044f\u0431\u0440\u0435 2024 \u0433\u043e\u0434\u0430 \u0430\u0442\u0430\u043a\u0438 \u0431\u044b\u043b\u0438 \u043d\u0430\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u044b \u043d\u0430 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439 \u0432 \u0415\u0432\u0440\u043e\u043f\u0435 \u0438 \u0421\u0435\u0432\u0435\u0440\u043d\u043e\u0439 \u0410\u043c\u0435\u0440\u0438\u043a\u0435. \u042d\u043a\u0441\u043f\u043b\u043e\u0439\u0442, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0449\u0438\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2024-9680, \u0440\u0430\u0431\u043e\u0442\u0430\u043b \u0432 \u0431\u0440\u0430\u0443\u0437\u0435\u0440\u0430\u0445 Firefox \u0438 Tor, \u0430 \u0442\u0430\u043a\u0436\u0435 \u0432 \u043f\u043e\u0447\u0442\u043e\u0432\u043e\u043c \u043a\u043b\u0438\u0435\u043d\u0442\u0435 Thunderbird. \u041f\u0435\u0441\u043e\u0447\u043d\u0438\u0446\u0430 \u044d\u0442\u0438\u0445 \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u0439 \u043f\u0440\u0435\u043e\u0434\u043e\u043b\u0435\u0432\u0430\u043b\u0430\u0441\u044c \u0431\u043b\u0430\u0433\u043e\u0434\u0430\u0440\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 Windows.\n\n\u0414\u043b\u044f \u0437\u0430\u0449\u0438\u0442\u044b \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439 Mozilla \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0430 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u0434\u043b\u044f \u0432\u0441\u0435\u0445 \u043f\u043e\u0434\u0434\u0435\u0440\u0436\u0438\u0432\u0430\u0435\u043c\u044b\u0445 \u0432\u0435\u0440\u0441\u0438\u0439 \u0441\u0432\u043e\u0438\u0445 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u043e\u0432. \u0412\u0435\u0440\u0441\u0438\u0438 \u0441 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f\u043c\u0438 \u0432\u043a\u043b\u044e\u0447\u0430\u044e\u0442 Firefox 131.0.2, Thunderbird 115.16 \u0438 Tor Browser 13.5.7.\n\n\u0410\u0442\u0430\u043a\u0430 \u0434\u0435\u043c\u043e\u043d\u0441\u0442\u0440\u0438\u0440\u0443\u0435\u0442 \u0432\u044b\u0441\u043e\u043a\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043f\u043e\u0434\u0433\u043e\u0442\u043e\u0432\u043a\u0438 \u0438 \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e\u0441\u0442\u0438 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u043e\u0432, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0449\u0438\u0445 \u043a\u043e\u043c\u0431\u0438\u043d\u0430\u0446\u0438\u044e \u0434\u0432\u0443\u0445 \u043d\u0435\u0438\u0437\u0432\u0435\u0441\u0442\u043d\u044b\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0434\u043b\u044f \u043e\u0431\u0445\u043e\u0434\u0430 \u0441\u0442\u0430\u043d\u0434\u0430\u0440\u0442\u043d\u044b\u0445 \u0441\u0440\u0435\u0434\u0441\u0442\u0432 \u0437\u0430\u0449\u0438\u0442\u044b. \u0411\u044b\u0441\u0442\u0440\u043e\u0442\u0430 \u0440\u0435\u0430\u043a\u0446\u0438\u0438 \u0440\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u0447\u0438\u043a\u043e\u0432 \u0438 \u0432\u044b\u043f\u0443\u0441\u043a \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0439 \u0432 \u043a\u0440\u0430\u0442\u0447\u0430\u0439\u0448\u0438\u0435 \u0441\u0440\u043e\u043a\u0438 \u0441\u0442\u0430\u043b\u0438 \u043a\u043b\u044e\u0447\u0435\u0432\u044b\u043c \u0444\u0430\u043a\u0442\u043e\u0440\u043e\u043c \u0441\u043d\u0438\u0436\u0435\u043d\u0438\u044f \u0443\u0433\u0440\u043e\u0437\u044b.\n\n\ud83d\udd14 ITsec NEWS", "creation_timestamp": "2024-11-28T10:58:49.000000Z"}, {"uuid": "a740fd5f-fa8f-49c2-8f14-f7d557e94646", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-36882", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/5808", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2023-36882\n\ud83d\udd25 CVSS Score: 8.8 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C)\n\ud83d\udd39 Description: Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability\n\ud83d\udccf Published: 2023-08-08T17:08:21.636Z\n\ud83d\udccf Modified: 2025-02-27T21:08:54.088Z\n\ud83d\udd17 References:\n1. https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36882", "creation_timestamp": "2025-02-27T21:26:20.000000Z"}, {"uuid": "36ad8d02-ce2d-4b6e-8750-484b8ead17c4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-36884", "type": "exploited", "source": "https://t.me/kwulu/940", "content": "\u0639\u0627\u062c\u0644! \n\u062d\u0645\u0644\u0629 PEAPOD \u0627\u0644\u062c\u062f\u064a\u062f\u0629 \u0644\u0644\u0647\u062c\u0648\u0645 \u0627\u0644\u0625\u0644\u0643\u062a\u0631\u0648\u0646\u064a \u062a\u0633\u062a\u0647\u062f\u0641 \u0627\u0644\u0642\u064a\u0627\u062f\u0627\u062a \u0627\u0644\u0633\u064a\u0627\u0633\u064a\u0629 \u0627\u0644\u0646\u0633\u0627\u0626\u064a\u0629. \n\u0627\u0644\u062a\u0627\u0631\u064a\u062e: 13 \u0643\u062a\u0648\u0628\u0631 2023 \n\u0628\u0631\u0632 \u0627\u0644\u0623\u0641\u0631\u0627\u062f \u0627\u0644\u0639\u0633\u0643\u0631\u064a\u0648\u0646 \u0648\u0627\u0644\u0642\u0627\u062f\u0629 \u0627\u0644\u0633\u064a\u0627\u0633\u064a\u0648\u0646 \u0641\u064a \u0627\u0644\u0627\u062a\u062d\u0627\u062f \u0627\u0644\u0623\u0648\u0631\u0648\u0628\u064a \u0627\u0644\u0630\u064a\u0646 \u064a\u0639\u0645\u0644\u0648\u0646 \u0641\u064a \u0645\u0628\u0627\u062f\u0631\u0627\u062a \u0627\u0644\u0645\u0633\u0627\u0648\u0627\u0629 \u0628\u064a\u0646 \u0627\u0644\u062c\u0646\u0633\u064a\u0646 \u0643\u0647\u062f\u0641 \u0644\u062d\u0645\u0644\u0629 \u062c\u062f\u064a\u062f\u0629 \u062a\u0642\u062f\u0645 \u0646\u0633\u062e\u0629 \u0645\u062d\u062f\u062b\u0629 \u0645\u0646 RomCom RAT \u062a\u0633\u0645\u0649 PEAPOD. \u0648\u0623\u0631\u062c\u0639\u062a \u0634\u0631\u0643\u0629 \u0627\u0644\u0623\u0645\u0646 \u0627\u0644\u0633\u064a\u0628\u0631\u0627\u0646\u064a Trend Micro \u0627\u0644\u0647\u062c\u0645\u0627\u062a \u0625\u0644\u0649 \u0645\u0645\u062b\u0644 \u062a\u0647\u062f\u064a\u062f \u062a\u062a\u0639\u0642\u0628\u0647 \u062a\u062d\u062a \u0627\u0633\u0645 Void Rabisu\u060c \u0648\u0627\u0644\u0630\u064a \u064a\u064f\u0639\u0631\u0641 \u0623\u064a\u0636\u064b\u0627 \u0628\u0627\u0633\u0645 Storm-0978 \u0648Tropical Scorpius \u0648UNC2596\u060c \u0648\u064a\u064f\u0639\u062a\u0642\u062f \u0623\u064a\u0636\u064b\u0627 \u0623\u0646\u0647 \u0645\u0631\u062a\u0628\u0637 \u0628\u0628\u0631\u0627\u0645\u062c \u0627\u0644\u0641\u062f\u064a\u0629 \u0627\u0644\u0643\u0648\u0628\u064a\u0629. \u062a\u0639\u062a\u0628\u0631 \u0627\u0644\u0645\u062c\u0645\u0648\u0639\u0629 \u0627\u0644\u0645\u0639\u0627\u062f\u064a\u0629 \u0645\u062c\u0645\u0648\u0639\u0629 \u063a\u064a\u0631 \u0639\u0627\u062f\u064a\u0629 \u0625\u0644\u0649 \u062d\u062f \u0645\u0627 \u0645\u0646 \u062d\u064a\u062b \u0623\u0646\u0647\u0627 \u062a\u0642\u0648\u0645 \u0628\u0647\u062c\u0645\u0627\u062a \u0630\u0627\u062a \u062f\u0648\u0627\u0641\u0639 \u0645\u0627\u0644\u064a\u0629 \u0648\u0647\u062c\u0645\u0627\u062a \u062a\u062c\u0633\u0633\u060c \u0645\u0645\u0627 \u064a\u0624\u062f\u064a \u0625\u0644\u0649 \u0639\u062f\u0645 \u0648\u0636\u0648\u062d \u0627\u0644\u062e\u0637 \u0627\u0644\u0641\u0627\u0635\u0644 \u0628\u064a\u0646 \u0623\u0633\u0627\u0644\u064a\u0628 \u0639\u0645\u0644\u0647\u0627. \u0643\u0645\u0627 \u0623\u0646\u0647 \u0645\u0631\u062a\u0628\u0637 \u062d\u0635\u0631\u064a\u064b\u0627 \u0628\u0627\u0633\u062a\u062e\u062f\u0627\u0645 RomCom RAT. \u0648\u0642\u062f \u0627\u0633\u062a\u0647\u062f\u0641\u062a \u0627\u0644\u0647\u062c\u0645\u0627\u062a \u0627\u0644\u062a\u064a \u062a\u0646\u0637\u0648\u064a \u0639\u0644\u0649 \u0627\u0633\u062a\u062e\u062f\u0627\u0645 \u0627\u0644\u0628\u0627\u0628 \u0627\u0644\u062e\u0644\u0641\u064a \u0623\u0648\u0643\u0631\u0627\u0646\u064a\u0627 \u0648\u0627\u0644\u062f\u0648\u0644 \u0627\u0644\u062a\u064a \u062a\u062f\u0639\u0645 \u0623\u0648\u0643\u0631\u0627\u0646\u064a\u0627 \u0641\u064a \u062d\u0631\u0628\u0647\u0627 \u0636\u062f \u0631\u0648\u0633\u064a\u0627 \u062e\u0644\u0627\u0644 \u0627\u0644\u0639\u0627\u0645 \u0627\u0644\u0645\u0627\u0636\u064a. \u0641\u064a \u0648\u0642\u062a \u0633\u0627\u0628\u0642 \u0645\u0646 \u0634\u0647\u0631 \u064a\u0648\u0644\u064a\u0648\u060c \u0627\u062a\u0647\u0645\u062a \u0634\u0631\u0643\u0629 Microsoft Void Rabisu \u0628\u0627\u0633\u062a\u063a\u0644\u0627\u0644 CVE-2023-36884\u060c \u0648\u0647\u0648 \u062e\u0644\u0644 \u0641\u064a \u062a\u0646\u0641\u064a\u0630 \u0627\u0644\u062a\u0639\u0644\u064a\u0645\u0627\u062a \u0627\u0644\u0628\u0631\u0645\u062c\u064a\u0629 \u0639\u0646 \u0628\u0639\u062f \u0641\u064a Office \u0648Windows HTML\u060c \u0628\u0627\u0633\u062a\u062e\u062f\u0627\u0645 spe.", "creation_timestamp": "2023-10-13T22:31:10.000000Z"}, {"uuid": "cb01ac1e-ef07-4f8b-a805-ad110022ceb8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-36884", "type": "published-proof-of-concept", "source": "https://t.me/dilagrafie/3124", "content": "AnoMark\n\nThis algorithm is a Machine Learning one, using Natural Language Processing (NLP) techniques based on Markov Chains and n-grams. It offers a way to train a theoretical model on command lines  datasets considered clean. Once done it can detect malicious command lines on other datasets.\n\nhttps://github.com/ANSSI-FR/AnoMark\n\n#cybersecurity #infosec\n\n\u200b\u200bCVE-2023-32117\n\nIntegrate Google Drive <= 1.1.99 - Missing Authorization via REST API Endpoints.\n\nhttps://github.com/RandomRobbieBF/CVE-2023-32117\n\n#cve #cybersecurity #infosec\n\n\u200b\u200bGeoPincer\n\nA script that leverages OpenStreetMap's Overpass API in order to search for locations. These locations will be queried using a collection of establishments that are somewhat adjacent.\n\nhttps://github.com/tloja/GeoPincer\n\n#OSINT #cybersecurity #infosec\n\n\u200b\u200bAwesome Industrial Protocols\n\nCompilation of industrial network protocols resources focusing on offensive security.\n\n\u2022 You are currently viewing the Awesome Industrial Protocols page.\n\u2022 etailed pages for protocols are available in protocols.\n\u2022 All data is stored in MongoDB databases in db.\n\u2022 Turn/IP (in srcs) is a handy tool to manipulate this data, generate the awesome list and protocol pages, and simplify the research and test process on industrial protocols\n\nhttps://github.com/Orange-Cyberdefense/awesome-industrial-protocols\n\n#cybersecurity #infosec\n\n\u200b\u200bCVE-2023-36884-Checker\n\nScript to check for CVE-2023-36884 hardening.\n\nhttps://github.com/tarraschk/CVE-2023-36884-Checker\n\n#cve #cybersecurity #infosec\n\n\u200b\u200bAlcatraz\n\nA x64 binary obfuscator that is able to obfuscate various different pe files including:\n\n\u2022 .exe\n\u2022 .dll\n\u2022 .sys\n\nhttps://github.com/weak1337/Alcatraz\n\n#infosec #pentesting #redteam\n\n\u200b\u200bCobalt Strike BOFs\n\nBeacon object files I made to use with #CobaltStrike.\n\nhttps://github.com/Und3rf10w/CobaltStrikeBOFs\n\n#infosec #pentesting #redteam\n\n\u200b\u200bWindows 11 Exploits\n\nCVE-2023-24892, CVE-2023-33131, CVE-2022-30129, CVE-2023-33137, CVE-2023-33145, CVE-2023-33148, CVE-2022-30190.\n\nhttps://github.com/nu11secur1ty/Windows11Exploits\n\n#cve #cybersecurity #infosec\n\n\u200b\u200bADHunt v2.0\n\nA tool for enumerating Active Directory Enviroments looking for interesting AD objects, vulnerabilities, and misconfigurations. It currently uses a combination ldap queries and available tooling. It was built as a follow up to LinWinPwn.