diff --git a/2002/CVE-2002-20001.json b/2002/CVE-2002-20001.json index 59a403a7ae..969eb7646b 100644 --- a/2002/CVE-2002-20001.json +++ b/2002/CVE-2002-20001.json @@ -13,10 +13,10 @@ "description": "D(HE)ater is a proof of concept implementation of the D(HE)at attack (CVE-2002-20001) through which denial-of-service can be performed by enforcing the Diffie-Hellman key exchange. (read-only clone of the original GitLab project)", "fork": false, "created_at": "2021-08-31T09:51:12Z", - "updated_at": "2024-10-02T01:18:08Z", + "updated_at": "2024-10-03T06:28:07Z", "pushed_at": "2024-05-03T22:24:07Z", - "stargazers_count": 183, - "watchers_count": 183, + "stargazers_count": 184, + "watchers_count": 184, "has_discussions": false, "forks_count": 27, "allow_forking": true, @@ -46,7 +46,7 @@ ], "visibility": "public", "forks": 27, - "watchers": 183, + "watchers": 184, "score": 0, "subscribers_count": 8 } diff --git a/2015/CVE-2015-5254.json b/2015/CVE-2015-5254.json index 659eb56baa..2018c2dc4f 100644 --- a/2015/CVE-2015-5254.json +++ b/2015/CVE-2015-5254.json @@ -13,10 +13,10 @@ "description": "ActiveMQ Deserialization RCE", "fork": false, "created_at": "2019-08-30T06:03:51Z", - "updated_at": "2024-09-09T16:05:00Z", + "updated_at": "2024-10-03T08:58:06Z", "pushed_at": "2019-08-30T06:47:20Z", - "stargazers_count": 11, - "watchers_count": 11, + "stargazers_count": 12, + "watchers_count": 12, "has_discussions": false, "forks_count": 7, "allow_forking": true, @@ -25,7 +25,7 @@ "topics": [], "visibility": "public", "forks": 7, - "watchers": 11, + "watchers": 12, "score": 0, "subscribers_count": 1 }, diff --git a/2018/CVE-2018-4233.json b/2018/CVE-2018-4233.json index caa9a38811..e9c7069f9f 100644 --- a/2018/CVE-2018-4233.json +++ b/2018/CVE-2018-4233.json @@ -18,13 +18,13 @@ "stargazers_count": 178, "watchers_count": 178, "has_discussions": false, - "forks_count": 28, + "forks_count": 27, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [], "visibility": "public", - "forks": 28, + "forks": 27, "watchers": 178, "score": 0, "subscribers_count": 12 diff --git a/2018/CVE-2018-9995.json b/2018/CVE-2018-9995.json index dd42dc0dbf..a66d6ee2cd 100644 --- a/2018/CVE-2018-9995.json +++ b/2018/CVE-2018-9995.json @@ -403,10 +403,10 @@ "description": "Hack The CCTV | DVRs; Credentials Exposed | CVE-2018-9995", "fork": false, "created_at": "2021-03-25T23:12:31Z", - "updated_at": "2021-03-25T23:12:33Z", + "updated_at": "2024-10-03T07:28:13Z", "pushed_at": "2020-02-15T05:01:49Z", - "stargazers_count": 0, - "watchers_count": 0, + "stargazers_count": 1, + "watchers_count": 1, "has_discussions": false, "forks_count": 2, "allow_forking": true, @@ -415,7 +415,7 @@ "topics": [], "visibility": "public", "forks": 2, - "watchers": 0, + "watchers": 1, "score": 0, "subscribers_count": 1 }, diff --git a/2019/CVE-2019-11248.json b/2019/CVE-2019-11248.json index 9eae8fa3d0..b21e0356e0 100644 --- a/2019/CVE-2019-11248.json +++ b/2019/CVE-2019-11248.json @@ -13,12 +13,12 @@ "description": "POC for CVE-2019-11248, remote code execution (RCE)", "fork": false, "created_at": "2024-10-03T01:13:42Z", - "updated_at": "2024-10-03T03:07:58Z", + "updated_at": "2024-10-03T09:09:42Z", "pushed_at": "2024-10-03T01:53:19Z", - "stargazers_count": 7, - "watchers_count": 7, + "stargazers_count": 8, + "watchers_count": 8, "has_discussions": false, - "forks_count": 2, + "forks_count": 3, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, @@ -28,8 +28,8 @@ "poc" ], "visibility": "public", - "forks": 2, - "watchers": 7, + "forks": 3, + "watchers": 8, "score": 0, "subscribers_count": 0 } diff --git a/2019/CVE-2019-12836.json b/2019/CVE-2019-12836.json index e4331d3fdf..34a333b994 100644 --- a/2019/CVE-2019-12836.json +++ b/2019/CVE-2019-12836.json @@ -13,8 +13,8 @@ "description": "CVE-2019-12836", "fork": false, "created_at": "2019-06-16T04:41:29Z", - "updated_at": "2024-08-12T19:50:07Z", - "pushed_at": "2023-06-12T03:07:58Z", + "updated_at": "2024-10-03T12:00:25Z", + "pushed_at": "2024-10-03T12:00:21Z", "stargazers_count": 7, "watchers_count": 7, "has_discussions": false, diff --git a/2020/CVE-2020-27199.json b/2020/CVE-2020-27199.json index 8d815ae1c4..4298d7609d 100644 --- a/2020/CVE-2020-27199.json +++ b/2020/CVE-2020-27199.json @@ -13,8 +13,8 @@ "description": "CVE-2020-27199", "fork": false, "created_at": "2020-07-06T03:10:34Z", - "updated_at": "2022-11-18T01:08:16Z", - "pushed_at": "2023-06-12T03:09:39Z", + "updated_at": "2024-10-03T12:01:28Z", + "pushed_at": "2024-10-03T12:01:24Z", "stargazers_count": 6, "watchers_count": 6, "has_discussions": false, diff --git a/2021/CVE-2021-1636.json b/2021/CVE-2021-1636.json index fa11256a3e..f5aa349367 100644 --- a/2021/CVE-2021-1636.json +++ b/2021/CVE-2021-1636.json @@ -13,10 +13,10 @@ "description": " ​![​logo​](https:\/\/github.com\/curated-intel\/Ukraine-Cyber-Operations\/blob\/main\/ci-logo.png) ​#​ ​Ukraine-Cyber-Operations ​Curated Intelligence is working with analysts from around the world to provide useful information to organisations in Ukraine looking for additional free threat intelligence. Slava Ukraini. Glory to Ukraine. ([​Blog​](https:\/\/www.curatedintel.org\/2021\/08\/welcome.html) | [​Twitter​](https:\/\/twitter.com\/CuratedIntel) | [​LinkedIn​](https:\/\/www.linkedin.com\/company\/curatedintelligence\/)) ​![​timeline​](https:\/\/github.com\/curated-intel\/Ukraine-Cyber-Operations\/blob\/main\/uacyberopsv2.png) ​![​cyberwar​](https:\/\/github.com\/curated-intel\/Ukraine-Cyber-Operations\/blob\/main\/Russia-Ukraine%20Cyberwar.png) ​###​ ​Analyst Comments: ​-​ 2022-02-25 ​  ​-​ Creation of the initial repository to help organisations in Ukraine ​  ​-​ Added [​Threat Reports​](https:\/\/github.com\/curated-intel\/Ukraine-Cyber-Operations#threat-reports) section ​  ​-​ Added [​Vendor Support​](https:\/\/github.com\/curated-intel\/Ukraine-Cyber-Operations#vendor-support) section ​-​ 2022-02-26 ​  ​-​ Additional resources, chronologically ordered (h\/t Orange-CD) ​  ​-​ Added [​Vetted OSINT Sources​](https:\/\/github.com\/curated-intel\/Ukraine-Cyber-Operations#vetted-osint-sources) section  ​  ​-​ Added [​Miscellaneous Resources​](https:\/\/github.com\/curated-intel\/Ukraine-Cyber-Operations#miscellaneous-resources) section ​-​ 2022-02-27 ​  ​-​ Additional threat reports have been added ​  ​-​ Added [​Data Brokers​](https:\/\/github.com\/curated-intel\/Ukraine-Cyber-Operations\/blob\/main\/README.md#data-brokers) section ​  ​-​ Added [​Access Brokers​](https:\/\/github.com\/curated-intel\/Ukraine-Cyber-Operations\/blob\/main\/README.md#access-brokers) section ​-​ 2022-02-28 ​  ​-​ Added Russian Cyber Operations Against Ukraine Timeline by ETAC ​  ​-​ Added Vetted and Contextualized [​Indicators of Compromise (IOCs)​](https:\/\/github.com\/curated-intel\/Ukraine-Cyber-Operations\/blob\/main\/ETAC_Vetted_UkraineRussiaWar_IOCs.csv) by ETAC ​-​ 2022-03-01 ​  ​-​ Additional threat reports and resources have been added ​-​ 2022-03-02 ​  ​-​ Additional [​Indicators of Compromise (IOCs)​](https:\/\/github.com\/curated-intel\/Ukraine-Cyber-Operations\/blob\/main\/ETAC_Vetted_UkraineRussiaWar_IOCs.csv#L2011) have been added ​  ​-​ Added vetted [​YARA rule collection​](https:\/\/github.com\/curated-intel\/Ukraine-Cyber-Operations\/tree\/main\/yara) from the Threat Reports by ETAC ​  ​-​ Added loosely-vetted [​IOC Threat Hunt Feeds​](https:\/\/github.com\/curated-intel\/Ukraine-Cyber-Operations\/tree\/main\/KPMG-Egyde_Ukraine-Crisis_Feeds\/MISP-CSV_MediumConfidence_Filtered) by KPMG-Egyde CTI (h\/t [​0xDISREL​](https:\/\/twitter.com\/0xDISREL)) ​    ​-​ IOCs shared by these feeds are ​`LOW-TO-MEDIUM CONFIDENCE`​ we strongly recommend NOT adding them to a blocklist ​    ​-​ These could potentially be used for ​`THREAT HUNTING`​ and could be added to a ​`WATCHLIST` ​    ​-​ IOCs are generated in ​`MISP COMPATIBLE`​ CSV format ​-​ 2022-03-03 ​  ​-​ Additional threat reports and vendor support resources have been added ​  ​-​ Updated [​Log4Shell IOC Threat Hunt Feeds​](https:\/\/github.com\/curated-intel\/Log4Shell-IOCs\/tree\/main\/KPMG_Log4Shell_Feeds) by KPMG-Egyde CTI; not directly related to Ukraine, but still a widespread vulnerability. ​  ​-​ Added diagram of Russia-Ukraine Cyberwar Participants 2022 by ETAC ​  ​-​ Additional [​Indicators of Compromise (IOCs)​](https:\/\/github.com\/curated-intel\/Ukraine-Cyber-Operations\/blob\/main\/ETAC_Vetted_UkraineRussiaWar_IOCs.csv#L2042) have been added ​####​ ​`Threat Reports` ​| Date | Source | Threat(s) | URL | ​| --- | --- | --- | --- | ​| 14 JAN | SSU Ukraine | Website Defacements | [ssu.gov.ua](https:\/\/ssu.gov.ua\/novyny\/sbu-rozsliduie-prychetnist-rosiiskykh-spetssluzhb-do-sohodnishnoi-kiberataky-na-orhany-derzhavnoi-vlady-ukrainy)| ​| 15 JAN | Microsoft | WhisperGate wiper (DEV-0586) | [microsoft.com](https:\/\/www.microsoft.com\/security\/blog\/2022\/01\/15\/destructive-malware-targeting-ukrainian-organizations\/) | ​| 19 JAN | Elastic | WhisperGate wiper (Operation BleedingBear) | [elastic.github.io](https:\/\/elastic.github.io\/security-research\/malware\/2022\/01\/01.operation-bleeding-bear\/article\/) | ​| 31 JAN | Symantec | Gamaredon\/Shuckworm\/PrimitiveBear (FSB) | [symantec-enterprise-blogs.security.com](https:\/\/symantec-enterprise-blogs.security.com\/blogs\/threat-intelligence\/shuckworm-gamaredon-espionage-ukraine) | ​| 2 FEB | RaidForums | Access broker \"GodLevel\" offering Ukrainain algricultural exchange | RaidForums [not linked] | ​| 2 FEB | CERT-UA | UAC-0056 using SaintBot and OutSteel malware | [cert.gov.ua](https:\/\/cert.gov.ua\/article\/18419) | ​| 