{"vulnerability": "CVE-2019-0708", "sightings": [{"uuid": "4cff203d-238f-420a-b3df-940e1a07dfe2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-0708", "type": "seen", "source": "MISP/5dc9dbf7-53b0-4132-a9b6-109e8e5d62f7", "content": "", "creation_timestamp": "2019-11-11T22:10:04.000000Z"}, {"uuid": "663f99a4-60e2-4a8a-9d63-de6ecfaa5019", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-0708", "type": "seen", "source": "MISP/5f850411-c103-491f-abff-9421425403cf", "content": "", "creation_timestamp": "2020-10-21T08:19:11.000000Z"}, {"uuid": "d7c73a56-a140-4ce0-9b71-3e13617b4db3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-0708", "type": "seen", "source": "MISP/5dbff27e-56c8-4e8e-bc47-1cbf0a3b4631", "content": "", "creation_timestamp": "2019-11-04T09:43:34.000000Z"}, {"uuid": "ba85bc36-709d-410a-8808-677d692dfd96", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-0708", "type": "seen", "source": "MISP/5ce65218-d350-423b-a303-339dac12042b", "content": "", "creation_timestamp": "2019-05-23T07:58:38.000000Z"}, {"uuid": "151f7e1e-7f60-4751-98ee-f904196a7b83", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-0708", "type": "seen", "source": "MISP/5dc1b137-a484-470e-9b7b-42ae73e10023", "content": "", "creation_timestamp": "2019-11-05T17:29:22.000000Z"}, {"uuid": "2d1d680e-480f-4f91-8d23-ff18fc4ed5bf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-0708", "type": "seen", "source": "MISP/5dc3d86a-32a4-41c7-90f7-4ca0950d210f", "content": "", "creation_timestamp": "2019-11-08T10:29:26.000000Z"}, {"uuid": "57fb45ca-833c-46e8-9e87-89f5508be921", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-0708", "type": "seen", "source": "MISP/42d04e94-bf5b-427d-acc8-f5d740675941", "content": "", "creation_timestamp": "2020-10-20T15:57:21.000000Z"}, {"uuid": "8cc6114a-d22f-48e6-8da1-743508f8fb00", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-0708", "type": "seen", "source": "MISP/5eec7614-96f4-4aa1-a248-1f48ac13a7a7", "content": "", "creation_timestamp": "2020-06-19T09:10:37.000000Z"}, {"uuid": "e1e67996-d9dc-4c08-afbc-5a95d2d8ffec", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-0708", "type": "seen", "source": "MISP/b426aa9c-dc22-4a91-8213-f8d513405423", "content": "", "creation_timestamp": "2020-12-09T07:18:56.000000Z"}, {"uuid": "aeb4e021-8155-49b3-aa0c-657d2c347d99", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-0708", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2021-11-20T09:53:52.000000Z"}, {"uuid": "8505a5a7-74d1-4049-bdd2-4686006e54c8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-0708", "type": "seen", "source": "MISP/bef4e3e4-5a14-48c3-a298-4e689b8a77e3", "content": "", "creation_timestamp": "2020-10-09T13:37:39.000000Z"}, {"uuid": "eb2898a5-283b-498b-aca4-aa5dcc4389e8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-0708", "type": "seen", "source": "MISP/cd81e006-90f4-424e-aae0-65225d7c77e9", "content": "", "creation_timestamp": "2020-10-09T14:18:48.000000Z"}, {"uuid": "07052be2-0dc2-4588-b24d-286c94873e4e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-0708", "type": "seen", "source": "MISP/f5030aca-7d5a-43a4-ae03-8f4ac8e85422", "content": "", "creation_timestamp": "2021-11-08T08:58:18.000000Z"}, {"uuid": "2e558226-ed7c-4372-ac28-16650e34b9e3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-0708", "type": "seen", "source": "MISP/d925a2ee-e7cf-46f6-bec1-ad8e19122730", "content": "", "creation_timestamp": "2020-10-20T15:58:04.000000Z"}, {"uuid": "9a36faf7-dc02-46ad-8553-6d273b5af45f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-0708", "type": "seen", "source": "MISP/722231ed-1535-455b-aae2-4705701f1258", "content": "", "creation_timestamp": "2020-11-02T19:35:03.000000Z"}, {"uuid": "49753272-eda3-4cfa-855f-988a1af75b41", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-0708", "type": "seen", "source": "MISP/63ddead6-4b82-414c-ad8e-c516b950b446", "content": "", "creation_timestamp": "2021-10-25T22:32:43.000000Z"}, {"uuid": "140e6a19-47b9-42b4-bf07-efc6ede0a5ed", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-0708", "type": "exploited", "source": "https://www.exploit-db.com/exploits/47416", "content": "", "creation_timestamp": "2019-09-24T00:00:00.000000Z"}, {"uuid": "08879a8f-deea-46ac-9f06-2de1b46aa889", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-0708", "type": "seen", "source": "https://msrc.microsoft.com/blog/2019/05/a-reminder-to-update-your-systems-to-prevent-a-worm/", "content": "", "creation_timestamp": "2019-05-31T05:00:00.000000Z"}, {"uuid": "685a955f-684c-43d6-9608-9e525a379939", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-0708", "type": "seen", "source": "https://msrc.microsoft.com/blog/2019/05/prevent-a-worm-by-updating-remote-desktop-services-cve-2019-0708/", "content": "", "creation_timestamp": "2019-05-14T05:00:00.000000Z"}, {"uuid": "5d92f68d-db5c-4d0d-8e0a-3298d6144e79", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-0708", "type": "seen", "source": "https://msrc.microsoft.com/blog/2019/08/patch-new-wormable-vulnerabilities-in-remote-desktop-services-cve-2019-1181-1182/", "content": "", "creation_timestamp": "2019-08-13T05:00:00.000000Z"}, {"uuid": "ffd8912e-b089-45f7-9438-93a7586fe01a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-0708", "type": "seen", "source": "https://feedsin.space/feed/CISAKevBot/items/2971020", "content": "", "creation_timestamp": "2024-12-24T20:23:08.600929Z"}, {"uuid": "af8c2e99-13d0-42dc-b5d0-79077eecfb1c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-0708", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-06T03:13:43.000000Z"}, {"uuid": "e3f72812-c83e-41d7-addb-4e30509b8b84", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-0708", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3ltb3ejumdl2a", "content": "", "creation_timestamp": "2025-07-06T01:06:08.286657Z"}, {"uuid": "f9f5add1-0947-4dd0-ab32-74cf326ac376", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-0708", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-23T04:10:10.000000Z"}, {"uuid": "88b2b8f9-847a-4636-8b8f-f7e56bde5004", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-0708", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lhuyyoeow42b", "content": "", "creation_timestamp": "2025-02-11T06:14:38.106889Z"}, {"uuid": "96379a27-d7bc-4da1-9969-93013917cba2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-0708", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2025-02-23T02:09:41.000000Z"}, {"uuid": "0b5b6cf7-65de-45fd-8f2d-32f2777cd456", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-0708", "type": "seen", "source": "https://bsky.app/profile/lazarusholic.bsky.social/post/3lmrhkerf3d2p", "content": "", "creation_timestamp": "2025-04-14T11:30:23.138817Z"}, {"uuid": "1780936d-034f-4027-a1a1-a0b934e5b5bf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-0708", "type": "seen", "source": "MISP/5eec7614-96f4-4aa1-a248-1f48ac13a7a7", "content": "", "creation_timestamp": "2025-04-14T06:40:29.000000Z"}, {"uuid": "15a0f2da-a30e-498a-b3a4-78cab8f16eda", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-0708", "type": "seen", "source": "https://bsky.app/profile/igalog.bsky.social/post/3lnfomnyfqt2m", "content": "", "creation_timestamp": "2025-04-22T12:30:11.393353Z"}, {"uuid": "56efe22d-7801-413d-a894-3001c30988c6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-0708", "type": "seen", "source": "https://bsky.app/profile/lazarusholic.bsky.social/post/3lndbj7p2u32b", "content": "", "creation_timestamp": "2025-04-21T13:30:17.072505Z"}, {"uuid": "af876a26-9083-4fed-ae8b-754ef65dd21a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-0708", "type": "seen", "source": "https://infosec.exchange/users/tomcat/statuses/114377014440875652", "content": "", "creation_timestamp": "2025-04-21T16:58:57.305598Z"}, {"uuid": "d6d89370-d94b-499a-bfbc-898c9491a628", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-0708", "type": "seen", "source": "https://bsky.app/profile/youranonriots.bsky.social/post/3lndvtk77xs2f", "content": "", "creation_timestamp": "2025-04-21T19:34:06.524069Z"}, {"uuid": "dd42f826-3324-4c2b-a7ee-5db79c826bf0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-0708", "type": "seen", "source": "https://bsky.app/profile/shiojiri.com/post/3lnfbdsxxz22x", "content": "", "creation_timestamp": "2025-04-22T08:32:36.048965Z"}, {"uuid": "d3902d92-ac55-4657-99c5-b40436470da6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-0708", "type": "seen", "source": "https://bsky.app/profile/zmediabitcoin.bsky.social/post/3lnfg643ei72a", "content": "", "creation_timestamp": "2025-04-22T09:58:52.435222Z"}, {"uuid": "94f2b836-64f4-4685-95d7-3bbe00086874", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-0708", "type": "seen", "source": "https://gist.github.com/Mickael5466/a81c256220e1573571bf040c96115212", "content": "", "creation_timestamp": "2025-06-21T19:15:54.000000Z"}, {"uuid": "545d837f-71bf-49af-a197-4a278a6d4f96", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-0708", "type": "seen", "source": "https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/rdp/cve_2019_0708_bluekeep_rce.rb", "content": "", "creation_timestamp": "2019-09-23T16:32:55.000000Z"}, {"uuid": "6a32c897-e0ac-4049-9f7d-78050bb8e1ac", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-0708", "type": "seen", "source": "https://gist.github.com/sobotat/ad9ed7e151be31a8419c9ea2a6d65571", "content": "", "creation_timestamp": "2026-01-05T18:05:43.000000Z"}, {"uuid": "a313c8cc-acd1-44c0-b5eb-001afe7405c5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-0708", "type": "seen", "source": "https://gist.github.com/iceisnicehq/8fca168b823b7add218af2bdcf1f5977", "content": "", "creation_timestamp": "2025-11-18T18:56:31.000000Z"}, {"uuid": "b3b62770-b471-4eb7-8877-8c08f6edc48e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-0708", "type": "seen", "source": "MISP/d17bd6ef-d68b-317b-ac33-cdbc44c5fc57", "content": "", "creation_timestamp": "2025-08-31T03:12:47.000000Z"}, {"uuid": "e5377afa-c65d-4445-99fa-49f7eceb9faf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-0708", "type": "seen", "source": "MISP/ab0b745f-bbd5-338e-8b92-97dd0c757e9d", "content": "", "creation_timestamp": "2025-08-31T03:01:06.000000Z"}, {"uuid": "2823183f-de25-43bc-9d34-c4e9490a9a2d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-0708", "type": "seen", "source": "https://gist.github.com/quarrcyber/15b80db0f01077f7797f3f15b2d953a8", "content": "", "creation_timestamp": "2025-12-08T14:59:57.000000Z"}, {"uuid": "65059c78-45ee-470c-a096-22ab2000f941", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-0708", "type": "seen", "source": "https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/scanner/rdp/cve_2019_0708_bluekeep.rb", "content": "", "creation_timestamp": "2019-05-24T21:12:48.000000Z"}, {"uuid": "d10006c6-24c2-49b8-b90a-3966f6cdb23c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-0708", "type": "seen", "source": "https://gist.github.com/aamixsh/3d5e1cb8dc17415acad151adc9c11e61", "content": "", "creation_timestamp": "2026-03-05T02:40:03.000000Z"}, {"uuid": "81833dd8-9653-4707-a60e-19b3498c80ee", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2019-0708", "type": "seen", "source": "https://www.kyberturvallisuuskeskus.fi/fi/microsoftin-etatyopoyta-sovelluksen-haavoittuvuuksia-hyodynnetaan-tietomurroissa", "content": "", "creation_timestamp": "2019-08-14T13:17:22.000000Z"}, {"uuid": "876c0b80-dce2-4762-b567-67bb31a6f824", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2019-0708", "type": "seen", "source": "https://www.govcert.gov.hk/en/alerts_detail.php?id=391", "content": "", "creation_timestamp": "2019-05-15T04:00:00.000000Z"}, {"uuid": "86006a35-4486-453c-b142-e9b52e7516b8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2019-0708", "type": "seen", "source": "https://www.kyberturvallisuuskeskus.fi/fi/kriittinen-haavoittuvuus-microsoftin-rds-toteutuksissa", "content": "", "creation_timestamp": "2019-05-15T12:48:57.000000Z"}, {"uuid": "3cb20b6c-2846-48f8-abf8-587916d07410", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2019-0708", "type": "seen", "source": "https://gist.github.com/midnightpush404/e44e68589ab9c933581c3ab18dee98d4", "content": "", "creation_timestamp": "2026-01-20T22:13:03.000000Z"}, {"uuid": "f66e7468-5ad8-430c-a492-da0a5f15a263", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-0708", "type": "exploited", "source": "https://t.me/Pen7esting/314", "content": "Paper y posible exploit para vulnerabilidad #RDP #BlueKeep (Parchea YA, YA, YA!) (CVE-2019-0708) https://t.co/gOU9C47aP7", "creation_timestamp": "2019-07-25T10:23:34.000000Z"}, {"uuid": "d2e15e96-2f0b-4188-a6d3-c02e621837c2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "af0120d0-3dac-4a6a-974b-a9f33d2a9846", "vulnerability": "CVE-2019-0708", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/607b266e-5720-4ce3-a2e4-1d04a47e47b6", "content": "", "creation_timestamp": "2026-02-02T12:28:51.519454Z"}, {"uuid": "bd19b4bf-d493-4348-8e92-44c87f3905dc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-0708", "type": "exploited", "source": "https://t.me/N0iSeBit/273", "content": "\u0412 \u0441\u0435\u0442\u0438 \u043f\u043e\u044f\u0432\u0438\u043b\u0441\u044f PoC (\u0442\u043e\u043b\u044c\u043a\u043e DoS) \u0434\u043b\u044f \u043d\u0430\u0448\u0443\u043c\u0435\u0432\u0448\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 RDP \u043f\u0440\u043e\u0442\u043e\u043a\u043e\u043b\u0430 (CVE-2019-0708). \u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0438\u043d\u0442\u0435\u0440\u0435\u0441\u043d\u0430 \u0441\u0432\u043e\u0435\u0439 \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e\u0441\u0442\u044c\u044e \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u0433\u043e \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u043a\u043e\u0434\u0430 \u0431\u0435\u0437 \u0443\u0447\u0430\u0441\u0442\u0438\u044f \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f, \u0447\u0442\u043e \u043f\u043e\u0440\u0430\u0436\u0434\u0430\u0435\u0442 \u0432\u0435\u0440\u043e\u044f\u0442\u043d\u043e\u0441\u0442\u044c \u0430\u0432\u0442\u043e\u043c\u0430\u0442\u0438\u0437\u0430\u0446\u0438\u0438 \u0440\u0435\u043f\u043b\u0438\u0446\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u044f \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u043e\u0433\u043e \u043a\u043e\u0434\u0430.