\n\nhttps://github.com/Auto19/ADHunt\n\n#infosec #pentesting #redteam\n\n\u200b\u200bIAMActionHunter\n\nIAMActionHunter is an IAM policy statement parser and query tool aims to simplify the process of collecting and understanding permission policy statements for users and roles in AWS Identity and Access Management (IAM). Although its functionality is straightforward, this tool was developed in response to the need for an efficient solution during day-to-day AWS penetration testing.\n\nhttps://github.com/RhinoSecurityLabs/IAMActionHunter\n\n#cybersecurity #infosec #pentesting\n\n\u200b\u200bSysPlant\n\nA small implementation in NIM of the currently known syscall hooking methods.\n\nhttps://github.com/x42en/sysplant\n\n#infosec #pentesting #redteam\n\n\u200b\u200bUnshackle\n\nOpen-source tool to bypass windows and linux passwords from bootable usb.\n\nhttps://github.com/Fadi002/unshackle\n\n#infosec #pentesting #redteam\n\n\u200b\u200bCASR\n\nCollect crash reports, triage, and estimate severity.\n\nhttps://github.com/ispras/casr\n\n#cybersecurity #infosec\n\n\u200b\u200bCVE-2023-27163\n\nTo assist in enumerating the webserver behind the webserver SSRF.\n\nhttps://github.com/seanrdev/cve-2023-27163\n\n#cve #cybersecurity #infosec\n\n\u200b\u200bCS2BR BOF\n\nYou would like to execute BOFs written for #CobaltStrike in #BruteRatel C4? Look no further, we got you covered! CS2BR implements a compatibility-layer that make CS BOFs use the BRC4 API. This allows you to use the vast landscape that is BOFs in BRC4.\n\nhttps://github.com/NVISOsecurity/cs2br-bof\n\nDetails:\nhttps://blog.nviso.eu/2023/07/17/introducing-cs2br-pt-ii-one-tool-to-port-them-all/\n \n#infosec #pentesting #redteam\n\n\u200b\u200bhypobrychium\n\nAV/EDR completely ignore me. Duplicate the token of a running process and run a command.\n\nhttps://github.com/foxlox/hypobrychium\n\n#cve #infosec\n\n2/3", "creation_timestamp": "2023-07-22T17:37:23.000000Z"}, {"uuid": "ac3391c2-e45b-4916-afb3-195439873c6d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-36884", "type": "seen", "source": "https://t.me/breachdetector/356528", "content": "{\n  \"Source\": \"https://www.turkhackteam.org/\",\n  \"Content\": \"Microsoft 2023 Critical and Important Vulnerabilities (CVE-2023-36884)\", \n  \"author\": \" ('BARBAROS)\",\n  \"Detection Date\": \"11 Oct 2023\",\n  \"Type\": \"Data leak\"\n}\n\ud83d\udd39 t.me/breachdetector \ud83d\udd39", "creation_timestamp": "2023-10-11T00:31:20.000000Z"}, {"uuid": "73a19230-2d18-449f-899d-54656e4f6567", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-36884", "type": "seen", "source": "https://t.me/breachdetector/356407", "content": "{\n  \"Source\": \"https://www.turkhackteam.org/\",\n  \"Content\": \"Microsoft 2023 Cr\u0131t\u0131cal ve Important A\u00e7\u0131klar\u0131 (CVE-2023-36884)\", \n  \"author\": \" ('BARBAROS)\",\n  \"Detection Date\": \"10 Oct 2023\",\n  \"Type\": \"Data leak\"\n}\n\ud83d\udd39 t.me/breachdetector \ud83d\udd39", "creation_timestamp": "2023-10-10T21:05:23.000000Z"}, {"uuid": "921f5caa-e0b3-4f0c-89fc-a1e4efff4ad8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-36884", "type": "seen", "source": "https://t.me/breachdetector/490463", "content": "{\n  \"Source\": \"https://www.turkhackteam.org/\",\n  \"Content\": \"CVE-2023-36884 - Microsoft Office ve Windows HTML Uzaktan Eri\u015fim Nedir ?\", \n  \"author\": \" ('BARBAROS)\",\n  \"Detection Date\": \"08 Apr 2024\",\n  \"Type\": \"Data leak\"\n}\n\ud83d\udd39 t.me/breachdetector \ud83d\udd39", "creation_timestamp": "2024-04-08T12:42:24.000000Z"}, {"uuid": "7b3929f4-51b5-4a6b-83a5-3a80a696225b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-36884", "type": "seen", "source": "https://t.me/breachdetector/490793", "content": "{\n  \"Source\": \"https://www.turkhackteam.org/\",\n  \"Content\": \"CVE-2023-36884 - Microsoft Office and Windows HTML ?\", \n  \"author\": \" ('BARBAROS)\",\n  \"Detection Date\": \"08 Apr 2024\",\n  \"Type\": \"Data leak\"\n}\n\ud83d\udd39 t.me/breachdetector \ud83d\udd39", "creation_timestamp": "2024-04-08T20:46:38.000000Z"}, {"uuid": "a032420a-8ed6-410f-b405-a33fe26ac573", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-36884", "type": "seen", "source": "https://t.me/breachdetector/318527", "content": "{\n  \"Source\": \"https://www.turkhackteam.org/\",\n  \"Content\": \"CVE-2023-36884 - Microsoft Office ve Windows HTML Uzaktan Kod Y\u00fcr\u00fctme A\u00e7\u0131\u011f\u0131\", \n  \"author\": \" (SerasZen)\",\n  \"Detection Date\": \"17 Aug 2023\",\n  \"Type\": \"Data leak\"\n}\n\ud83d\udd39 t.me/breachdetector \ud83d\udd39", "creation_timestamp": "2023-08-17T11:22:29.000000Z"}, {"uuid": "908ae36d-0c5f-45ab-a69b-21171a25a0f4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-36884", "type": "seen", "source": "https://t.me/breachdetector/318014", "content": "{\n  \"Source\": \"https://www.turkhackteam.org/\",\n  \"Content\": \"CVE-2023-36884 Microsoft'un Office Belgeleri \u0130le Kod Y\u00fcr\u00fctme A\u00e7\u0131\u011f\u0131 Nedir ?\", \n  \"author\": \" (SerasZen)\",\n  \"Detection Date\": \"16 Aug 2023\",\n  \"Type\": \"Data leak\"\n}\n\ud83d\udd39 t.me/breachdetector \ud83d\udd39", "creation_timestamp": "2023-08-16T11:36:18.000000Z"}, {"uuid": "e1991f6a-b835-4743-bee1-5925902d5d3c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-36884", "type": "published-proof-of-concept", "source": "https://t.me/Securi3yTalent/105", "content": "MS Office 0-day CVE-2023\u201336884 Mitigation&Detection (Splunk-ArcSight-SentinelOne-Elastic-CrowdStrike Rule)\n\nhttps://medium.com/@onuroktay/ms-office-0-day-cve-2023-36884-mitigation-detection-847e08c8bdcc\n\nFull Analysis Report from BlackBerry \nhttps://unit42.paloaltonetworks.com/cve-2023-36884-rce/\n\nFollow us___\n\nhttps://www.facebook.com/devmehedi101\nhttps://www.linkedin.com/company/securitytalent   \nhttps://twitter.com/devmehedi101\nhttps://www.instagram.com/devmehedi101/\nhttps://www.youtube.com/@SecurityTalent/\nhttps://www.dailymotion.com/devmehedi101\n\nFree Hacking Course Download Now__\nhttps://t.me/Securi3yTalent", "creation_timestamp": "2023-07-16T02:27:57.000000Z"}, {"uuid": "52554837-e797-4cf6-8810-44b76e5ae4be", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-36884", "type": "exploited", "source": "https://t.me/true_secator/4606", "content": "\u041f\u043e\u0434\u043a\u0430\u0442\u0438\u043b \u0438\u044e\u043b\u044c\u0441\u043a\u0438\u0439 PatchTuesday \u043e\u0442 Microsoft, \u0430 \u0432\u043c\u0435\u0441\u0442\u0435 \u0441 \u043d\u0438\u043c \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0434\u043b\u044f 132 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439, \u0432 \u0442\u043e\u043c \u0447\u0438\u0441\u043b\u0435 6 0-day \u0438 13 RCE-\u043e\u0448\u0438\u0431\u043e\u043a, \u0434\u0435\u0432\u044f\u0442\u044c \u0438\u0437 \u043a\u043e\u0442\u043e\u0440\u044b\u0445 \u043e\u0446\u0435\u043d\u0435\u043d\u044b \u043a\u0430\u043a \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0435.\n\n\u041f\u0440\u0438\u0447\u0435\u043c \u043e\u0434\u0438\u043d \u0438\u0437 \u043d\u0438\u0445 \u043e\u0441\u0442\u0430\u0435\u0442\u0441\u044f \u043d\u0435\u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043d\u044b\u043c \u0438 \u0430\u043a\u0442\u0438\u0432\u043d\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442\u0441\u044f \u0432 \u0430\u0442\u0430\u043a\u0430\u0445, \u043d\u0430\u0431\u043b\u044e\u0434\u0430\u0435\u043c\u044b\u043c\u0438 \u0440\u0430\u0437\u043b\u0438\u0447\u043d\u044b\u043c\u0438 \u0438\u043d\u0444\u043e\u0441\u0435\u043a-\u043a\u043e\u043c\u043f\u0430\u043d\u0438\u044f\u043c\u0438.\n\n\u0421\u0440\u0435\u0434\u0438 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043d\u044b\u0445 \u043f\u0440\u043e\u0431\u043b\u0435\u043c 33 \u0441\u0432\u044f\u0437\u0430\u043d\u044b \u0441 \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u0438\u0435\u043c \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439, 13 - \u043e\u0431\u0445\u043e\u0434\u043e\u043c \u0444\u0443\u043d\u043a\u0446\u0438\u0439 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438, 37 - RCE, 19 - \u0440\u0430\u0441\u043a\u0440\u044b\u0442\u0438\u0435\u043c \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438, 22 - DoS, 7 - \u0441\u043f\u0443\u0444\u0438\u043d\u0433\u043e\u043c.\n\n\u041d\u0430 \u044d\u0442\u043e\u0442 \u0440\u0430\u0437 Microsoft \u043d\u0435 \u0438\u0441\u043f\u0440\u0430\u0432\u0438\u043b\u0430 \u043d\u0438 \u043e\u0434\u043d\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 Microsoft Edge.\n\n\u0418\u0437 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u0435\u043c\u044b\u0445 0-day:\n\nCVE-2023-32046\u00a0- \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c Windows MSHTML, \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u0430\u044f \u0441 \u043d\u0435\u0441\u0430\u043d\u043a\u0446\u0438\u043e\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u043c \u043f\u043e\u043b\u0443\u0447\u0435\u043d\u0438\u0435\u043c \u043f\u0440\u0430\u0432, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b\u0430\u0441\u044c \u043f\u0443\u0442\u0435\u043c \u043e\u0442\u043a\u0440\u044b\u0442\u0438\u044f \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u0441\u043e\u0437\u0434\u0430\u043d\u043d\u043e\u0433\u043e \u0444\u0430\u0439\u043b\u0430 \u043f\u043e \u044d\u043b\u0435\u043a\u0442\u0440\u043e\u043d\u043d\u043e\u0439 \u043f\u043e\u0447\u0442\u0435 \u0438\u043b\u0438 \u0447\u0435\u0440\u0435\u0437 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0435 \u0441\u0430\u0439\u0442\u044b.\n\nCVE-2023-32049\u00a0- \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043e\u0431\u0445\u043e\u0434\u0430 Windows SmartScreen, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u043d\u0435 \u043e\u0442\u043e\u0431\u0440\u0430\u0436\u0430\u0442\u044c \u0437\u0430\u043f\u0440\u043e\u0441\u0430 \u043d\u0430 \u043e\u0442\u043a\u0440\u044b\u0442\u0438\u0435 \u0444\u0430\u0439\u043b\u043e\u0432 \u043f\u0440\u0438 \u0437\u0430\u0433\u0440\u0443\u0437\u043a\u0435 \u0438\u0437 \u0418\u043d\u0442\u0435\u0440\u043d\u0435\u0442\u0430 \u0438 \u0431\u044b\u043b\u0430 \u0431\u044b\u043b\u0430 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0430 \u0432\u043d\u0443\u0442\u0440\u0438 Microsoft Threat Intelligence Center.\n\nCVE-2023-36874\u00a0- \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 \u0441\u043b\u0443\u0436\u0431\u0435 \u043e\u0442\u0447\u0435\u0442\u043e\u0432 \u043e\u0431 \u043e\u0448\u0438\u0431\u043a\u0430\u0445, \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u0430\u044f \u0441 \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u0438\u0435\u043c \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0432\u0448\u0430\u044f \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u043f\u0440\u0430\u0432\u0430 \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440\u0430 \u043d\u0430 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0435 Windows.\n\n\u0414\u043b\u044f \u0435\u0435 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a \u0434\u043e\u043b\u0436\u0435\u043d \u0438\u043c\u0435\u0442\u044c \u043b\u043e\u043a\u0430\u043b\u044c\u043d\u044b\u0439 \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u0446\u0435\u043b\u0435\u0432\u043e\u0439 \u043c\u0430\u0448\u0438\u043d\u0435. \u041e\u043d\u0430 \u0431\u044b\u043b\u0430 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0430 \u0412\u043b\u0430\u0434\u043e\u043c \u0421\u0442\u043e\u043b\u044f\u0440\u043e\u0432\u044b\u043c \u0438 \u041c\u044d\u0434\u0434\u0438 \u0421\u0442\u043e\u0443\u043d \u0438\u0437 Google TAG.