3 FEB | PAN Unit42 | Gamaredon\/Shuckworm\/PrimitiveBear (FSB) | [unit42.paloaltonetworks.com](https:\/\/unit42.paloaltonetworks.com\/gamaredon-primitive-bear-ukraine-update-2021\/) | ​| 4 FEB | Microsoft | Gamaredon\/Shuckworm\/PrimitiveBear (FSB) | [microsoft.com](https:\/\/www.microsoft.com\/security\/blog\/2022\/02\/04\/actinium-targets-ukrainian-organizations\/) | ​| 8 FEB | NSFOCUS | Lorec53 (aka UAC-0056, EmberBear, BleedingBear) | [nsfocusglobal.com](https:\/\/nsfocusglobal.com\/apt-retrospection-lorec53-an-active-russian-hack-group-launched-phishing-attacks-against-georgian-government) | ​| 15 FEB | CERT-UA | DDoS attacks against the name server of government websites as well as Oschadbank (State Savings Bank) & Privatbank (largest commercial bank). False SMS and e-mails to create panic | [cert.gov.ua](https:\/\/cert.gov.ua\/article\/37139) | ​| 23 FEB | The Daily Beast | Ukrainian troops receive threatening SMS messages | [thedailybeast.com](https:\/\/www.thedailybeast.com\/cyberattacks-hit-websites-and-psy-ops-sms-messages-targeting-ukrainians-ramp-up-as-russia-moves-into-ukraine) | ​| 23 FEB | UK NCSC | Sandworm\/VoodooBear (GRU) | [ncsc.gov.uk](https:\/\/www.ncsc.gov.uk\/files\/Joint-Sandworm-Advisory.pdf) | ​| 23 FEB | SentinelLabs | HermeticWiper | [sentinelone.com]( https:\/\/www.sentinelone.com\/labs\/hermetic-wiper-ukraine-under-attack\/ ) | ​| 24 FEB | ESET | HermeticWiper | [welivesecurity.com](https:\/\/www.welivesecurity.com\/2022\/02\/24\/hermeticwiper-new-data-wiping-malware-hits-ukraine\/) | ​| 24 FEB | Symantec | HermeticWiper, PartyTicket ransomware, CVE-2021-1636, unknown webshell | [symantec-enterprise-blogs.security.com](https:\/\/symantec-enterprise-blogs.security.com\/blogs\/threat-intelligence\/ukraine-wiper-malware-russia) | ​| 24 FEB | Cisco Talos | HermeticWiper | [blog.talosintelligence.com](https:\/\/blog.talosintelligence.com\/2022\/02\/threat-advisory-hermeticwiper.html) | ​| 24 FEB | Zscaler | HermeticWiper | [zscaler.com](https:\/\/www.zscaler.com\/blogs\/security-research\/hermetic-wiper-resurgence-targeted-attacks-ukraine) | ​| 24 FEB | Cluster25 | HermeticWiper | [cluster25.io](https:\/\/cluster25.io\/2022\/02\/24\/ukraine-analysis-of-the-new-disk-wiping-malware\/) | ​| 24 FEB | CronUp | Data broker \"FreeCivilian\" offering multiple .gov.ua | [twitter.com\/1ZRR4H](https:\/\/twitter.com\/1ZRR4H\/status\/1496931721052311557)| ​| 24 FEB | RaidForums | Data broker \"Featherine\" offering diia.gov.ua | RaidForums [not linked] | ​| 24 FEB | DomainTools | Unknown scammers | [twitter.com\/SecuritySnacks](https:\/\/twitter.com\/SecuritySnacks\/status\/1496956492636905473?s=20&t=KCIX_1Ughc2Fs6Du-Av0Xw) | ​| 25 FEB | @500mk500 | Gamaredon\/Shuckworm\/PrimitiveBear (FSB) | [twitter.com\/500mk500](https:\/\/twitter.com\/500mk500\/status\/1497339266329894920?s=20&t=opOtwpn82ztiFtwUbLkm9Q) | ​| 25 FEB | @500mk500 | Gamaredon\/Shuckworm\/PrimitiveBear (FSB) | [twitter.com\/500mk500](https:\/\/twitter.com\/500mk500\/status\/1497208285472215042)| ​| 25 FEB | Microsoft | HermeticWiper | [gist.github.com](https:\/\/gist.github.com\/fr0gger\/7882fde2b1b271f9e886a4a9b6fb6b7f) | ​| 25 FEB | 360 NetLab | DDoS (Mirai, Gafgyt, IRCbot, Ripprbot, Moobot) | [blog.netlab.360.com](https:\/\/blog.netlab.360.com\/some_details_of_the_ddos_attacks_targeting_ukraine_and_russia_in_recent_days\/) | ​| 25 FEB | Conti [themselves] | Conti ransomware, BazarLoader | Conti News .onion [not linked] | ​| 25 FEB | CoomingProject [themselves] | Data Hostage Group | CoomingProject Telegram [not linked] | ​| 25 FEB | CERT-UA | UNC1151\/Ghostwriter (Belarus MoD) | [CERT-UA Facebook](https:\/\/facebook.com\/story.php?story_fbid=312939130865352&id=100064478028712)| ​| 25 FEB | Sekoia | UNC1151\/Ghostwriter (Belarus MoD) | [twitter.com\/sekoia_io](https:\/\/twitter.com\/sekoia_io\/status\/1497239319295279106) | ​| 25 FEB | @jaimeblascob | UNC1151\/Ghostwriter (Belarus MoD) | [twitter.com\/jaimeblasco](https:\/\/twitter.com\/jaimeblascob\/status\/1497242668627370009)| ​| 25 FEB | RISKIQ | UNC1151\/Ghostwriter (Belarus MoD) | [community.riskiq.com](https:\/\/community.riskiq.com\/article\/e3a7ceea\/) | ​| 25 FEB | MalwareHunterTeam | Unknown phishing | [twitter.com\/malwrhunterteam](https:\/\/twitter.com\/malwrhunterteam\/status\/1497235270416097287) | ​| 25 FEB | ESET | Unknown scammers | [twitter.com\/ESETresearch](https:\/\/twitter.com\/ESETresearch\/status\/1497194165561659394) | ​| 25 FEB | BitDefender | Unknown scammers | [blog.bitdefender.com](https:\/\/blog.bitdefender.com\/blog\/hotforsecurity\/cybercriminals-deploy-spam-campaign-as-tens-of-thousands-of-ukrainians-seek-refuge-in-neighboring-countries\/) | ​| 25 FEB | SSSCIP Ukraine | Unkown phishing | [twitter.com\/dsszzi](https:\/\/twitter.com\/dsszzi\/status\/1497103078029291522) | ​| 25 FEB | RaidForums | Data broker \"NetSec\"  offering FSB (likely SMTP accounts) | RaidForums [not linked] | ​| 25 FEB | Zscaler | PartyTicket decoy ransomware | [zscaler.com](https:\/\/www.zscaler.com\/blogs\/security-research\/technical-analysis-partyticket-ransomware) | ​| 25 FEB | INCERT GIE | Cyclops Blink, HermeticWiper | [linkedin.com](https:\/\/www.linkedin.com\/posts\/activity-6902989337210740736-XohK) [Login Required] | ​| 25 FEB | Proofpoint | UNC1151\/Ghostwriter (Belarus MoD) | [twitter.com\/threatinsight](https:\/\/twitter.com\/threatinsight\/status\/1497355737844133895?s=20&t=Ubi0tb_XxGCbHLnUoQVp8w) | ​| 25 FEB | @fr0gger_ | HermeticWiper capabilities Overview | [twitter.com\/fr0gger_](https:\/\/twitter.com\/fr0gger_\/status\/1497121876870832128?s=20&t=_296n0bPeUgdXleX02M9mg) ​| 26 FEB | BBC Journalist | A fake Telegram account claiming to be President Zelensky is posting dubious messages | [twitter.com\/shayan86](https:\/\/twitter.com\/shayan86\/status\/1497485340738785283?s=21) | ​| 26 FEB | CERT-UA | UNC1151\/Ghostwriter (Belarus MoD) | [CERT_UA Facebook](https:\/\/facebook.com\/story.php?story_fbid=313517477474184&id=100064478028712) | ​| 26 FEB | MHT and TRMLabs | Unknown scammers, linked to ransomware | [twitter.com\/joes_mcgill](https:\/\/twitter.com\/joes_mcgill\/status\/1497609555856932864?s=20&t=KCIX_1Ughc2Fs6Du-Av0Xw) | ​| 26 FEB | US CISA | WhisperGate wiper, HermeticWiper | [cisa.gov](https:\/\/www.cisa.gov\/uscert\/ncas\/alerts\/aa22-057a) | ​| 26 FEB | Bloomberg | Destructive malware (possibly HermeticWiper) deployed at Ukrainian Ministry of Internal Affairs & data stolen from Ukrainian telecommunications networks | [bloomberg.com](https:\/\/www.bloomberg.com\/news\/articles\/2022-02-26\/hackers-destroyed-data-at-key-ukraine-agency-before-invasion?sref=ylv224K8) | ​| 26 FEB | Vice Prime Minister of Ukraine | IT ARMY of Ukraine created to crowdsource offensive operations against Russian infrastructure | [twitter.com\/FedorovMykhailo](https:\/\/twitter.com\/FedorovMykhailo\/status\/1497642156076511233) | ​| 26 FEB | Yoroi | HermeticWiper | [yoroi.company](https:\/\/yoroi.company\/research\/diskkill-hermeticwiper-a-disruptive-cyber-weapon-targeting-ukraines-critical-infrastructures) | ​| 27 FEB | LockBit [themselves] | LockBit ransomware | LockBit .onion [not linked] |  ​| 27 FEB | ALPHV [themselves] | ALPHV ransomware | vHUMINT [closed source] | ​| 27 FEB | Mēris Botnet [themselves] | DDoS attacks | vHUMINT [closed source] | ​| 28 FEB | Horizon News [themselves] | Leak of China's Censorship Order about Ukraine | [TechARP](https:\/\/www-techarp-com.cdn.ampproject.org\/c\/s\/www.techarp.com\/internet\/chinese-media-leaks-ukraine-censor\/?amp=1)| ​| 28 FEB | Microsoft | FoxBlade (aka HermeticWiper) | [Microsoft](https:\/\/blogs.microsoft.com\/on-the-issues\/2022\/02\/28\/ukraine-russia-digital-war-cyberattacks\/?preview_id=65075) | ​| 28 FEB | @heymingwei | Potential BGP hijacks attempts against Ukrainian Internet Names Center | [https:\/\/twitter.com\/heymingwei](https:\/\/twitter.com\/heymingwei\/status\/1498362715198263300?s=20&t=Ju31gTurYc8Aq_yZMbvbxg) | ​| 28 FEB | @cyberknow20 | Stormous ransomware targets Ukraine Ministry of Foreign Affairs | [twitter.com\/cyberknow20](https:\/\/twitter.com\/cyberknow20\/status\/1498434090206314498?s=21) |  ​| 1 MAR | ESET | IsaacWiper and HermeticWizard | [welivesecurity.com](https:\/\/www.welivesecurity.com\/2022\/03\/01\/isaacwiper-hermeticwizard-wiper-worm-targeting-ukraine\/) | ​| 1 MAR | Proofpoint | Ukrainian armed service member's email compromised and sent malspam containing the SunSeed malware (likely TA445\/UNC1151\/Ghostwriter) | [proofpoint.com](https:\/\/www.proofpoint.com\/us\/blog\/threat-insight\/asylum-ambuscade-state-actor-uses-compromised-private-ukrainian-military-emails) | ​| 1 MAR | Elastic | HermeticWiper | [elastic.github.io](https:\/\/elastic.github.io\/security-research\/intelligence\/2022\/03\/01.hermeticwiper-targets-ukraine\/article\/) | ​| 1 MAR | CrowdStrike | PartyTicket (aka HermeticRansom), DriveSlayer (aka HermeticWiper) | [CrowdStrike](https:\/\/www.crowdstrike.com\/blog\/how-to-decrypt-the-partyticket-ransomware-targeting-ukraine\/) | ​| 2 MAR | Zscaler | DanaBot operators launch DDoS attacks against the Ukrainian Ministry of Defense | [zscaler.com](https:\/\/www.zscaler.com\/blogs\/security-research\/danabot-launches-ddos-attack-against-ukrainian-ministry-defense) | ​| 3 MAR | @ShadowChasing1 | Gamaredon\/Shuckworm\/PrimitiveBear (FSB) | [twitter.com\/ShadowChasing1](https:\/\/twitter.com\/ShadowChasing1\/status\/1499361093059153921) | ​| 3 MAR | @vxunderground | News website in Poland was reportedly compromised and the threat actor