\n\nhttps://github.com/zerosum0x0/CVE-2019-0708", "creation_timestamp": "2019-05-23T01:20:03.000000Z"}, {"uuid": "218ef3b2-3311-4ed2-85b4-7f9bd0e36ffa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-0708", "type": "seen", "source": "Telegram/gb3P6T2ubcTpsayb2APwO2ylArpkiGFa1lVI3jKHg8ed1vem", "content": "", "creation_timestamp": "2024-07-28T12:01:05.000000Z"}, {"uuid": "be83e8a7-4627-41ae-99d7-6e452efd4ac9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-0708", "type": "exploited", "source": "https://t.me/cKure/9155", "content": "\u25a0\u25a0\u25a1\u25a1\u25a1 CVE-2019-0708 (BlueKeep) pre-auth RCE POC on Windows7.\n\nhttps://github.com/RICSecLab/CVE-2019-0708", "creation_timestamp": "2022-03-25T10:05:43.000000Z"}, {"uuid": "ec2b5735-0cb8-40bc-a8eb-70a581171bff", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-0708", "type": "published-proof-of-concept", "source": "https://t.me/N0iSeBit/276", "content": "\u0425\u043e\u0440\u043e\u0448\u0438\u0439 \u0430\u043d\u0430\u043b\u0438\u0437 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 RDP, \u043e \u043a\u043e\u0442\u043e\u0440\u043e\u0439 \u044f \u0433\u043e\u0432\u043e\u0440\u0438\u043b \u043d\u0435\u0441\u043a\u043e\u043b\u044c\u043a\u043e \u043f\u043e\u0441\u0442\u043e\u0432 \u043d\u0430\u0437\u0430\u0434.\nhttps://wazehell.io/2019/05/22/cve-2019-0708-technical-analysis-rdp-rce/", "creation_timestamp": "2019-05-25T02:55:41.000000Z"}, {"uuid": "04464a18-dcfa-425a-b705-e75fa94b52eb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-0708", "type": "seen", "source": "https://bsky.app/profile/filippo.abyssdomain.expert/post/3mjklsutb6s2j", "content": "", "creation_timestamp": "2026-04-15T19:08:43.974934Z"}, {"uuid": "24d18a31-c527-417e-8486-9547f655399c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-0708", "type": "seen", "source": "https://bsky.app/profile/pmloik.bsky.social/post/3mjqfe77gah2r", "content": "", "creation_timestamp": "2026-04-18T02:29:07.097905Z"}, {"uuid": "97c9fc59-9164-4e5c-abc0-4202b97efdf9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-0708", "type": "seen", "source": "https://bsky.app/profile/pmloik.bsky.social/post/3mjleh5vimz25", "content": "", "creation_timestamp": "2026-04-16T02:29:32.960195Z"}, {"uuid": "009dc9cd-d8ab-4e56-a2ff-0cc74476eb3d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-0708", "type": "seen", "source": "https://bsky.app/profile/pmloik.bsky.social/post/3mjsvtyenpn2x", "content": "", "creation_timestamp": "2026-04-19T02:29:35.108123Z"}, {"uuid": "ecce837e-0991-46b7-b382-f9033b2d9773", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-0708", "type": "seen", "source": "https://bsky.app/profile/pmloik.bsky.social/post/3mjnuvsllad2g", "content": "", "creation_timestamp": "2026-04-17T02:29:23.867019Z"}, {"uuid": "65bb86ae-c31e-4496-ab4e-e1fcf48f7da3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-0708", "type": "seen", "source": "https://bsky.app/profile/pmloik.bsky.social/post/3mjxwrhgkau2x", "content": "", "creation_timestamp": "2026-04-21T02:29:22.562359Z"}, {"uuid": "ad40e799-2efd-40bc-9aee-0fbf8cb320cd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-0708", "type": "seen", "source": "https://bsky.app/profile/pmloik.bsky.social/post/3mjvgdclzwg2x", "content": "", "creation_timestamp": "2026-04-20T02:29:48.611094Z"}, {"uuid": "edbc14a3-b91b-482d-a4ce-469d2d8d0618", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-0708", "type": "seen", "source": "https://bsky.app/profile/pmloik.bsky.social/post/3mk2ha7xm7v2g", "content": "", "creation_timestamp": "2026-04-22T02:29:17.531995Z"}, {"uuid": "d5aaf16e-96e1-4c31-839e-f0fe9f8b5211", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-0708", "type": "exploited", "source": "https://t.me/novitoll_ch/39", "content": "BlueKeep (CVE-2019-0708) \u0438\u0434\u0451\u0442 \u0432 \u0430\u0442\u0430\u043a\u0443. \ntl;dr \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430, \u0441\u043f\u043e\u0439\u043c\u0430\u043d\u043d\u044b\u043c \u0445\u043e\u043d\u0435\u0439\u043f\u043e\u0442\u043e\u043c \u0440\u0435\u0441\u0435\u0440\u0447\u0435\u0440\u0430:\n\n- \u0445\u043e\u043d\u0435\u0439\u043f\u043e\u0442 \u0441 \u0435\u0434\u0438\u043d\u0441\u0442\u0432\u0435\u043d\u043d\u044b\u043c \u043e\u0442\u043a\u0440\u044b\u0442\u044b\u043c 3389/tcp, \u0441\u043f\u043e\u0439\u043c\u0430\u043b \u044d\u043a\u0441\u043f\u043b\u043e\u0438\u0442, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u0437\u0430\u043a\u0440\u044d\u0448\u0430\u043b \u0412\u0438\u043d\u0434\u043e\u0443\u0441 \u0442\u0430\u0447\u043a\u0443.\n- \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 user-after-free MS_T120 \u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u044b \u0432 0x170  \u0431\u0430\u0439\u0442\n- \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044f heap-spray \u0442\u0435\u0445\u043d\u0438\u043a\u0443, \u043f\u0435\u0440\u0435\u0437\u0430\u0442\u0438\u0440\u0430\u0435\u0442 \u0430\u0434\u0440\u0435\u0441 \u043d\u0430 \u0430\u0434\u0440\u0435\u0441 \u0448\u0435\u043b\u043b\u043a\u043e\u0434\u0430, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u0432 \u0441\u0432\u043e\u044e \u043e\u0447\u0435\u0440\u0435\u0434\u044c \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442 egghunting \u0434\u043b\u044f \u043f\u043e\u0438\u0441\u043a\u0430 \u0434\u0440\u0443\u0433\u043e\u0433\u043e \u043a\u0443\u0441\u043a\u0430 \u0448\u0435\u043b\u043b\u043a\u043e\u0434\u0430 \u043f\u043e 0x0b00dac0fefe42069 \u0441\u0438\u0433\u043d\u0430\u0442\u0443\u0440\u0435\n\nhttps://www.kryptoslogic.com/blog/2019/11/bluekeep-cve-2019-0708-exploitation-spotted-in-the-wild/", "creation_timestamp": "2019-11-03T18:32:13.000000Z"}, {"uuid": "58f850e2-9b3b-4cfa-96a9-a92b5bc5b1ac", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-0708", "type": "exploited", "source": "https://t.me/infobes/147", "content": "https://codeby.net/threads/metasploit-ehksploit-bluekeep-cve-2019-0708.69014/ \u0430 \u0432\u043e\u0442 \u0438 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442 \u0434\u043b\u044f BlueKeep.", "creation_timestamp": "2019-09-08T06:03:34.000000Z"}, {"uuid": "e7675fc4-b300-4ce0-bf7a-5d40f544f765", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-0708", "type": "exploited", "source": "https://t.me/MajorHacker/84", "content": "CVE-2019-0708 dubbed \"Bluekeep\" POC has been Released.\nhttps://github.com/Ekultek/BlueKeep", "creation_timestamp": "2019-06-03T15:32:26.000000Z"}, {"uuid": "7d9f9e2d-6f6f-43f5-8380-f9a32b04b78a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-0708", "type": "exploited", "source": "https://t.me/MajorHacker/172", "content": "https://blog.rapid7.com/2019/07/31/bluekeep-cve-2019-0708-for-windows-rdp-what-you-need-to-know/", "creation_timestamp": "2019-08-02T16:13:47.000000Z"}, {"uuid": "055e7e94-be7f-4484-92bd-5fd7d364b41f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-0708", "type": "published-proof-of-concept", "source": "https://t.me/osintflow_team/90", "content": "https://anonfiles.com/3bxb75e8y2/vulnCVE-2019-0708_countryru_gz", "creation_timestamp": "2023-06-12T21:19:33.000000Z"}, {"uuid": "5ecdf3eb-df70-4cb7-897f-37a09a93de81", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-0708", "type": "published-proof-of-concept", "source": "https://t.me/webamoozir/5590", "content": "\u0627\u06af\u0631 \u062f\u0631 \u0634\u0628\u06a9\u0647 \u062e\u0648\u062f \u0627\u0632 \u0633\u0631\u0648\u06cc\u0633 RDP \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0645\u06cc\u06a9\u0646\u06cc\u062f \u060c \u0627\u0644\u0627\u0646 \u0648\u0642\u062a\u0634\u0647 \u06a9\u0647 \u062d\u062a\u0645\u0627 \u0628\u0631\u0648\u0632\u0631\u0633\u0627\u0646\u06cc \u06a9\u0646\u06cc\u062f\u060c \u0627\u06cc\u0646 \u0636\u0639\u0641 \u0627\u0645\u0646\u06cc\u062a\u06cc \u062f\u0631\u062c\u0647 \u0628\u0627\u0644\u0627\u06cc\u06cc \u0627\u0632 \u0647\u0634\u062f\u0627\u0631 \u0631\u0627 \u062f\u0627\u0631\u062f\u060c \u0647\u0645\u0686\u0646\u06cc\u0646 \u0637\u0631\u06cc\u0642\u0647 \u0627\u06a9\u0633\u067e\u0644\u0648\u06cc\u062a \u06a9\u0631\u062f\u0646 \u0622\u0646 \u0647\u0645 \u0645\u0646\u062a\u0634\u0631 \u0634\u062f\u0647.  \nhttps://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0708\n@telescam", "creation_timestamp": "2019-05-15T04:04:41.000000Z"}, {"uuid": "290ca069-a350-4fc4-9a6d-510d2d47e43e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-0708", "type": "exploited", "source": "https://t.me/antichat/5150", "content": "CVE-2019-0708 - BSOD(Blue Screen of Death) Checker PoC\nOnly Hitting PoC [Tested on Windows Server 2008 r2]\nhttps://github.com/Leoid/CVE-2019-0708", "creation_timestamp": "2019-05-29T09:38:05.000000Z"}, {"uuid": "46ffeee8-ccb5-4228-ab09-32c154c775bd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-0708", "type": "exploited", "source": "https://t.me/antichat/5070", "content": "CVE-2019-0708\nScanner PoC for CVE-2019-0708 RDP RCE vuln\nhttps://github.com/zerosum0x0/CVE-2019-0708", "creation_timestamp": "2019-05-22T17:50:55.000000Z"}, {"uuid": "aeff6991-21d6-429f-84b9-4205e5ec609d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-0708", "type": "published-proof-of-concept", "source": "Telegram/w5HzfFFeKuktPNPahYkNxGt1SEGTG8g84n5I023QjSfaJ9M", "content": "", "creation_timestamp": "2019-07-02T01:45:24.000000Z"}, {"uuid": "18b94aa3-a2e9-4134-8349-14c71d5bec57", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-0708", "type": "exploited", "source": "Telegram/Uhd6VvJChDzzLpi6YIzrxvdUsFjy2mdYUjskxeLQ-QqRzpI", "content": "", "creation_timestamp": "2019-05-29T08:23:51.000000Z"}, {"uuid": "f6d117a2-45cc-4d0c-9a02-b50720e0ec5b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-0708", "type": "published-proof-of-concept", "source": "https://t.me/codeby_sec/2613", "content": "\u041a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0430\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 \u0441\u043b\u0443\u0436\u0431\u0435 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u0433\u043e \u0440\u0430\u0431\u043e\u0447\u0435\u0433\u043e \u0441\u0442\u043e\u043b\u0430 Windows (CVE-2019-0708 | BlueKeep)\n\nhttps://codeby.net/threads/kriticheskaja-ujazvimost-v-sluzhbe-udalennogo-rabochego-stola-windows-cve-2019-0708-bluekeep.69095/\n\n#pentest #exploit", "creation_timestamp": "2019-11-13T16:39:12.000000Z"}, {"uuid": "1d9b76b9-d7d8-49cb-94f4-33f172589df3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-0708", "type": "published-proof-of-concept", "source": "https://t.me/antichat/5184", "content": "https://medium.com/@straightblast426/a-debugging-primer-with-cve-2019-0708-ccfa266682f6", "creation_timestamp": "2019-05-31T06:48:49.000000Z"}, {"uuid": "10f0c561-3dde-4904-810f-de8bf38c878e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-0708", "type": "exploited", "source": "https://t.me/antichat/6469", "content": "https://blog.rapid7.com/2019/09/06/initial-metasploit-exploit-module-for-bluekeep-cve-2019-0708/ #re #expdev #yobaboba", "creation_timestamp": "2019-09-06T18:19:27.000000Z"}, {"uuid": "af7cc0b5-84aa-439b-a60b-c0dc56d24dda", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-0708", "type": "exploited", "source": "https://t.me/antichat/6955", "content": "https://www.kryptoslogic.com/blog/2019/11/bluekeep-cve-2019-0708-exploitation-spotted-in-the-wild/", "creation_timestamp": "2019-11-03T16:44:26.000000Z"}, {"uuid": "c482da9e-bb6f-46e4-8aa5-564b47b644c0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-0708", "type": "published-proof-of-concept", "source": "Telegram/HmmEzJhZyvq9Cl_v7Ie06-_y_8uCAlQkd_ZcpfWOTCxlQxA", "content": "", "creation_timestamp": "2026-04-20T03:00:06.000000Z"}, {"uuid": "1d70814f-b5c6-43b1-bb69-3ecc562b7ced", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-0708", "type": "published-proof-of-concept", "source": "https://t.me/R0_Crew/1211", "content": "https://blog.rapid7.com/2019/09/06/initial-metasploit-exploit-module-for-bluekeep-cve-2019-0708/ #re #expdev #yobaboba", "creation_timestamp": "2019-10-23T17:16:47.000000Z"}, {"uuid": "c4064033-3399-4a01-b017-4dd7630f7a45", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-0708", "type": "exploited", "source": "https://t.me/R0_Crew/1155", "content": "Public work for CVE-2019-0708 https://github.com/0xeb-bp/bluekeep #exploit #radare2", "creation_timestamp": "2019-11-26T17:45:05.000000Z"}, {"uuid": "d92a391f-ff49-4e03-b0a4-16881277b970", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-0708", "type": "exploited", "source": "https://t.me/antichat/6471", "content": "https://www.malwaretech.com/2019/09/bluekeep-a-journey-from-dos-to-rce-cve-2019-0708.html", "creation_timestamp": "2019-09-07T17:02:14.000000Z"}, {"uuid": "653af753-ab71-454e-b11d-25a2f07450e8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-0708", "type": "exploited", "source": "Telegram/lFMbmTrnG6ZCl6nq-793tE2tt_HZYmDYiA_f4QOsVlk9ByY", "content": "", "creation_timestamp": "2026-04-17T21:00:04.000000Z"}, {"uuid": "039d9ad5-a472-433f-b1df-8413bdf32179", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-0708", "type": "exploited", "source": "https://t.me/antichat/5074", "content": "https://github.com/zerosum0x0/CVE-2019-0708", "creation_timestamp": "2019-05-22T20:26:28.000000Z"}, {"uuid": "4dd33ce0-197a-412a-aff7-62064493827f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-0708", "type": "exploited", "source": "https://t.me/antichat/6472", "content": "Initial Metasploit Exploit Module for BlueKeep (CVE-2019-0708)\nhttps://blog.rapid7.com/2019/09/06/initial-metasploit-exploit-module-for-bluekeep-cve-2019-0708/", "creation_timestamp": "2019-09-08T05:52:33.000000Z"}, {"uuid": "84835ba9-73fc-4939-ace1-47b66921b5d5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-0708", "type": "exploited", "source": "https://t.me/antichat/4988", "content": "https://github.com/lr3800/CVE-2019-0708/\nCVE-2019-0708: CVE-2019-0708 exploit by Ir3800  Can't confirm whether this PoC is real or fake.", "creation_timestamp": "2019-05-18T08:17:26.000000Z"}, {"uuid": "95a9648f-76b4-4ffd-9fbc-08f52ab58bf0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-0708", "type": "seen", "source": "https://t.me/antichat/4982", "content": "\u0412 \u0420\u0410\u041c\u041a\u0410\u0425 \u041f\u042f\u0422\u041d\u0418\u0426\u042b \n\n\u0430 \u043f\u043e\u043c\u043d\u0438\u0442\u0435, \u044f \u043f\u0430\u0440\u0443 \u0434\u043d\u0435\u0439 \u043d\u0430\u0437\u0430\u0434 \u043f\u0438\u0441\u0430\u043b \u043e\u0431 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u043d\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 \u0441\u0442\u0430\u0440\u044b\u0445 \u0432\u0435\u0440\u0441\u0438\u044f\u0445 Windows, \u0434\u0430 \u0442\u0430\u043a\u043e\u0439, \u0447\u0442\u043e Microsoft \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0430 \u0430\u043f\u0434\u0435\u0439\u0442 \u0434\u0430\u0436\u0435 \u0434\u043b\u044f XP (https://t.me/alexmakus/2836)\n\n\u0422\u0430\u043a \u0432\u043e\u0442, \u0442\u0443\u0442, \u043f\u043e\u0445\u043e\u0436\u0435, \u0448\u0443\u0442\u043d\u0438\u043a\u0438 \u0441\u0434\u0435\u043b\u0430\u043b\u0438 \u043a\u0440\u0430\u0441\u0438\u0432\u044b\u0439 \u0441\u0430\u0439\u0442 \u043f\u043e \u044d\u0442\u043e\u043c\u0443 \u043f\u043e\u0432\u043e\u0434\u0443, \u044f\u043a\u043e\u0431\u044b \u043f\u0440\u0435\u0434\u043b\u0430\u0433\u0430\u044f \u0443\u0442\u0438\u043b\u0438\u0442\u0443, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u0438\u0449\u0435\u0442 \u043d\u0435\u043f\u0440\u043e\u043f\u0430\u0442\u0447\u0435\u043d\u043d\u044b\u0435 \u0445\u043e\u0441\u0442\u044b \u0438 \u0438\u0445 \u0438\u043c\u0435\u0435\u0442. \u041d\u043e, \u0433\u043e\u0432\u043e\u0440\u044f\u0442, \u0444\u0435\u0439\u043a, \u0442\u0430\u043a \u0447\u0442\u043e \u043d\u0435 \u0432\u0435\u0440\u044c\u0442\u0435 \u0432\u0441\u0435\u043c\u0443, \u0447\u0442\u043e \u043f\u0438\u0448\u0443\u0442 \u0432 \u0438\u043d\u0442\u0435\u0440\u043d\u0435\u0442\u0435 \n\nhttps://cve-2019-0708.com", "creation_timestamp": "2019-05-17T16:36:59.000000Z"}, {"uuid": "efc6c29b-508a-4d19-aaed-69a6ac1caeff", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-0708", "type": "exploited", "source": "https://t.me/antichat/4963", "content": "https://github.com/syriusbughunt/CVE-2019-0708\nCVE-2019-0708(aka BlueKeep) PoC demo image. Cc @syrius_bughunt\n\nMicrosoft RDP(Remote Desktop Protocol) RCE Calc.exe pwned!\n- Windows 7, Windows Server 2K3, Windows Server 2K8", "creation_timestamp": "2019-05-17T08:43:14.000000Z"}, {"uuid": "d3aae2e9-83df-4feb-a396-defed35774d4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-0708", "type": "published-proof-of-concept", "source": "https://t.me/antichat/5022", "content": "\u041f\u043e\u043a\u0430 \u043a\u0440\u0430\u0441\u043d\u044b\u0435 \u0436\u0434\u0443\u0442 \u0440\u0430\u0431\u043e\u0447\u0438\u0439 PoC \u043f\u043e\u0434 CVE-2019\u20130708, \u0441\u0438\u043d\u0438\u0435 \u0443\u0436\u0435 \u043f\u0435\u0440\u0435\u0432\u0435\u043b\u0438 \u0441\u0432\u043e\u0438 SOC\u0438 \u0438 SIEM\u044b \u0432 \u0440\u0435\u0436\u0438\u043c \u043f\u043e\u043b\u043d\u043e\u0439 \u0431\u043e\u0435\u0432\u043e\u0439 \u0433\u043e\u0442\u043e\u0432\u043d\u043e\u0441\u0442\u0438 \u0438 \u043d\u0430\u043f\u0438\u0441\u0430\u043b\u0438 \u0432\u0441\u0435\u0432\u043e\u0437\u043c\u043e\u0436\u043d\u044b\u0435 \u043f\u0440\u0430\u0432\u0438\u043b\u0430 \u0434\u0435\u0442\u0435\u043a\u0442\u0430 \u043f\u043e\u0434 \u0432\u0441\u0435, \u0447\u0442\u043e \u0442\u043e\u043b\u044c\u043a\u043e \u043c\u043e\u0436\u043d\u043e: MITRE ATT&CK, Sigma, Elastic \u0438 ArcSight.\n\n\u0412\u043e\u043e\u0440\u0443\u0436\u0430\u0439\u0442\u0435\u0441\u044c, \u043d\u0435\u0441\u043c\u043e\u0442\u0440\u044f \u043d\u0430 \u0442\u043e, \u0447\u0442\u043e \u0432 \u0412\u0435\u0441\u0442\u0435\u0440\u043e\u0441\u0435 \u0441 \u043a\u043e\u0440\u043e\u043b\u0435\u043c \u043e\u043f\u0440\u0435\u0434\u0435\u043b\u0438\u043b\u0438\u0441\u044c, PoC is coming...\n\nhttps://medium.com/@ab_65156/proactive-detection-content-cve-2019-0708-vs-mitre-att-ck-sigma-elastic-and-arcsight-22f9ebae7d82", "creation_timestamp": "2019-05-20T20:01:27.000000Z"}, {"uuid": "bfec2fbc-a86c-454b-bc89-674c7d12ca88", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-0708", "type": "exploited", "source": "https://t.me/antichat/5194", "content": "Microsoft \u0442\u0443\u0442 \u0432\u0441\u044f\u0447\u0435\u0441\u043a\u0438 \u043f\u0440\u0438\u0437\u044b\u0432\u0430\u0435\u0442 \u043d\u0435 \u0437\u0430\u0442\u044f\u0433\u0438\u0432\u0430\u0442\u044c \u0441 \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043a\u043e\u0439 \u0430\u043f\u0434\u0435\u0439\u0442\u0430 \u043f\u0440\u043e\u0442\u0438\u0432 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 Remote Desktop Services (\u0442\u0430 \u0441\u0430\u043c\u0430\u044f CVE-2019-0708, \u0434\u043b\u044f \u043a\u043e\u0442\u043e\u0440\u043e\u0439 \u043d\u0435\u0434\u0430\u0432\u043d\u043e \u0432\u044b\u0448\u0435\u043b \u0430\u043f\u0434\u0435\u0439\u0442 \u0434\u043b\u044f Windows, \u0432\u043a\u043b\u044e\u0447\u0430\u044f XP). Microsoft \u0433\u043e\u0432\u043e\u0440\u0438\u0442, \u0447\u0442\u043e \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442 \u0441\u0443\u0449\u0435\u0441\u0442\u0432\u0443\u0435\u0442 \u0438 \u043f\u0440\u0438\u043c\u0435\u043d\u044f\u0435\u0442\u0441\u044f (\u0447\u0438\u0442\u0430\u0442\u0435\u043b\u044c\u043d\u0438\u0446\u0430 \u043a\u0430\u043d\u0430\u043b\u0430 \u0434\u0430\u0436\u0435 \u043f\u0440\u0438\u0441\u044b\u043b\u0430\u043b\u0430 \u043c\u043d\u0435 \u0441\u0441\u044b\u043b\u043a\u0443 \u043d\u0430 proof of concept \u0434\u043b\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438), \u043f\u043e\u044d\u0442\u043e\u043c\u0443 \u0441\u0442\u0430\u0432\u044c\u0442\u0435 \u0430\u043f\u0434\u0435\u0439\u0442\u044b, \u043f\u043e\u043a\u0430 \u043d\u0435 \u043d\u0430\u0447\u0430\u043b\u043e\u0441\u044c! \u0413\u043e\u0432\u043e\u0440\u044f\u0442, \u0447\u0442\u043e \u0432 \u0441\u0435\u0442\u0438 \u043d\u0430\u0441\u0447\u0438\u0442\u044b\u0432\u0430\u0435\u0442\u0441\u044f \u0435\u0449\u0435 \u0431\u043e\u043b\u0435\u0435 1 \u043c\u0438\u043b\u043b\u0438\u043e\u043d\u0430 \u043a\u043e\u043c\u043f\u044c\u044e\u0442\u0435\u0440\u043e\u0432, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u044b \u043a \u044d\u0442\u043e\u0439 \u0431\u0430\u0433\u0435. \nhttps://blogs.technet.microsoft.com/msrc/2019/05/30/a-reminder-to-update-your-systems-to-prevent-a-worm/", "creation_timestamp": "2019-05-31T14:04:09.000000Z"}, {"uuid": "b40d6a39-2b4a-4079-b94c-f7528c5ec09e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-0708", "type": "exploited", "source": "https://t.me/antichat/5330", "content": "\u0414\u0430\u0436\u0435 NSA (\u0434\u0430, \u0438\u043c\u0435\u043d\u043d\u043e \u0442\u0430 NSA) \u043f\u0440\u0438\u0437\u044b\u0432\u0430\u0435\u0442 \u043f\u0430\u0442\u0447\u0438\u0442\u044c\u0441\u044f \u043f\u0440\u043e\u0442\u0438\u0432 CVE-2019-0708, \u043e\u043d\u0430 \u0436\u0435 \u0438\u0437\u0432\u0435\u0441\u0442\u043d\u0430\u044f \u043a\u0430\u043a  \u00abBlueKeep\u00bb. \u041c\u043e\u0436\u043d\u043e, \u043a\u043e\u043d\u0435\u0447\u043d\u043e, \u0437\u0430\u043f\u043e\u0434\u043e\u0437\u0440\u0438\u0442\u044c \u043f\u043e\u0434\u0432\u043e\u0445, \u043d\u043e \u0441\u043a\u043e\u0440\u0435\u0435 \u043e\u043d\u0438 \u0445\u043e\u0442\u044f\u0442 \u0438\u0437\u0431\u0435\u0436\u0430\u0442\u044c \u0435\u0449\u0451 \u043e\u0434\u043d\u043e\u0433\u043e \u0441\u043a\u0430\u043d\u0434\u0430\u043b\u0430, \u043a\u0430\u043a \u0441 WannaCry, \u043a\u043e\u0433\u0434\u0430 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442\u0441\u044f \u0443\u0442\u0451\u043a\u0448\u0430\u044f \u043e\u0442 \u043d\u0438\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \nhttps://www.nsa.gov/News-Features/News-Stories/Article-View/Article/1865726/nsa-cybersecurity-advisory-patch-remote-desktop-services-on-legacy-versions-of/", "creation_timestamp": "2019-06-08T18:25:21.000000Z"}, {"uuid": "13969a84-0de2-4b18-8cd6-08839b2ea26d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-0708", "type": "exploited", "source": "https://t.me/antichat/5981", "content": "Public work for CVE-2019-0708 https://github.com/0xeb-bp/bluekeep #exploit #radare2", "creation_timestamp": "2019-07-24T10:35:47.000000Z"}, {"uuid": "20dc72ce-a82f-48e6-b242-ee9c6cd1a8f5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-0708", "type": "exploited", "source": "https://t.me/antichat/6998", "content": "BlueKeep (CVE 2019-0708) exploitation spotted in the wild\nhttps://www.kryptoslogic.com/blog/2019/11/bluekeep-cve-2019-0708-exploitation-spotted-in-the-wild/", "creation_timestamp": "2019-11-07T16:56:43.000000Z"}, {"uuid": "a8261967-4739-4103-b591-1adc73d9f543", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-0708", "type": "exploited", "source": "https://t.me/CyberGovIL/622", "content": "\u05de\u05d9\u05e7\u05e8\u05d5\u05e1\u05d5\u05e4\u05d8 \u05e4\u05e8\u05e1\u05de\u05d4 \u05d1\u05d7\u05d5\u05d3\u05e9 \u05de\u05d0\u05d9 \u05d4\u05d0\u05d7\u05e8\u05d5\u05df \u05db\u05d9 \u05d6\u05d5\u05d4\u05ea\u05d4 \u05e4\u05d2\u05d9\u05e2\u05d5\u05ea \u05e7\u05e8\u05d9\u05d8\u05d9\u05ea \u05d1\u05e9\u05d9\u05e8\u05d5\u05ea Remote Desktop Services (CVE-2019-0708), \u05d4\u05de\u05e9\u05de\u05e9 \u05dc\u05d2\u05d9\u05e9\u05d4 \u05de\u05e8\u05d7\u05d5\u05e7 \u05dc\u05ea\u05d7\u05e0\u05d5\u05ea \u05e2\u05d1\u05d5\u05d3\u05d4 \u05d5\u05e9\u05e8\u05ea\u05d9\u05dd \u05d4\u05e4\u05d5\u05e2\u05dc\u05d9\u05dd \u05e2\u05dc \u05d2\u05d1\u05d9 \u05de\u05e2\u05e8\u05db\u05ea \u05d4\u05d4\u05e4\u05e2\u05dc\u05d4 Windows, \u05d1\u05d2\u05e8\u05e1\u05d0\u05d5\u05ea \u05d9\u05e9\u05e0\u05d5\u05ea.\n\u05d4\u05d2\u05e8\u05e1\u05d0\u05d5\u05ea \u05d4\u05e4\u05d2\u05d9\u05e2\u05d5\u05ea \u05d4\u05d9\u05e0\u05df Windows XP, 2003, 7, 2008.\n\u05de\u05e2\u05e8\u05da \u05d4\u05e1\u05d9\u05d9\u05d1\u05e8 \u05d4\u05dc\u05d0\u05d5\u05de\u05d9 \u05d4\u05ea\u05e8\u05d9\u05e2 \u05de\u05d9\u05d3 \u05dc\u05d0\u05d7\u05e8 \u05d4\u05e4\u05e8\u05e1\u05d5\u05dd \u05dc\u05d2\u05d1\u05d9 \u05d4\u05e6\u05d5\u05e8\u05da \u05dc\u05e2\u05d3\u05db\u05df \u05de\u05e2\u05e8\u05db\u05d5\u05ea \u05d4\u05e4\u05e2\u05dc\u05d4 \u05d0\u05dc\u05d5.