\n\nCVE-2023-36884\u00a0- \u043d\u0435\u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043d\u0430\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 Office \u0438 Windows, \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u0430\u044f \u0441 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u044b\u043c \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435\u043c \u043a\u043e\u0434\u0430 HTML \u0431\u043b\u0430\u0433\u043e\u0434\u0430\u0440\u044f \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u044e \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u0441\u043e\u0437\u0434\u0430\u043d\u043d\u044b\u0445 \u0434\u043e\u043a\u0443\u043c\u0435\u043d\u0442\u043e\u0432 Microsoft Office.\n\n\u041f\u0440\u0438 \u044d\u0442\u043e\u043c \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a \u0434\u043e\u043b\u0436\u0435\u043d \u0443\u0431\u0435\u0434\u0438\u0442\u044c \u0436\u0435\u0440\u0442\u0432\u0443 \u043e\u0442\u043a\u0440\u044b\u0442\u044c \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0439 \u0444\u0430\u0439\u043b. \n\n\u041e\u0448\u0438\u0431\u043a\u0430 \u0431\u044b\u043b\u0430 \u0437\u0430\u043c\u0435\u0447\u0435\u043d\u0430 \u0432 \u0446\u0435\u043b\u0435\u0432\u044b\u0445 \u0430\u0442\u0430\u043a\u0430\u0445, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043f\u0440\u0435\u0434\u043f\u0440\u0438\u043d\u0438\u043c\u0430\u043b\u0438\u0441\u044c, \u043f\u043e \u0434\u0430\u043d\u043d\u044b\u043c Microsoft, \u0445\u0430\u043a\u0435\u0440\u0441\u043a\u043e\u0439 \u0433\u0440\u0443\u043f\u043f\u043e\u0439 RomCom, \u0440\u0430\u0437\u0432\u0435\u0440\u0442\u044b\u0432\u0430\u0432\u0448\u0435\u0439 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u0443-\u0432\u044b\u043c\u043e\u0433\u0430\u0442\u0435\u043b\u044c Industrial Spy (\u043d\u044b\u043d\u0435 - Underground), \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u0443\u044e \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u044f\u043c\u0438 Palo Alto, \u0432 \u0441\u0432\u043e\u044e \u043e\u0447\u0435\u0440\u0435\u0434\u044c, \u0441 Cuba ransomware.\n\n\u041e\u0431 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0441\u043e\u043e\u0431\u0449\u0438\u043b\u0438 Microsoft Threat Intelligence, \u0412\u043b\u0430\u0434 \u0421\u0442\u043e\u043b\u044f\u0440\u043e\u0432, \u041a\u043b\u0435\u043c\u0435\u043d\u0442 \u041b\u0435\u0441\u0438\u043d\u044c \u0438 \u0411\u0430\u0445\u0430\u0440\u0435 \u0421\u0430\u0431\u0443\u0440\u0438 \u0438\u0437 Google TAG, \u041f\u043e\u043b \u0420\u0430\u0441\u043a\u0430\u043d\u044c\u0435\u0440\u0435\u0441 \u0438 \u0422\u043e\u043c \u041b\u0430\u043d\u043a\u0430\u0441\u0442\u0435\u0440 \u0438\u0437 Volexity, \u0430 \u0442\u0430\u043a\u0436\u0435 \u043a\u043e\u043c\u0430\u043d\u0434\u0430 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 Microsoft Office Product Group.\n\nCVE-2023-35311\u00a0\u00a0- \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043e\u0431\u0445\u043e\u0434\u0430 \u043f\u0440\u0435\u0434\u0443\u043f\u0440\u0435\u0436\u0434\u0435\u043d\u0438\u044f \u0441\u0438\u0441\u0442\u0435\u043c\u044b \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0432 Microsoft Outlook. \u0420\u0430\u0441\u043a\u0440\u044b\u0442\u0430 \u0430\u043d\u043e\u043d\u0438\u043c\u043d\u044b\u043c \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u043c.\n\nADV230001\u00a0- Microsoft \u043e\u0442\u043e\u0437\u0432\u0430\u043b\u0430 \u0441\u0435\u0440\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u044b \u0434\u043b\u044f \u043f\u043e\u0434\u043f\u0438\u0441\u0438 \u043a\u043e\u0434\u0430 \u0438 \u0443\u0447\u0435\u0442\u043d\u044b\u0435 \u0437\u0430\u043f\u0438\u0441\u0438 \u0440\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u0447\u0438\u043a\u043e\u0432, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b\u0438 \u043b\u0430\u0437\u0435\u0439\u043a\u0443 \u0432 \u043f\u043e\u043b\u0438\u0442\u0438\u043a\u0435 Windows \u0434\u043b\u044f \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043a\u0438 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0445 \u0434\u0440\u0430\u0439\u0432\u0435\u0440\u043e\u0432 \u0440\u0435\u0436\u0438\u043c\u0430 \u044f\u0434\u0440\u0430.\n\n\u041f\u043e \u0441\u043e\u043e\u0431\u0449\u0435\u043d\u0438\u044e Cisco Talos, \u044d\u0442\u0430 \u043b\u0430\u0437\u0435\u0439\u043a\u0430 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b\u0430\u0441\u044c \u0434\u043b\u044f \u043f\u043e\u0434\u043f\u0438\u0441\u0430\u043d\u0438\u044f \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0445 \u0434\u0440\u0430\u0439\u0432\u0435\u0440\u043e\u0432 \u0438 \u043f\u0435\u0440\u0435\u0445\u0432\u0430\u0442\u0430 \u0442\u0440\u0430\u0444\u0438\u043a\u0430 \u0431\u0440\u0430\u0443\u0437\u0435\u0440\u043e\u0432, \u0432\u043a\u043b\u044e\u0447\u0430\u044f Chrome, Edge \u0438 Firefox (\u0438 \u0435\u0449\u0435 \u043e\u0431\u0448\u0438\u0440\u043d\u044b\u0439 \u0441\u043f\u0438\u0441\u043e\u043a \u0431\u0440\u0430\u0443\u0437\u0435\u0440\u043e\u0432), \u043f\u043e\u043f\u0443\u043b\u044f\u0440\u043d\u044b\u0445 \u0432 \u041a\u0438\u0442\u0430\u0435.\n\n\u041f\u0440\u0438\u0447\u0435\u043c, \u0441\u043e\u0433\u043b\u0430\u0441\u043d\u043e \u0431\u044e\u043b\u043b\u0435\u0442\u0435\u043d\u044e, \u0432 \u0445\u043e\u0434\u0435 \u0430\u0442\u0430\u043a \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a \u0443\u0436\u0435 \u043f\u043e\u043b\u0443\u0447\u0438\u043b \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u0438\u0432\u043d\u044b\u0435 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0438 \u043d\u0430 \u0441\u043a\u043e\u043c\u043f\u0440\u043e\u043c\u0435\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c\u0430\u0445 \u0434\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u044f \u0434\u0440\u0430\u0439\u0432\u0435\u0440\u043e\u0432.\n\n\u0420\u0430\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u043d\u0438\u0435 \u043f\u0440\u0438 \u0443\u0447\u0430\u0441\u0442\u0438\u0438 Trend Micro \u0438 Cisco \u0431\u044b\u043b\u043e \u043f\u0440\u043e\u0432\u0435\u0434\u0435\u043d\u043e \u043f\u043e\u0441\u043b\u0435 \u0443\u0432\u0435\u0434\u043e\u043c\u043b\u0435\u043d\u0438\u044f Sophos \u043e\u0442 9 \u0444\u0435\u0432\u0440\u0430\u043b\u044f.\n\n\u041f\u043e\u043b\u043d\u044b\u0439 \u0441\u043f\u0438\u0441\u043e\u043a \u0441 \u043e\u043f\u0438\u0441\u0430\u043d\u0438\u0435\u043c \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u043d\u044b\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0432 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f\u0445 PatchTuesday \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u043b\u0435\u043d\u043e \u0437\u0434\u0435\u0441\u044c.", "creation_timestamp": "2023-07-12T14:02:05.000000Z"}, {"uuid": "8f16b453-61b2-4f46-bffe-f7c1e60e9487", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-36887", "type": "seen", "source": "https://t.me/cibsecurity/66747", "content": "\u203c CVE-2023-36887 \u203c\n\nMicrosoft Edge (Chromium-based) Remote Code Execution Vulnerability\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-07-14T22:22:33.000000Z"}, {"uuid": "b78c175e-b246-4f03-b3c2-e28eff85cdc4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-36883", "type": "seen", "source": "https://t.me/cibsecurity/66746", "content": "\u203c CVE-2023-36883 \u203c\n\nMicrosoft Edge for iOS Spoofing Vulnerability\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-07-14T22:22:32.000000Z"}, {"uuid": "05a9f7d4-b569-4f59-8869-1236d11a29a0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-36884", "type": "exploited", "source": "https://t.me/CyberSecurityTechnologies/8852", "content": "#Malware_analysis\nUnderground Ransomware deployed by Storm-0978 that exploited CVE-2023-36884", "creation_timestamp": "2023-08-15T10:59:01.000000Z"}, {"uuid": "cd30dd18-6f68-46c3-97a9-9ed6f4e71560", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "4f29edb9-4c4b-44ca-b041-9b050656b6ae", "vulnerability": "CVE-2023-36884", "type": "seen", "source": "https://poliverso.org/objects/0477a01e-e8c8129d-b09e02c4de9c4f4a", "content": "", "creation_timestamp": "2026-05-07T10:52:26.516231Z"}, {"uuid": "519beab1-a6b5-4deb-b0c5-badd516215a6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-36884", "type": "seen", "source": "MISP/99d70534-49a1-4920-887e-938c4ae37479", "content": "", "creation_timestamp": "2023-08-16T14:44:11.000000Z"}, {"uuid": "5eaa413e-8d98-4b6b-8cbc-16302338dc3f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-36884", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/9da7409c-1f3f-44e3-ac8a-c2efd24e7882", "content": "", "creation_timestamp": "2026-02-02T12:26:54.744033Z"}, {"uuid": "0cee19f5-bb1a-4415-8d1c-110763d2a27b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-36884", "type": "seen", "source": "https://www.govcert.gov.hk/en/alerts_detail.php?id=1062", "content": "", "creation_timestamp": "2023-07-12T04:00:00.000000Z"}, {"uuid": "3c757e11-fddc-4462-a715-20ab256707c5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-36884", "type": "seen", "source": "https://www.govcert.gov.hk/en/alerts_detail.php?id=1086", "content": "", "creation_timestamp": "2023-08-10T04:00:00.000000Z"}, {"uuid": "954ddfb5-0601-4411-8d36-847274cec405", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-36884", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/9da7409c-1f3f-44e3-ac8a-c2efd24e7882", "content": "", "creation_timestamp": "2026-02-02T12:26:54.744033Z"}, {"uuid": "034dd738-780c-4527-9b26-78bc6c8c3f73", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-36884", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/5380", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aRCE\n\u63cf\u8ff0\uff1aMS Office and Windows HTML RCE (CVE-2023-36884) - PoC and exploit\nURL\uff1ahttps://github.com/jakabakos/CVE-2023-36884-MS-Office-HTML-RCE\n\n\u6807\u7b7e\uff1a#RCE", "creation_timestamp": "2023-10-12T07:15:13.000000Z"}, {"uuid": "d9d85177-9405-492e-a71c-5e32246bc01f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-36884", "type": "exploited", "source": "https://t.me/BleepingComputer/17733", "content": "\u200aMicrosoft Office update breaks actively exploited RCE attack chain\n\nMicrosoft today released a defense-in-depth update for Microsoft Office that prevents exploitation of a remote code execution (RCE) vulnerability tracked as CVE-2023-36884 that threat actors have already leveraged in attacks. [...]\n\nhttps://www.bleepingcomputer.com/news/security/microsoft-office-update-breaks-actively-exploited-rce-attack-chain/", "creation_timestamp": "2023-08-08T23:30:05.000000Z"}, {"uuid": "189308aa-8ac6-4428-8c4e-be01b9b8652d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-36884", "type": "exploited", "source": "https://t.me/BleepingComputer/17726", "content": "Latest news and stories from BleepingComputer.com\nMicrosoft Office update breaks actively exploited RCE attack chain\n\nMicrosoft today released a defense-in-depth update for Microsoft Office that prevents exploitation of a remote code execution (RCE) vulnerability tracked as CVE-2023-36884 that threat actors have already leveraged in attacks. [...]", "creation_timestamp": "2023-08-08T21:08:19.000000Z"}, {"uuid": "de069b66-f032-4f1d-808e-6b362a8dc8ba", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-36884", "type": "exploited", "source": "https://t.me/alexmakus/5099", "content": "\u0443 Microsoft \u0432\u0447\u0435\u0440\u0430 \u0431\u044b\u043b Patch Tuesday \u0434\u043b\u044f \u0430\u0432\u0433\u0443\u0441\u0442\u0430, 87 \u0444\u0438\u043a\u0441\u043e\u0432 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439, \u0432\u043a\u043b\u044e\u0447\u0430\u044f \u0434\u0432\u0435, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0430\u043a\u0442\u0438\u0432\u043d\u043e \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u043e\u0432\u0430\u043b\u0438\u0441\u044c, \u0438 23 RCE. \n\nhttps://msrc.microsoft.com/update-guide/releaseNote/2023-Aug\n\nADV230003 -\u00a0Microsoft Office Defense in Depth Update (publicly disclosed)\nMicrosoft has released an Office Defense in Depth update to fix a\u00a0patch bypass of the previously mitigated and actively exploited CVE-2023-36884 remote code execution flaw.