uploaded anti-Ukrainian propaganda | [twitter.com\/vxunderground](https:\/\/twitter.com\/vxunderground\/status\/1499374914758918151?s=20&t=jyy9Hnpzy-5P1gcx19bvIA) | ​| 3 MAR | @kylaintheburgh | Russian botnet on Twitter is pushing \"#istandwithputin\" and \"#istandwithrussia\" propaganda (in English) | [twitter.com\/kylaintheburgh](https:\/\/twitter.com\/kylaintheburgh\/status\/1499350578371067906?s=21) | ​| 3 MAR | @tracerspiff | UNC1151\/Ghostwriter (Belarus MoD) | [twitter.com](https:\/\/twitter.com\/tracerspiff\/status\/1499444876810854408?s=21) | ​####​ ​`Access Brokers` ​| Date | Threat(s) | Source | ​| --- | --- | --- | ​| 23 JAN | Access broker \"Mont4na\" offering UkrFerry | RaidForums [not linked] | ​| 23 JAN | Access broker \"Mont4na\" offering PrivatBank | RaidForums [not linked] | ​| 24 JAN | Access broker \"Mont4na\" offering DTEK | RaidForums [not linked] | ​| 27 FEB | KelvinSecurity Sharing list of IP cameras in Ukraine | vHUMINT [closed source] | ​| 28 FEB | \"w1nte4mute\" looking to buy access to UA and NATO countries (likely ransomware affiliate) | vHUMINT [closed source] | ​####​ ​`Data Brokers` ​| Threat Actor    | Type            | Observation                                                                                               | Validated | Relevance                     | Source                                                     | ​| --------------- | --------------- | --------------------------------------------------------------------------------------------------------- | --------- | ----------------------------- | ---------------------------------------------------------- | ​| aguyinachair    | UA data sharing | PII DB of ukraine.com (shared as part of a generic compilation)                                           | No        | TA discussion in past 90 days | ELeaks Forum \\[not linked\\]                                | ​| an3key          | UA data sharing | DB of Ministry of Communities and Territories Development of Ukraine (minregion\\[.\\]gov\\[.\\]ua)           | No        | TA discussion in past 90 days | RaidForums \\[not linked; site hijacked since UA invasion\\] | ​| an3key          | UA data sharing | DB of Ukrainian Ministry of Internal Affairs (wanted\\[.\\]mvs\\[.\\]gov\\[.\\]ua)                              | No        | TA discussion in past 90 days | RaidForums \\[not linked; site hijacked since UA invasion\\] | ​| CorelDraw       | UA data sharing | PII DB (40M) of PrivatBank customers (privatbank\\[.\\]ua)                                                  | No        | TA discussion in past 90 days | RaidForums \\[not linked; site hijacked since UA invasion\\] | ​| CorelDraw       | UA data sharing | DB of \"border crossing\" DBs of DPR and LPR                                                                | No        | TA discussion in past 90 days | RaidForums \\[not linked; site hijacked since UA invasion\\] | ​| CorelDraw       | UA data sharing | PII DB (7.5M) of Ukrainian passports                                                                      | No        | TA discussion in past 90 days | RaidForums \\[not linked; site hijacked since UA invasion\\] | ​| CorelDraw       | UA data sharing | PII DB of Ukrainian car registration, license plates, Ukrainian traffic police records                    | No        | TA discussion in past 90 days | RaidForums \\[not linked; site hijacked since UA invasion\\] | ​| CorelDraw       | UA data sharing | PII DB (2.1M) of Ukrainian citizens                                                                       | No        | TA discussion in past 90 days | RaidForums \\[not linked; site hijacked since UA invasion\\] | ​| CorelDraw       | UA data sharing | PII DB (28M) of Ukrainian citizens (passports, drivers licenses, photos)                                  | No        | TA discussion in past 90 days | RaidForums \\[not linked; site hijacked since UA invasion\\] | ​| CorelDraw       | UA data sharing | PII DB (1M) of Ukrainian postal\/courier service customers (novaposhta\\[.\\]ua)                             | No        | TA discussion in past 90 days | RaidForums \\[not linked; site hijacked since UA invasion\\] | ​| CorelDraw       | UA data sharing | PII DB (10M) of Ukrainian telecom customers (vodafone\\[.\\]ua)                                             | No        | TA discussion in past 90 days | RaidForums \\[not linked; site hijacked since UA invasion\\] | ​| CorelDraw       | UA data sharing | PII DB (3M) of Ukrainian telecom customers (lifecell\\[.\\]ua)                                              | No        | TA discussion in past 90 days | RaidForums \\[not linked; site hijacked since UA invasion\\] | ​| CorelDraw       | UA data sharing | PII DB (13M) of Ukrainian telecom customers (kyivstar\\[.\\]ua)                                             | No        | TA discussion in past 90 days | RaidForums \\[not linked; site hijacked since UA invasion\\] | ​| danieltx51      | UA data sharing | DB of Ministry of Foreign Affairs of Ukraine (mfa\\[.\\]gov\\[.\\]ua)                                         | No        | TA discussion in past 90 days | RaidForums \\[not linked; site hijacked since UA invasion\\] | ​| DueDiligenceCIS | UA data sharing | PII DB (63M) of Ukrainian citizens (name, DOB, birth country, phone, TIN, passport, family, etc)          | No        | TA discussion in past 90 days | RaidForums \\[not linked; site hijacked since UA invasion\\] | ​| Featherine      | UA data sharing | DB of Ukrainian 'Diia' e-Governance Portal for Ministry of Digital Transformation of Ukraine              | No        | TA discussion in past 90 days | RaidForums \\[not linked; site hijacked since UA invasion\\] | ​| FreeCivilian    | UA data sharing | DB of Ministry for Internal Affairs of Ukraine public data search engine (wanted\\[.\\]mvs\\[.\\]gov\\[.\\]ua)  | No        | TA discussion in past 90 days | RaidForums \\[not linked; site hijacked since UA invasion\\] | ​| FreeCivilian    | UA data sharing | DB of Ministry for Communities and Territories Development of Ukraine (minregion\\[.\\]gov\\[.\\]ua)          | No        | TA discussion in past 90 days | RaidForums \\[not linked; site hijacked since UA invasion\\] | ​| FreeCivilian    | UA data sharing | DB of Motor Insurance Bureau of Ukraine (mtsbu\\[.\\]ua)                                                    | No        | TA discussion in past 90 days | RaidForums \\[not linked; site hijacked since UA invasion\\] | ​| FreeCivilian    | UA data sharing | PII DB of Ukrainian digital-medicine provider (medstar\\[.\\]ua)                                            | No        | TA discussion in past 90 days | RaidForums \\[not linked; site hijacked since UA invasion\\] | ​| FreeCivilian    | UA data sharing | DB of ticket.kyivcity.gov.ua                                                                              | No        | TA discussion in past 90 days | FreeCivilian .onion \\[not linked\\]                         | ​| FreeCivilian    | UA data sharing | DB of id.kyivcity.gov.ua                                                                                  | No        | TA discussion in past 90 days | FreeCivilian .onion \\[not linked\\]                         | ​| FreeCivilian    | UA data sharing | DB of my.kyivcity.gov.ua                                                                                  | No        | TA discussion in past 90 days | FreeCivilian .onion \\[not linked\\]                         | ​| FreeCivilian    | UA data sharing | DB of portal.kyivcity.gov.ua                                                                              | No        | TA discussion in past 90 days | FreeCivilian .onion \\[not linked\\]                         | ​| FreeCivilian    | UA data sharing | DB of anti-violence-map.msp.gov.ua                                                                        | No        | TA discussion in past 90 days | FreeCivilian .onion \\[not linked\\]                         | ​| FreeCivilian    | UA data sharing | DB of dopomoga.msp.gov.ua                                                                                 | No        | TA discussion in past 90 days | FreeCivilian .onion \\[not linked\\]                         | ​| FreeCivilian    | UA data sharing | DB of e-services.msp.gov.ua                                                                               | No        | TA discussion in past 90 days | FreeCivilian .onion \\[not linked\\]                         | ​| FreeCivilian    | UA data sharing | DB of edu.msp.gov.ua                                                                                      | No        | TA discussion in past 90 days | FreeCivilian .onion \\[not linked\\]                         | ​| FreeCivilian    | UA data sharing | DB of education.msp.gov.ua                                                                                | No        | TA discussion in past 90 days | FreeCivilian .onion \\[not linked\\]                         | ​| FreeCivilian    | UA data sharing | DB of ek-cbi.msp.gov.ua                                                                                   | No        | TA discussion in past 90 days | FreeCivilian .onion \\[not linked\\]                         | ​| FreeCivilian    | UA data sharing | DB of mail.msp.gov.ua                                                                                     | No        | TA discussion in past 90 days | FreeCivilian .onion \\[not linked\\]                         | ​| FreeCivilian    | UA