\n\n[\u05e2\u05d3\u05db\u05d5\u05df 2] \u05d1\u05d9\u05de\u05d9\u05dd \u05d4\u05d0\u05d7\u05e8\u05d5\u05e0\u05d9\u05dd \u05d6\u05d5\u05d4\u05ea\u05d4 \u05e4\u05e2\u05d9\u05dc\u05d5\u05ea \u05ea\u05e7\u05d9\u05e4\u05d4 \u05d4\u05de\u05e0\u05e6\u05dc\u05ea \u05e4\u05d2\u05d9\u05e2\u05d5\u05ea \u05d6\u05d5 \u05dc\u05d4\u05ea\u05e7\u05e0\u05ea \u05e4\u05d5\u05d2\u05e2\u05df \u05d4\u05de\u05d1\u05e6\u05e2 \u05db\u05e8\u05d9\u05d9\u05ea \u05de\u05d8\u05d1\u05e2\u05d5\u05ea \u05d5\u05d9\u05e8\u05d8\u05d5\u05d0\u05dc\u05d9\u05d9\u05dd.\n\n\u05d0\u05e0\u05d5 \u05d7\u05d5\u05d6\u05e8\u05d9\u05dd \u05d5\u05de\u05de\u05dc\u05d9\u05e6\u05d9\u05dd \u05d1\u05ea\u05d5\u05e7\u05e3 \u05dc\u05d1\u05d7\u05d5\u05df \u05d5\u05dc\u05d4\u05ea\u05e7\u05d9\u05df \u05d0\u05ea \u05e2\u05d3\u05db\u05d5\u05e0\u05d9 \u05d4\u05d0\u05d1\u05d8\u05d7\u05d4 \u05d4\u05e8\u05dc\u05d5\u05d5\u05e0\u05d8\u05d9\u05d9\u05dd \u05d1\u05d4\u05e7\u05d3\u05dd \u05d4\u05d0\u05e4\u05e9\u05e8\u05d9.", "creation_timestamp": "2019-11-03T17:12:05.000000Z"}, {"uuid": "4265dd0a-f00a-4550-baff-8238327759a7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-0708", "type": "published-proof-of-concept", "source": "https://t.me/tech_b0lt_Genona/546", "content": "CVE-2019-0708 Technical Analysis (RDP-RCE)\nhttps://wazehell.io/2019/05/22/cve-2019-0708-technical-analysis-rdp-rce/", "creation_timestamp": "2019-05-26T16:32:53.000000Z"}, {"uuid": "768ee19b-e4f7-4a27-ac55-9cf33d28772a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-0708", "type": "exploited", "source": "https://t.me/tech_b0lt_Genona/534", "content": "Scanner PoC for CVE-2019-0708 RDP RCE vuln \nhttps://github.com/zerosum0x0/CVE-2019-0708", "creation_timestamp": "2019-05-22T12:00:05.000000Z"}, {"uuid": "fe9e17f8-0c39-4c95-99c5-ff1fa1cc7080", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-0708", "type": "exploited", "source": "https://t.me/tech_b0lt_Genona/860", "content": "\u0415\u0449\u0451 \u043d\u0435 \u0443\u0441\u043f\u0435\u043b\u0430 \u043e\u0442\u0448\u0443\u043c\u0435\u0442\u044c \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c BlueKeep (CVE-2019-0708) \u0434\u043b\u044f \u0441\u0442\u0430\u0440\u044b\u0445 \u0432\u0435\u0440\u0441\u0438\u0439 \u041e\u0421 Windows, \u043d\u0430\u0446\u0435\u043b\u0435\u043d\u043d\u0430\u044f \u043d\u0430 \u0440\u0435\u0430\u043b\u0438\u0437\u0430\u0446\u0438\u044e \u043f\u0440\u043e\u0442\u043e\u043a\u043e\u043b\u0430 RDP, \u043a\u0430\u043a \u0441\u043d\u043e\u0432\u0430 \u043f\u043e\u0440\u0430 \u0441\u0442\u0430\u0432\u0438\u0442\u044c \u043f\u0430\u0442\u0447\u0438. \u0422\u0435\u043f\u0435\u0440\u044c \u0432 \u0437\u043e\u043d\u0443 \u043f\u043e\u0440\u0430\u0436\u0435\u043d\u0438\u044f \u043f\u043e\u043f\u0430\u043b\u0438 \u0432\u0441\u0451 \u043d\u043e\u0432\u044b\u0435 \u0432\u0435\u0440\u0441\u0438\u0438 Windows. \u0415\u0441\u043b\u0438 \u043e\u0446\u0435\u043d\u0438\u0432\u0430\u0442\u044c \u043f\u043e\u0442\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u0443\u044e \u0443\u0433\u0440\u043e\u0437\u0443 \u043e\u0442 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u043f\u0443\u0442\u0435\u043c \u043f\u0440\u044f\u043c\u043e\u0439 \u0430\u0442\u0430\u043a\u0438 \u0438\u0437 \u0438\u043d\u0442\u0435\u0440\u043d\u0435\u0442\u0430 \u043f\u043e \u043c\u0435\u0442\u043e\u0434\u0443 WannaCry, \u0442\u043e \u043e\u043d\u0430 \u0430\u043a\u0442\u0443\u0430\u043b\u044c\u043d\u0430 \u0434\u043b\u044f \u043d\u0435\u0441\u043a\u043e\u043b\u044c\u043a\u0438\u0445 \u0441\u043e\u0442\u0435\u043d \u0442\u044b\u0441\u044f\u0447 \u0445\u043e\u0441\u0442\u043e\u0432 \u0432 \u043c\u0438\u0440\u0435 \u0438 \u043d\u0435\u0441\u043a\u043e\u043b\u044c\u043a\u0438\u0445 \u0434\u0435\u0441\u044f\u0442\u043a\u043e\u0432 \u0442\u044b\u0441\u044f\u0447 \u0445\u043e\u0441\u0442\u043e\u0432 \u0432 \u0420\u043e\u0441\u0441\u0438\u0438.\n\nBlueKeep-2 \u2014 \u0442\u0435\u043f\u0435\u0440\u044c \u0438 \u0434\u043b\u044f \u0432\u0441\u0435\u0445 \u043d\u043e\u0432\u044b\u0445 \u0432\u0435\u0440\u0441\u0438\u0439 Windows\nhttps://habr.com/ru/company/solarsecurity/blog/463591/", "creation_timestamp": "2019-08-13T20:30:21.000000Z"}, {"uuid": "e9549234-19a7-4a9f-b102-aa4806e83eb7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-0708", "type": "published-proof-of-concept", "source": "https://t.me/tech_b0lt_Genona/562", "content": "\u0415\u0441\u043b\u0438 \u0432\u044b \u0434\u043e \u0441\u0438\u0445 \u043f\u043e\u0440 \u043d\u0435 \u0437\u0430\u043a\u0440\u044b\u043b\u0438 \u0441\u0432\u043e\u0438 Windows 2003, XP, Vista, 7 \u0438 Windows Server 2008/2008 R2 \u043e\u0442 CVE-2019-0708, \u0442\u043e \u043d\u0430\u0441\u0442\u043e\u044f\u0442\u0435\u043b\u044c\u043d\u043e \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u044e \u044d\u0442\u043e \u0441\u0434\u0435\u043b\u0430\u0442\u044c \u0438 \u043a\u0430\u043a \u043c\u043e\u0436\u043d\u043e \u0441\u043a\u043e\u0440\u0435\u0435. ;) \n\n\u0415\u0441\u043b\u0438 \u0432\u044b \u043d\u0435 \u043f\u043e\u043d\u044f\u043b\u0438, \u0442\u043e \u0441\u0435\u0439\u0447\u0430\u0441 \u043b\u044e\u0431\u043e\u0439 \u201c\u043c\u0430\u043c\u043a\u0438\u043d-\u0445\u0430\u043a\u043a\u0438\u0440\u201d \u043c\u043e\u0436\u0435\u0442 \u0447\u0435\u0440\u0435\u0437 \u0434\u044b\u0440\u043a\u0443 \u0432 RDP \u0434\u043e\u0441\u0442\u0430\u0432\u0438\u0442\u044c \u0432 \u0432\u0430\u0448\u0443 \u0446\u0435\u043b\u0435\u0432\u0443\u044e \u0441\u0438\u0441\u0442\u0435\u043c\u0443 \u0432\u0441\u0435, \u0447\u0442\u043e \u0437\u0430\u0445\u043e\u0442\u0438\u0442\u0435: \u043e\u0442 \u043c\u0430\u0439\u043d\u0435\u0440\u0430 \u0434\u043e \u0447\u043e\u0440\u0442 \u0437\u043d\u0430\u0435\u0442 \u0447\u0435\u0433\u043e. \n\nWindows XP, Vista, WS 2003 - https://support.microsoft.com/en-us/help/4500705/customer-guidance-for-cve-2019-0708\nWindows 7, WS 2008/2008 R2 - https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0708\n\u0421\u043a\u0430\u043d\u0435\u0440 \u043d\u0430 \u043f\u0438\u0442\u043e\u043d\u0435 - https://github.com/zerosum0x0/CVE-2019-0708", "creation_timestamp": "2019-05-31T23:04:08.000000Z"}, {"uuid": "265d531b-33c5-4c8d-947a-950a526bc952", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-0708", "type": "seen", "source": "https://t.me/tech_b0lt_Genona/528", "content": "Proactive detection content: CVE-2019\u20130708 vs MITRE ATT&CK, Sigma, Elastic and ArcSight\nhttps://medium.com/@ab_65156/proactive-detection-content-cve-2019-0708-vs-mitre-att-ck-sigma-elastic-and-arcsight-22f9ebae7d82", "creation_timestamp": "2019-05-20T20:14:00.000000Z"}, {"uuid": "620ef172-aa8c-4a5b-acdc-1dcb904ce751", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-0708", "type": "seen", "source": "https://t.me/tech_b0lt_Genona/505", "content": "\u0422\u0443\u0442 \u0432 RDP \u0434\u044b\u0440\u0443 \u0442\u0430\u043a\u0443\u044e \u043d\u0430\u0448\u043b\u0438, \u0447\u0442\u043e \u0430\u0436 \u0434\u043b\u044f XP \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0438 \u0430\u043f\u0434\u0435\u0439\u0442\u044b \nhttps://support.microsoft.com/en-us/help/4500705/customer-guidance-for-cve-2019-0708\n\n\u0414\u043b\u044f \u0432\u0435\u0440\u0441\u0438\u0439 \u043f\u043e\u043d\u043e\u0432\u0435\u0439 (\u0441 8 \u0438 10 \u0432\u0441\u0451 \u043d\u043e\u0440\u043c\u0430\u043b\u044c\u043d\u043e)\nhttps://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0708", "creation_timestamp": "2019-05-14T21:31:48.000000Z"}, {"uuid": "6469821d-6562-4cc6-81ec-3e3ebf360a4a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-0708", "type": "seen", "source": "https://t.me/tech_b0lt_Genona/627", "content": "CVE-2019-0708 in action", "creation_timestamp": "2019-06-21T19:31:30.000000Z"}, {"uuid": "d5cee960-0625-4978-894b-f80aa67df0cc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-0708", "type": "published-proof-of-concept", "source": "https://t.me/BleepingComputer/5083", "content": "BlueKeep Remote Desktop Exploits Are Coming, Patch Now!\n\nSecurity researchers have created exploits for the remote code execution vulnerability in Microsoft's Remote Desktop Services, tracked as CVE-2019-0708 and dubbed BlueKeep, and hackers may not be far behind. [...]\n\nhttps://www.bleepingcomputer.com/news/security/bluekeep-remote-desktop-exploits-are-coming-patch-now/", "creation_timestamp": "2019-05-21T02:03:05.000000Z"}, {"uuid": "c09f8084-9b63-418e-8aa6-214dcca61a1f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-0708", "type": "exploited", "source": "https://t.me/BleepingComputer/5098", "content": "Researchers Demo PoC For Remote Desktop BlueKeep RCE Exploit\n\nA proof-of-concept\u00a0remote code execution (RCE) exploit\u00a0for the wormable BlueKeep vulnerability tracked as CVE-2019-0708 has been demoed by security researchers from McAfee Labs. [...]\n\nhttps://www.bleepingcomputer.com/news/security/researchers-demo-poc-for-remote-desktop-bluekeep-rce-exploit/", "creation_timestamp": "2019-05-22T14:38:07.000000Z"}, {"uuid": "689d6158-4be4-4621-8a17-6167f9d23ac8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-0708", "type": "exploited", "source": "https://t.me/BleepingComputer/5327", "content": "BlueKeep Warnings Pay Off, Boost Patching in Enterprise Networks\n\nThe multiple warnings about patching Windows systems against the BlueKeep vulnerability (CVE-2019-0708) have not gone unheeded. Administrators of enterprise networks listened and updated most of the machines affected by the issue. [...]\n\nhttps://www.bleepingcomputer.com/news/security/bluekeep-warnings-pay-off-boost-patching-in-enterprise-networks/", "creation_timestamp": "2019-06-21T17:10:45.000000Z"}, {"uuid": "3142449a-860f-4adf-8b5c-c447b9576c5a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-0708", "type": "exploited", "source": "https://t.me/CyberGovIL/543", "content": "\u05de\u05d9\u05e7\u05e8\u05d5\u05e1\u05d5\u05e4\u05d8 \u05e4\u05e8\u05e1\u05de\u05d4 \u05d1\u05d7\u05d5\u05d3\u05e9 \u05de\u05d0\u05d9 \u05d4\u05d0\u05d7\u05e8\u05d5\u05df \u05db\u05d9 \u05d6\u05d5\u05d4\u05ea\u05d4 \u05e4\u05d2\u05d9\u05e2\u05d5\u05ea \u05e7\u05e8\u05d9\u05d8\u05d9\u05ea \u05d1\u05e9\u05d9\u05e8\u05d5\u05ea Remote Desktop Services (CVE-2019-0708),\n\u05d4\u05de\u05e9\u05de\u05e9 \u05dc\u05d2\u05d9\u05e9\u05d4 \u05de\u05e8\u05d7\u05d5\u05e7 \u05dc\u05ea\u05d7\u05e0\u05d5\u05ea \u05e2\u05d1\u05d5\u05d3\u05d4 \u05d5\u05e9\u05e8\u05ea\u05d9\u05dd \u05d4\u05e4\u05d5\u05e2\u05dc\u05d9\u05dd \u05e2\u05dc \u05d2\u05d1\u05d9 \u05de\u05e2\u05e8\u05db\u05ea \u05d4\u05d4\u05e4\u05e2\u05dc\u05d4 Windows, \u05d1\u05d2\u05e8\u05e1\u05d0\u05d5\u05ea \u05d9\u05e9\u05e0\u05d5\u05ea.\n\n\u05d4\u05d2\u05e8\u05e1\u05d0\u05d5\u05ea \u05d4\u05e4\u05d2\u05d9\u05e2\u05d5\u05ea \u05d4\u05d9\u05e0\u05df Windows XP, 2003, 7, 2008.\n\u05de\u05e2\u05e8\u05da \u05d4\u05e1\u05d9\u05d9\u05d1\u05e8 \u05d4\u05dc\u05d0\u05d5\u05de\u05d9 \u05d4\u05ea\u05e8\u05d9\u05e2 \u05de\u05d9\u05d3 \u05dc\u05d0\u05d7\u05e8 \u05d4\u05e4\u05e8\u05e1\u05d5\u05dd \u05dc\u05d2\u05d1\u05d9 \u05d4\u05e6\u05d5\u05e8\u05da \u05dc\u05e2\u05d3\u05db\u05df \u05de\u05e2\u05e8\u05db\u05d5\u05ea \u05d4\u05e4\u05e2\u05dc\u05d4 \u05d0\u05dc\u05d5.\n\u05dc\u05d0\u05d5\u05e8 \u05d4\u05e2\u05d5\u05d1\u05d3\u05d4 \u05db\u05d9 \u05dc\u05d0\u05d7\u05e8\u05d5\u05e0\u05d4 \u05e4\u05d5\u05e8\u05e1\u05dd \u05de\u05d9\u05d3\u05e2 \u05d8\u05db\u05e0\u05d9 \u05d4\u05de\u05e4\u05e8\u05d8 \u05db\u05d9\u05e6\u05d3 \u05e0\u05d9\u05ea\u05df \u05dc\u05e0\u05e6\u05dc \u05e4\u05d2\u05d9\u05e2\u05d5\u05ea \u05d6\u05d5,\n\u05d6\u05d5\u05d4\u05d5 \u05e1\u05e8\u05d9\u05e7\u05d5\u05ea \u05d0\u05d7\u05e8 \u05e4\u05d2\u05d9\u05e2\u05d5\u05ea \u05d6\u05d5 \u05d1\u05e8\u05e9\u05ea \u05d4\u05d0\u05d9\u05e0\u05d8\u05e8\u05e0\u05d8, \u05d5\u05d7\u05d1\u05e8\u05d4 \u05de\u05e1\u05d7\u05e8\u05d9\u05ea \u05d4\u05e4\u05d9\u05e6\u05d4 \u05e2\u05d3\u05db\u05d5\u05df \u05dc\u05ea\u05d5\u05db\u05e0\u05d4 \u05d4\u05de\u05de\u05de\u05e9 \u05d0\u05ea \u05d4\u05e4\u05d2\u05d9\u05e2\u05d5\u05ea,\n\n\u05d4\u05e1\u05d9\u05db\u05d5\u05df \u05dc\u05ea\u05e7\u05d9\u05e4\u05d4 \u05e7\u05e8\u05d5\u05d1\u05d4 \u05e2\u05d5\u05dc\u05d4 \u05de\u05e9\u05de\u05e2\u05d5\u05ea\u05d9\u05ea.\n\n\u05d0\u05e0\u05d5 \u05d7\u05d5\u05d6\u05e8\u05d9\u05dd \u05d5\u05de\u05de\u05dc\u05d9\u05e6\u05d9\u05dd \u05d1\u05ea\u05d5\u05e7\u05e3 \u05dc\u05d1\u05d7\u05d5\u05df \u05d5\u05dc\u05d4\u05ea\u05e7\u05d9\u05df \u05d0\u05ea \u05e2\u05d3\u05db\u05d5\u05e0\u05d9 \u05d4\u05d0\u05d1\u05d8\u05d7\u05d4 \u05d4\u05e8\u05dc\u05d5\u05d5\u05e0\u05d8\u05d9\u05d9\u05dd \u05d1\u05d4\u05e7\u05d3\u05dd \u05d4\u05d0\u05e4\u05e9\u05e8\u05d9.", "creation_timestamp": "2019-07-30T13:44:57.000000Z"}, {"uuid": "298b0bad-3725-4a1d-aad4-84c7ab0563e0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-0708", "type": "exploited", "source": "https://t.me/CyberGovIL/589", "content": "\u05de\u05d9\u05e7\u05e8\u05d5\u05e1\u05d5\u05e4\u05d8 \u05e4\u05e8\u05e1\u05de\u05d4 \u05d1\u05d7\u05d5\u05d3\u05e9 \u05de\u05d0\u05d9 \u05d4\u05d0\u05d7\u05e8\u05d5\u05df \u05db\u05d9 \u05d6\u05d5\u05d4\u05ea\u05d4 \u05e4\u05d2\u05d9\u05e2\u05d5\u05ea \u05e7\u05e8\u05d9\u05d8\u05d9\u05ea \u05d1\u05e9\u05d9\u05e8\u05d5\u05ea Remote Desktop Services (CVE-2019-0708), \u05d4\u05de\u05e9\u05de\u05e9 \u05dc\u05d2\u05d9\u05e9\u05d4 \u05de\u05e8\u05d7\u05d5\u05e7 \u05dc\u05ea\u05d7\u05e0\u05d5\u05ea \u05e2\u05d1\u05d5\u05d3\u05d4 \u05d5\u05e9\u05e8\u05ea\u05d9\u05dd \u05d4\u05e4\u05d5\u05e2\u05dc\u05d9\u05dd \u05e2\u05dc \u05d2\u05d1\u05d9 \u05de\u05e2\u05e8\u05db\u05ea \u05d4\u05d4\u05e4\u05e2\u05dc\u05d4 Windows, \u05d1\u05d2\u05e8\u05e1\u05d0\u05d5\u05ea \u05d9\u05e9\u05e0\u05d5\u05ea.