March 17, 2023

Seized cameras, electronic equipment and GPS transmitters, which the suspects planned to PLACE ON transports with the equipment. To aid in its localisation….?
— Lukasz Olejnik (@[email protected]) (@lukOlejnik)
11:24 AM • Mar 16, 2023

Exchange bug is apparently pretty sweet. RCE with invisible emails.

https://www.mdsec.co.uk/2023/03/exploiting-cve-2023-23397-microsoft-outlook-elevation-of-privilege-vulnerability/

https://github.com/sqrtZeroKnowledge/CVE-2023-23397_EXPLOIT_0DAY

This ICMP bug raised quite a bit of interest in certain circles, but exploitation seems to be in the theoretical stage for now.

https://doublepulsar.com/a-look-at-cve-2023-23415-a-windows-icmp-vulnerability-mitigations-which-is-not-a-cyber-meltdown-78a9f7e3e538

🚨 NEW Blog from @Mandiant 🚨
Suspected Chinese Threat Actor (#UNC3886) involved in Espionage Operations.
🧵
— Tufail Ahmed (@7ufail)
4:04 PM • Mar 16, 2023

Latest post for my Journalist and Spy newsletter is about Peruvian journalist Vicky Peláez. In 2010, Peláez, her husband and eight others were arrested by the FBI for carrying out long-term, deep-cover assignments in the U.S. on behalf of Russia.
— Runa Sandvik (@runasand)
3:55 PM • Mar 16, 2023

New: hacker who allegedly breached a U.S. federal law enforcement tool that let them look up info on "anyone in the US" was on-the-run. Now found he's been arrested in Florida
— Joseph Cox (@josephfcox)
3:53 PM • Mar 16, 2023

Paper:

https://www.manuelrigger.at/papers/GCCBuiltins-ESECFSE19-preprint.pdf

After the Exchange bug what are the odds that we’d get a second awesome bug in the same week? Turns out pretty good. This one is really juicy. RCE via VoLTE. Since P0 found this bug in this attack surface, my suspicion is that there are more of these out there.

Word to the wise — disable VoLTE

Reply

or to participate.