\nThe\u00a0CVE-2023-36884 flaw allowed threat actors to create specially crafted Microsoft Office documents that could bypass the Mark of the Web (MoTW) security feature, causing files to be opened without displaying a security warning and perform remote code execution.\nThe vulnerability was actively exploited by the RomCom hacking group, who was previously known to deploy the\u00a0Industrial Spy ransomware\u00a0in attacks. The ransomware operation has since rebranded as 'Underground,' under which they continue to extort victims.\nThe flaw was discovered by\u00a0Paul Rascagneres and Tom Lancaster with Volexity.\n\nCVE-2023-38180 - .NET and Visual Studio Denial of Service Vulnerability\nMicrosoft has fixed an actively exploited vulnerability that can cause a DoS attack on .NET applications and Visual Studio.\nUnfortunately, Microsoft did not share any additional details on how this flaw was used in attacks and did not disclose who discovered the vulnerability.", "creation_timestamp": "2023-08-09T14:05:26.000000Z"}, {"uuid": "cfe6f600-1c9a-49cb-8bbc-7ee508b463a0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-36884", "type": "seen", "source": "https://t.me/kasperskyb2b/746", "content": "\ud83d\udcbb \u0418\u044e\u043b\u044c\u0441\u043a\u0438\u0439 \u0432\u0442\u043e\u0440\u043d\u0438\u043a \u043f\u0430\u0442\u0447\u0435\u0439 Microsoft: \ud83d\udfe5\ud83d\udfe9\ud83d\udcdb\u0436\u0430\u0440\u0430!\n\n\u041e\u0447\u0435\u0440\u0435\u0434\u043d\u043e\u0439 \u043f\u0430\u043a\u0435\u0442 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0439 Microsoft \u043b\u0430\u0442\u0430\u0435\u0442 132 \u0434\u044b\u0440\u044b \u0432 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u0430\u0445 \u0438\u0437 \u0420\u0435\u0434\u043c\u043e\u043d\u0434\u0430. 9 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u043f\u0440\u0438\u0437\u043d\u0430\u043d\u044b \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u043c\u0438, 6 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0442\u0441\u044f \u0432 \u0440\u0435\u0430\u043b\u044c\u043d\u044b\u0445 \u0430\u0442\u0430\u043a\u0430\u0445, \u043f\u0440\u0438 \u044d\u0442\u043e\u043c \u0434\u043b\u044f \u0434\u0432\u0443\u0445 \u043f\u0440\u043e\u0431\u043b\u0435\u043c \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u043e \u0440\u0443\u043a\u043e\u0432\u043e\u0434\u0441\u0442\u0432\u043e \u043f\u043e \u0441\u043c\u044f\u0433\u0447\u0435\u043d\u0438\u044e, \u0430 \u043d\u0435 \u043f\u0440\u043e\u0441\u0442\u043e \u043f\u0430\u0442\u0447.   37 \u043e\u0448\u0438\u0431\u043e\u043a \u043f\u0440\u0438\u0432\u043e\u0434\u044f\u0442 \u043a \u0438\u0441\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044e \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u043e\u0433\u043e \u043a\u043e\u0434\u0430, 33 \u2014 \u043a \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u0438\u044e \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439, 13 \u2014 \u043e\u0431\u0445\u043e\u0434\u0443 \u0444\u0443\u043d\u043a\u0446\u0438\u0439 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438, 22 \u2014 \u043e\u0442\u043a\u0430\u0437\u0443 \u0432 \u043e\u0431\u0441\u043b\u0443\u0436\u0438\u0432\u0430\u043d\u0438\u0438. \u0411\u043e\u0433\u0430\u0442\u043e.\n\n\u042d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u0435\u043c\u0430\u044f \u0432 \u0430\u0442\u0430\u043a\u0430\u0445 Storm-0978/RomCom  RCE \u0432 Office \u0438 Windows (CVE-2023-36884, CVSS 8.3) \u043d\u0435 \u0443\u0441\u043f\u0435\u043b\u0430 \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u043f\u043e\u043b\u043d\u043e\u0446\u0435\u043d\u043d\u043e\u0433\u043e \u043f\u0430\u0442\u0447\u0430. \u0420\u0435\u0434\u043c\u043e\u043d\u0434 \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0438 \u043f\u043e \u043c\u0438\u0442\u0438\u0433\u0430\u0446\u0438\u0438, \u0432\u043a\u043b\u044e\u0447\u0430\u044e\u0449\u0438\u0435 \u0434\u043e\u0431\u0430\u0432\u043b\u0435\u043d\u0438\u0435 \u0432\u0441\u0435\u0445 \u0438\u0441\u043f\u043e\u043b\u043d\u0438\u043c\u044b\u0445 \u0444\u0430\u0439\u043b\u043e\u0432 Office \u0432 \u0441\u043f\u0438\u0441\u043e\u043a FEATURE_BLOCK_CROSS_PROTOCOL_FILE_NAVIGATION. \u0412\u0435\u0441\u044c\u043c\u0430 \u0432\u0435\u0440\u043e\u044f\u0442\u043d\u043e, \u0447\u0442\u043e \u043f\u0430\u0442\u0447 \u0431\u0443\u0434\u0435\u0442 \u044d\u043a\u0441\u0442\u0440\u0435\u043d\u043d\u043e \u0432\u044b\u043f\u0443\u0449\u0435\u043d \u0447\u0435\u0440\u0435\u0437 \u043d\u0435\u0434\u0435\u043b\u044e-\u0434\u0440\u0443\u0433\u0443\u044e, \u043d\u0435 \u0434\u043e\u0436\u0438\u0434\u0430\u044f\u0441\u044c \u0430\u0432\u0433\u0443\u0441\u0442\u0430.\n\n\u0412\u0442\u043e\u0440\u0430\u044f \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u0430, \u043f\u043e\u043b\u0443\u0447\u0438\u0432\u0448\u0430\u044f \u043d\u0435 CVE, \u0430 \u0440\u0443\u043a\u043e\u0432\u043e\u0434\u0441\u0442\u0432\u043e \u0441 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u044f\u043c\u0438 (ADV-230001), \u043e\u0442\u043d\u043e\u0441\u0438\u0442\u0441\u044f \u043a \u043f\u043e\u0434\u043f\u0438\u0441\u0438 \u0434\u0440\u0430\u0439\u0432\u0435\u0440\u043e\u0432 \u0443\u0440\u043e\u0432\u043d\u044f \u044f\u0434\u0440\u0430. \u042d\u0442\u043e \u0435\u0449\u0451 \u043e\u0434\u0438\u043d \u043f\u043e\u0432\u043e\u0440\u043e\u0442 \u0432 \u0441\u0430\u0433\u0435 \u043e\u0431 \u00ab\u0443\u0431\u0438\u0439\u0446\u0430\u0445 EDR\u00bb \u0438 \u0440\u0443\u0442\u043a\u0438\u0442\u0430\u0445.  \u0420\u0435\u0434\u043c\u043e\u043d\u0434 \u043e\u0442\u043e\u0437\u0432\u0430\u043b \u043f\u0430\u0447\u043a\u0443 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u043c\u044b\u0445 \u0432 APT \u0441\u0435\u0440\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0432 \u0440\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u0447\u0438\u043a\u0430 \u0438 \u0437\u0430\u0431\u043b\u043e\u043a\u0438\u0440\u043e\u0432\u0430\u043b \u043a\u043e\u043d\u043a\u0440\u0435\u0442\u043d\u044b\u0435 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0435 \u0434\u0440\u0430\u0439\u0432\u0435\u0440\u044b, \u043d\u043e \u043d\u0435 \u0440\u0435\u0448\u0438\u043b \u043e\u0441\u043d\u043e\u0432\u043d\u0443\u044e \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u0443. \u0425\u0430\u043a\u0435\u0440\u044b \u043f\u043e-\u043f\u0440\u0435\u0436\u043d\u0435\u043c\u0443 \u0443\u043c\u0443\u0434\u0440\u044f\u044e\u0442\u0441\u044f \u043f\u043e\u0434\u043f\u0438\u0441\u0430\u0442\u044c \u0434\u0440\u0430\u0439\u0432\u0435\u0440\u044b \u0443 Microsoft \u0438\u043b\u0438 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u0442\u0440\u044e\u043a \u0441 \u043f\u043e\u0434\u043f\u0438\u0441\u044c\u044e \u0441\u0435\u0440\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u0430 \u0437\u0430\u0434\u043d\u0438\u043c \u0447\u0438\u0441\u043b\u043e\u043c, \u0447\u0442\u043e\u0431\u044b \u043e\u043d \u043f\u0440\u043e\u0445\u043e\u0434\u0438\u043b \u043f\u043e \u043e\u0434\u043d\u043e\u043c\u0443 \u0438\u0437 \u0438\u0441\u043a\u043b\u044e\u0447\u0435\u043d\u0438\u0439 \u0438 \u043d\u0435 \u0442\u0440\u0435\u0431\u043e\u0432\u0430\u043b \u043f\u043e\u0434\u043f\u0438\u0441\u0438 \u043d\u0430 MS Developers Portal. \u0414\u043b\u044f \u0437\u0430\u0449\u0438\u0442\u044b Microsoft \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442 \u043f\u043e\u0434\u0434\u0435\u0440\u0436\u0438\u0432\u0430\u0442\u044c  Windows \u0438 EDR \u043e\u0431\u043d\u043e\u0432\u043b\u0451\u043d\u043d\u044b\u043c\u0438 \ud83e\udd78. \u0415\u0434\u0438\u043d\u0441\u0442\u0432\u0435\u043d\u043d\u043e\u0435 \u0441\u043b\u0430\u0431\u043e\u0435 \u0443\u0442\u0435\u0448\u0435\u043d\u0438\u0435 \u0441\u043e\u0441\u0442\u043e\u0438\u0442 \u0432 \u0442\u043e\u043c, \u0447\u0442\u043e \u0434\u043b\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0442\u0430\u043a\u0438\u0445 \u0434\u0440\u0430\u0439\u0432\u0435\u0440\u043e\u0432 \u0430\u0442\u0430\u043a\u0443\u044e\u0449\u0438\u0439 \u0434\u043e\u043b\u0436\u0435\u043d \u0438\u043c\u0435\u0442\u044c \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0438 \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440\u0430. \n\n\u0414\u0440\u0443\u0433\u0438\u0435 \u0430\u043a\u0442\u0438\u0432\u043d\u043e \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u0435\u043c\u044b\u0435 \u0431\u0430\u0433\u0438 \u0432 \u044d\u0442\u043e\u043c \u043f\u0430\u043a\u0435\u0442\u0435 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0439:\n\nCVE-2023-32049 \u2014 \u043e\u0431\u0445\u043e\u0434 \u0444\u0438\u0447 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438, \u0444\u0430\u0439\u043b \u0430\u0442\u0430\u043a\u0443\u044e\u0449\u0438\u0445 \u043e\u0442\u043a\u0440\u044b\u0432\u0430\u0435\u0442\u0441\u044f \u0431\u0435\u0437 \u0434\u0435\u043c\u043e\u043d\u0441\u0442\u0440\u0430\u0446\u0438\u0438 \u043f\u0440\u0435\u0434\u0443\u043f\u0440\u0435\u0436\u0434\u0435\u043d\u0438\u044f Windows \u00ab\u0444\u0430\u0439\u043b \u0437\u0430\u0433\u0440\u0443\u0436\u0435\u043d \u0438\u0437 \u0418\u043d\u0442\u0435\u0440\u043d\u0435\u0442\u0430\u00bb.\nCVE-2023-32046 \u2014 EoP \u0432 MSHTML. \nCVE-2023-36874 \u2014 EoP \u0432 Windows Error reporting service. \u0410\u0442\u0430\u043a\u0443\u044e\u0449\u0438\u0435 \u043c\u043e\u0433\u0443\u0442 \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u0438\u0432\u043d\u044b\u0435 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0438, \u0435\u0441\u043b\u0438 \u0443 \u043d\u0438\u0445 \u0435\u0441\u0442\u044c \u043e\u0431\u044b\u0447\u043d\u044b\u0435 \u043f\u0440\u0430\u0432\u0430 \u043d\u0430 \u0441\u043e\u0437\u0434\u0430\u043d\u0438\u0435 \u043f\u0430\u043f\u043e\u043a \u0438 \u0442\u0435\u0445\u043d\u0438\u0447\u0435\u0441\u043a\u0438\u0445 \u0444\u0430\u0439\u043b\u043e\u0432 \u043c\u043e\u043d\u0438\u0442\u043e\u0440\u0438\u043d\u0433\u0430 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u044c\u043d\u043e\u0441\u0442\u0438.\nCVE-2023-35311 \u2014 \u043e\u0431\u0445\u043e\u0434 \u0444\u0438\u0447 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0432 Outlook, \u043f\u0440\u0438 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0438 \u043f\u0440\u0435\u0434\u0432\u0430\u0440\u0438\u0442\u0435\u043b\u044c\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0441\u043c\u043e\u0442\u0440\u0430 \u043d\u0435 \u043e\u0442\u043e\u0431\u0440\u0430\u0436\u0430\u044e\u0442\u0441\u044f \u043f\u0440\u0435\u0434\u0443\u043f\u0440\u0436\u0435\u0434\u0435\u043d\u0438\u044f \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438.