CYBER MONGOL
  • ASATA
  • Our Journey
  • Intelligence Engine
  • Human-Machine Teaming
  • Operator Research
  • Achievements and Media
  • Counter Intelligence
  • ASATA
  • Our Journey
  • Intelligence Engine
  • Human-Machine Teaming
  • Operator Research
  • Achievements and Media
  • Counter Intelligence
Search by typing & pressing enter

YOUR CART

2/24/2021 0 Comments

vCenter RCE

Picture
​*WARNING: Extremely Heavy Human Momentum behind Multiple RCE’s Targeting vCenter (CVE-2021-21972)* Sensors are seeing convergence between CVE-2021-21972 exploit signals and pillar signals (signals that consistently show strong human momentum), indicating massive human interest in these publicly available exploits.  
 
“A malicious actor with network access to port 443 may exploit this issue to execute commands with unrestricted privileges on the underlying operating system that hosts vCenter Server.”
 
Exploit 1: QmF0c3UK/CVE-2021-21972-vCenter-6.5-7.0-RCE-POC (github.com)
 
Exploit 2: NS-Sp4ce/CVE-2021-21972: CVE-2021-21972 (github.com)
 
#cyberthreatintelligence #infosec #cybersecurity #informationsecurity #threatintelligence #networksecurity #sec #security #tools #offensivesecurity #pentesting #redteam #blueteam 
0 Comments

2/16/2021 0 Comments

Windows Installer Elevation of Privilege: BlueBear CVE-2021-1727

Picture
Sensors have just ingested a publicly available exploit targeting the Windows installer (msiexec.exe), granting SYSTEM level privileges. We have not tested this exploit yet but plan to in the coming days.
 
EoP Exploit: klinix5/CVE-2021-1727 (github.com)
 
Microsoft Guidance: CVE-2021-1727 - Security Update Guide - Microsoft - Windows Installer Elevation of Privilege Vulnerability
 
#cyberthreatintelligence #infosec #cybersecurity #informationsecurity #threatintelligence #networksecurity #sec #security #tools #offensivesecurity #pentesting #redteam #blueteam 
0 Comments

2/2/2021 0 Comments

Heavy Sensor Activity: Repo Pairing CVE-2021-3156 & CVE-2020-6507

Picture
Sensors are reading heavy human momentum behind a code repository that has paired together exploits targeting Linux local privilege escalation through heap overflow in sudo (CVE-2021-3156) and an out of bounds write in V8. Chrome versions <= 83.0.4103.97 (CVE-2020-6507). We have not had time to look into this pairing but the amount of momentum behind this repo suggests elevated human interest in this repository.
 
Repo: r4j0x00/exploits (github.com)
 
#cyberthreatintelligence #infosec #cybersecurity #informationsecurity #threatintelligence #networksecurity #sec #security #tools #offensivesecurity #pentesting #redteam #blueteam

0 Comments

    Archives

    July 2021
    June 2021
    May 2021
    March 2021
    February 2021
    January 2021

    RSS Feed

contact us:
© COPYRIGHT 2015. ALL RIGHTS RESERVED.