Daily Perk 3/15/2021

Mondays and time change

Did someone leak PoC code for Microsoft Exchange servers per ZDNet

What if … there was a leak involving the very sensitive proof of concept exploit code about those massive Exchange server vulns? Could that explain the rampant proliferation of exploits and attacks by a number of threat actors? Microsoft is asking that very question as it shared the code with certain security partners in its Microsoft Active Protections Program on Feb 23 before the patches were released. At least 6 known APTs were playing hide and seek before March 2: Hafnium, Tick, Calypso, LuckyMouse, Websiic and Winnti Group. There are still 82,000 unpatched servers out there and unfortunately not all can be patched or patched easily. Worse, patching does not resolve compromise. Might I suggest burn it with fire 🔥

Phishing Kits now detecting and evading virtual machine browsers per Bleeping Computer

Not good for the defenders using virtual machines to check if a site is tainted. With this new trick, phishing kits use JavaScript to determine if a browser is using software rendering and also to check for a real monitor or a simulation. The kit just puts up a blank screen if it finds something “faux” that would be a foe.

0Day: Third Google Chrome Zeroday reported in 3 months. I did a write up on that yesterday

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s