\n\n\u041f\u043e\u043a\u0430 \u043d\u0435 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u044e\u0442\u0441\u044f, \u043d\u043e \u0432\u0435\u0441\u044c\u043c\u0430 \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e \u0431\u0443\u0434\u0443\u0442 \u0432 \u0431\u0443\u0434\u0443\u0449\u0435\u043c  RCE \u0432 Sharepoint server (CVE-2023-33160, CVSS 8.8) \u0438 \u043d\u0438\u0448\u0435\u0432\u0430\u044f, \u043d\u043e \u0432\u0435\u0441\u044c\u043c\u0430 \u043e\u043f\u0430\u0441\u043d\u0430\u044f RCE \u0432 Microsoft message queuing (CVE-2023-32057, CVSS 9.8).\n\n\u041f\u043e\u043b\u043d\u044b\u0439 \u0441\u043f\u0438\u0441\u043e\u043a \u0431\u044e\u043b\u043b\u0435\u0442\u0435\u043d\u0435\u0439 \u0442\u0440\u0430\u0434\u0438\u0446\u0438\u043e\u043d\u043d\u043e \u0434\u043e\u0441\u0442\u0443\u043f\u0435\u043d \u0437\u0434\u0435\u0441\u044c.\n\n#\u043d\u043e\u0432\u043e\u0441\u0442\u0438 @\u041f2\u0422", "creation_timestamp": "2023-07-12T09:42:06.000000Z"}, {"uuid": "fda46484-9ddc-4423-b0fa-cbe681dbc149", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-36884", "type": "seen", "source": "https://t.me/kasperskyb2b/792", "content": "\ud83d\udcbb\ud83d\udfe1 \u0418\u0437 87 \u043f\u0430\u0442\u0447\u0435\u0439 Microsoft, \u0438\u043d\u0442\u0435\u0440\u0435\u0441\u0430 \u0437\u0430\u0441\u043b\u0443\u0436\u0438\u0432\u0430\u0435\u0442 \u0440\u0430\u0437\u0432\u0438\u0442\u0438\u0435 \u0441\u043e\u0431\u044b\u0442\u0438\u0439 \u0432\u043e\u043a\u0440\u0443\u0433 CVE-2023-36884. \u0418\u0437\u043d\u0430\u0447\u0430\u043b\u044c\u043d\u043e \u0430\u043d\u043e\u043d\u0441\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u0430\u044f \u043a\u0430\u043a RCE  \u0432 Office \u0438 Windows HTML, \u043e\u043d\u0430 \u0431\u044b\u043b\u0430 \u043f\u0435\u0440\u0435\u043a\u0432\u0430\u043b\u0438\u0444\u0438\u0446\u0438\u0440\u043e\u0432\u0430\u043d\u0430 \u0432 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c Windows Search. \u0415\u0451 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u043e\u0431\u043e\u0439\u0442\u0438 \u043c\u0435\u0445\u0430\u043d\u0438\u0437\u043c MotW, \u0437\u0430\u043f\u0443\u0441\u0442\u0438\u0442\u044c \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0439 \u043e\u0444\u0438\u0441\u043d\u044b\u0439 \u0444\u0430\u0439\u043b \u0438 \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0439 \u043a\u043e\u0434 \u0431\u0435\u0437 \u0441\u043e\u043e\u0442\u0432\u0435\u0442\u0441\u0442\u0432\u0443\u044e\u0449\u0438\u0445 \u043f\u0440\u0435\u0434\u0443\u043f\u0440\u0435\u0436\u0434\u0435\u043d\u0438\u0439. \u0414\u043b\u044f \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u044b \u0431\u044b\u043b\u0438 \u0432\u044b\u043f\u0443\u0449\u0435\u043d\u044b \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f Windows, \u0430 \u0442\u0430\u043a\u0436\u0435 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 Office (ADV230003), \u043a\u043e\u0442\u043e\u0440\u043e\u0435 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u043f\u0440\u0435\u0440\u0432\u0430\u0442\u044c \u0446\u0435\u043f\u043e\u0447\u043a\u0443 \u0434\u0435\u0439\u0441\u0442\u0432\u0438\u0439 \u0430\u0442\u0430\u043a\u0443\u044e\u0449\u0438\u0445. \u041d\u0430\u043f\u043e\u043c\u043d\u0438\u043c, \u0447\u0442\u043e \u044d\u0442\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u043e\u0432\u0430\u043b\u0430\u0441\u044c \u0432\u044b\u043c\u043e\u0433\u0430\u0442\u0435\u043b\u044f\u043c\u0438 RomCom.\n\n\u0412\u0442\u043e\u0440\u0430\u044f \u0430\u043a\u0442\u0438\u0432\u043d\u043e \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u0435\u043c\u0430\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u2014 CVE-2023-38180 (CVSS 7.5) \u0432 .NET \u0438 Visual Studio, \u043f\u0440\u0438\u0432\u043e\u0434\u044f\u0449\u0430\u044f \u043a DoS. \u0420\u0435\u0434\u043c\u043e\u043d\u0434 \u043d\u0435 \u043f\u0440\u0438\u0432\u0451\u043b \u043d\u0438\u043a\u0430\u043a\u0438\u0445 \u0434\u0435\u0442\u0430\u043b\u0435\u0439 \u043e \u0442\u043e\u043c, \u043a\u0442\u043e \u0438 \u043a\u0430\u043a \u044d\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u043e\u0432\u0430\u043b \u044d\u0442\u043e\u0442 \u0431\u0430\u0433.\n\n\u0412\u0441\u0435\u0433\u043e Microsoft \u0437\u0430\u043a\u0440\u044b\u043b\u0430 23 RCE, 18 EoP, 3 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0441 \u043e\u0431\u0445\u043e\u0434\u043e\u043c \u0444\u0443\u043d\u043a\u0446\u0438\u0439 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438, 10 \u2014 \u0440\u0430\u0437\u0433\u043b\u0430\u0448\u0435\u043d\u0438\u044f \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438, 8 DoS \u0438 12 spoofing. \n\n\u0418\u0437 \u0448\u0435\u0441\u0442\u0438 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439, \u0434\u0432\u0435 \u043e\u0442\u043d\u043e\u0441\u044f\u0442\u0441\u044f \u043a Teams (CVE-2023-29330 \u0438 -29328) \u0438 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0442 \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0439 \u043a\u043e\u0434, \u0435\u0441\u043b\u0438 \u0436\u0435\u0440\u0442\u0432\u0430 \u043f\u0440\u0438\u0441\u043e\u0435\u0434\u0438\u043d\u0438\u0442\u0441\u044f \u043a \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u043e\u0439 \u0432\u0441\u0442\u0440\u0435\u0447\u0435. \u0415\u0449\u0451 \u043e\u0434\u043d\u0430 \u044f\u0432\u043b\u044f\u0435\u0442\u0441\u044f RCE \u0432 Outlook, \u0430 \u043e\u0441\u0442\u0430\u043b\u044c\u043d\u044b\u0435 \u0442\u0440\u0438 \u043f\u0440\u0438\u0432\u043e\u0434\u044f\u0442 \u043a \u0438\u0441\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044e \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u043e\u0433\u043e \u043a\u043e\u0434\u0430 \u0447\u0435\u0440\u0435\u0437  Microsoft Message Queuing (CVE-2023-36911, -36910, -35385, \u0432\u0441\u0435 CVSS 9.8). \u0412\u0441\u0435\u0433\u043e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0432 \u044d\u0442\u043e\u043c \u043a\u043e\u043c\u043f\u043e\u043d\u0435\u043d\u0442\u0435 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u043e 11 \u0448\u0442\u0443\u043a, \u0447\u0442\u043e \u044f\u0432\u043d\u043e \u0443\u043a\u0430\u0437\u044b\u0432\u0430\u0435\u0442 \u043d\u0430 \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u043d\u044b\u0439 \u0438\u043d\u0442\u0435\u0440\u0435\u0441 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439 \u0438 \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e\u0441\u0442\u044c \u0441\u043a\u043e\u0440\u043e\u0439 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438.  \u0422\u0435\u043c, \u0443 \u043a\u043e\u0433\u043e \u0432 \u0438\u043d\u0444\u0440\u0430\u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u0435 \u0440\u0435\u0430\u043b\u044c\u043d\u043e \u0432\u043a\u043b\u044e\u0447\u0435\u043d\u0430 \u0441\u043b\u0443\u0436\u0431\u0430 MMQ, \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442\u0441\u044f  \u043e\u043f\u0435\u0440\u0430\u0442\u0438\u0432\u043d\u043e \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u0438\u0442\u044c \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u0438\u043b\u0438 \u0441\u0442\u0440\u043e\u0433\u043e \u0440\u0435\u0433\u043b\u0430\u043c\u0435\u043d\u0442\u0438\u0440\u043e\u0432\u0430\u0442\u044c TCP-\u0442\u0440\u0430\u0444\u0438\u043a \u043d\u0430 \u043f\u043e\u0440\u0442\u0443 1801 \u0432 \u043a\u0430\u0447\u0435\u0441\u0442\u0432\u0435 \u043c\u0435\u0440\u044b \u0441\u043c\u044f\u0433\u0447\u0435\u043d\u0438\u044f.\n\n#\u043d\u043e\u0432\u043e\u0441\u0442\u0438 @\u041f2\u0422", "creation_timestamp": "2023-08-09T10:07:43.000000Z"}, {"uuid": "be38c5f4-9f99-4f66-aae0-217698a33342", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-36884", "type": "exploited", "source": "https://t.me/ctinow/123709", "content": "https://ift.tt/IeAVM1z\nUnpatched Office Zero-Day CVE-2023-36884 Actively Exploited in Targeted Attacks", "creation_timestamp": "2023-07-13T17:52:07.000000Z"}, {"uuid": "45f9ec41-ec8a-4d68-8096-33f248a3fa15", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-36884", "type": "seen", "source": "https://t.me/ctinow/126521", "content": "https://ift.tt/hUmEKBk\nCyber Storm Unleashed: Unmasking STORM-0978\u2019s Exploitation of the CVE-2023-36884 Vulnerability", "creation_timestamp": "2023-07-27T03:46:33.000000Z"}, {"uuid": "271f78b0-9a1f-4dcc-ad57-14c2b0051686", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-36884", "type": "exploited", "source": "https://t.me/ctinow/123256", "content": "https://ift.tt/WPCvEfa\nUnpatched Office zero-day CVE-2023-36884 actively exploited in targeted attacks", "creation_timestamp": "2023-07-12T09:56:39.000000Z"}, {"uuid": "3776f2a5-50a4-4def-b25d-c526d623458e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-36884", "type": "seen", "source": "https://t.me/ctinow/123163", "content": "https://ift.tt/Cid7tWc\nMicrosoft patches four exploited zero-days, but lags with fixes for a fifth (CVE-2023-36884)", "creation_timestamp": "2023-07-11T21:56:22.000000Z"}, {"uuid": "9551cdc2-ac6c-4ac4-a4f5-fa9efbd863d4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-36884", "type": "published-proof-of-concept", "source": "https://t.me/dilagrafie/3122", "content": "\u200b\u200bGitHub Logs\n\nExtracting #OSINT Insights from 15TB of GitHub Event Logs.\n\nhttps://github.com/trickest/github-logs\n\n#cybersecurity #infosec\n\n\u200b\u200bWeb Hacker's Weapons\n\nA collection of cool tools used by Web hackers.\n\nhttps://github.com/hahwul/WebHackersWeapons\n\n#infosec #pentesting #bugbounty\n\n\u200b\u200b\ud83d\udc27 Awesome Linux Rootkits\n\nBest linux rootkits resources.\n\nhttps://github.com/milabs/awesome-linux-rootkits\n\n#infosec #pentesting #redteam\n\nglit\n\nA little #OSINT tool to retrieve all mails of user related to a git repository, a git user or a git organization.\n\nhttps://github.com/shadawck/glit\n\n#cybersecurity #infosec\n\n\u200b\u200bCoWitness\n\nA powerful web application testing tool that enhances the accuracy and efficiency of your testing efforts. It allows you to mimic an HTTP server and a DNS server, providing complete responses and valuable insights during your testing process.\n\nhttps://github.com/stolenusername/cowitness\n\n#cybersecurity #infosec #pentesting\n\n\u200b\u200bLinux Kernel Factory\n\nLinux kernel CVE exploit analysis report and relative debug environment. You don't need to compile Linux kernel and configure your environment anymore.\n\nhttps://github.com/bsauce/kernel-exploit-factory\n\n#infosec #pentesting #redteam\n\n\u200b\u200bdocleaner\n\nA web service to clean #documents from potentially privacy-invasive #metadata.\n\nhttps://github.com/TUD-CERT/docleaner\n\n\u200b\u200bHadesLdr\n\nShellcode loader implementing indirect dynamic syscall, api hashing, fileless shellcode retrieving using winsock2.\n\n\u2022 Indirect Dynamic Syscall by resolving the SSN and the address pointing to a backed syscall instruction dynamically.\n\u2022 API Hashing by resolving modules & APIs base address from PEB by hashes\n\u2022 Fileless Chunked RC4 Shellcode retrieving using Winsock2\n\nhttps://github.com/CognisysGroup/HadesLdr\n\nDetails:\nhttps://labs.cognisys.group/posts/Combining-Indirect-Dynamic-Syscalls-and-API-Hashing/\n\n#infosec #pentesting #redteam\n\n\u200b\u200bLOLAPPS \n\nKind of like the cousin of LOLBAS and GTFObins. Sometimes you might struggle to common binaries to exploit and LOLAPPS is meant to be a supplementary resource for identifying native functionality in applications that can be used to the hacker's advantage, both third-party and from within.