data sharing | DB of portal-gromady.msp.gov.ua                                                                           | No        | TA discussion in past 90 days | FreeCivilian .onion \\[not linked\\]                         | ​| FreeCivilian    | UA data sharing | DB of web-minsoc.msp.gov.ua                                                                               | No        | TA discussion in past 90 days | FreeCivilian .onion \\[not linked\\]                         | ​| FreeCivilian    | UA data sharing | DB of wcs-wim.dsbt.gov.ua                                                                                 | No        | TA discussion in past 90 days | FreeCivilian .onion \\[not linked\\]                         | ​| FreeCivilian    | UA data sharing | DB of bdr.mvs.gov.ua                                                                                      | No        | TA discussion in past 90 days | FreeCivilian .onion \\[not linked\\]                         | ​| FreeCivilian    | UA data sharing | DB of motorsich.com                                                                                       | No        | TA discussion in past 90 days | FreeCivilian .onion \\[not linked\\]                         | ​| FreeCivilian    | UA data sharing | DB of dsns.gov.ua                                                                                         | No        | TA discussion in past 90 days | FreeCivilian .onion \\[not linked\\]                         | ​| FreeCivilian    | UA data sharing | DB of mon.gov.ua                                                                                          | No        | TA discussion in past 90 days | FreeCivilian .onion \\[not linked\\]                         | ​| FreeCivilian    | UA data sharing | DB of minagro.gov.ua                                                                                      | No        | TA discussion in past 90 days | FreeCivilian .onion \\[not linked\\]                         | ​| FreeCivilian    | UA data sharing | DB of zt.gov.ua                                                                                           | No        | TA discussion in past 90 days | FreeCivilian .onion \\[not linked\\]                         | ​| FreeCivilian    | UA data sharing | DB of kmu.gov.ua                                                                                          | No        | TA discussion in past 90 days | FreeCivilian .onion \\[not linked\\]                         | ​| FreeCivilian    | UA data sharing | DB of mvs.gov.ua                                                                                          | No        | TA discussion in past 90 days | FreeCivilian .onion \\[not linked\\]                         | ​| FreeCivilian    | UA data sharing | DB of dsbt.gov.ua                                                                                         | No        | TA discussion in past 90 days | FreeCivilian .onion \\[not linked\\]                         | ​| FreeCivilian    | UA data sharing | DB of forest.gov.ua                                                                                       | No        | TA discussion in past 90 days | FreeCivilian .onion \\[not linked\\]                         | ​| FreeCivilian    | UA data sharing | DB of nkrzi.gov.ua                                                                                        | No        | TA discussion in past 90 days | FreeCivilian .onion \\[not linked\\]                         | ​| FreeCivilian    | UA data sharing | DB of dabi.gov.ua                                                                                         | No        | TA discussion in past 90 days | FreeCivilian .onion \\[not linked\\]                         | ​| FreeCivilian    | UA data sharing | DB of comin.gov.ua                                                                                        | No        | TA discussion in past 90 days | FreeCivilian .onion \\[not linked\\]                         | ​| FreeCivilian    | UA data sharing | DB of dp.dpss.gov.ua                                                                                      | No        | TA discussion in past 90 days | FreeCivilian .onion \\[not linked\\]                         | ​| FreeCivilian    | UA data sharing | DB of esbu.gov.ua                                                                                         | No        | TA discussion in past 90 days | FreeCivilian .onion \\[not linked\\]                         | ​| FreeCivilian    | UA data sharing | DB of mms.gov.ua                                                                                          | No        | TA discussion in past 90 days | FreeCivilian .onion \\[not linked\\]                         | ​| FreeCivilian    | UA data sharing | DB of mova.gov.ua                                                                                         | No        | TA discussion in past 90 days | FreeCivilian .onion \\[not linked\\]                         | ​| FreeCivilian    | UA data sharing | DB of mspu.gov.ua                                                                                         | No        | TA discussion in past 90 days | FreeCivilian .onion \\[not linked\\]                         | ​| FreeCivilian    | UA data sharing | DB of nads.gov.ua                                                                                         | No        | TA discussion in past 90 days | FreeCivilian .onion \\[not linked\\]                         | ​| FreeCivilian    | UA data sharing | DB of reintegration.gov.ua                                                                                | No        | TA discussion in past 90 days | FreeCivilian .onion \\[not linked\\]                         | ​| FreeCivilian    | UA data sharing | DB of sies.gov.ua                                                                                         | No        | TA discussion in past 90 days | FreeCivilian .onion \\[not linked\\]                         | ​| FreeCivilian    | UA data sharing | DB of sport.gov.ua                                                                                        | No        | TA discussion in past 90 days | FreeCivilian .onion \\[not linked\\]                         | ​| FreeCivilian    | UA data sharing | DB of mepr.gov.ua                                                                                         | No        | TA discussion in past 90 days | FreeCivilian .onion \\[not linked\\]                         | ​| FreeCivilian    | UA data sharing | DB of mfa.gov.ua                                                                                          | No        | TA discussion in past 90 days | FreeCivilian .onion \\[not linked\\]                         | ​| FreeCivilian    | UA data sharing | DB of va.gov.ua                                                                                           | No        | TA discussion in past 90 days | FreeCivilian .onion \\[not linked\\]                         | ​| FreeCivilian    | UA data sharing | DB of mtu.gov.ua                                                                                          | No        | TA discussion in past 90 days | FreeCivilian .onion \\[not linked\\]                         | ​| FreeCivilian    | UA data sharing | DB of cg.mvs.gov.ua                                                                                       | No        | TA discussion in past 90 days | FreeCivilian .onion \\[not linked\\]                         | ​| FreeCivilian    | UA data sharing | DB of ch-tmo.mvs.gov.ua                                                                                   | No        | TA discussion in past 90 days | FreeCivilian .onion \\[not linked\\]                         | ​| FreeCivilian    | UA data sharing | DB of cp.mvs.gov.ua                                                                                       | No        | TA discussion in past 90 days | FreeCivilian .onion \\[not linked\\]                         | ​| FreeCivilian    | UA data sharing | DB of cpd.mvs.gov.ua                                                                                      | No        | TA discussion in past 90 days | FreeCivilian .onion \\[not linked\\]                         | ​| FreeCivilian    | UA data sharing | DB of hutirvilnij-mrc.mvs.gov.ua                                                                          | No        | TA discussion in past 90 days | FreeCivilian .onion \\[not linked\\]                         | ​| FreeCivilian    | UA data sharing | DB of dndekc.mvs.gov.ua                                                                                   | No        | TA discussion in past 90 days | FreeCivilian .onion \\[not linked\\]                         | ​| FreeCivilian    | UA data sharing | DB of visnyk.dndekc.mvs.gov.ua                                                                            | No        | TA discussion in past 90 days | FreeCivilian .onion \\[not linked\\]                         | ​| FreeCivilian    | UA data sharing | DB of dpvs.hsc.gov.ua                                                                                     | No        | TA discussion in past 90 days | FreeCivilian .onion \\[not linked\\]                         | ​| FreeCivilian    | UA data sharing | DB of odk.mvs.gov.ua                                                                                      | No        | TA discussion in past 90 days | FreeCivilian .onion \\[not linked\\]                         | ​| FreeCivilian    | UA data sharing | DB of e-driver\\[.