\n\u05d4\u05d2\u05e8\u05e1\u05d0\u05d5\u05ea \u05d4\u05e4\u05d2\u05d9\u05e2\u05d5\u05ea \u05d4\u05d9\u05e0\u05df Windows XP, 2003, 7, 2008.\n\u05de\u05e2\u05e8\u05da \u05d4\u05e1\u05d9\u05d9\u05d1\u05e8 \u05d4\u05dc\u05d0\u05d5\u05de\u05d9 \u05d4\u05ea\u05e8\u05d9\u05e2 \u05de\u05d9\u05d3 \u05dc\u05d0\u05d7\u05e8 \u05d4\u05e4\u05e8\u05e1\u05d5\u05dd \u05dc\u05d2\u05d1\u05d9 \u05d4\u05e6\u05d5\u05e8\u05da \u05dc\u05e2\u05d3\u05db\u05df \u05de\u05e2\u05e8\u05db\u05d5\u05ea \u05d4\u05e4\u05e2\u05dc\u05d4 \u05d0\u05dc\u05d5.\n[\u05e2\u05d3\u05db\u05d5\u05df] \u05dc\u05d0\u05d5\u05e8 \u05d4\u05e2\u05d5\u05d1\u05d3\u05d4 \u05db\u05d9 \u05dc\u05d0\u05d7\u05e8\u05d5\u05e0\u05d4 \u05e4\u05d5\u05e8\u05e1\u05dd \u05de\u05d9\u05d3\u05e2 \u05d8\u05db\u05e0\u05d9 \u05d4\u05de\u05e4\u05e8\u05d8 \u05db\u05d9\u05e6\u05d3 \u05e0\u05d9\u05ea\u05df \u05dc\u05e0\u05e6\u05dc \u05e4\u05d2\u05d9\u05e2\u05d5\u05ea \u05d6\u05d5, \u05d6\u05d5\u05d4\u05d5 \u05e1\u05e8\u05d9\u05e7\u05d5\u05ea \u05d0\u05d7\u05e8 \u05e4\u05d2\u05d9\u05e2\u05d5\u05ea \u05d6\u05d5 \u05d1\u05e8\u05e9\u05ea \u05d4\u05d0\u05d9\u05e0\u05d8\u05e8\u05e0\u05d8, \u05d7\u05d1\u05e8\u05d4 \u05de\u05e1\u05d7\u05e8\u05d9\u05ea \u05d4\u05e4\u05d9\u05e6\u05d4 \u05e2\u05d3\u05db\u05d5\u05df \u05dc\u05ea\u05d5\u05db\u05e0\u05d4 \u05d4\u05de\u05de\u05de\u05e9 \u05d0\u05ea \u05d4\u05e4\u05d2\u05d9\u05e2\u05d5\u05ea \u05d5\u05e4\u05d5\u05e8\u05e1\u05dd \u05e4\u05d5\u05de\u05d1\u05d9\u05ea Exploit \u05d4\u05de\u05d0\u05e4\u05e9\u05e8 \u05dc\u05de\u05de\u05e9 \u05d0\u05ea \u05d4\u05e4\u05d2\u05d9\u05e2\u05d5\u05ea \u05dc\u05d4\u05e8\u05e6\u05ea \u05e7\u05d5\u05d3 \u05de\u05e8\u05d7\u05d5\u05e7, \u05d4\u05e1\u05d9\u05db\u05d5\u05df \u05dc\u05ea\u05e7\u05d9\u05e4\u05d4 \u05e2\u05d5\u05dc\u05d4 \u05de\u05e9\u05de\u05e2\u05d5\u05ea\u05d9\u05ea.\n\u05d0\u05e0\u05d5 \u05d7\u05d5\u05d6\u05e8\u05d9\u05dd \u05d5\u05de\u05de\u05dc\u05d9\u05e6\u05d9\u05dd \u05d1\u05ea\u05d5\u05e7\u05e3 \u05dc\u05d1\u05d7\u05d5\u05df \u05d5\u05dc\u05d4\u05ea\u05e7\u05d9\u05df \u05d0\u05ea \u05e2\u05d3\u05db\u05d5\u05e0\u05d9 \u05d4\u05d0\u05d1\u05d8\u05d7\u05d4 \u05d4\u05e8\u05dc\u05d5\u05d5\u05e0\u05d8\u05d9\u05d9\u05dd \u05d1\u05d4\u05e7\u05d3\u05dd \u05d4\u05d0\u05e4\u05e9\u05e8\u05d9.", "creation_timestamp": "2019-09-08T09:56:49.000000Z"}, {"uuid": "fd0fe37e-1cf1-4fbb-ad2a-6f1eda813584", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-0708", "type": "exploited", "source": "https://t.me/poxek/1195", "content": "Bluekeep PoC\n\u042d\u0442\u043e \u0440\u0435\u043f\u043e\u0437\u0438\u0442\u043e\u0440\u0438\u0439 \u0441\u043e\u0434\u0435\u0440\u0436\u0438\u0442 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u043d\u0438\u044f, \u043a\u0430\u0441\u0430\u044e\u0449\u0438\u0435\u0441\u044f CVE-2019-0708.\nBluekeep \u0438\u043b\u0438 CVE-2019-0708 - \u044d\u0442\u043e RCE-\u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u0432\u043e\u0437\u0434\u0435\u0439\u0441\u0442\u0432\u0443\u0435\u0442 \u043d\u0430 \u0441\u043b\u0435\u0434\u0443\u044e\u0449\u0438\u0435 \u0432\u0435\u0440\u0441\u0438\u0438 \u0441\u0438\u0441\u0442\u0435\u043c Windows:\nWindows 2003\nWindows XP\nWindows Vista\nWindows 7\nWindows Server 2008\nWindows Server 2008 R2\n\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432\u043e\u0437\u043d\u0438\u043a\u0430\u0435\u0442 \u0432\u043e \u0432\u0440\u0435\u043c\u044f \u043f\u0440\u0435\u0434\u0432\u0430\u0440\u0438\u0442\u0435\u043b\u044c\u043d\u043e\u0439 \u0430\u0432\u0442\u043e\u0440\u0438\u0437\u0430\u0446\u0438\u0438 \u0438 \u043c\u043e\u0436\u0435\u0442 \u043f\u0440\u0438\u0432\u0435\u0441\u0442\u0438 \u043a \u0437\u0430\u043f\u0443\u0441\u043a\u0443 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u043e\u0433\u043e \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u043e\u0433\u043e \u043a\u043e\u0434\u0430 \u0432 \u043a\u043e\u043d\u0442\u0435\u043a\u0441\u0442\u0435 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f NT Authority\\system.\n\nhttps://github.com/Ekultek/BlueKeep\n\n\u0414\u043d\u0435\u0432\u043d\u0438\u043a \u0411\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u0438\u043a\u0430 \ud83d\udee1", "creation_timestamp": "2022-04-01T07:33:44.000000Z"}, {"uuid": "0f9f6ae1-b302-4245-a42d-88a3f7d0ca80", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-0708", "type": "exploited", "source": "https://t.me/CyberBulletin/10653", "content": "\u26a1\ufe0fKimsuky is back\u2014and digging deep.\n\nA new Larva-24005 campaign is exploiting old RDP bugs (BlueKeep, CVE-2019-0708) to breach systems in South Korea, Japan & beyond\u2014with targets across energy, finance & tech.\n\n#CyberBulletin", "creation_timestamp": "2025-04-22T13:59:42.000000Z"}, {"uuid": "1df53d87-cdfe-415d-84b3-e2634cfd6785", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-0708", "type": "seen", "source": "Telegram/yxw_Qmms97U0a96QVcyS0kqAzck8vJuI6ECdzMg45RQdO6OK", "content": "", "creation_timestamp": "2021-08-12T05:29:43.000000Z"}, {"uuid": "5262d1e5-ca48-436b-8cd0-131e728fdab2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-0708", "type": "exploited", "source": "https://t.me/alexmakus/2953", "content": "\u0410 \u043f\u043e\u043c\u043d\u0438\u0442\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2019-0708, \u0434\u043b\u044f \u043a\u043e\u0442\u043e\u0440\u043e\u0439 Microsoft \u0434\u0430\u0436\u0435 \u0434\u043b\u044f Win XP \u043f\u0430\u0442\u0447 \u0432\u044b\u043f\u0443\u0441\u043a\u0430\u043b\u0430? (https://t.me/alexmakus/2836) \u0414\u0430-\u0434\u0430, \u0442\u043e\u0442 \u0441\u0430\u043c\u044b\u0439 BlueKeep, \u0441\u043f\u043e\u0441\u043e\u0431\u043d\u044b\u0439 \u0441\u0434\u0435\u043b\u0430\u0442\u044c \u0442\u0430\u043a, \u0447\u0442\u043e \u0434\u0430\u0436\u0435 NotPetya \u043f\u043e\u043a\u0430\u0436\u0435\u0442\u0441\u044f \u043c\u0435\u043b\u043e\u0447\u044c\u044e, \u0438 \u043a \u043f\u0430\u0442\u0447\u0443 \u043a\u043e\u0442\u043e\u0440\u043e\u0433\u043e \u043f\u0440\u0438\u0437\u044b\u0432\u0430\u043b\u0430 \u0434\u0430\u0436\u0435 NSA (https://t.me/alexmakus/2879). \u041f\u043e\u0447\u0435\u043c\u0443 \u044f \u0432\u043d\u0435\u0437\u0430\u043f\u043d\u043e \u0432\u0441\u043f\u043e\u043c\u043d\u0438\u043b \u043e\u0431 \u044d\u0442\u043e\u043c? \u0412\u043e \u0432\u0442\u043e\u0440\u043d\u0438\u043a \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u044f Immunity \u0430\u043d\u043e\u043d\u0441\u0438\u0440\u043e\u0432\u0430\u043b\u0430 \u0440\u0435\u043b\u0438\u0437 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u0432\u043e\u0439\u0434\u0435\u0442 \u0432 \u0441\u043e\u0441\u0442\u0430\u0432 \u0438\u0445 \u0438\u043d\u0441\u0442\u0440\u0443\u043c\u0435\u043d\u0442\u0430 \u0434\u043b\u044f \u043f\u0435\u043d\u0442\u0435\u0441\u0442\u043e\u0432 Canvas (https://twitter.com/Immunityinc/status/1153752470130221057). \u0412 \u0438\u043d\u0442\u0435\u0440\u043d\u0435\u0442\u0435 \u0432\u0441\u0435 \u0435\u0449\u0435 \u043f\u043e\u043b\u043d\u043e \u043a\u043e\u043c\u043f\u044c\u044e\u0442\u0435\u0440\u043e\u0432, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043d\u0435 \u043f\u0440\u043e\u043f\u0430\u0442\u0447\u0438\u043b\u0438\u0441\u044c \u043e\u0442 \u044d\u0442\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438, \u043d\u043e, \u043a\u0430\u043a \u043f\u043e \u043c\u043d\u0435, \u043a\u0442\u043e \u043d\u0435 \u043f\u0440\u043e\u0430\u043f\u0434\u0435\u0439\u0442\u0438\u043b\u0441\u044f \u0434\u043e \u044d\u0442\u043e\u0433\u043e \u043c\u043e\u043c\u0435\u043d\u0442\u0430, \u0437\u0430\u0441\u043b\u0443\u0436\u0438\u0432\u0430\u0435\u0442 \u043f\u043e\u0441\u043b\u0435\u0434\u0441\u0442\u0432\u0438\u0439.", "creation_timestamp": "2019-07-26T15:25:46.000000Z"}, {"uuid": "1c230196-8920-4adb-9579-7a3d41419ccc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-0708", "type": "exploited", "source": "https://t.me/alexmakus/2879", "content": "\u0414\u0430\u0436\u0435 NSA (\u0434\u0430, \u0438\u043c\u0435\u043d\u043d\u043e \u0442\u0430 NSA) \u043f\u0440\u0438\u0437\u044b\u0432\u0430\u0435\u0442 \u043f\u0430\u0442\u0447\u0438\u0442\u044c\u0441\u044f \u043f\u0440\u043e\u0442\u0438\u0432 CVE-2019-0708, \u043e\u043d\u0430 \u0436\u0435 \u0438\u0437\u0432\u0435\u0441\u0442\u043d\u0430\u044f \u043a\u0430\u043a  \u00abBlueKeep\u00bb. \u041c\u043e\u0436\u043d\u043e, \u043a\u043e\u043d\u0435\u0447\u043d\u043e, \u0437\u0430\u043f\u043e\u0434\u043e\u0437\u0440\u0438\u0442\u044c \u043f\u043e\u0434\u0432\u043e\u0445, \u043d\u043e \u0441\u043a\u043e\u0440\u0435\u0435 \u043e\u043d\u0438 \u0445\u043e\u0442\u044f\u0442 \u0438\u0437\u0431\u0435\u0436\u0430\u0442\u044c \u0435\u0449\u0451 \u043e\u0434\u043d\u043e\u0433\u043e \u0441\u043a\u0430\u043d\u0434\u0430\u043b\u0430, \u043a\u0430\u043a \u0441 WannaCry, \u043a\u043e\u0433\u0434\u0430 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442\u0441\u044f \u0443\u0442\u0451\u043a\u0448\u0430\u044f \u043e\u0442 \u043d\u0438\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \nhttps://www.nsa.gov/News-Features/News-Stories/Article-View/Article/1865726/nsa-cybersecurity-advisory-patch-remote-desktop-services-on-legacy-versions-of/", "creation_timestamp": "2019-06-08T17:59:27.000000Z"}, {"uuid": "08e9efba-e0b8-4148-8884-104ce32876d9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-0708", "type": "exploited", "source": "https://t.me/alexmakus/2866", "content": "Microsoft \u0442\u0443\u0442 \u0432\u0441\u044f\u0447\u0435\u0441\u043a\u0438 \u043f\u0440\u0438\u0437\u044b\u0432\u0430\u0435\u0442 \u043d\u0435 \u0437\u0430\u0442\u044f\u0433\u0438\u0432\u0430\u0442\u044c \u0441 \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043a\u043e\u0439 \u0430\u043f\u0434\u0435\u0439\u0442\u0430 \u043f\u0440\u043e\u0442\u0438\u0432 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 Remote Desktop Services (\u0442\u0430 \u0441\u0430\u043c\u0430\u044f CVE-2019-0708, \u0434\u043b\u044f \u043a\u043e\u0442\u043e\u0440\u043e\u0439 \u043d\u0435\u0434\u0430\u0432\u043d\u043e \u0432\u044b\u0448\u0435\u043b \u0430\u043f\u0434\u0435\u0439\u0442 \u0434\u043b\u044f Windows, \u0432\u043a\u043b\u044e\u0447\u0430\u044f XP). Microsoft \u0433\u043e\u0432\u043e\u0440\u0438\u0442, \u0447\u0442\u043e \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442 \u0441\u0443\u0449\u0435\u0441\u0442\u0432\u0443\u0435\u0442 \u0438 \u043f\u0440\u0438\u043c\u0435\u043d\u044f\u0435\u0442\u0441\u044f (\u0447\u0438\u0442\u0430\u0442\u0435\u043b\u044c\u043d\u0438\u0446\u0430 \u043a\u0430\u043d\u0430\u043b\u0430 \u0434\u0430\u0436\u0435 \u043f\u0440\u0438\u0441\u044b\u043b\u0430\u043b\u0430 \u043c\u043d\u0435 \u0441\u0441\u044b\u043b\u043a\u0443 \u043d\u0430 proof of concept \u0434\u043b\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438), \u043f\u043e\u044d\u0442\u043e\u043c\u0443 \u0441\u0442\u0430\u0432\u044c\u0442\u0435 \u0430\u043f\u0434\u0435\u0439\u0442\u044b, \u043f\u043e\u043a\u0430 \u043d\u0435 \u043d\u0430\u0447\u0430\u043b\u043e\u0441\u044c! \u0413\u043e\u0432\u043e\u0440\u044f\u0442, \u0447\u0442\u043e \u0432 \u0441\u0435\u0442\u0438 \u043d\u0430\u0441\u0447\u0438\u0442\u044b\u0432\u0430\u0435\u0442\u0441\u044f \u0435\u0449\u0435 \u0431\u043e\u043b\u0435\u0435 1 \u043c\u0438\u043b\u043b\u0438\u043e\u043d\u0430 \u043a\u043e\u043c\u043f\u044c\u044e\u0442\u0435\u0440\u043e\u0432, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u044b \u043a \u044d\u0442\u043e\u0439 \u0431\u0430\u0433\u0435. \nhttps://blogs.technet.microsoft.com/msrc/2019/05/30/a-reminder-to-update-your-systems-to-prevent-a-worm/", "creation_timestamp": "2019-05-31T13:56:42.000000Z"}, {"uuid": "96d76fde-f045-464e-8bd7-84b9ba28c116", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-0708", "type": "seen", "source": "https://t.me/alexmakus/2841", "content": "\u0412 \u0420\u0410\u041c\u041a\u0410\u0425 \u041f\u042f\u0422\u041d\u0418\u0426\u042b \n\n\u0430 \u043f\u043e\u043c\u043d\u0438\u0442\u0435, \u044f \u043f\u0430\u0440\u0443 \u0434\u043d\u0435\u0439 \u043d\u0430\u0437\u0430\u0434 \u043f\u0438\u0441\u0430\u043b \u043e\u0431 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u043d\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 \u0441\u0442\u0430\u0440\u044b\u0445 \u0432\u0435\u0440\u0441\u0438\u044f\u0445 Windows, \u0434\u0430 \u0442\u0430\u043a\u043e\u0439, \u0447\u0442\u043e Microsoft \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0430 \u0430\u043f\u0434\u0435\u0439\u0442 \u0434\u0430\u0436\u0435 \u0434\u043b\u044f XP (https://t.me/alexmakus/2836)\n\n\u0422\u0430\u043a \u0432\u043e\u0442, \u0442\u0443\u0442, \u043f\u043e\u0445\u043e\u0436\u0435, \u0448\u0443\u0442\u043d\u0438\u043a\u0438 \u0441\u0434\u0435\u043b\u0430\u043b\u0438 \u043a\u0440\u0430\u0441\u0438\u0432\u044b\u0439 \u0441\u0430\u0439\u0442 \u043f\u043e \u044d\u0442\u043e\u043c\u0443 \u043f\u043e\u0432\u043e\u0434\u0443, \u044f\u043a\u043e\u0431\u044b \u043f\u0440\u0435\u0434\u043b\u0430\u0433\u0430\u044f \u0443\u0442\u0438\u043b\u0438\u0442\u0443, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u0438\u0449\u0435\u0442 \u043d\u0435\u043f\u0440\u043e\u043f\u0430\u0442\u0447\u0435\u043d\u043d\u044b\u0435 \u0445\u043e\u0441\u0442\u044b \u0438 \u0438\u0445 \u0438\u043c\u0435\u0435\u0442. \u041d\u043e, \u0433\u043e\u0432\u043e\u0440\u044f\u0442, \u0444\u0435\u0439\u043a, \u0442\u0430\u043a \u0447\u0442\u043e \u043d\u0435 \u0432\u0435\u0440\u044c\u0442\u0435 \u0432\u0441\u0435\u043c\u0443, \u0447\u0442\u043e \u043f\u0438\u0448\u0443\u0442 \u0432 \u0438\u043d\u0442\u0435\u0440\u043d\u0435\u0442\u0435 \n\nhttps://cve-2019-0708.com", "creation_timestamp": "2019-05-17T16:36:11.000000Z"}, {"uuid": "6d62b3d3-6593-461b-a8f6-d5d239ed1a24", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-0708", "type": "seen", "source": "https://t.me/alexmakus/2836", "content": "\u0410\u043b\u044f\u0440\u043c\u0430, \u043a\u043e\u0442\u0430\u043d\u044b! \u0422\u0443\u0442 \u0432 Windows \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u043b\u0430\u0441\u044c \u0432\u0435\u0441\u044c\u043c\u0430 \u043d\u0435\u043f\u0440\u0438\u044f\u0442\u043d\u0430\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c (https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0708), \u043f\u043e\u0442\u0440\u0435\u0431\u043e\u0432\u0430\u0432\u0448\u0430\u044f \u0441\u0440\u043e\u0447\u043d\u044b\u0445 \u0430\u043f\u0434\u0435\u0439\u0442\u043e\u0432 \u0434\u043b\u044f \u0441\u0442\u0430\u0440\u044b\u0445 \u0432\u0435\u0440\u0441\u0438\u0439 Windows, \u0432\u043a\u043b\u044e\u0447\u0430\u044f XP! \u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 Remote Desktop Services, \u043d\u0435 \u0442\u0440\u0435\u0431\u0443\u0435\u0442 \u043d\u0438\u043a\u0430\u043a\u0438\u0445 \u0434\u0435\u0439\u0441\u0442\u0432\u0438\u0439 \u043e\u0442 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f. \u0421\u043f\u0435\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u043f\u043e\u0434\u0433\u043e\u0442\u043e\u0432\u043b\u0435\u043d\u043d\u044b\u0439 \u0437\u0430\u043f\u0440\u043e\u0441 \u0447\u0435\u0440\u0435\u0437 RDP \u043f\u0440\u0438\u0432\u043e\u0434\u0438\u0442 \u043a \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u043c\u0443 \u0438\u0441\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044e \u043a\u043e\u0434\u0430, \u0432 \u0440\u0435\u0437\u0443\u043b\u044c\u0442\u0430\u0442\u0435 \u0447\u0435\u0433\u043e \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u043c\u043e\u0433\u0443\u0442 \u043f\u0440\u043e\u0441\u043c\u0430\u0442\u0440\u0438\u0432\u0430\u0442\u044c \u0438 \u0443\u0434\u0430\u043b\u044f\u0442\u044c \u0434\u0430\u043d\u043d\u044b\u0435, \u0438 \u0441\u043e\u0437\u0434\u0430\u0432\u0430\u0442\u044c \u0443\u0447\u0435\u0442\u043d\u044b\u0435 \u0437\u0430\u043f\u0438\u0441\u0438 \u0441 \u043f\u043e\u043b\u043d\u044b\u043c\u0438 \u043f\u0440\u0430\u0432\u0430\u043c\u0438.\u041f\u0440\u0438 \u044d\u0442\u043e\u043c, \u043a\u0430\u043a \u043f\u0440\u0435\u0434\u0443\u043f\u0440\u0435\u0436\u0434\u0430\u0435\u0442 Microsoft, \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0439 \u043a\u043e\u0434, \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u044e\u0449\u0438\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c, \u043c\u043e\u0436\u0435\u0442 \u0440\u0430\u0441\u043f\u0440\u043e\u0441\u0442\u0440\u0430\u043d\u044f\u0442\u044c\u0441\u044f \u043f\u0440\u0438\u043c\u0435\u0440\u043d\u043e \u043a\u0430\u043a \u044d\u0442\u043e \u0434\u0435\u043b\u0430\u043b WannaCry, \u043e\u0442 \u043a\u043e\u043c\u043f\u044c\u044e\u0442\u0435\u0440\u0430 \u043a \u043a\u043e\u043c\u043f\u044c\u044e\u0442\u0435\u0440\u0443. \u0422\u0430\u043a \u0447\u0442\u043e \u0434\u044b\u0440\u043a\u0430 \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u0430\u044f, \u0438 Microsoft \u043f\u0440\u0438\u0437\u044b\u0432\u0430\u0435\u0442 \u043f\u0430\u0442\u0447\u0438\u0442\u044c\u0441\u044f \u043a\u0430\u043a \u043c\u043e\u0436\u043d\u043e \u0441\u043a\u043e\u0440\u0435\u0435. \n\n\u0414\u043e\u043f\u043e\u043b\u043d\u0438\u0442\u0435\u043b\u044c\u043d\u0430\u044f \u0438\u043d\u0444\u0430 \u0438 \u0441\u0441\u044b\u043b\u043a\u0438 \u043d\u0430 \u0430\u043f\u0434\u0435\u0439\u0442\u044b \u0442\u0443\u0442\nhttps://blogs.technet.microsoft.com/msrc/2019/05/14/prevent-a-worm-by-updating-remote-desktop-services-cve-2019-0708/", "creation_timestamp": "2019-05-15T12:46:37.000000Z"}, {"uuid": "e6d3f9a8-a175-4f20-801d-4855783f918b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-0708", "type": "published-proof-of-concept", "source": "https://t.me/alexmakus/2993", "content": "\u043f\u043e \u043d\u0430\u0432\u043e\u0434\u043a\u0435 \u0447\u0438\u0442\u0430\u0442\u0435\u043b\u044f: \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 Windows, \u0430\u043d\u0430\u043b\u043e\u0433\u0438\u0447\u043d\u0430\u044f \u043d\u0430\u0448\u0443\u043c\u0435\u0432\u0448\u0435\u0439 BlueKeep (CVE-2019-0708), \u0442\u043e\u043b\u044c\u043a\u043e \u044d\u0442\u043e\u0442 \u0440\u0430\u0437 \u043d\u0435 \u043d\u0430\u0434\u043e \u0432\u044b\u043f\u0443\u0441\u043a\u0430\u0442\u044c \u043f\u0430\u0442\u0447 \u0434\u043b\u044f Windows XP. \u0417\u0430\u0442\u0440\u043e\u043d\u0443\u0442\u044b \u0432\u0435\u0440\u0441\u0438\u0438 \u043e\u0442 Windows 7 SP1 \u0434\u043e Windows 10, \u0432\u043a\u043b\u044e\u0447\u0430\u044f \u0440\u0430\u0437\u043b\u0438\u0447\u043d\u044b\u0435 \u0441\u0435\u0440\u0432\u0435\u0440\u043d\u044b\u0435 \u0432\u0435\u0440\u0441\u0438\u0438. \u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438, \u043a\u0430\u043a \u043f\u0438\u0448\u0435\u0442 Microsoft, \"wormable\", \u0442\u043e \u0435\u0441\u0442\u044c \u0438\u043c\u0435\u044e\u0442 \u0441\u0432\u043e\u0439\u0441\u0442\u0432\u043e \u0440\u0430\u0437\u043c\u043d\u043e\u0436\u0430\u0442\u044c\u0441\u044f \u043c\u0435\u0436\u0434\u0443 \u043a\u043e\u043c\u043f\u044c\u044e\u0442\u0435\u0440\u0430\u043c\u0438 \u0431\u0435\u0437 \u043f\u043e\u043c\u043e\u0449\u0438 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439. \n\nhttps://msrc-blog.microsoft.com/2019/08/13/patch-new-wormable-vulnerabilities-in-remote-desktop-services-cve-2019-1181-1182/\n\n\u0430\u043f\u0434\u0435\u0439\u0442\u044b \u0431\u0440\u0430\u0442\u044c \u0442\u0443\u0442 \nhttps://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1182\n\n\u041a\u0442\u043e \u043d\u0435 \u043f\u0440\u043e\u0430\u043f\u0434\u0435\u0439\u0442\u0438\u043b\u0441\u044f, \u0442\u043e\u0442 \u0441\u0430\u043c \u0441\u0435\u0431\u0435 \u041a\u0435\u0432\u0438\u043d \u041c\u0438\u0442\u043d\u0438\u043a.", "creation_timestamp": "2019-08-14T11:53:58.000000Z"}, {"uuid": "1a2b2a3b-97ef-4b9e-aee3-256f6156216c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-0708", "type": "published-proof-of-concept", "source": "https://t.me/Pen7esting/203", "content": "CVE-2019-0708 Technical Analysis (RDP-RCE) https://t.co/ES2tEUERFA\n\u2014 @astra (@astra524) May 23, 2019", "creation_timestamp": "2019-06-18T06:41:25.000000Z"}, {"uuid": "74d32286-9594-47e0-9d62-5856da82c25c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-0708", "type": "exploited", "source": "https://t.me/cybershit/490", "content": "\u0410 \u0435\u0449\u0435 \u043f\u0440\u043e \u0432\u0447\u0435\u0440\u0430\u0448\u043d\u044e\u044e \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0443\u044e CVE-2019-0708 \u0432 \u0441\u043b\u0443\u0436\u0431\u0430\u0445 \u0443\u0434\u0430\u043b\u0451\u043d\u043d\u043e\u0433\u043e \u0440\u0430\u0431\u043e\u0447\u0435\u0433\u043e \u0441\u0442\u043e\u043b\u0430 (RDS), \u0440\u0430\u043d\u0435\u0435 \u0438\u0437\u0432\u0435\u0441\u0442\u043d\u044b\u0445 \u043a\u0430\u043a \u0441\u043b\u0443\u0436\u0431\u044b \u0442\u0435\u0440\u043c\u0438\u043d\u0430\u043b\u043e\u0432. \u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0442\u044c RCE \u0431\u0435\u0437 \u0432\u0437\u0430\u0438\u043c\u043e\u0434\u0435\u0439\u0441\u0442\u0432\u0438\u044f \u0441 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u043c, \u043f\u0440\u043e\u0441\u0442\u043e \u043e\u0442\u043f\u0440\u0430\u0432\u0438\u0432 \u043d\u0443\u0436\u043d\u044b\u0439 \u0437\u0430\u043f\u0440\u043e\u0441 \u043f\u043e RDP.\n\n\u041f\u0430\u0442\u0447\u0438 \u043f\u043e\u044f\u0432\u0438\u043b\u0438\u0441\u044c \u0434\u0430\u0436\u0435 \u043d\u0430 \u043d\u0435\u043f\u043e\u0434\u0434\u0435\u0440\u0436\u0438\u0432\u0430\u0435\u043c\u044b\u0435 \u0432\u0435\u0440\u0441\u0438\u0438 \u041e\u0421: https://support.microsoft.com/ru-ru/help/4500705/customer-guidance-for-cve-2019-0708\n\n\u0418\u0441\u0442\u043e\u0447\u043d\u0438\u043a\u0438:\nhttps://habr.com/ru/company/solarsecurity/blog/451864/\nhttps://habr.com/ru/company/jetinfosystems/blog/451852/", "creation_timestamp": "2019-05-15T10:17:57.000000Z"}, {"uuid": "67d3c9a2-a847-425f-bbfd-5a151d2c07c2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-0708", "type": "exploited", "source": "https://t.me/N0iSeBit/286", "content": "\u0412\u043e\u0437\u043c\u043e\u0436\u043d\u043e\u0441\u0442\u044c \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u0433\u043e \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u043a\u043e\u0434\u0430 (RCE) \u0447\u0435\u0440\u0435\u0437 RDP \u0443\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c (CVE-2019-0708) \u043f\u043e\u0434\u0442\u0432\u0435\u0440\u0436\u0434\u0435\u043d\u043d\u043e \u0447\u0435\u0440\u0435\u0437 use-after-free \n\nhttps://twitter.com/ryHanson/status/1135685906965262336\n\nhttps://twitter.com/zerosum0x0/status/1135866953996820480", "creation_timestamp": "2019-06-04T19:26:21.000000Z"}, {"uuid": "a7003d7e-2d10-404c-b571-10c828fe00d1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-0708", "type": "exploited", "source": "https://t.me/ExcreamOnSecurity/165", "content": "Analysis of CVE-2019-0708 (BlueKeep)\n\nI held back this write-up until a proof of concept (PoC) was publicly available, as not to cause any harm. Now that there are multiple denial-of-service PoC on github, I\u2019m posting my analysis.\n\nhttps://www.malwaretech.com/2019/05/analysis-of-cve-2019-0708-bluekeep.html\n#vulnerability #rdp #windows", "creation_timestamp": "2019-06-03T09:19:23.000000Z"}, {"uuid": "83686496-e446-47eb-b534-a93344d521b0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-0708", "type": "exploited", "source": "https://t.me/N0iSeBit/281", "content": "https://github.com/Leoid/CVE-2019-0708\nPoC trigger \u0434\u043b\u044f \u044d\u0442\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438", "creation_timestamp": "2019-05-28T21:26:44.000000Z"}, {"uuid": "d6c7a9bc-f4e9-4768-8fb3-a3dff25642fd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-0708", "type": "exploited", "source": "https://t.me/N0iSeBit/306", "content": "PoC \u0434\u043b\u044f RDP \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 CVE-2019-0708 https://github.com/0xeb-bp/bluekeep", "creation_timestamp": "2019-07-23T23:58:30.000000Z"}, {"uuid": "d48004bf-e5b8-46d3-aa6a-afad804c897b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-0708", "type": "exploited", "source": "https://t.me/orderofsixangles/64", "content": "BlueKeep (CVE-2019-0708) \u0438\u0434\u0451\u0442 \u0432 \u0430\u0442\u0430\u043a\u0443. \ntl;dr \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430, \u0441\u043f\u043e\u0439\u043c\u0430\u043d\u043d\u044b\u043c \u0445\u043e\u043d\u0435\u0439\u043f\u043e\u0442\u043e\u043c \u0440\u0435\u0441\u0435\u0440\u0447\u0435\u0440\u0430:\n\n- \u0445\u043e\u043d\u0435\u0439\u043f\u043e\u0442 \u0441 \u0435\u0434\u0438\u043d\u0441\u0442\u0432\u0435\u043d\u043d\u044b\u043c \u043e\u0442\u043a\u0440\u044b\u0442\u044b\u043c 3389/tcp, \u0441\u043f\u043e\u0439\u043c\u0430\u043b \u044d\u043a\u0441\u043f\u043b\u043e\u0438\u0442, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u0437\u0430\u043a\u0440\u044d\u0448\u0430\u043b \u0412\u0438\u043d\u0434\u043e\u0443\u0441 \u0442\u0430\u0447\u043a\u0443.