\n\nhttps://github.com/LOLAPPS-Project/LOLAPPS\n\nWeb:\nhttps://lolapps-project.github.io/\n\n#infosec #pentesting #redteam\n\n\u200b\u200bCVE-2023-36884\n\nOffice/Windows HTML RCE Vulnerability\n\nhttps://github.com/Maxwitat/CVE-2023-36884-Scripts-for-Intune-Remediation-SCCM-Compliance-Baseline\n\n#cve #cybersecurity #infosec\n\n\u200b\u200bRWXfinder\n\nWindows-specific tool written in C which uses Windows API functions to traverse through directories and look for DLL files with an RWX section in memory.\n\nhttps://github.com/pwnsauc3/RWXFinder\n\n#infosec #pentesting #redteam\n\n\u200b\u200bPlumHound \n\nBloodHoundAD Report Engine for Security Teams\n\nhttps://github.com/PlumHound/PlumHound\n\n#infosec #pentesting #redteam\n\n\u200b\u200bLolDriverScan\n\nA golang tool that allows users to discover vulnerable drivers on their system. This tool fetches the loldriverscan.io list from their APIs and scans the system for any vulnerable drivers This project is implemented in Go and does not require elevated privileges to run.\n\nhttps://github.com/FourCoreLabs/loldriverscan\n\n#cybersecurity #infosec\n\n\u200b\u200bJayFinder\n\nWhether you knew Process Mockingjay since ever or you just got to know it, this tool helps you to find DLLs with RWX section. This is done parsing the PE Section Headers and checking the \"Characteristics\" attribute of each section.\n\nhttps://github.com/oldboy21/JayFinder\n\n#infosec #pentesting #redteam\n\n\u200b\u200bCVE-2023-37582\n\nApache RocketMQ Arbitrary File Write Vulnerability #Exploit.\n\nhttps://github.com/Malayke/CVE-2023-37582_EXPLOIT\n\n#cybersecurity #infosec\n\n\u200b\u200bUDP Protocol Scanner\n\nA tool for identifying UDP services running on remote hosts. This tool may be of use to those performing security testing - e.g. during penetration testing, vulnerability assessments or while pivoting.\n\nhttps://github.com/CiscoCXSecurity/udpy_proto_scanner\n\n#cybersecurity #infosec #pentesting\n\nhttps://t.me/dilagrafie\n\n2/2", "creation_timestamp": "2023-07-15T21:16:53.000000Z"}, {"uuid": "27aae81a-35b1-4f68-81e9-b7fbb8ab58fb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-36884", "type": "published-proof-of-concept", "source": "https://t.me/MrVGunz/986", "content": "\u0628\u0627\u062c \u0627\u0641\u0632\u0627\u0631 \u0632\u06cc\u0631\u0632\u0645\u06cc\u0646\u06cc \u0627\u0633\u062a\u0642\u0631\u0627\u0631 \u0634\u062f\u0647 \u062a\u0648\u0633\u0637 Storm-0978 \u06a9\u0647 \u0645\u0648\u0631\u062f \u0633\u0648\u0621 \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0642\u0631\u0627\u0631 \u06af\u0631\u0641\u062a\n\nCVE-2023-36884 : Underground Ransomware deployed by Storm-0978 that exploited \nPDF : https://resources.securityscorecard.com/research/underground-ransomware", "creation_timestamp": "2024-01-27T08:35:34.000000Z"}, {"uuid": "fffabadf-365c-45d3-b35a-f1683de1e6d1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-36884", "type": "seen", "source": "https://t.me/true_secator/4856", "content": "\u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 Deep Instinct \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u043b\u0438\u00a0\u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430, \u043d\u0430\u0446\u0435\u043b\u0435\u043d\u043d\u043e\u0433\u043e \u043d\u0430 \u0430\u0437\u0435\u0440\u0431\u0430\u0439\u0434\u0436\u0430\u043d\u0441\u043a\u0438\u0435 \u0446\u0435\u043b\u0438, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0449\u0435\u0433\u043e \u043f\u0440\u0438\u043c\u0430\u043d\u043a\u0438, \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u044b\u0435 \u0441 \u0432\u043e\u0435\u043d\u043d\u044b\u043c \u043a\u043e\u043d\u0444\u043b\u0438\u043a\u0442\u043e\u043c \u0432 \u041d\u0430\u0433\u043e\u0440\u043d\u043e\u043c \u041a\u0430\u0440\u0430\u0431\u0430\u0445\u0435, \u0441 \u0446\u0435\u043b\u044c\u044e \u0437\u0430\u0440\u0430\u0436\u0435\u043d\u0438\u044f \u0438\u0445 \u0441\u0438\u0441\u0442\u0435\u043c \u043d\u043e\u0432\u044b\u043c \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u043c \u041f\u041e \u043d\u0430 \u043e\u0441\u043d\u043e\u0432\u0435 Rust.\n\n\u041a\u0430\u043c\u043f\u0430\u043d\u0438\u044f \u043f\u043e\u043b\u0443\u0447\u0438\u043b\u0430 \u043d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 Rusty Flag \u0438 \u0438\u043c\u0435\u043b\u0430 \u043a\u0430\u043a \u043c\u0438\u043d\u0438\u043c\u0443\u043c \u0434\u0432\u0430 \u0440\u0430\u0437\u043d\u044b\u0445 \u0432\u0435\u043a\u0442\u043e\u0440\u0430 \u043d\u0430\u0447\u0430\u043b\u044c\u043d\u043e\u0433\u043e \u0434\u043e\u0441\u0442\u0443\u043f\u0430, \u0430 \u0432 \u043a\u0430\u0447\u0435\u0441\u0442\u0432\u0435 \u043e\u0434\u043d\u043e\u0439 \u0438\u0437 \u043f\u0440\u0438\u043c\u0430\u043d\u043e\u043a \u0431\u044b\u043b \u043c\u043e\u0434\u0438\u0444\u0438\u0446\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0439 \u0434\u043e\u043a\u0443\u043c\u0435\u043d\u0442, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b\u0430 \u0433\u0440\u0443\u043f\u043f\u0430 Storm-0978.\n\n\u041d\u043e, \u043a\u0430\u043a \u043f\u043e\u043b\u0430\u0433\u0430\u044e\u0442 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438, \u044d\u0442\u043e \u0431\u043e\u043b\u044c\u0448\u0435 \u0443\u043a\u0430\u0437\u044b\u0432\u0430\u0435\u0442 \u043d\u0430 \u0430\u0442\u0430\u043a\u0443 \u043f\u043e\u0434\u00a0\u0447\u0443\u0436\u0438\u043c\u00a0\u0444\u043b\u0430\u0433\u043e\u043c.\n\n\u0418\u0437\u043d\u0430\u0447\u0430\u043b\u044c\u043d\u043e Deep Instinct \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u043b\u0430 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0439 \u0444\u0430\u0439\u043b LNK \u0441 \u043d\u0438\u0437\u043a\u0438\u043c \u0443\u0440\u043e\u0432\u043d\u0435\u043c \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0438\u044f \u043f\u043e\u0434 \u043d\u0430\u0437\u0432\u0430\u043d\u0438\u0435\u043c 1.KARABAKH.jpg.lnk \u0438 \u0434\u0435\u043c\u043e\u043d\u0441\u0442\u0440\u0438\u0440\u0443\u044e\u0449\u0438\u0439 \u0438\u0437\u043e\u0431\u0440\u0430\u0436\u0435\u043d\u0438\u0435, \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u043e\u0435 \u0441 \u0432\u043e\u0435\u043d\u043d\u044b\u043c \u0438\u043d\u0446\u0438\u0434\u0435\u043d\u0442\u043e\u043c \u0432\u00a0\u041d\u0430\u0433\u043e\u0440\u043d\u043e\u043c \u041a\u0430\u0440\u0430\u0431\u0430\u0445\u0435.\n\nLNK \u0437\u0430\u0433\u0440\u0443\u0436\u0430\u0435\u0442 \u0438 \u0437\u0430\u043f\u0443\u0441\u043a\u0430\u0435\u0442 \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u0449\u0438\u043a MSI, \u0440\u0430\u0437\u043c\u0435\u0449\u0435\u043d\u043d\u044b\u0439 \u0432 DropBox, \u0432 \u043a\u043e\u0442\u043e\u0440\u043e\u043c \u0443\u043b\u043e\u0436\u0435\u043d \u0438\u043c\u043f\u043b\u0430\u043d\u0442 \u043d\u0430 Rust, XML-\u0444\u0430\u0439\u043b \u0437\u0430\u043f\u043b\u0430\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u0439 \u0437\u0430\u0434\u0430\u0447\u0438 \u0438 \u0444\u0430\u0439\u043b \u0438\u0437\u043e\u0431\u0440\u0430\u0436\u0435\u043d\u0438\u044f-\u043f\u0440\u0438\u043c\u0430\u043d\u043a\u0438.\n\n\u0417\u0430\u0442\u0435\u043c \u043d\u0430\u0448\u0435\u043b\u0441\u044f \u0435\u0449\u0435 \u043e\u0434\u0438\u043d MSI-\u0444\u0430\u0439\u043b, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u0443\u0436\u0435 \u0441\u043e\u0434\u0435\u0440\u0436\u0430\u043b \u0434\u0440\u0443\u0433\u043e\u0439 \u0432\u0430\u0440\u0438\u0430\u043d\u0442 \u0442\u043e\u0433\u043e \u0436\u0435 \u0438\u043c\u043f\u043b\u0430\u043d\u0442\u0430\u0442\u0430 Rust, \u043e\u0434\u043d\u0430\u043a\u043e \u043e\u043f\u0440\u0435\u0434\u0435\u043b\u0438\u0442\u044c \u043f\u0435\u0440\u0432\u043e\u043d\u0430\u0447\u0430\u043b\u044c\u043d\u044b\u0439 \u0432\u0435\u043a\u0442\u043e\u0440 \u0434\u043e\u0441\u0442\u0443\u043f\u0430 \u0434\u043b\u044f \u044d\u0442\u043e\u0439 \u043a\u0430\u043c\u043f\u0430\u043d\u0438\u0438 \u0431\u044b\u043b\u043e \u0441\u043b\u043e\u0436\u043d\u0435\u0435.\n\nURL-\u0430\u0434\u0440\u0435\u0441 DropBox \u0431\u044b\u043b \u0437\u0430\u043c\u0430\u0441\u043a\u0438\u0440\u043e\u0432\u0430\u043d \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e \u0441\u0440\u0435\u0434\u0441\u0442\u0432\u0430 \u0441\u043e\u043a\u0440\u0430\u0449\u0435\u043d\u0438\u044f URL-\u0430\u0434\u0440\u0435\u0441\u043e\u0432 (hxxps://t[.]]ly/8CYQW).\n\n\u0423\u0434\u0430\u043b\u043e\u0441\u044c \u0432\u044b\u0439\u0442\u0438 \u043d\u0430 \u0444\u0430\u0439\u043b Overview_of_UWCs_UkraineInNATO_campaign.docx, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u043e\u0442\u043f\u0440\u0430\u0432\u043b\u044f\u043b \u0437\u0430\u043f\u0440\u043e\u0441 \u043d\u0430 \u044d\u0442\u043e\u0442 URL.\n\n\u041f\u0440\u0438\u0447\u0435\u043c \u044d\u0442\u043e \u0438\u043c\u044f \u0444\u0430\u0439\u043b\u0430 \u0438 \u0435\u0433\u043e \u0441\u043e\u0434\u0435\u0440\u0436\u0438\u043c\u043e\u0435, \u0431\u044b\u043b\u0438 \u0441 \u0441\u0432\u044f\u0437\u0430\u043d\u044b \u0441 \u043a\u0430\u043c\u043f\u0430\u043d\u0438\u0435\u0439\u00a0Storm-0978, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0449\u0435\u0439 CVE-2023-36884, \u043e \u0447\u0435\u043c \u0434\u0430\u0436\u0435 \u0438\u043c\u0435\u043b\u0441\u044f \u0441\u043e\u043e\u0442\u0432\u0435\u0442\u0441\u0442\u0432\u0443\u044e\u0449\u0438\u0439 \u043a\u043e\u043c\u043c\u0435\u043d\u0442\u0430\u0440\u0438\u0439 \u043d\u0430 VirusTotal.\n\n\u0412 \u0445\u043e\u0434\u0435 \u0434\u0430\u043b\u044c\u043d\u0435\u0439\u0448\u0435\u0433\u043e \u0440\u0430\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u043d\u0438\u044f \u0432\u0441\u0435 \u0436\u0435 \u0432\u044b\u044f\u0441\u043d\u0438\u043b\u043e\u0441\u044c, \u0447\u0442\u043e \u044d\u0442\u043e \u0434\u0440\u0443\u0433\u043e\u0439 \u0444\u0430\u0439\u043b.\u00a0\u041f\u0440\u0438 \u044d\u0442\u043e \u0432\u0441\u0442\u0440\u043e\u0435\u043d\u043d\u044b\u0439 afchunk.rtf \u0437\u0430\u043c\u0435\u043d\u0435\u043d, \u0430 \u0443\u043f\u043e\u043c\u044f\u043d\u0443\u0442\u0430\u044f CVE \u043d\u0435 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b\u0430\u0441\u044c.\n\n\u0412\u043c\u0435\u0441\u0442\u043e \u044d\u0442\u043e\u0433\u043e \u0434\u043b\u044f \u0437\u0430\u0433\u0440\u0443\u0437\u043a\u0438 \u0438 \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043a\u0438 \u0444\u0430\u0439\u043b\u0430 MSI \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u043e\u0432\u0430\u043b\u0430\u0441\u044c CVE-2017-11882. \u0412\u0441\u0435 \u044d\u0442\u043e \u0432\u044b\u0433\u043b\u044f\u0434\u0438\u0442, \u043f\u043e \u043c\u043d\u0435\u043d\u0438\u044e \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439, \u043a\u0430\u043a \u043f\u0440\u0435\u0434\u043d\u0430\u043c\u0435\u0440\u0435\u043d\u043d\u0430\u044f \u043f\u043e\u043f\u044b\u0442\u043a\u0430 \u0441\u0432\u044f\u0437\u0430\u0442\u044c \u0430\u0442\u0430\u043a\u0443 \u0441 Storm-0978.