\\]hsc\\[.\\]gov\\[.\\]ua                                                                     | No        | TA discussion in past 90 days | FreeCivilian .onion \\[not linked\\]                         | ​| FreeCivilian    | UA data sharing | DB of wanted\\[.\\]mvs\\[.\\]gov\\[.\\]ua                                                                       | No        | TA discussion in past 90 days | FreeCivilian .onion \\[not linked\\]                         | ​| FreeCivilian    | UA data sharing | DB of minregeion\\[.\\]gov\\[.\\]ua                                                                           | No        | TA discussion in past 90 days | FreeCivilian .onion \\[not linked\\]                         | ​| FreeCivilian    | UA data sharing | DB of health\\[.\\]mia\\[.\\]solutions                                                                        | No        | TA discussion in past 90 days | FreeCivilian .onion \\[not linked\\]                         | ​| FreeCivilian    | UA data sharing | DB of mtsbu\\[.\\]ua                                                                                        | No        | TA discussion in past 90 days | FreeCivilian .onion \\[not linked\\]                         | ​| FreeCivilian    | UA data sharing | DB of motorsich\\[.\\]com                                                                                   | No        | TA discussion in past 90 days | FreeCivilian .onion \\[not linked\\]                         | ​| FreeCivilian    | UA data sharing | DB of kyivcity\\[.\\]com                                                                                    | No        | TA discussion in past 90 days | FreeCivilian .onion \\[not linked\\]                         | ​| FreeCivilian    | UA data sharing | DB of bdr\\[.\\]mvs\\[.\\]gov\\[.\\]ua                                                                          | No        | TA discussion in past 90 days | FreeCivilian .onion \\[not linked\\]                         | ​| FreeCivilian    | UA data sharing | DB of gkh\\[.\\]in\\[.\\]ua                                                                                   | No        | TA discussion in past 90 days | FreeCivilian .onion \\[not linked\\]                         | ​| FreeCivilian    | UA data sharing | DB of kmu\\[.\\]gov\\[.\\]ua                                                                                  | No        | TA discussion in past 90 days | FreeCivilian .onion \\[not linked\\]                         | ​| FreeCivilian    | UA data sharing | DB of mon\\[.\\]gov\\[.\\]ua                                                                                  | No        | TA discussion in past 90 days | FreeCivilian .onion \\[not linked\\]                         | ​| FreeCivilian    | UA data sharing | DB of minagro\\[.\\]gov\\[.\\]ua                                                                              | No        | TA discussion in past 90 days | FreeCivilian .onion \\[not linked\\]                         | ​| FreeCivilian    | UA data sharing | DB of mfa\\[.\\]gov\\[.\\]ua                                                                                  | No        | TA discussion in past 90 days | FreeCivilian .onion \\[not linked\\]                         | ​| Intel\\_Data     | UA data sharing | PII DB (56M) of Ukrainian Citizens                                                                        | No        | TA discussion in past 90 days | RaidForums \\[not linked; site hijacked since UA invasion\\] | ​| Kristina        | UA data sharing | DB of Ukrainian National Police (mvs\\[.\\]gov\\[.\\]ua)                                                      | No        | TA discussion in past 90 days | RaidForums \\[not linked; site hijacked since UA invasion\\] | ​| NetSec          | UA data sharing | PII DB (53M) of Ukrainian citizens                                                                        | No        | TA discussion in past 90 days | RaidForums \\[not linked; site hijacked since UA invasion\\] | ​| Psycho\\_Killer  | UA data sharing | PII DB (56M) of Ukrainian Citizens                                                                        | No        | TA discussion in past 90 days | Exploit Forum .onion \\[not linked\\]                        | ​| Sp333           | UA data sharing | PII DB of Ukrainian and Russian interpreters, translators, and tour guides                                | No        | TA discussion in past 90 days | RaidForums \\[not linked; site hijacked since UA invasion\\] | ​| Vaticano        | UA data sharing | DB of Ukrainian 'Diia' e-Governance Portal for Ministry of Digital Transformation of Ukraine \\[copy\\]     | No        | TA discussion in past 90 days | RaidForums \\[not linked; site hijacked since UA invasion\\] | ​| Vaticano        | UA data sharing | DB of Ministry for Communities and Territories Development of Ukraine (minregion\\[.\\]gov\\[.\\]ua) \\[copy\\] | No        | TA discussion in past 90 days | RaidForums \\[not linked; site hijacked since UA invasion\\] | ​####​ ​`Vendor Support` ​| Vendor | Offering | URL | ​| --- | --- | --- | ​| Dragos | Access to Dragos service if from US\/UK\/ANZ and in need of ICS cybersecurity support | [twitter.com\/RobertMLee](https:\/\/twitter.com\/RobertMLee\/status\/1496862093588455429) | ​| GreyNoise |  Any and all `Ukrainian` emails registered to GreyNoise have been upgraded to VIP which includes full, uncapped enterprise access to all GreyNoise products | [twitter.com\/Andrew___Morris](https:\/\/twitter.com\/Andrew___Morris\/status\/1496923545712091139) | ​| Recorded Future | Providing free intelligence-driven insights, perspectives, and mitigation strategies as the situation in Ukraine evolves| [recordedfuture.com](https:\/\/www.recordedfuture.com\/ukraine\/) | ​| Flashpoint | Free Access to Flashpoint’s Latest Threat Intel on Ukraine | [go.flashpoint-intel.com](https:\/\/go.flashpoint-intel.com\/trial\/access\/30days) | ​| ThreatABLE | A Ukraine tag for free threat intelligence feed that's more highly curated to cyber| [twitter.com\/threatable](https:\/\/twitter.com\/threatable\/status\/1497233721803644950) | ​| Orange | IOCs related to Russia-Ukraine 2022 conflict extracted from our Datalake Threat Intelligence platform. | [github.com\/Orange-Cyberdefense](https:\/\/github.com\/Orange-Cyberdefense\/russia-ukraine_IOCs)| ​| FSecure | F-Secure FREEDOME VPN is now available for free in all of Ukraine | [twitter.com\/FSecure](https:\/\/twitter.com\/FSecure\/status\/1497248407303462960) | ​| Multiple vendors | List of vendors offering their services to Ukraine for free, put together by [@chrisculling](https:\/\/twitter.com\/chrisculling\/status\/1497023038323404803) | [docs.google.com\/spreadsheets](https:\/\/docs.google.com\/spreadsheets\/d\/18WYY9p1_DLwB6dnXoiiOAoWYD8X0voXtoDl_ZQzjzUQ\/edit#gid=0) | ​| Mandiant | Free threat intelligence, webinar and guidance for defensive measures relevant to the situation in Ukraine. | [mandiant.com](https:\/\/www.mandiant.com\/resources\/insights\/ukraine-crisis-resource-center) | ​| Starlink | Satellite internet constellation operated by SpaceX providing satellite Internet access coverage to Ukraine | [twitter.com\/elonmusk](https:\/\/twitter.com\/elonmusk\/status\/1497701484003213317) | ​| Romania DNSC | Romania’s DNSC – in partnership with Bitdefender – will provide technical consulting, threat intelligence and, free of charge, cybersecurity technology to any business, government institution or private citizen of Ukraine for as long as it is necessary. | [Romania's DNSC Press Release](https:\/\/dnsc.ro\/citeste\/press-release-dnsc-and-bitdefender-work-together-in-support-of-ukraine)| ​| BitDefender | Access to Bitdefender technical consulting, threat intelligence and both consumer and enterprise cybersecurity technology | [bitdefender.com\/ukraine\/](https:\/\/www.bitdefender.com\/ukraine\/) | ​| NameCheap | Free anonymous hosting and domain name registration to any anti-Putin anti-regime and protest websites for anyone located within Russia and Belarus | [twitter.com\/Namecheap](https:\/\/twitter.com\/Namecheap\/status\/1498998414020861953) | ​| Avast | Free decryptor for PartyTicket ransomware | [decoded.avast.io](https:\/\/decoded.avast.io\/threatresearch\/help-for-ukraine-free-decryptor-for-hermeticransom-ransomware\/) |  ​####​ ​`Vetted OSINT Sources` ​| Handle | Affiliation | ​| --- | --- | ​| [@KyivIndependent](https:\/\/twitter.com\/KyivIndependent) | English-language journalism in Ukraine | ​| [@IAPonomarenko](https:\/\/twitter.com\/IAPonomarenko) | Defense reporter with The Kyiv Independent | ​| [@KyivPost](https:\/\/twitter.com\/KyivPost) | English-language journalism in Ukraine | ​| [@Shayan86](https:\/\/twitter.com\/Shayan86) | BBC World News Disinformation journalist | ​| [@Liveuamap](https:\/\/twitter.com\/Liveuamap) | Live Universal Awareness Map (“Liveuamap”) independent global news and information site | ​| [@DAlperovitch](https:\/\/twitter.com\/DAlperovitch) | The Alperovitch Institute for Cybersecurity Studies, Founder & Former CTO of CrowdStrike | ​| [@COUPSURE](https:\/\/twitter.com\/COUPSURE) | OSINT investigator for Centre for Information Resilience | ​| [@netblocks](https:\/\/twitter.com\/netblocks) | London-based Internet's Observatory | ​####​ ​`Miscellaneous Resources` ​| Source | URL | Content | ​| --- | --- | --- | ​| PowerOutages.com | https:\/\/poweroutage.com\/ua | Tracking PowerOutages across Ukraine | ​| Monash IP Observatory | https:\/\/twitter.com\/IP_Observatory | Tracking IP address outages across Ukraine | ​| Project Owl Discord | https:\/\/discord.com\/invite\/projectowl | Tracking foreign policy, geopolitical events, military and governments, using a Discord-based crowdsourced approach, with a current emphasis on Ukraine and Russia | ​| russianwarchatter.info | https:\/\/www.russianwarchatter.info\/ | Known Russian Military Radio Frequencies |", "fork": false, "created_at": "2022-03-04T09:00:59Z", - "updated_at": "2024-07-13T11:34:23Z", + "updated_at": "2024-10-03T08:18:16Z", "pushed_at": "2022-03-04T09:03:14Z", - "stargazers_count": 13, - "watchers_count": 13, + "stargazers_count": 14, + "watchers_count": 14, "has_discussions": false, "forks_count": 3, "allow_forking": true, @@ -25,7 +25,7 @@ "topics": [], "visibility": "public", "forks": 3, - "watchers": 13, + "watchers": 14, "score": 0, "subscribers_count": 0 } diff --git a/2021/CVE-2021-3156.json b/2021/CVE-2021-3156.json index e62027dfae..2169e206fe 100644 --- a/2021/CVE-2021-3156.json +++ b/2021/CVE-2021-3156.json @@ -1074,10 +1074,10 @@ "description": "Sudo Baron Samedit Exploit", "fork": false, "created_at": "2021-03-15T17:37:02Z", - "updated_at": "2024-09-24T11:43:00Z", + "updated_at": "2024-10-03T06:19:22Z", "pushed_at": "2022-01-13T05:48:01Z", - "stargazers_count": 734, - "watchers_count": 734, + "stargazers_count": 735, + "watchers_count": 735, "has_discussions": false, "forks_count": 167, "allow_forking": true, @@ -1086,7 +1086,7 @@ "topics": [], "visibility": "public", "forks": 167, - "watchers": 734, + "watchers": 735, "score": 0, "subscribers_count": 11 }, diff --git a/2021/CVE-2021-33044.json b/2021/CVE-2021-33044.json index 6b76f67965..b486b80d01 100644 --- a/2021/CVE-2021-33044.json +++ b/2021/CVE-2021-33044.json @@ -13,10 +13,10 @@ "description": "Chrome extension that uses vulnerabilities CVE-2021-33044 and CVE-2021-33045 to log in to Dahua cameras without authentication.", "fork": false, "created_at": "2021-10-11T22:08:47Z", - "updated_at": "2024-09-19T23:14:42Z", + "updated_at": "2024-10-03T11:57:48Z", "pushed_at": "2021-10-13T22:32:36Z", - "stargazers_count": 118, - "watchers_count": 118, + "stargazers_count": 119, + "watchers_count": 119, "has_discussions": false, "forks_count": 30, "allow_forking": true, @@ -25,7 +25,7 @@ "topics": [], "visibility": "public", "forks": 30, - "watchers": 118, + "watchers": 119, "score": 0, "subscribers_count": 8 }, diff --git a/2021/CVE-2021-36260.json b/2021/CVE-2021-36260.json index a3073cfb44..0a8ad039e9 100644 --- a/2021/CVE-2021-36260.json +++ b/2021/CVE-2021-36260.json @@ -13,10 +13,10 @@ "description": "CVE-2021-36260", "fork": false, "created_at": "2021-10-18T06:40:48Z", - "updated_at": "2023-07-18T15:48:37Z", + "updated_at": "2024-10-03T10:45:48Z", "pushed_at": "2023-10-27T02:20:32Z", - "stargazers_count": 15, - "watchers_count": 15, + "stargazers_count": 16, + "watchers_count": 16, "has_discussions": false, "forks_count": 6, "allow_forking": true, @@ -25,7 +25,7 @@ "topics": [], "visibility": "public", "forks": 6, - "watchers": 15, + "watchers": 16, "score": 0, "subscribers_count": 2 }, diff --git a/2021/CVE-2021-4034.json b/2021/CVE-2021-4034.json index ff0f070000..410e388ba8 100644 --- a/2021/CVE-2021-4034.json +++ b/2021/CVE-2021-4034.json @@ -47,10 +47,10 @@ "description": "CVE-2021-4034 1day", "fork": false, "created_at": "2022-01-25T23:51:37Z", - "updated_at": "2024-09-30T10:15:55Z", + "updated_at": "2024-10-03T09:08:45Z", "pushed_at": "2022-06-08T04:00:28Z", - "stargazers_count": 1954, - "watchers_count": 1954, + "stargazers_count": 1955, + "watchers_count": 1955, "has_discussions": false, "forks_count": 510, "allow_forking": true, @@ -59,7 +59,7 @@ "topics": [], "visibility": "public", "forks": 510, - "watchers": 1954, + "watchers": 1955, "score": 0, "subscribers_count": 20 }, @@ -936,10 +936,10 @@ "description": "Self-contained exploit for CVE-2021-4034 - Pkexec Local Privilege Escalation", "fork": false, "created_at": "2022-01-26T14:26:10Z", - "updated_at": "2024-10-02T11:39:03Z", + "updated_at": "2024-10-03T10:31:54Z", "pushed_at": "2022-06-21T14:52:05Z", - "stargazers_count": 1059, - "watchers_count": 1059, + "stargazers_count": 1060, + "watchers_count": 1060, "has_discussions": false, "forks_count": 188, "allow_forking": true, @@ -950,7 +950,7 @@ ], "visibility": "public", "forks": 188, - "watchers": 1059, + "watchers": 1060, "score": 0, "subscribers_count": 13 }, @@ -1303,10 +1303,10 @@ "description": "Python exploit code for CVE-2021-4034 (pwnkit)", "fork": false, "created_at": "2022-01-26T17:53:16Z", - "updated_at": "2024-09-09T18:37:12Z", + "updated_at": "2024-10-03T07:22:38Z", "pushed_at": "2022-01-28T00:29:15Z", - "stargazers_count": 150, - "watchers_count": 150, + "stargazers_count": 151, + "watchers_count": 151, "has_discussions": false, "forks_count": 38, "allow_forking": true, @@ -1315,7 +1315,7 @@ "topics": [], "visibility": "public", "forks": 38, - "watchers": 150, + "watchers": 151, "score": 0, "subscribers_count": 2 }, diff --git a/2021/CVE-2021-40444.json b/2021/CVE-2021-40444.json index 0dccd342b3..4b5922e6d1 100644 --- a/2021/CVE-2021-40444.json +++ b/2021/CVE-2021-40444.json @@ -223,10 +223,10 @@ "description": "CVE-2021-40444 PoC", "fork": false, "created_at": "2021-09-10T16:55:53Z", - "updated_at": "2024-10-01T11:31:55Z", + "updated_at": "2024-10-03T06:34:49Z", "pushed_at": "2021-12-25T18:31:02Z", - "stargazers_count": 1579, - "watchers_count": 1579, + "stargazers_count": 1580, + "watchers_count": 1580, "has_discussions": false, "forks_count": 483, "allow_forking": true, @@ -235,7 +235,7 @@ "topics": [], "visibility": "public", "forks": 483, - "watchers": 1579, + "watchers": 1580, "score": 0, "subscribers_count": 28 }, diff --git a/2021/CVE-2021-44228.json b/2021/CVE-2021-44228.json index 03e1abef9c..156811750c 100644 --- a/2021/CVE-2021-44228.json +++ b/2021/CVE-2021-44228.json @@ -7013,7 +7013,7 @@ "fork": false, "created_at": "2021-12-15T21:09:00Z", "updated_at": "2023-06-22T04:46:02Z", - "pushed_at": "2024-09-17T14:03:53Z", + "pushed_at": "2024-10-03T11:20:08Z", "stargazers_count": 4, "watchers_count": 4, "has_discussions": false, diff --git a/2022/CVE-2022-44149.json b/2022/CVE-2022-44149.json index e1f78ef9e8..206a2f59c2 100644 --- a/2022/CVE-2022-44149.json +++ b/2022/CVE-2022-44149.json @@ -43,7 +43,7 @@ "description": "it is script designed to interact with a router by sending a payload to its system tools. The script retrieves the router's configuration from environment variables to ensure security. It includes functions for generating an authorization header, sending a payload, and logging the process.", "fork": false, "created_at": "2024-08-09T19:27:22Z", - "updated_at": "2024-09-29T11:15:40Z", + "updated_at": "2024-10-03T09:02:49Z", "pushed_at": "2024-08-09T19:28:51Z", "stargazers_count": 4, "watchers_count": 4, @@ -52,7 +52,22 @@ "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, - "topics": [], + "topics": [ + "cve", + "cve-2022-44149", + "cybersecurity", + "ethical-hacking", + "exploit", + "exploit-development", + "linux", + "payload", + "penetration-testing", + "poc", + "privilege-escalation", + "security", + "vulnerability", + "vulnerability-research" + ], "visibility": "public", "forks": 0, "watchers": 4, diff --git a/2022/CVE-2022-45701.json b/2022/CVE-2022-45701.json index 93dc8be847..a9d4071be8 100644 --- a/2022/CVE-2022-45701.json +++ b/2022/CVE-2022-45701.json @@ -43,7 +43,7 @@ "description": "it is script designed to exploit certain vulnerabilities in routers by sending payloads through SNMP (Simple Network Management Protocol). The script automates the process of authorization, payload generation, and execution, allowing for remote command execution on the target device.", "fork": false, "created_at": "2024-08-09T19:30:20Z", - "updated_at": "2024-09-29T11:15:39Z", + "updated_at": "2024-10-03T09:02:01Z", "pushed_at": "2024-08-09T19:31:12Z", "stargazers_count": 4, "watchers_count": 4, @@ -52,7 +52,26 @@ "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, - "topics": [], + "topics": [ + "arris", + "arris-modem", + "arris-router", + "buffer-overflow", + "cve", + "cve-2022-45701", + "cybersecurity", + "ethical-hacking", + "exploit", + "exploit-development", + "linux", + "penetration-testing", + "poc", + "python", + "security", + "snmp", + "vulnerability", + "vulnerability-research" + ], "visibility": "public", "forks": 0, "watchers": 4, diff --git a/2022/CVE-2022-46080.json b/2022/CVE-2022-46080.json index b29a583a6b..9896fa0f6b 100644 --- a/2022/CVE-2022-46080.json +++ b/2022/CVE-2022-46080.json @@ -43,7 +43,7 @@ "description": "it is script that enables Telnet on routers by sending a specially crafted request. The script allows users to specify the router's URL, Telnet port, and password. It validates the inputs and logs the process, providing feedback on whether the exploit was successful.", "fork": false, "created_at": "2024-08-09T19:32:32Z", - "updated_at": "2024-09-29T11:15:16Z", + "updated_at": "2024-10-03T08:48:02Z", "pushed_at": "2024-08-11T07:29:30Z", "stargazers_count": 5, "watchers_count": 5, @@ -52,7 +52,27 @@ "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, - "topics": [], + "topics": [ + "buffer-overflow", + "cve", + "cve-2022-46080", + "cybersecurity", + "ethical-hacking", + "exploit", + "exploit-development", + "linux", + "nexxt", + "nexxt-router", + "penetration-testing", + "poc", + "rce", + "rce-exploit", + "router", + "security", + "telnet", + "vulnerability", + "vulnerability-research" + ], "visibility": "public", "forks": 