BTC $63479.2080
ETH $3102.3210
BNB $553.9303
SOL $138.6944
stETH $3095.0573
XRP $0.4977
DOGE $0.1616
TON $6.5573
ADA $0.4609
AVAX $35.1800
wstETH $3604.0886
WBTC $63444.7835
TRX $0.1115
WETH $3097.1785
BCH $508.1534
DOT $6.7139
LINK $13.5848
MATIC $0.7078
UNI $7.2517
LTC $78.0969
ICP $12.3388
DAI $0.9999
CAKE $2.7613
RNDR $8.2936
FDUSD $0.9976
IMX $1.9531
ETC $26.4901
STX $2.5389
MNT $1.1217
TAO $525.3353
OKB $57.6303
FIL $6.0159
NEAR $5.2270
VET $0.0414
MKR $3079.1039
HBAR $0.0795
KAS $0.1206
WIF $2.7619
ATOM $8.1379
GRT $0.2535
CORE $2.6998
USDE $0.9998
XMR $123.1697
FET $2.0557
INJ $24.4523
XLM $0.1076
PEPE $0.0000
BTC $63479.2080
ETH $3102.3210
BNB $553.9303
SOL $138.6944
stETH $3095.0573
XRP $0.4977
DOGE $0.1616
TON $6.5573
ADA $0.4609
AVAX $35.1800
wstETH $3604.0886
WBTC $63444.7835
TRX $0.1115
WETH $3097.1785
BCH $508.1534
DOT $6.7139
LINK $13.5848
MATIC $0.7078
UNI $7.2517
LTC $78.0969
ICP $12.3388
DAI $0.9999
CAKE $2.7613
RNDR $8.2936
FDUSD $0.9976
IMX $1.9531
ETC $26.4901
STX $2.5389
MNT $1.1217
TAO $525.3353
OKB $57.6303
FIL $6.0159
NEAR $5.2270
VET $0.0414
MKR $3079.1039
HBAR $0.0795
KAS $0.1206
WIF $2.7619
ATOM $8.1379
GRT $0.2535
CORE $2.6998
USDE $0.9998
XMR $123.1697
FET $2.0557
INJ $24.4523
XLM $0.1076
PEPE $0.0000
  • Catalog
  • Blog
  • Tor Relay
  • Jabber
  • One-Time notes
  • Temp Email
  • What is TOR?
  • We are in tor
  • Hackers tried to attack South Korean users


    The North Korean group APT37 (also known as ScarCruft, Reaper and Group123) actively used the 0-day vulnerability under the identifier CVE-2022-41128 in the Internet Explorer browser against South Korean users. This was reported by researchers from the Google Threat Analysis Group (TAG), who discovered the security flaw in late October after several users uploaded malicious Microsoft Office documents to VirusTotal.

    The attackers passed off these documents as government reports related to the tragedy in Itaewon, Seoul. There, during the celebration of Halloween, there was a stampede, as a result of which at least 158 people died and 196 were injured.

    The attack took place according to the following scenario:

    • The victim opened a file that downloaded an RTF template from a remote server;
    • This template accepted remote HTML content;
    • Loading HTML content with an exploit allowed a zero-day vulnerability to be exploited in Internet Explorer, even if it was not the default browser.

    0-day received an ID of CVE-2022-41128 and a score of 8.8 out of 10 on the CVSS scale. According to experts, this vulnerability is related to the JavaScript engine in Internet Explorer and allows attackers to execute arbitrary code while rendering a malicious site. Thankfully, TAG researchers quickly reported it to Microsoft, and five days after the CVE was assigned, it was fixed.

    However, there is bad news - the researchers were unable to recover and analyze the final payload. It remains to be seen what the attackers used this time: ROKRAT, BLUELIGHT or DOLPHIN.

    Author DeepWeb
    Americans have developed an eye scanner to search for marijuana users
    US Department of Health warns of incessant ransomware attacks Royal

    Comments 0

    Add comment