\n\n\u041d\u0435\u0441\u043c\u043e\u0442\u0440\u044f \u043d\u0430 \u0442\u043e, \u0447\u0442\u043e \u043f\u0435\u0440\u0432\u043e\u043d\u0430\u0447\u0430\u043b\u044c\u043d\u0430\u044f \u043f\u0440\u0438\u043c\u0430\u043d\u043a\u0430 \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u043b\u044f\u043b\u0430 \u0441\u043e\u0431\u043e\u0439 \u043e\u0444\u0438\u0441\u043d\u044b\u0439 \u0444\u0430\u0439\u043b, \u0434\u043e\u0441\u0442\u0430\u0432\u043b\u0435\u043d\u043d\u044b\u0439 MSI \u0442\u0430\u043a\u0436\u0435 \u043e\u0442\u043a\u0440\u044b\u0432\u0430\u043b \u0444\u0430\u0439\u043b-\u043f\u0440\u0438\u043c\u0430\u043d\u043a\u0443 \u0432 \u0444\u043e\u0440\u043c\u0430\u0442\u0435 PDF. \u041a\u0430\u0436\u0434\u0430\u044f \u0430\u0442\u0430\u043a\u0430 \u0438\u043c\u0435\u043b\u0430 \u0441\u0432\u043e\u0438 \u0443\u043d\u0438\u043a\u0430\u043b\u044c\u043d\u044b\u0435 \u0438\u043c\u0435\u043d\u0430 \u0444\u0430\u0439\u043b\u043e\u0432 \u0438 \u043c\u0435\u0442\u0430\u0434\u0430\u043d\u043d\u044b\u0435.\n\n\u0425\u043e\u0442\u044f \u0438\u0441\u0445\u043e\u0434\u043d\u044b\u0435 \u0432\u0435\u043a\u0442\u043e\u0440\u044b \u0440\u0430\u0437\u043b\u0438\u0447\u0430\u043b\u0438\u0441\u044c, \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435 \u0432 \u043e\u0431\u043e\u0438\u0445 \u0432\u0430\u0440\u0438\u0430\u043d\u0442\u0430\u0445 \u043e\u0441\u0443\u0449\u0435\u0441\u0442\u0432\u043b\u044f\u043b\u043e\u0441\u044c \u043e\u0434\u0438\u043d\u0430\u043a\u043e\u0432\u043e. \u041f\u043e\u0441\u043b\u0435 \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u0444\u0430\u0439\u043b\u0430 \u043e\u043d \u043f\u0435\u0440\u0435\u0445\u043e\u0434\u0438\u043b \u0432 \u0440\u0435\u0436\u0438\u043c \u0441\u043d\u0430 \u043d\u0430 12 \u043c\u0438\u043d\u0443\u0442.\u00a0\u042d\u0442\u043e \u0438\u0437\u0432\u0435\u0441\u0442\u043d\u044b\u0439 \u043c\u0435\u0442\u043e\u0434, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0438\u0439 \u0438\u0437\u0431\u0435\u0436\u0430\u0442\u044c \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u043d\u0438\u044f \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0438 \u043f\u0440\u043e\u0441\u0442\u043e\u0433\u043e \u0430\u043d\u0430\u043b\u0438\u0437\u0430 \u0432 \u043f\u0435\u0441\u043e\u0447\u043d\u0438\u0446\u0435.\n\n\u0417\u0430\u0442\u0435\u043c \u043d\u0430\u0447\u0438\u043d\u0430\u043b \u0441\u0431\u043e\u0440 \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438 \u043e \u0437\u0430\u0440\u0430\u0436\u0435\u043d\u043d\u043e\u0439 \u043c\u0430\u0448\u0438\u043d\u0435. \u0418\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f \u0437\u0430\u0442\u0435\u043c \u0448\u0438\u0444\u0440\u0443\u0435\u0442\u0441\u044f \u0438 \u043e\u0442\u043f\u0440\u0430\u0432\u043b\u044f\u0435\u0442\u0441\u044f \u043d\u0430 \u0441\u0435\u0440\u0432\u0435\u0440 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044f \u043d\u0435\u043e\u0431\u044b\u0447\u043d\u044b\u0439, \u0436\u0435\u0441\u0442\u043a\u043e \u0437\u0430\u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0439 \u043f\u043e\u0440\u0442\u00a035667.\n\n\u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 Deep Instinct \u0442\u0430\u043a \u0438 \u043d\u0435 \u0441\u043c\u043e\u0433\u043b\u0438 \u043f\u0440\u0438\u043f\u0438\u0441\u0430\u0442\u044c \u044d\u0442\u0438 \u0430\u0442\u0430\u043a\u0438 \u043a\u0430\u043a\u043e\u043c\u0443-\u043b\u0438\u0431\u043e \u0438\u0437\u0432\u0435\u0441\u0442\u043d\u043e\u043c\u0443 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443, \u0430 \u043e\u0431\u0430 \u0438\u043c\u043f\u043b\u0430\u043d\u0442\u0430\u0442\u0430 Rust \u0438\u043c\u0435\u043b\u0438 0 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0438\u0439 \u043f\u0440\u0438 \u043f\u0435\u0440\u0432\u043e\u0439 \u0437\u0430\u0433\u0440\u0443\u0437\u043a\u0435 \u0432 VirusTotal.\n\n\u0422\u0430\u043a \u0447\u0442\u043e, \u0447\u044c\u044f-\u0442\u043e \u0440\u0435\u0430\u043b\u0438\u0437\u0443\u0435\u043c\u0430\u044f \u043f\u043e\u043f\u044b\u0442\u043a\u0430 \u0438\u043c\u0438\u0442\u0430\u0446\u0438\u0438 \u043a\u0438\u0431\u0435\u0440\u0430\u0442\u0430\u043a \u043d\u0430 \u0410\u0437\u0435\u0440\u0431\u0430\u0439\u0434\u0436\u0430\u043d \u0441\u043e \u0441\u0442\u043e\u0440\u043e\u043d\u044b \u043f\u0440\u0438\u043f\u0438\u0441\u044b\u0432\u0430\u0435\u043c\u044b\u0445 \u043a \u0420\u043e\u0441\u0441\u0438\u0438 \u0433\u0440\u0443\u043f\u043f \u043c\u043e\u0436\u0435\u0442 \u0438 \u0438\u043c\u0435\u043b\u0430 \u0431\u044b \u0432 \u043c\u043e\u043c\u0435\u043d\u0442\u0435 \u0448\u0430\u043d\u0441\u044b \u043d\u0430 \u0443\u0441\u043f\u0435\u0445, \u0435\u0441\u043b\u0438 \u0431\u044b \u043d\u0435 Deep Instinct \u0441\u043e \u0441\u0432\u043e\u0438\u043c \u043e\u0442\u0447\u0435\u0442\u043e\u043c.\n\n\u041d\u043e, \u043a\u0430\u043a \u043f\u043e\u043a\u0430\u0437\u044b\u0432\u0430\u0435\u0442 \u043f\u0440\u0430\u043a\u0442\u0438\u043a\u0430, \u0438\u043d\u043e\u0433\u0434\u0430 \u043e\u043d\u0438 \u0438\u043c\u0435\u044e\u0442 \u0441\u0432\u043e\u0439\u0441\u0442\u0432\u043e \u043f\u0440\u0435\u0432\u0440\u0430\u0449\u0430\u0442\u044c\u0441\u044f \u0432 404, \u043d\u0443 \u0430 \u043f\u043e\u043a\u0430 - IOC \u0438 MITRE \u043d\u0430 \u043c\u0435\u0441\u0442\u0435 \u0432 \u043e\u0442\u0447\u0435\u0442\u0435.", "creation_timestamp": "2023-09-15T19:20:06.000000Z"}, {"uuid": "3f7d6079-c60a-4bd3-8f7d-e1874f84c764", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-36881", "type": "seen", "source": "https://t.me/cibsecurity/68027", "content": "\u203c CVE-2023-36881 \u203c\n\nAzure Apache Ambari\u00c2\u00a0Spoofing Vulnerability\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-08-08T22:14:25.000000Z"}, {"uuid": "ff26f14b-758e-422c-917f-20131f73b481", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-36889", "type": "seen", "source": "https://t.me/cibsecurity/68025", "content": "\u203c CVE-2023-36889 \u203c\n\nWindows Group Policy Security Feature Bypass Vulnerability\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-08-08T22:14:20.000000Z"}, {"uuid": "2fe09aa6-b698-4671-9c93-16b63e2def5d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-36884", "type": "exploited", "source": "https://t.me/Rootsec_2/384", "content": "\ud83d\udca5Storm-0978 attacks reveal financial and espionage motives\nMicrosoft has identified a phishing campaign conducted by the threat actor tracked as Storm-0978(DEV-0978, RomCom...) targeting defense and government entities in Europe and North America. The campaign involved the abuse of CVE-2023-36884, which included a remote code execution vulnerability exploited via Microsoft Word documents, using lures related to the Ukrainian World Congress.", "creation_timestamp": "2024-08-16T08:08:28.000000Z"}, {"uuid": "fa292ecd-7334-4574-a1bc-b89848b9c49d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-36884", "type": "exploited", "source": "https://t.me/Rootsec_2/390", "content": "\ud83e\udd37\ud83c\udffc\u200d\u2642\ufe0fCVE-2023-36884 - \u043d\u0435 \u0441\u043a\u0430\u0437\u0430\u0442\u044c \u0447\u0442\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b\u043e\u0441\u044c \u043a\u0430\u043a\u0430\u044f-\u0442\u043e \u043d\u043e\u0432\u0430\u044f \u0442\u0435\u0445\u043d\u0438\u043a\u0430 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438, \u0434\u0430\u043d\u043d\u0430\u044f \u0431\u0430\u0433\u0430 \u0432 Office/Windows HTML \u043f\u043e\u0445\u043e\u0436\u0430 \u043d\u0430 \u0440\u0430\u043d\u0435\u0435 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u0435\u043c\u0443\u044e \u0431\u0430\u0433\u0443 \u0432 Microsoft MSHTML(CVE-2021-40444, RCE), \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u0442\u043e\u0436\u0435 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b\u0430\u0441\u044c \u0440\u0430\u043d\u0435\u0435 \u0432 \"\u0448\u043f\u0438\u043e\u043d\u0441\u043a\u043e\u0439\" \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0438.\n\n\u041d\u0438\u0436\u0435 \u043f\u0440\u0438\u043a\u043b\u0430\u0434\u044b\u0432\u0430\u044e \u0441\u043f\u0438\u0441\u043e\u043a \u0441\u0441\u044b\u043b\u043e\u043a \u0441 \u0430\u043d\u0430\u043b\u0438\u0437\u043e\u043c/\u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0435\u0439 CVE-2021-40444, \u0434\u043b\u044f \u0442\u0435\u0445 \u043a\u0442\u043e \u0432\u0434\u0440\u0443\u0433 \u0437\u0430\u0431\u044b\u043b:\n\ud83d\udcbeUnpacking CVE-2021-40444: A Deep Technical Analysis of an Office RCE Exploit\n\ud83d\udcbeAnalyzing attacks that exploit the CVE-2021-40444 MSHTML vulnerability\n\ud83d\udcbeCVE-2021-40444 Analysis/Exploit\n\ud83d\udcbeMicrosoft-Office-Word-MSHTML-Remote-Code-Execution-Exploit\n\ud83d\udcbeCVE-2021-40444 - Fully Weaponized Microsoft Office Word RCE Exploit \n\ud83d\udcbeMalicious docx generator to exploit CVE-2021-40444\n\ud83d\udcbeFull exploit (RCE w/ sandbox escape) only using 6 lines of javascript code(\u043e\u0431\u044f\u0437\u0430\u0442\u0435\u043b\u044c\u043d\u043e \u043a \u043f\u0440\u043e\u0447\u0442\u0435\u043d\u0438\u044e)", "creation_timestamp": "2024-08-16T08:08:29.000000Z"}, {"uuid": "f8c52759-3c78-417e-be0c-357f254fe800", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-36884", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2023-07-18T00:10:02.000000Z"}, {"uuid": "9e09e9ec-8906-4065-a00a-b5e55cbafbd9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-36884", "type": "seen", "source": "MISP/cf410edf-b437-4efa-841f-6106f07454bb", "content": "", "creation_timestamp": "2023-10-15T09:44:42.000000Z"}, {"uuid": "3cb4e30d-e52e-409c-9b8b-c7fb9f9d171a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-36884", "type": "seen", "source": "https://bsky.app/profile/securityaura.bsky.social/post/3lfgrcqvxs22q", "content": "", "creation_timestamp": "2025-01-11T03:29:20.909362Z"}, {"uuid": "ee5bcd5e-ef56-43ce-bd9b-3b46e28d9c9b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-36884", "type": "seen", "source": "https://feedsin.space/feed/CISAKevBot/items/2971858", "content": "", "creation_timestamp": "2024-12-24T20:34:54.892693Z"}, {"uuid": "af734699-2ae2-41b7-901f-72d0215d830d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-36884", "type": "seen", "source": "https://bsky.app/profile/jtlenaghan.bsky.social/post/3lf46sysssj26", "content": "", "creation_timestamp": "2025-01-06T22:31:53.648606Z"}, {"uuid": "b6fb5f0e-2a04-4d79-9601-422cc298eb3c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-36884", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2025-02-23T02:10:44.000000Z"}, {"uuid": "079e1976-197b-477a-96c8-6464021468d8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-36884", "type": "seen", "source": "https://bsky.app/profile/undercode.bsky.social/post/3mdzsnledd72e", "content": "", "creation_timestamp": "2026-02-04T11:49:47.801174Z"}, {"uuid": "a40e89ec-868a-409b-bb5b-69984fa02b63", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-36884", "type": "seen", "source": "MISP/99d70534-49a1-4920-887e-938c4ae37479", "content": "", "creation_timestamp": "2026-02-08T06:29:19.000000Z"}, {"uuid": "f7e23195-dca7-4e00-a0de-2479c2e16e32", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-36884", "type": "seen", "source": "https://vulnerability.circl.lu/bundle/fdda4963-0aa7-4d15-8a8f-969db8f304ca", "content": "", "creation_timestamp": "2025-02-28T23:49:13.272798Z"}, {"uuid": "f3f2b868-40b6-43f9-a149-fbdb012fe1f2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-36884", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/4748", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2023\n\u63cf\u8ff0\uff1aRecent Campaign abusing CVE-2023-36884\nURL\uff1ahttps://github.com/deepinstinct/Storm0978-RomCom-Campaign\n\n\u6807\u7b7e\uff1a#CVE-2023", "creation_timestamp": "2023-07-13T13:12:03.000000Z"}, {"uuid": "5212c147-e7e7-4b9d-8641-0474a7bdb3ed", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-36884", "type": "exploited", "source": "https://t.me/HackingVidhya/206", "content": "#Malware_analysis\nUnderground