0, "watchers": 5, diff --git a/2023/CVE-2023-40404.json b/2023/CVE-2023-40404.json index 7cdcf5e860..51666b4eef 100644 --- a/2023/CVE-2023-40404.json +++ b/2023/CVE-2023-40404.json @@ -13,7 +13,7 @@ "description": "is a PoC exploit for the macOS vulnerability CVE-2023-40404. This PoC leverages IOKit APIs to interact with the IOUserEthernetResource network service, manipulating the system's network interfaces", "fork": false, "created_at": "2024-09-30T15:41:14Z", - "updated_at": "2024-10-02T18:15:15Z", + "updated_at": "2024-10-03T08:21:04Z", "pushed_at": "2024-09-30T15:42:32Z", "stargazers_count": 4, "watchers_count": 4, @@ -22,7 +22,24 @@ "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, - "topics": [], + "topics": [ + "blockchain-security", + "cve", + "cve-2023-40404", + "cybersecurity", + "ethernet", + "ethical-hacking", + "exploit", + "genetherexploit", + "iokit", + "iouser", + "penetration-testing", + "poc", + "security", + "smart-contracts", + "vulnerability", + "web3" + ], "visibility": "public", "forks": 0, "watchers": 4, diff --git a/2023/CVE-2023-41425.json b/2023/CVE-2023-41425.json index ec5c158f20..d566b173cb 100644 --- a/2023/CVE-2023-41425.json +++ b/2023/CVE-2023-41425.json @@ -18,7 +18,7 @@ "stargazers_count": 21, "watchers_count": 21, "has_discussions": false, - "forks_count": 6, + "forks_count": 7, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, @@ -30,7 +30,7 @@ "wondercms" ], "visibility": "public", - "forks": 6, + "forks": 7, "watchers": 21, "score": 0, "subscribers_count": 1 diff --git a/2023/CVE-2023-45866.json b/2023/CVE-2023-45866.json index 4fb693fe34..52eb7f5f89 100644 --- a/2023/CVE-2023-45866.json +++ b/2023/CVE-2023-45866.json @@ -13,10 +13,10 @@ "description": "🚨 CVE-2023-45866 - BlueDucky Implementation (Using DuckyScript) 🔓 Unauthenticated Peering Leading to Code Execution (Using HID Keyboard)", "fork": false, "created_at": "2024-01-16T06:52:02Z", - "updated_at": "2024-10-03T04:08:14Z", + "updated_at": "2024-10-03T11:35:26Z", "pushed_at": "2024-08-18T08:26:46Z", - "stargazers_count": 1186, - "watchers_count": 1186, + "stargazers_count": 1187, + "watchers_count": 1187, "has_discussions": false, "forks_count": 200, "allow_forking": true, @@ -25,7 +25,7 @@ "topics": [], "visibility": "public", "forks": 200, - "watchers": 1186, + "watchers": 1187, "score": 0, "subscribers_count": 21 }, diff --git a/2024/CVE-2024-0582.json b/2024/CVE-2024-0582.json index 56627bc46f..07d2744016 100644 --- a/2024/CVE-2024-0582.json +++ b/2024/CVE-2024-0582.json @@ -88,5 +88,49 @@ "watchers": 0, "score": 0, "subscribers_count": 1 + }, + { + "id": 866966019, + "name": "CVE-2024-0582", + "full_name": "geniuszlyy\/CVE-2024-0582", + "owner": { + "login": "geniuszlyy", + "id": 137893386, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/137893386?v=4", + "html_url": "https:\/\/github.com\/geniuszlyy" + }, + "html_url": "https:\/\/github.com\/geniuszlyy\/CVE-2024-0582", + "description": "is a PoC exploit targeting a specific vulnerability in the Linux kernel (CVE-2024-0582)", + "fork": false, + "created_at": "2024-10-03T07:56:36Z", + "updated_at": "2024-10-03T08:02:07Z", + "pushed_at": "2024-10-03T07:58:47Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "buffer-overflow", + "cve", + "cve-2024-0582", + "ethical-hacking", + "exploit", + "exploit-development", + "iouring", + "iouring-exploit", + "poc", + "security", + "vuln", + "vulnerability", + "vulnerability-research" + ], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 0 } ] \ No newline at end of file diff --git a/2024/CVE-2024-1071.json b/2024/CVE-2024-1071.json index 26df2738b6..bae0d5552d 100644 --- a/2024/CVE-2024-1071.json +++ b/2024/CVE-2024-1071.json @@ -163,10 +163,10 @@ "description": null, "fork": false, "created_at": "2024-09-15T11:28:47Z", - "updated_at": "2024-09-15T12:29:00Z", + "updated_at": "2024-10-03T06:58:19Z", "pushed_at": "2024-09-15T12:28:57Z", - "stargazers_count": 0, - "watchers_count": 0, + "stargazers_count": 1, + "watchers_count": 1, "has_discussions": false, "forks_count": 1, "allow_forking": true, @@ -175,7 +175,7 @@ "topics": [], "visibility": "public", "forks": 1, - "watchers": 0, + "watchers": 1, "score": 0, "subscribers_count": 1 } diff --git a/2024/CVE-2024-1086.json b/2024/CVE-2024-1086.json index 30d0d3d986..995f141824 100644 --- a/2024/CVE-2024-1086.json +++ b/2024/CVE-2024-1086.json @@ -13,12 +13,12 @@ "description": "Universal local privilege escalation Proof-of-Concept exploit for CVE-2024-1086, working on most Linux kernels between v5.14 and v6.6, including Debian, Ubuntu, and KernelCTF. The success rate is 99.4% in KernelCTF images.", "fork": false, "created_at": "2024-03-20T21:16:41Z", - "updated_at": "2024-10-03T05:17:53Z", + "updated_at": "2024-10-03T06:35:58Z", "pushed_at": "2024-04-17T16:09:54Z", - "stargazers_count": 2251, - "watchers_count": 2251, + "stargazers_count": 2252, + "watchers_count": 2252, "has_discussions": false, - "forks_count": 295, + "forks_count": 296, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, @@ -30,8 +30,8 @@ "poc" ], "visibility": "public", - "forks": 295, - "watchers": 2251, + "forks": 296, + "watchers": 2252, "score": 0, "subscribers_count": 23 }, diff --git a/2024/CVE-2024-21633.json b/2024/CVE-2024-21633.json index 4e437513b5..3ddc3dceea 100644 --- a/2024/CVE-2024-21633.json +++ b/2024/CVE-2024-21633.json @@ -13,10 +13,10 @@ "description": "MobSF Remote code execution (via CVE-2024-21633)", "fork": false, "created_at": "2024-01-07T21:34:09Z", - "updated_at": "2024-09-05T04:48:02Z", + "updated_at": "2024-10-03T12:09:04Z", "pushed_at": "2024-01-07T21:34:51Z", - "stargazers_count": 75, - "watchers_count": 75, + "stargazers_count": 76, + "watchers_count": 76, "has_discussions": false, "forks_count": 6, "allow_forking": true, @@ -25,7 +25,7 @@ "topics": [], "visibility": "public", "forks": 6, - "watchers": 75, + "watchers": 76, "score": 0, "subscribers_count": 1 } diff --git a/2024/CVE-2024-24919.json b/2024/CVE-2024-24919.json index d92169e9c3..8aa3222b94 100644 --- a/2024/CVE-2024-24919.json +++ b/2024/CVE-2024-24919.json @@ -1590,7 +1590,7 @@ "description": "PoC script for CVE-2024-24919 vulnerability. It scans a list of target URLs to identify security issues by sending HTTP POST requests and analyzing server responses", "fork": false, "created_at": "2024-09-29T08:20:56Z", - "updated_at": "2024-09-29T11:14:53Z", + "updated_at": "2024-10-03T08:26:12Z", "pushed_at": "2024-09-29T08:24:06Z", "stargazers_count": 4, "watchers_count": 4, @@ -1599,7 +1599,22 @@ "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, - "topics": [], + "topics": [ + "buffer-overflow", + "cve", + "cve-2024-24919", + "cybersecurity", + "ethical-hacking", + "exploit", + "exploit-development", + "linux", + "overflow", + "penetration-testing", + "poc", + "security", + "vulnerability", + "vulnerability-research" + ], "visibility": "public", "forks": 0, "watchers": 4, diff --git a/2024/CVE-2024-30088.json b/2024/CVE-2024-30088.json index bc8c348ea9..df20504fed 100644 --- a/2024/CVE-2024-30088.json +++ b/2024/CVE-2024-30088.json @@ -13,10 +13,10 @@ "description": null, "fork": false, "created_at": "2024-06-24T10:37:26Z", - "updated_at": "2024-09-30T05:28:57Z", + "updated_at": "2024-10-03T08:42:29Z", "pushed_at": "2024-07-31T19:11:55Z", - "stargazers_count": 206, - "watchers_count": 206, + "stargazers_count": 207, + "watchers_count": 207, "has_discussions": false, "forks_count": 46, "allow_forking": true, @@ -25,7 +25,7 @@ "topics": [], "visibility": "public", "forks": 46, - "watchers": 206, + "watchers": 207, "score": 0, "subscribers_count": 3 }, @@ -103,10 +103,10 @@ "description": "Kernel exploit for Xbox SystemOS using CVE-2024-30088", "fork": false, "created_at": "2024-07-15T08:07:05Z", - "updated_at": "2024-10-02T21:13:00Z", + "updated_at": "2024-10-03T11:57:01Z", "pushed_at": "2024-09-08T21:23:34Z", - "stargazers_count": 387, - "watchers_count": 387, + "stargazers_count": 388, + "watchers_count": 388, "has_discussions": false, "forks_count": 31, "allow_forking": true, @@ -115,7 +115,7 @@ "topics": [], "visibility": "public", "forks": 31, - "watchers": 387, + "watchers": 388, "score": 0, "subscribers_count": 17 }, diff --git a/2024/CVE-2024-3094.json b/2024/CVE-2024-3094.json index 36d0837641..c104fa5abe 100644 --- a/2024/CVE-2024-3094.json +++ b/2024/CVE-2024-3094.json @@ -1257,10 +1257,10 @@ "description": "Dockerfile and Kubernetes manifests for reproduce CVE-2024-3094", "fork": false, "created_at": "2024-04-02T20:07:14Z", - "updated_at": "2024-06-23T13:44:19Z", + "updated_at": "2024-10-03T09:42:00Z", "pushed_at": "2024-04-06T16:09:56Z", - "stargazers_count": 9, - "watchers_count": 9, + "stargazers_count": 10, + "watchers_count": 10, "has_discussions": false, "forks_count": 0, "allow_forking": true, @@ -1274,7 +1274,7 @@ ], "visibility": "public", "forks": 0, - "watchers": 9, + "watchers": 10, "score": 0, "subscribers_count": 2 }, diff --git a/2024/CVE-2024-31497.json b/2024/CVE-2024-31497.json index 2d7701d075..6437ceefb8 100644 --- a/2024/CVE-2024-31497.json +++ b/2024/CVE-2024-31497.json @@ -78,7 +78,7 @@ "stargazers_count": 8, "watchers_count": 8, "has_discussions": false, - "forks_count": 2, + "forks_count": 3, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, @@ -92,7 +92,7 @@ "vulnerability" ], "visibility": "public", - "forks": 2, + "forks": 3, "watchers": 8, "score": 0, "subscribers_count": 1 diff --git a/2024/CVE-2024-34102.json