Ransomware deployed by Storm-0978 that exploited CVE-2023-36884", "creation_timestamp": "2023-08-17T11:50:22.000000Z"}, {"uuid": "4f499523-4047-4cf8-aa75-7aba76671cd9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-36881", "type": "seen", "source": "https://t.me/arpsyndicate/2325", "content": "#ExploitObserverAlert\n\nCVE-2023-36881\n\nDESCRIPTION: Exploit Observer has 1 entries related to CVE-2023-36881. Azure Apache Ambari\u00a0Spoofing Vulnerability\n\nFIRST-EPSS: 0.000510000\nNVD-IS: 3.6\nNVD-ES: 0.9", "creation_timestamp": "2024-01-03T14:19:13.000000Z"}, {"uuid": "a0132a2c-143f-447e-b0a8-e86dad1bd604", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-36884", "type": "seen", "source": "https://t.me/arpsyndicate/1278", "content": "#ExploitObserverAlert\n\nCVE-2023-36884\n\nDESCRIPTION: Exploit Observer has 48 entries related to CVE-2023-36884. Windows Search Remote Code Execution Vulnerability\n\nFIRST-EPSS: 0.479490000\nNVD-IS: 5.9\nNVD-ES: 1.6", "creation_timestamp": "2023-12-04T18:52:52.000000Z"}, {"uuid": "39a57755-7c7b-4911-8fe3-f6f54f48ba2e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-36884", "type": "seen", "source": "https://t.me/true_secator/4707", "content": "\u041f\u043e\u0434\u043a\u0430\u0442\u0438\u043b PatchTuesday \u043e\u0442 Microsoft \u0437\u0430 \u0430\u0432\u0433\u0443\u0441\u0442 2023 \u0441 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f\u043c\u0438 87 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439, \u0432\u043a\u043b\u044e\u0447\u0430\u044f 2 \u0430\u043a\u0442\u0438\u0432\u043d\u043e \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u0435\u043c\u044b\u0435 \u0438 23 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 RCE, \u0438\u0437 \u043a\u043e\u0442\u043e\u0440\u044b\u0445 6 \u043e\u0446\u0435\u043d\u0438\u0432\u0430\u044e\u0442\u0441\u044f \u043a\u0430\u043a \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0435.\n\n\u0412 \u0446\u0435\u043b\u043e\u043c \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043e 18 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u0438\u044f \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439, 3 - \u043e\u0431\u0445\u043e\u0434\u0430 \u0444\u0443\u043d\u043a\u0446\u0438\u0439 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438, 23 - RCE, 10 - \u0440\u0430\u0441\u043a\u0440\u044b\u0442\u0438\u044f \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438, 8 - DoS, 12 - \u0441\u043f\u0443\u0444\u0438\u043d\u0433\u0430.\n\n\u041f\u043e\u043c\u0438\u043c\u043e \u0443\u043a\u0430\u0437\u0430\u043d\u043d\u044b\u0445, 12 \u043e\u0448\u0438\u0431\u043e\u043a \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043e \u0432 Microsoft Edge (Chromium).\n\n\u0412\u0442\u043e\u0440\u043d\u0438\u043a \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0439 \u0432 \u044d\u0442\u043e\u043c \u043c\u0435\u0441\u044f\u0446\u0435 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u044f\u0435\u0442 \u0434\u0432\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043d\u0443\u043b\u0435\u0432\u043e\u0433\u043e \u0434\u043d\u044f, \u043e\u0431\u0435 \u0438\u0437 \u043a\u043e\u0442\u043e\u0440\u044b\u0445 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b\u0438\u0441\u044c \u0432 \u0430\u0442\u0430\u043a\u0430\u0445, \u0430 \u043e\u0434\u043d\u0430 \u0438\u0437 \u043d\u0438\u0445 \u0431\u044b\u043b\u0430 \u043f\u0443\u0431\u043b\u0438\u0447\u043d\u043e \u0440\u0430\u0441\u043a\u0440\u044b\u0442\u0430.\n\nMicrosoft \u043a\u043b\u0430\u0441\u0441\u0438\u0444\u0438\u0446\u0438\u0440\u0443\u0435\u0442 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043a\u0430\u043a \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043d\u0443\u043b\u0435\u0432\u043e\u0433\u043e \u0434\u043d\u044f, \u0435\u0441\u043b\u0438 \u043e\u043d\u0430 \u043f\u0443\u0431\u043b\u0438\u0447\u043d\u043e \u0440\u0430\u0441\u043a\u0440\u044b\u0432\u0430\u0435\u0442\u0441\u044f \u0438\u043b\u0438 \u0430\u043a\u0442\u0438\u0432\u043d\u043e \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u0435\u0442\u0441\u044f \u0431\u0435\u0437 \u043e\u0444\u0438\u0446\u0438\u0430\u043b\u044c\u043d\u043e\u0433\u043e \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f.\n\n\u0423\u043f\u043e\u043c\u0438\u043d\u0430\u0435\u043c\u044b\u0435 \u0434\u0432\u0435 \u0430\u043a\u0442\u0438\u0432\u043d\u043e \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u0435\u043c\u044b\u0435 0-day - CVE-2023-36884 \u0438 CVE-2023-38180.\n\n\u041f\u0435\u0440\u0432\u0430\u044f \u0438\u0437 \u043f\u0440\u043e\u0431\u043b\u0435\u043c \u0432 Microsoft Office Defense \u0431\u044b\u043b\u0430 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0430 Volexity \u0435\u0449\u0435 \u0432 \u0438\u044e\u043b\u0435 \u0438 \u0442\u043e\u0433\u0434\u0430 \u0435\u0435 \u043e\u043d\u0430 \u043d\u0435 \u0438\u0441\u043f\u0440\u0430\u0432\u0438\u043b\u0430, \u043d\u043e \u043f\u0440\u0435\u0434\u043e\u0441\u0442\u0430\u0432\u0438\u043b\u0430 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0438 \u043f\u043e \u0435\u0435 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044e. \n\nCVE-2023-36884 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u043b\u0430 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u0441\u043e\u0437\u0434\u0430\u0432\u0430\u0442\u044c \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u0441\u043e\u0437\u0434\u0430\u043d\u043d\u044b\u0435 \u0434\u043e\u043a\u0443\u043c\u0435\u043d\u0442\u044b Microsoft Office, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043c\u043e\u0433\u043b\u0438 \u043e\u0431\u0445\u043e\u0434\u0438\u0442\u044c \u0444\u0443\u043d\u043a\u0446\u0438\u044e \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 Mark of the Web (MoTW), \u0437\u0430\u0441\u0442\u0430\u0432\u043b\u044f\u044f \u0444\u0430\u0439\u043b\u044b \u043e\u0442\u043a\u0440\u044b\u0432\u0430\u0442\u044c\u0441\u044f \u0431\u0435\u0437 \u043e\u0442\u043e\u0431\u0440\u0430\u0436\u0435\u043d\u0438\u044f \u043f\u0440\u0435\u0434\u0443\u043f\u0440\u0435\u0436\u0434\u0435\u043d\u0438\u044f \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0438 \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0442\u044c RCE.\n\n0-day \u0431\u044b\u043b\u0430 \u0437\u0430\u043c\u0435\u0447\u0435\u043d\u0430 \u0432 \u0430\u0442\u0430\u043a\u0430\u0445 \u0433\u0440\u0443\u043f\u043f\u044b RomCom \u0432 \u0444\u0438\u043d\u0430\u043d\u0441\u043e\u0432\u044b\u0445 \u0438 \u0448\u043f\u0438\u043e\u043d\u0441\u043a\u0438\u0445 \u0446\u0435\u043b\u044f\u0445.\n\n\u0413\u0440\u0443\u043f\u043f\u0430 \u0438\u0437\u0432\u0435\u0441\u0442\u043d\u0430 \u0442\u0435\u043c, \u0447\u0442\u043e \u043f\u0440\u0438\u043c\u0435\u043d\u044f\u043b\u0430\u00a0\u0432 \u0430\u0442\u0430\u043a\u0430\u0445\u00a0\u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u0443-\u0432\u044b\u043c\u043e\u0433\u0430\u0442\u0435\u043b\u044c Industrial Spy, \u043f\u0435\u0440\u0435\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u043d\u0443\u044e \u0432 Underground, \u043f\u043e\u0434 \u043a\u043e\u0442\u043e\u0440\u043e\u0439 \u043e\u043d\u0438 \u043f\u0440\u043e\u0434\u043e\u043b\u0436\u0430\u044e\u0442 \u0432\u044b\u043c\u043e\u0433\u0430\u0442\u044c \u0434\u0435\u043d\u044c\u0433\u0438 \u0443 \u0436\u0435\u0440\u0442\u0432.\n\n\u0414\u0440\u0443\u0433\u0430\u044f \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043d\u0430\u044f CVE-2023-38180 \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 \u0441\u043e\u0431\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c .NET \u0438 Visual Studio, \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u0443\u044e \u0441 DoS.\n\n\u041f\u043e \u043d\u0435\u0439 Microsoft \u0441\u0442\u0430\u043b\u0430 \u0434\u0435\u043b\u0438\u0442\u044c\u0441\u044f \u043a\u0430\u043a\u0438\u043c\u0438-\u043b\u0438\u0431\u043e \u0434\u043e\u043f\u043e\u043b\u043d\u0438\u0442\u0435\u043b\u044c\u043d\u044b\u043c\u0438 \u043f\u043e\u0434\u0440\u043e\u0431\u043d\u043e\u0441\u0442\u044f\u043c\u0438 \u043e\u0442\u043d\u043e\u0441\u0438\u0442\u0435\u043b\u044c\u043d\u043e \u0442\u043e\u0433\u043e, \u043a\u0430\u043a \u044d\u0442\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b\u0430\u0441\u044c \u0432 \u0430\u0442\u0430\u043a\u0430\u0445, \u0438 \u043d\u0435 \u0440\u0430\u0441\u043a\u0440\u044b\u043b\u0430, \u043a\u0442\u043e \u0435\u0435 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u043b.\n\n\u041f\u043e\u043b\u043d\u044b\u0439 \u043f\u0435\u0440\u0435\u0447\u0435\u043d\u044c \u0432\u0441\u0435\u0445 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043d\u044b\u0445 \u043e\u0448\u0438\u0431\u043e\u043a \u0441 \u043e\u043f\u0438\u0441\u0430\u043d\u0438\u0435\u043c \u043a\u0430\u0436\u0434\u043e\u0439 \u0438\u0437 \u043d\u0438\u0445 \u0438 \u0441\u0438\u0441\u0442\u0435\u043c, \u043d\u0430 \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0432\u043b\u0438\u044f\u044e\u0442 \u043c\u043e\u0436\u043d\u043e \u043f\u0440\u043e\u0441\u043c\u043e\u0442\u0440\u0435\u0442\u044c \u0437\u0434\u0435\u0441\u044c.", "creation_timestamp": "2023-08-09T11:06:10.000000Z"}, {"uuid": "aeca49de-0906-4c8d-888f-314f70a2272f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-36888", "type": "seen", "source": "https://t.me/cibsecurity/66757", "content": "\u203c CVE-2023-36888 \u203c\n\nMicrosoft Edge for Android (Chromium-based) Tampering Vulnerability\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-07-14T22:22:47.000000Z"}, {"uuid": "af315d6c-7ced-4a19-b071-8ad4fc110867", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-3688", "type": "seen", "source": "https://t.me/cibsecurity/66795", "content": "\u203c CVE-2023-3688 \u203c\n\nA vulnerability classified as critical has been found in Bylancer QuickJob 6.1. Affected is an unknown function of the component GET Parameter Handler. The manipulation of the argument keywords/gender leads to sql injection. It is possible to launch the attack remotely. VDB-234234 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-07-16T18:45:37.000000Z"}, {"uuid": "f19927b2-fbab-4089-b8ed-1e1d9d7cd011", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-36884", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/8669", "content": "#exploit\n1. Padding Oracle exploit\nhttps://github.com/glebarez/padre\n\n2. CVE-2023-36884:\nOffice/Windows HTML RCE Vulnerability\nhttps://github.com/Maxwitat/CVE-2023-36884-Scripts-for-Intune-Remediation-SCCM-Compliance-Baseline", "creation_timestamp": "2023-07-14T13:23:38.000000Z"}, {"uuid": "e2f79cb4-fc9f-4dcd-b2a8-4a1cb460db8c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-36884", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/8692", "content": "#tools\n#Blue_Team_Techniques\n1. Script to check for CVE-2023-36884 hardening\nhttps://github.com/tarraschk/CVE-2023-36884-Checker\n2. A python script tht searches for vulnerable version of PaperCut MF/NG (CVE-2023-27350)\nhttps://github.com/MaanVader/CVE-2023-27350-POC", "creation_timestamp": "2023-07-18T12:27:16.000000Z"}, {"uuid": "95764a7d-65da-4e5a-8f10-2c03ab0cd2c7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-36884", "type": "seen", "source": "MISP/cf410edf-b437-4efa-841f-6106f07454bb", "content": "", "creation_timestamp": "2025-07-06T22:17:39.000000Z"}]}