b/2024/CVE-2024-34102.json index cc0c250621..079c771f00 100644 --- a/2024/CVE-2024-34102.json +++ b/2024/CVE-2024-34102.json @@ -163,10 +163,10 @@ "description": "CosmicSting (CVE-2024-34102)", "fork": false, "created_at": "2024-06-28T23:33:21Z", - "updated_at": "2024-09-16T14:09:22Z", + "updated_at": "2024-10-03T09:16:20Z", "pushed_at": "2024-09-05T18:38:46Z", - "stargazers_count": 36, - "watchers_count": 36, + "stargazers_count": 37, + "watchers_count": 37, "has_discussions": false, "forks_count": 11, "allow_forking": true, @@ -175,7 +175,7 @@ "topics": [], "visibility": "public", "forks": 11, - "watchers": 36, + "watchers": 37, "score": 0, "subscribers_count": 1 }, diff --git a/2024/CVE-2024-38063.json b/2024/CVE-2024-38063.json index d9c7a32e79..15c8753d7a 100644 --- a/2024/CVE-2024-38063.json +++ b/2024/CVE-2024-38063.json @@ -501,13 +501,13 @@ "stargazers_count": 0, "watchers_count": 0, "has_discussions": false, - "forks_count": 2, + "forks_count": 3, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [], "visibility": "public", - "forks": 2, + "forks": 3, "watchers": 0, "score": 0, "subscribers_count": 1 diff --git a/2024/CVE-2024-38200.json b/2024/CVE-2024-38200.json index 16b374b95a..28e2bb8e12 100644 --- a/2024/CVE-2024-38200.json +++ b/2024/CVE-2024-38200.json @@ -13,19 +13,19 @@ "description": "CVE-2024-38200 - Microsoft Office NTLMv2 Disclosure Vulnerability ", "fork": false, "created_at": "2024-09-24T19:24:55Z", - "updated_at": "2024-10-03T06:22:39Z", + "updated_at": "2024-10-03T09:39:58Z", "pushed_at": "2024-10-01T15:38:24Z", - "stargazers_count": 81, - "watchers_count": 81, + "stargazers_count": 83, + "watchers_count": 83, "has_discussions": false, - "forks_count": 15, + "forks_count": 16, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [], "visibility": "public", - "forks": 15, - "watchers": 81, + "forks": 16, + "watchers": 83, "score": 0, "subscribers_count": 1 } diff --git a/2024/CVE-2024-38816.json b/2024/CVE-2024-38816.json index f5e967721e..695cc3e17f 100644 --- a/2024/CVE-2024-38816.json +++ b/2024/CVE-2024-38816.json @@ -43,10 +43,10 @@ "description": "CVE-2024-38816 Proof of Concept", "fork": false, "created_at": "2024-09-25T09:36:59Z", - "updated_at": "2024-10-03T00:05:35Z", + "updated_at": "2024-10-03T06:51:14Z", "pushed_at": "2024-09-26T09:46:19Z", - "stargazers_count": 4, - "watchers_count": 4, + "stargazers_count": 3, + "watchers_count": 3, "has_discussions": false, "forks_count": 3, "allow_forking": true, @@ -55,7 +55,7 @@ "topics": [], "visibility": "public", "forks": 3, - "watchers": 4, + "watchers": 3, "score": 0, "subscribers_count": 1 } diff --git a/2024/CVE-2024-4040.json b/2024/CVE-2024-4040.json index 871addeeda..00ce0f27b5 100644 --- a/2024/CVE-2024-4040.json +++ b/2024/CVE-2024-4040.json @@ -422,7 +422,7 @@ "description": "is a PoC for CVE-2024-4040 tool for exploiting the SSTI vulnerability in CrushFTP", "fork": false, "created_at": "2024-09-30T16:18:07Z", - "updated_at": "2024-10-01T22:58:23Z", + "updated_at": "2024-10-03T08:16:09Z", "pushed_at": "2024-09-30T16:19:24Z", "stargazers_count": 5, "watchers_count": 5, @@ -431,7 +431,23 @@ "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, - "topics": [], + "topics": [ + "crush", + "crush-ssti", + "cve", + "cve-2024-4040", + "cybersecurity", + "ethical-hacking", + "exploit", + "exploit-development", + "gencrushsstiexploit", + "penetration-testing", + "security", + "server-side-template-injection", + "ssti", + "vulnerability", + "web-security" + ], "visibility": "public", "forks": 0, "watchers": 5, diff --git a/2024/CVE-2024-43917.json b/2024/CVE-2024-43917.json index b9acbe2532..440315177f 100644 --- a/2024/CVE-2024-43917.json +++ b/2024/CVE-2024-43917.json @@ -13,10 +13,10 @@ "description": null, "fork": false, "created_at": "2024-09-29T06:23:35Z", - "updated_at": "2024-10-02T22:30:55Z", + "updated_at": "2024-10-03T11:10:27Z", "pushed_at": "2024-09-29T06:48:13Z", - "stargazers_count": 3, - "watchers_count": 3, + "stargazers_count": 4, + "watchers_count": 4, "has_discussions": false, "forks_count": 0, "allow_forking": true, @@ -25,7 +25,7 @@ "topics": [], "visibility": "public", "forks": 0, - "watchers": 3, + "watchers": 4, "score": 0, "subscribers_count": 1 } diff --git a/2024/CVE-2024-45200.json b/2024/CVE-2024-45200.json index 05a3e6486d..d13124bd04 100644 --- a/2024/CVE-2024-45200.json +++ b/2024/CVE-2024-45200.json @@ -13,10 +13,10 @@ "description": "Information & PoC for CVE-2024-45200, Mario Kart 8 Deluxe's \"KartLANPwn\" buffer overflow vulnerability", "fork": false, "created_at": "2024-09-13T00:41:32Z", - "updated_at": "2024-10-02T09:13:21Z", + "updated_at": "2024-10-03T09:38:13Z", "pushed_at": "2024-10-01T00:57:03Z", - "stargazers_count": 42, - "watchers_count": 42, + "stargazers_count": 43, + "watchers_count": 43, "has_discussions": false, "forks_count": 0, "allow_forking": true, @@ -31,7 +31,7 @@ ], "visibility": "public", "forks": 0, - "watchers": 42, + "watchers": 43, "score": 0, "subscribers_count": 1 } diff --git a/2024/CVE-2024-46256.json b/2024/CVE-2024-46256.json index f1e3c67de9..f7410973c0 100644 --- a/2024/CVE-2024-46256.json +++ b/2024/CVE-2024-46256.json @@ -13,10 +13,10 @@ "description": "POC_CVE-2024-46256", "fork": false, "created_at": "2024-09-19T09:35:12Z", - "updated_at": "2024-10-01T10:08:54Z", + "updated_at": "2024-10-03T12:27:26Z", "pushed_at": "2024-09-19T09:47:59Z", - "stargazers_count": 1, - "watchers_count": 1, + "stargazers_count": 2, + "watchers_count": 2, "has_discussions": false, "forks_count": 0, "allow_forking": true, @@ -25,7 +25,7 @@ "topics": [], "visibility": "public", "forks": 0, - "watchers": 1, + "watchers": 2, "score": 0, "subscribers_count": 1 } diff --git a/2024/CVE-2024-5522.json b/2024/CVE-2024-5522.json index ef6dbb0e4a..4dc7ecfcac 100644 --- a/2024/CVE-2024-5522.json +++ b/2024/CVE-2024-5522.json @@ -73,7 +73,7 @@ "description": "A PoC exploit scanner for CVE-2024-5522 vulnerability in WordPress websites", "fork": false, "created_at": "2024-10-01T16:02:12Z", - "updated_at": "2024-10-01T22:51:35Z", + "updated_at": "2024-10-03T08:11:02Z", "pushed_at": "2024-10-01T16:03:38Z", "stargazers_count": 5, "watchers_count": 5, @@ -82,7 +82,22 @@ "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, - "topics": [], + "topics": [ + "buffer-overflow", + "cve", + "cve-2024-5522", + "cybersecurity", + "ethical-hacking", + "exploit", + "exploit-development", + "linux", + "poc", + "security", + "vulnerability", + "vulnerability-research", + "wordpress", + "wp" + ], "visibility": "public", "forks": 0, "watchers": 5, diff --git a/2024/CVE-2024-6387.json b/2024/CVE-2024-6387.json index 15df300bf4..943a6b0dcf 100644 --- a/2024/CVE-2024-6387.json +++ b/2024/CVE-2024-6387.json @@ -2203,10 +2203,10 @@ "description": "Remote Unauthenticated Code Execution Vulnerability in OpenSSH server (CVE-2024-6387)", "fork": false, "created_at": "2024-07-08T11:27:49Z", - "updated_at": "2024-10-02T20:48:38Z", + "updated_at": "2024-10-03T09:06:30Z", "pushed_at": "2024-08-22T08:50:25Z", - "stargazers_count": 26, - "watchers_count": 26, + "stargazers_count": 27, + "watchers_count": 27, "has_discussions": false, "forks_count": 11, "allow_forking": true, @@ -2215,7 +2215,7 @@ "topics": [], "visibility": "public", "forks": 11, - "watchers": 26, + "watchers": 27, "score": 0, "subscribers_count": 2 }, diff --git a/2024/CVE-2024-8517.json b/2024/CVE-2024-8517.json index 07ae44be32..a8df5f29ab 100644 --- a/2024/CVE-2024-8517.json +++ b/2024/CVE-2024-8517.json @@ -13,10 +13,10 @@ "description": "SPIP BigUp Plugin Unauthenticated RCE", "fork": false, "created_at": "2024-09-06T18:17:18Z", - "updated_at": "2024-09-17T01:56:07Z", + "updated_at": "2024-10-03T08:31:40Z", "pushed_at": "2024-09-07T00:12:51Z", - "stargazers_count": 7, - "watchers_count": 7, + "stargazers_count": 8, + "watchers_count": 8, "has_discussions": false, "forks_count": 3, "allow_forking": true, @@ -25,7 +25,7 @@ "topics": [], "visibility": "public", "forks": 3, - "watchers": 7, + "watchers": 8, "score": 0, "subscribers_count": 1 } diff --git a/2024/CVE-2024-9441.json b/2024/CVE-2024-9441.json new file mode 100644 index 0000000000..4f2ed959c0 --- /dev/null +++ b/2024/CVE-2024-9441.json @@ -0,0 +1,32 @@ +[ + { + "id": 867057499, + "name": "CVE-2024-9441", + "full_name": "adhikara13\/CVE-2024-9441", + "owner": { + "login": "adhikara13", + "id": 44716348, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/44716348?v=4", + "html_url": "https:\/\/github.com\/adhikara13" + }, + "html_url": "https:\/\/github.com\/adhikara13\/CVE-2024-9441", + "description": "Nortek Linear eMerge E3 Pre-Auth RCE PoC (CVE-2024-9441)", + "fork": false, + "created_at": "2024-10-03T11:28:46Z", + "updated_at": "2024-10-03T11:32:31Z", + "pushed_at": "2024-10-03T11:32:27Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/README.md b/README.md index 09fddb64f0..6f2bab59f3 100644 --- a/README.md +++ b/README.md @@ -166,6 +166,7 @@ - [ysanatomic/io_uring_LPE-CVE-2024-0582](https://github.com/ysanatomic/io_uring_LPE-CVE-2024-0582) - [Forsaken0129/CVE-2024-0582](https://github.com/Forsaken0129/CVE-2024-0582) - [0ptyx/cve-2024-0582](https://github.com/0ptyx/cve-2024-0582) +- [geniuszlyy/CVE-2024-0582](https://github.com/geniuszlyy/CVE-2024-0582) ### CVE-2024-0588 (2024-04-09) @@ -1546,6 +1547,9 @@ ### CVE-2024-9166 - [Andrysqui/CVE-2024-9166](https://github.com/Andrysqui/CVE-2024-9166) +### CVE-2024-9441 +- [adhikara13/CVE-2024-9441](https://github.com/adhikara13/CVE-2024-9441) + ### CVE-2024-12883 - [mhtsec/cve-2024-12883](https://github.com/mhtsec/cve-2024-12883)