\n- \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 user-after-free MS_T120 \u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u044b \u0432 0x170  \u0431\u0430\u0439\u0442\n- \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044f heap-spray \u0442\u0435\u0445\u043d\u0438\u043a\u0443, \u043f\u0435\u0440\u0435\u0437\u0430\u0442\u0438\u0440\u0430\u0435\u0442 \u0430\u0434\u0440\u0435\u0441 \u043d\u0430 \u0430\u0434\u0440\u0435\u0441 \u0448\u0435\u043b\u043b\u043a\u043e\u0434\u0430, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u0432 \u0441\u0432\u043e\u044e \u043e\u0447\u0435\u0440\u0435\u0434\u044c \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442 egghunting \u0434\u043b\u044f \u043f\u043e\u0438\u0441\u043a\u0430 \u0434\u0440\u0443\u0433\u043e\u0433\u043e \u043a\u0443\u0441\u043a\u0430 \u0448\u0435\u043b\u043b\u043a\u043e\u0434\u0430 \u043f\u043e 0x0b00dac0fefe42069 \u0441\u0438\u0433\u043d\u0430\u0442\u0443\u0440\u0435\n\nhttps://www.kryptoslogic.com/blog/2019/11/bluekeep-cve-2019-0708-exploitation-spotted-in-the-wild/", "creation_timestamp": "2019-11-09T21:49:05.000000Z"}, {"uuid": "72c3abbe-cb19-4972-ada4-f1c532717c3f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-0708", "type": "published-proof-of-concept", "source": "https://t.me/N0iSeBit/280", "content": "https://www.zerodayinitiative.com/blog/2019/5/27/cve-2019-0708-a-comprehensive-analysis-of-a-remote-desktop-services-vulnerability\n\u0425\u043e\u0440\u043e\u0448\u0438\u0439 \u0430\u043d\u0430\u043b\u0438\u0437 \u043c\u0430\u0439\u0441\u043a\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 RDP", "creation_timestamp": "2019-05-28T21:26:17.000000Z"}, {"uuid": "15de055b-77e5-4ee8-ad40-336d0fc9e259", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-0708", "type": "published-proof-of-concept", "source": "https://t.me/cybershit/494", "content": "\u041f\u043e\u043a\u0430 \u043a\u0440\u0430\u0441\u043d\u044b\u0435 \u0436\u0434\u0443\u0442 \u0440\u0430\u0431\u043e\u0447\u0438\u0439 PoC \u043f\u043e\u0434 CVE-2019\u20130708, \u0441\u0438\u043d\u0438\u0435 \u0443\u0436\u0435 \u043f\u0435\u0440\u0435\u0432\u0435\u043b\u0438 \u0441\u0432\u043e\u0438 SOC\u0438 \u0438 SIEM\u044b \u0432 \u0440\u0435\u0436\u0438\u043c \u043f\u043e\u043b\u043d\u043e\u0439 \u0431\u043e\u0435\u0432\u043e\u0439 \u0433\u043e\u0442\u043e\u0432\u043d\u043e\u0441\u0442\u0438 \u0438 \u043d\u0430\u043f\u0438\u0441\u0430\u043b\u0438 \u0432\u0441\u0435\u0432\u043e\u0437\u043c\u043e\u0436\u043d\u044b\u0435 \u043f\u0440\u0430\u0432\u0438\u043b\u0430 \u0434\u0435\u0442\u0435\u043a\u0442\u0430 \u043f\u043e\u0434 \u0432\u0441\u0435, \u0447\u0442\u043e \u0442\u043e\u043b\u044c\u043a\u043e \u043c\u043e\u0436\u043d\u043e: MITRE ATT&CK, Sigma, Elastic \u0438 ArcSight.\n\n\u0412\u043e\u043e\u0440\u0443\u0436\u0430\u0439\u0442\u0435\u0441\u044c, \u043d\u0435\u0441\u043c\u043e\u0442\u0440\u044f \u043d\u0430 \u0442\u043e, \u0447\u0442\u043e \u0432 \u0412\u0435\u0441\u0442\u0435\u0440\u043e\u0441\u0435 \u0441 \u043a\u043e\u0440\u043e\u043b\u0435\u043c \u043e\u043f\u0440\u0435\u0434\u0435\u043b\u0438\u043b\u0438\u0441\u044c, PoC is coming...\n\nhttps://medium.com/@ab_65156/proactive-detection-content-cve-2019-0708-vs-mitre-att-ck-sigma-elastic-and-arcsight-22f9ebae7d82", "creation_timestamp": "2019-05-20T21:59:28.000000Z"}, {"uuid": "7cbd6bc8-c4be-4129-85ac-6fa8183ef810", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-0708", "type": "exploited", "source": "https://t.me/w2hack/264", "content": "\u0414\u0440\u0443\u0437\u044c\u044f, \u043f\u043e\u043a\u0430 \u043c\u043e\u0438 \u043e\u0447\u0435\u0440\u0435\u0434\u043d\u044b\u0435 \u0441\u0442\u0430\u0442\u044c\u0438 \u043d\u0430\u0445\u043e\u0434\u044f\u0442\u0441\u044f \u043d\u0430 \u0432\u0435\u0440\u0441\u0442\u043a\u0435, \u0434\u043b\u044f \u0432\u0430\u0441 \u043d\u0435\u0431\u043e\u043b\u044c\u0448\u043e\u0439 \u043f\u043e\u0434\u0433\u043e\u043d \u0441\u0432\u0435\u0436\u0435\u0447\u043a\u0430:\n\n\u0421\u043b\u0438\u0432 DVD-\u043a\u0443\u0440\u0441\u0430 \u043e\u0442 \u043f\u043e\u0440\u0442\u0430\u043b\u0430 ExeL@B (\u0431\u044b\u0432\u0448\u0438\u0439 Cr@ckLab)\n\n[Old version] https://yadi.sk/d/0caiArHqgxQwY%D0%A5jks1f75p59rwg\n\n[2015] https://cloud.mail.ru/public/6cv6/6oW7eyjuS#pks1f75p59zml\n\n\u041f\u043e\u0438\u0441\u043a\u043e\u0432\u0438\u043a (!\u0431\u0435\u0441\u043f\u043b\u0430\u0442\u043d\u044b\u0439) \u043f\u043e \u0441\u043b\u0438\u0442\u044b\u043c \u043a\u0443\u0440\u0441\u0430\u043c, \u043a\u043d\u0438\u0433\u0430\u043c, \u043e\u0431\u0443\u0447\u0430\u044e\u0449\u0438\u043c \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u0430\u043c\n\n[Main WWW] https://openssource.biz/\n\n[Mirror] https://openssource.net \u0438\u043b\u0438 https://openssource.pro\n\n\u041a\u0440\u0443\u0442\u0435\u0439\u0448\u0438\u0439 \u0441\u043a\u0440\u0438\u043f\u0442 Linux enumeration tool for pentesting and CTFs - \u0434\u0435\u0440\u0433\u0430\u0430\u0435\u0442 \u0432\u0441\u044e \u0438\u043d\u0444\u0443 \u0441 \u043f\u043e\u043b\u043e\u043c\u0430\u043d\u043e\u0439 \u0442\u0430\u0447\u043a\u0438 \u0438\u043b\u0438 \u043f\u043e\u0442\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u043e\u0439 \u0446\u0435\u043b\u0438 \u0441 \u043f\u043e\u0434\u0440\u043e\u0431\u043d\u044b\u043c \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0442\u0438\u0432\u043d\u044b\u043c \u0432\u044b\u0432\u043e\u0434\u043e\u043c\n\nhttps://github.com/diego-treitos/linux-smart-enumeration\n\n \u041f\u043e\u0434\u044c\u0435\u0445\u0430\u043b Proof of concept exploit for BlueKeep \u0431\u0430\u0433\u0438 \u0432 CVE-2019-0708 \u043d\u0430 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u0435 \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u043e\u0433\u043e \u043a\u043e\u0434\u0430 \u0432 \u043f\u0440\u043e\u0442\u043e\u043a\u043e\u043b\u0435 RDP \u0434\u043b\u044f Windows \n\n[\u0438\u0441\u0445\u043e\u0434\u043d\u0438\u043a\u0438 PoC] https://github.com/CVE-2019-0708/CVE-2019-0708\n\n[\u0434\u0435\u043c\u043e\u043d\u0441\u0442\u0440\u0430\u0446\u0438\u044f] https://app.any.run/tasks/fe9430a3-59d9-447b-ac05-979e841efa7d/\n\n[INFO] https://www.securitylab.ru/news/500048.php\n\n\u0420\u0435\u043b\u0438\u0437 Router EXploitation Toolkit \u2013 \u0442\u0443\u043b\u0437\u044b \u0434\u043b\u044f \u0430\u0432\u0442\u043e\u043c\u0430\u0442\u0438\u0447\u0435\u0441\u043a\u043e\u0439 \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0438 \u0441\u0430\u043c\u044b\u0445 \u0440\u0430\u0441\u043f\u0440\u043e\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u043d\u044b\u0445 \u0434\u043e\u043c\u0430\u0448\u043d\u0438\u0445 \u0440\u043e\u0443\u0442\u0435\u0440\u043e\u0432 \u043d\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438\n\n[GitHub] https://github.com/j91321/rext\n\n\u0420\u0435\u043b\u0438\u0437 \u0442\u0443\u043b\u0437\u044b Code Pulse \u043e\u0442 \u043f\u0440\u043e\u0435\u043a\u0442\u0430 OWASP  \u0434\u043b\u044f \u0430\u043d\u0430\u043b\u0438\u0437\u0430 \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u0439 \u043d\u0430 \u043f\u0440\u0435\u0434\u043c\u0435\u0442 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0433\u043e \u043a\u043e\u0434\u0430\n\n[WWW] http://code-pulse.com/\n\n \u041d\u0435\u0440\u0435\u043a\u0443\u0440\u0441\u0438\u0432\u043d\u0430\u044f ZIP-\u0431\u043e\u043c\u0431\u0430, \u0441\u043f\u043e\u0441\u043e\u0431\u043d\u0430\u044f \u0438\u0437 10 \u041c\u0411\u0430\u0439\u0442 \u043f\u0440\u0435\u0432\u0440\u0430\u0449\u0430\u0442\u044c\u0441\u044f \u0432 281 \u0422\u0431\u0430\u0439\u0442 \u0434\u043b\u044f \u0434\u0435\u0441\u0442\u043a\u043e\u0439 \u043c\u0435\u0441\u0442\u0438:D\n\n[RU] https://habr.com/ru/post/459254/\n\n[EN] https://www.bamsoftware.com/hacks/zipbomb/", "creation_timestamp": "2019-07-29T16:33:30.000000Z"}, {"uuid": "f9fe9fc0-5307-424a-b959-dae40f7a3ef4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-0708", "type": "seen", "source": "https://t.me/is_n3ws/36", "content": "\u0410\u041d\u0411 \u043f\u0440\u043e\u0430\u043d\u0430\u043b\u0438\u0437\u0438\u0440\u043e\u0432\u0430\u043b\u043e \u0430\u0442\u0430\u043a\u0438 \u043a\u0438\u0442\u0430\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u0430\u0432\u0438\u0442\u0435\u043b\u044c\u0441\u0432\u0442\u0432\u0435\u043d\u043d\u044b\u0445 \u0445\u0430\u043a\u0435\u0440\u043e\u0432 \u0438 \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u043e \u043e\u0442\u0447\u0435\u0442. Top-20 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u0435\u043c\u044b\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439.\n\nhttps://media.defense.gov/2020/Oct/20/2002519884/-1/-1/0/CSA_CHINESE_EXPLOIT_VULNERABILITIES_UOO179811.PDF\n\nGaining Remote Access: \n-----------------------------\nCVE-2019-11510: Arbitrary file read/Pulse Secure VPN\nCVE-2019-19781: RCE/Citrix ADC\nCVE-2020-8195/3/6: Unauthenticated access\nCVE-2019-0708: RCE on RDP server\nCVE-2020-5902: RCE in F5 BIG-IP\n\nAD:\n----\nCVE-2020-1472: #ZeroLogon\nCVE-2019-1040: NTLM relay bypass\n\nMDM: \n------\nCVE-2020-15505: MobileIron device management\n\nExploiting Public Facing Services:\n---------------- \nCVE-2020-1350: RCE/ DNS Servers #SigRed\nCVE-2018-6789: RCE/ Exim mail transfer\nCVE-2018-4939: RCE/ Adobe's Cold Fusion\n\nWorkstation Local Privilege Escalation:\n-------------------------\nCVE-2020-0601: ECC spoofing #CurveBall\nCVE-2019-0803: Win32k Elevation of Privilege\n\nInternal Applications:\n--------------------\nCVE-2020-0688: RCE/MS Exchange\nCVE-2020-2555: RCE/Oracle Weblogic\nCVE-2019-11580: RCE/Atlassian Crowd\nCVE-2019-18935: RCE/ASP.Net\nCVE-2015-4852: RCE/Apache\nCVE-2019-3396: Unauthorized Access/Confluence\nCVE-2020-10189: RCE/Desktop Central", "creation_timestamp": "2020-11-06T22:00:17.000000Z"}, {"uuid": "3a6db4f7-f163-4ec4-a746-f2f93cb2612c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-0708", "type": "seen", "source": "https://t.me/cybershit/715", "content": "\u041d\u0435\u0431\u043e\u043b\u044c\u0448\u043e\u0439 \u043e\u0442\u0447\u0435\u0442 \u043e\u0442 Shodan.\n\n\u0417\u0430 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0438\u0439 \u043c\u0435\u0441\u044f\u0446:\n- \u0421\u0442\u0440\u0435\u043c\u0438\u0442\u0435\u043b\u044c\u043d\u044b\u0439 \u0440\u043e\u0441\u0442 RDP \u0438 VPN \u0442\u0440\u0430\u0444\u0438\u043a\u0430.\n- RDP \u043d\u0430 3389, \u0440\u043e\u0441\u0442 41.5%.\n- RDP \u043d\u0430 3388 (\u0442\u0438\u043f\u0430 \u0441\u043f\u0440\u044f\u0442\u0430\u043b\u0438), \u0440\u043e\u0441\u0442 36.8%.\n- 8% \u0438\u0437 \u0432\u0441\u0435\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u044b \u043a BlueKeep (CVE-2019-0708).\n- \u041f\u0440\u043e\u0442\u043e\u043a\u043e\u043b\u044b \u0410\u0421\u0423 \u0422\u041f (\u0447\u0430\u0441\u0442\u043e \u0431\u0435\u0437 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438), \u0440\u043e\u0441\u0442 16.4%.\n\n\u0422\u0430\u043a\u0438\u0435 \u0434\u0435\u043b\u0430. \n\nhttps://blog.shodan.io/trends-in-internet-exposure/", "creation_timestamp": "2020-03-30T18:19:53.000000Z"}, {"uuid": "ae41ac0e-9ff3-4472-b395-5ace644567fc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-0708", "type": "published-proof-of-concept", "source": "https://t.me/w2hack/250", "content": "\u0418\u043d\u0442\u0435\u0440\u0435\u0441\u043d\u044b\u0435 \u043d\u044c\u044e\u0441\u044b \u044d\u0442\u043e\u0433\u043e \u043c\u0435\u0441\u044f\u0446\u0430:\n\n\u041d\u0430\u0448\u0438 \u043e\u0442\u0435\u0447\u0435\u0441\u0432\u0442\u0435\u043d\u043d\u044b\u0435 \u043f\u0430\u0446\u0430\u043d\u044b-\u0440\u043e\u0431\u043e\u0442\u044f\u0433\u0438  \u0336\u0445\u0336\u0443\u0336\u044f\u0336\u0433\u0336\u0438\u0336  \u0438\u0437 Vulners  \u0432\u044b\u043b\u043e\u0436\u0438\u043b\u0438 \u043c\u043e\u0431\u0438\u043b\u044c\u043d\u0443\u044e \u0432\u0435\u0440\u0441\u0438\u044e \u043f\u0430\u0441\u0441\u0438\u0432\u043d\u043e\u0433\u043e \u0441\u043a\u0430\u043d\u0435\u0440\u0430 WEB \u0434\u043b\u044f \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u044b Android\n[PlayMarket] https://play.google.com/store/apps/details?id=com.vulners\n[News] https://www.crackitdown.com/2019/06/find-vulnerability-using-android.html\n\n\u0421\u043a\u0440\u0438\u043f\u0442 \u043a \u0434\u0432\u0438\u0436\u043a\u0443 nmap, \u0441\u043e\u0431\u0438\u0440\u0430\u044e\u0449\u0438\u0439 \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e RDP \u043d\u0435\u043a\u0443\u044e \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044e \u043e \u0445\u043e\u0441\u0442\u0435 -  \u0445\u043e\u0441\u0442\u043d\u0435\u0439\u043c, \u0434\u043e\u043c\u0435\u043d, DNS, \u0442\u0438\u043f \u0438 \u0432\u0435\u0440\u0441\u0438\u044e \u041e\u0421. \n [GitHub] https://github.com/zerosum0x0/CVE-2019-0708\n[News] https://fadedlab.wordpress.com/2019/06/13/using-nmap-to-extract-windows-info-from-rdp/\n\n\u0421\u043a\u0430\u043d\u0435\u0440 \u043f\u043e\u0440\u0442\u043e\u0432 \u0432 \u043b\u0438\u0447\u043d\u043e\u043c \u043a\u0430\u0431\u0438\u043d\u0435\u0442\u0435 \u0420\u043e\u0441\u0442\u0435\u043b\u0435\u043a\u043e\u043c\u0430 - \u0433\u043e\u0441\u043e\u0432\u0441\u043a\u0430\u044f \u0435\u0431\u0430\u043d\u0438\u043d\u0430!! \u0413\u043e\u0441\u044b \u0432\u043c\u0435\u0441\u0442\u0435 \u0441 \u0424\u0421\u0411 \u0438 \u0424\u0421\u0422\u042d\u041a, \u0433\u043e\u0440\u0438\u0442\u0435, \u043c\u0440\u0430\u0437\u0438 \u0432 \u0430\u0434\u0443, \u0443\u0431\u043b\u044e\u0434\u043a\u0438\nhttps://habr.com/ru/post/456558/", "creation_timestamp": "2019-06-21T23:30:54.000000Z"}, {"uuid": "052cc7ce-6f36-4505-afd2-62cc8e34e0b5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-0708", "type": "seen", "source": "https://t.me/Teamx1945x/3641", "content": "\u0645\u0627 \u0627\u0644\u0645\u0642\u0635\u0648\u062f \u0628\u0640 Common Vulnerabilities and Exposures (CVE)\u061f \n\u0646\u0642\u0627\u0637 \u0627\u0644\u0636\u0639\u0641 \u0648\u0627\u0644\u062a\u0639\u0631\u0636 \u0627\u0644\u0634\u0627\u0626\u0639\u0629\u060c \u0647\u064a \u0639\u0628\u0627\u0631\u0629 \u0639\u0646 \u0642\u0627\u0639\u062f\u0629 \u0628\u064a\u0627\u0646\u0627\u062a \u062a\u0636\u0645 \u062c\u0645\u064a\u0639 \u0646\u0642\u0627\u0637 \u0627\u0644\u0636\u0639\u0641 \u0623\u0648 \u0627\u0644\u062b\u063a\u0631\u0627\u062a \u0627\u0644\u062e\u0627\u0635\u0629 \u0628\u0642\u0636\u0627\u064a\u0627 \u0623\u0645\u0646 \u0627\u0644\u0645\u0639\u0644\u0648\u0645\u0627\u062a \u0627\u0644\u062a\u064a \u062a\u0645 \u0627\u0644\u0643\u0634\u0641 \u0639\u0646\u0647\u0627\u060c \u064a\u062d\u062f\u062f \u0631\u0642\u0645 \u0627\u0644\u0640 CVE \u062b\u063a\u0631\u0629 \u0648\u0627\u062d\u062f\u0629 \u0645\u0646 \u0627\u0644\u0642\u0627\u0626\u0645\u0629\u060c \u0648\u062a\u0648\u0641\u0631 \u0637\u0631\u064a\u0642\u0629 \u0645\u0644\u0627\u0626\u0645\u0629 \u0648\u0645\u0648\u062b\u0648\u0642\u0629 \u062c\u062f\u0627\u064b \u0644\u0623\u0635\u062d\u0627\u0628 \u0627\u0644\u0634\u0631\u0643\u0627\u062a \u0648\u0627\u0644\u0623\u0643\u0627\u062f\u064a\u0645\u064a\u064a\u0646 \u0648\u0645\u0647\u0646\u062f\u0633\u064a\u0646 \u0623\u0645\u0646 \u0627\u0644\u0645\u0639\u0644\u0648\u0645\u0627\u062a \u0644\u062a\u0628\u0627\u062f\u0644 \u0627\u0644\u0645\u0639\u0644\u0648\u0645\u0627\u062a \u0648 \u0627\u0644\u062a\u0639\u0631\u0641 \u0639\u0644\u064a \u0627\u0644\u062b\u063a\u0631\u0627\u062a \u0627\u0644\u062c\u062f\u064a\u062f\u0629 \u062d\u0648\u0644 \u0642\u0636\u0627\u064a\u0627 \u0627\u0644\u0623\u0645\u0646 \u0627\u0644\u0633\u064a\u0628\u0631\u0627\u0646\u064a\u060c \u0641\u0639\u0627\u062f\u0629 \u0645\u0627 \u062a\u0633\u062a\u062e\u062f\u0645 \u0627\u0644\u0634\u0631\u0643\u0627\u062a  \u0627\u0644\u0640 CVE \u0644\u0644\u062a\u062e\u0637\u064a\u0637 \u0648\u062a\u062d\u062f\u064a\u062f \u0627\u0644\u0623\u0648\u0644\u0648\u064a\u0627\u062a \u0641\u064a \u0628\u0631\u0627\u0645\u062c \u0625\u062f\u0627\u0631\u0629 \u0627\u0644\u062b\u063a\u0631\u0627\u062a \u0627\u0644\u0623\u0645\u0646\u064a\u0629. \n \n\u0645\u062a\u064a \u0638\u0647\u0631\u062a \u0627\u0644\u0640 CVE\u061f  \n\u062a\u0645 \u0625\u0637\u0644\u0627\u0642 CVE \u0644\u0623\u0648\u0644 \u0645\u0631\u0629 \u0641\u064a \u0639\u0627\u0645 1999\u060c \u062a\u062a\u0645 \u0625\u062f\u0627\u0631\u062a\u0647\u0627 \u0645\u0646 \u0642\u0628\u0644 \u0645\u0646\u0638\u0645\u0629 \u0627\u0644\u0623\u0645\u0646 \u0627\u0644\u0633\u064a\u0628\u0631\u0627\u0646\u064a \u0627\u0644\u0648\u0637\u0646\u064a | National Cybersecurity FFRDC (Federally Funded Research and Development Center) \u060c \u0648\u0630\u0644\u0643 \u0628\u0631\u0639\u0627\u064a\u0629 \u0627\u0644\u062d\u0643\u0648\u0645\u0629 \u0627\u0644\u0641\u064a\u062f\u0631\u0627\u0644\u064a\u0629 \u0627\u0644\u0623\u0645\u0631\u064a\u0643\u064a\u0629\u060c \u0648\u062a\u0633\u0627\u0647\u0645 \u0623\u064a\u0636\u0627\u064b \u0643\u0644\u0627\u064b \u0645\u0646 \u0648\u0632\u0627\u0631\u0629 \u0627\u0644\u0623\u0645\u0646 \u0627\u0644\u062f\u0627\u062e\u0644\u064a \u0627\u0644\u0623\u0645\u0631\u064a\u0643\u064a\u0629 (DHS) \u0648 \u0648\u0643\u0627\u0644\u0629 \u0627\u0644\u0623\u0645\u0646 \u0627\u0644\u0633\u064a\u0628\u0631\u0627\u0646\u064a \u0648\u0623\u0645\u0646 \u0627\u0644\u0628\u0646\u064a\u0629 \u0627\u0644\u062a\u062d\u062a\u064a\u0629 (CISA) \u0641\u064a \u062a\u0645\u0648\u064a\u0644 \u062a\u0634\u063a\u064a\u0644\u0647\u0627. \n \n  \n \n\u0645\u0645\u0627 \u064a\u062a\u0643\u0648\u0646 \u0645\u064f\u0639\u0631\u0641 \u0627\u0644\u0640 CVE\u061f \n\u0644\u0643\u0644 CVE \u0645\u064f\u0639\u0631\u0641 \u064a\u062a\u0645 \u062a\u0639\u064a\u064a\u0646\u0647 \u0628\u0648\u0627\u0633\u0637\u0629 \u0623\u0643\u062b\u0631 \u0645\u0646 100 \u0645\u0631\u062c\u0639 \u062a\u0631\u0642\u064a\u0645 \"CVE Numbering Authorities (CNAs)\"\u060c \u062a\u0634\u0645\u0644 CNA \u0628\u0627\u0626\u0639\u064a \u062a\u0643\u0646\u0648\u0644\u0648\u062c\u064a\u0627 \u0627\u0644\u0645\u0639\u0644\u0648\u0645\u0627\u062a \"IT vendors\"\u060c \u0627\u0644\u062c\u0627\u0645\u0639\u0627\u062a\u060c \u0634\u0631\u0643\u0627\u062a \u0648\u0645\u0624\u0633\u0633\u0627\u062a \u0627\u0644\u0623\u0645\u0646\u060c \u0648\u0623\u064a\u0636\u0627\u064b MITRE \u0646\u0641\u0633\u0647\u0627. \n \n\u0645\u064f\u0639\u0631\u0641 CVE \u064a\u0643\u0648\u0646 \u0628\u0647\u0630\u0627 \u0627\u0644\u0634\u0643\u0644  CVE-[Year]-[Number]\u060c \u0641\u0627\u0644\u0633\u0646\u0629 \u0647\u064a \u0627\u0644\u0633\u0646\u0629 \u0627\u0644\u062a\u064a \u062a\u0645 \u0627\u0644\u0625\u0628\u0644\u0627\u063a \u0641\u064a\u0647\u0627 \u0639\u0646 \u0627\u0644\u062b\u063a\u0631\u0629\u060c \u0623\u0645\u0627 \u0627\u0644\u0631\u0642\u0645 \u0647\u0648 \u0631\u0642\u0645 \u062a\u0633\u0644\u0633\u0644\u064a \u064a\u062a\u0645 \u0648\u0636\u0639\u0647 \u0645\u0646 \u0642\u0628\u0644 \u0627\u0644\u0640 CNA. \n \n\u0639\u0644\u064a \u0633\u0628\u064a\u0644 \u0627\u0644\u0645\u062b\u0627\u0644 CVE-2019-0708\u060c \u0647\u0648 \u062b\u063a\u0631\u0629 \u0641\u064a \u0628\u0631\u0648\u062a\u0648\u0643\u0648\u0644 \u0633\u0637\u062d \u0627\u0644\u0645\u0643\u062a\u0628 \u0627\u0644\u0628\u0639\u064a\u062f (RDP) \u0645\u0646 \u0645\u0627\u064a\u0643\u0631\u0648\u0633\u0648\u0641\u062a\u060c \u0648\u0642\u062f \u062a\u0623\u062e\u062f \u0627\u0644\u062b\u063a\u0631\u0629 \u0644\u0642\u0628 \u063a\u064a\u0631 \u0631\u0633\u0645\u064a \u0643\u0637\u0631\u064a\u0642\u0629 \u0633\u0647\u0644\u0629 \u0644\u062a\u0630\u0643\u0631 \u062a\u0644\u0643 \u0627\u0644\u062b\u063a\u0631\u0629 \u0627\u0644\u0623\u0645\u0646\u064a\u0629\u060c \u0648\u062d\u062a\u064a \u0623\u0646\u0647\u0627 \u0642\u062f \u062a\u062d\u0635\u0644 \u0639\u0644\u064a \u0634\u0639\u0627\u0631 \u0623\u0648 \u0631\u0633\u0645 \u062e\u0627\u0635 \u0628\u0647\u0627\u060c \u0648\u0630\u0644\u0643 \u064a\u062a\u0645 \u0645\u0646 \u0642\u0628\u0644 \u0641\u0631\u0642 \u0627\u0644\u062a\u0633\u0648\u064a\u0642 \u0648\u0627\u0644\u0645\u0624\u0633\u0633\u0627\u062a \u0627\u0644\u062a\u064a \u062a\u062a\u0637\u0644\u0639 \u0644\u0646\u0634\u0631 \u0645\u0639\u0644\u0648\u0645\u0627\u062a \u0639\u0646 \u062a\u0644\u0643 \u0627\u0644\u062b\u063a\u0631\u0627\u062a \u0644\u062c\u0630\u0628 \u0627\u0644\u0635\u062d\u0641\u064a\u064a\u0646. \n \n\u0627\u0644\u0641\u0648\u0627\u0626\u062f \u0645\u0646 \u0627\u0644\u0640 CVE: \n\u062a\u062a\u064a\u062d \u0644\u0644\u0645\u0624\u0633\u0633\u0627\u062a \u0648\u0627\u0644\u0634\u0631\u0643\u0627\u062a \u0648\u0636\u0639 \u0623\u0633\u0627\u0633 \u0644\u062a\u0642\u064a\u064a\u0645 \u0623\u062f\u0648\u0627\u062a \u0627\u0644\u0623\u0645\u0627\u0646 \u0627\u0644\u062e\u0627\u0635\u0629 \u0628\u0647\u0627\u060c \u0648\u0645\u0639\u0631\u0641\u0629 \u0645\u0627 \u062a\u063a\u0637\u064a\u0647 \u0643\u0644 \u0623\u062f\u0627\u0629 \u0648\u0645\u062f\u064a \u0645\u0644\u0627\u0626\u0645\u062a\u0647\u0627 \u0644\u0644\u0645\u0624\u0633\u0633\u0629. \n\u062a\u0645\u0643\u0646 \u0627\u0644\u0645\u0624\u0633\u0633\u0627\u062a \u0623\u064a\u0636\u0627\u064b \u0645\u0646 \u0627\u0644\u062d\u0635\u0648\u0644 \u0628\u0633\u0631\u0639\u0629 \u0648\u062f\u0642\u0629 \u0639\u0644\u064a \u0645\u0639\u0644\u0648\u0645\u0627\u062a \u0639\u0646 \u062a\u0644\u0643 \u0627\u0644\u062b\u063a\u0631\u0627\u062a. \n\u064a\u0645\u0643\u0646 \u0623\u0646 \u062a\u0633\u062a\u062e\u062f\u0645 \u0623\u064a\u0636\u0627\u064b \u0644\u0644\u062d\u0635\u0648\u0644 \u0639\u0644\u064a \u062a\u0648\u0642\u064a\u0639\u0627\u062a \"signatures\" \u0647\u062c\u0648\u0645 \u0645\u0639\u0631\u0648\u0641\u0629 \u0644\u062a\u062d\u062f\u064a\u062f \u0627\u0644\u062b\u063a\u0631\u0627\u062a \u0627\u0644\u0623\u0645\u0646\u064a\u0629. \n  \n \n\u0645\u0646 \u064a\u0628\u0644\u064e\u063a \u0639\u0646 \u0627\u0644\u0640 CVE\u061f \n\u0627\u0644\u0628\u0627\u062d\u062b\u064a\u0646. \n\u0627\u0644\u0642\u0631\u0627\u0635\u0646\u0629 \u0630\u0648 \u0627\u0644\u0642\u0628\u0639\u0627\u062a \u0627\u0644\u0628\u064a\u0636\u0627\u0621 | white hat hackers. \n\u0627\u0644\u0639\u062f\u064a\u062f \u0645\u0646 \u0627\u0644\u0634\u0631\u0643\u0627\u062a \u062a\u0642\u0648\u0645 \u0628\u062a\u0634\u062c\u064a\u0639 \u0627\u0644\u0623\u0634\u062e\u0627\u0635 \u0644\u0644\u0628\u062d\u062b \u0639\u0646 \u062b\u063a\u0631\u0627\u062a \u0623\u0645\u0646\u064a\u0629\u060c \u0648\u064a\u0643\u0648\u0646 \u0647\u0646\u0627\u0643 \u0645\u0643\u0627\u0641\u0626\u0627\u062a\u060c \u0648\u0628\u0630\u0644\u0643 \u064a\u062a\u0645 \u062a\u062d\u0633\u064a\u0646 \u0627\u0644\u0648\u0636\u0639 \u0627\u0644\u0623\u0645\u0646\u064a \u0644\u0644\u0645\u0646\u062a\u062c\u0627\u062a. \n\u064a\u0645\u0643\u0646 \u0644\u0623\u064a \u0634\u062e\u0635 \u0627\u0644\u0623\u0628\u0644\u0627\u063a \u0639\u0646 CVE \u0644\u0640 CNA. \n\u0647\u0646\u0627\u0643 \u0623\u064a\u0636\u0627\u064b \u0627\u0644\u0639\u062f\u064a\u062f \u0645\u0646 \u0627\u0644\u0623\u0633\u0645\u0627\u0621 \u0627\u0644\u0643\u0628\u064a\u0631\u0629\u0627\u0644\u062a\u064a \u062a\u0642\u0648\u0645 \u0628\u0630\u0644\u0643 (Google\u060c Facebook\u060c Cisco\u060c IBM\u060c Intel\u060c Dell\u060c Apple\u060c Adobe\u060c MITRE\u060c ... \u0648\u063a\u064a\u0631\u0647\u0645). \n\u0643\u0645 \u064a\u0628\u0644\u063a \u0639\u062f\u062f CVEs\u061f \n \n \n\u0647\u0646\u0627\u0643 \u0627\u0644\u0622\u0644\u0627\u0641 \u0645\u0646 \u0627\u0644\u0640 CVEs \u064a\u062a\u0645 \u0625\u064a\u062c\u0627\u062f\u0647\u0627 \u0643\u0644 \u0639\u0627\u0645\u060c \u0641\u0645\u0646\u0630 \u0623\u0646 \u0628\u062f\u0623\u062a \u0641\u064a \u0639\u0627\u0645 1999\u0645\u060c \u062a\u0645 \u0625\u0635\u062f\u0627\u0631 \u0623\u0643\u062b\u0631 \u0645\u0646 130 \u0623\u0644\u0641 \u0645\u064f\u0639\u0631\u0641 CVE \u062d\u064a\u062b \u0623\u0646\u0647 \u0628\u0645\u0639\u062f\u0644 12 \u0623\u0644\u0641 \u0625\u0644\u064a 15 \u0623\u0644\u0641 CVE \u0633\u0646\u0648\u064a\u0627\u064b\u060c \u0648\u0642\u062f \u0628\u0644\u063a \u0639\u062f\u062f\u0647\u0645 \u062d\u0627\u0644\u064a\u0627\u064b \u0623\u0643\u062b\u0631 \u0645\u0646 5 \u0622\u0644\u0627\u0641 \u0647\u0630\u0627 \u0627\u0644\u0639\u0627\u0645 \"2023\" \u0648\u0645\u0627 \u0632\u0627\u0644 \u0647\u0646\u0627\u0643 \u0627\u0644\u0643\u062b\u064a\u0631. \n \n\u064a\u0645\u0643\u0646\u0643 \u062a\u0635\u0641\u062d \u062c\u0645\u064a\u0639 \u0627\u0644\u0640 CVEs \u0645\u0646 \u062e\u0644\u0627\u0644 CVE Details\u060c \u0648\u0645\u0639\u0631\u0641\u0629 \u062a\u0641\u0627\u0635\u064a\u0644 \u0623\u0643\u062b\u0631 \u0639\u0646 \u062a\u0644\u0643 \u0627\u0644\u062b\u063a\u0631\u0627\u062a.", "creation_timestamp": "2024-04-20T16:28:55.000000Z"}, {"uuid": "56997025-06fa-4dc6-bbb6-27e5b2ed5500", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-0708", "type": "seen", "source": "https://t.me/ctinow/17457", "content": "The new CVE-2019-0708 RDP exploit attacks, explained\n\nhttps://ift.tt/2NqQXrJ", "creation_timestamp": "2019-11-07T22:29:17.000000Z"}, {"uuid": "54c97481-a4d6-4d93-9553-ac7e098f7929", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-0708", "type": "seen", "source": "https://t.me/ctinow/11506", "content": "When Older Windows Systems Won't Die Microsoft's decision to patch unsupported machines for the critical CVE-2019-0708 flaw is a reminder that XP, 2003, and other older versions of Windows still run in some enterprises. https://www.darkreading.com/perimeter/when-older-windows-systems-wont-die/d/d-id/1334749?_mc=rss_x_drr_edt_aud_dr_x_x-rss-simple", "creation_timestamp": "2019-05-17T19:57:05.000000Z"}, {"uuid": "4f965a56-1b1b-4550-a9dd-bcc0765fb182", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-0708", "type": "exploited", "source": "https://t.me/ctinow/12078", "content": "Microsoft Urges Businesses to Patch 'BlueKeep' Flaw Fearing another worm of WannaCry severity, Microsoft warns vulnerable users to apply the software update for CVE-2019-0708. https://www.darkreading.com/threat-intelligence/microsoft-urges-businesses-to-patch-bluekeep-flaw/d/d-id/1334862?_mc=rss_x_drr_edt_aud_dr_x_x-rss-simple", "creation_timestamp": "2019-06-04T00:02:44.000000Z"}, {"uuid": "d989cf18-0913-41e7-bbab-cedd8b99d8f4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-0708", "type": "exploited", "source": "https://t.me/ctinow/11740", "content": "RT @SwiftOnSecurity: WARNING: Per our threat team, there is backdoored \u201cProof-of-Concept\u201d exploit code floating around for #BlueKeep CVE-2019-0708.\n\nMake sure your red teams are NOT running arbitrary code and trying to be a hero. Attackers know orgs are panicking trying to assess their network. http://twitter.com/BleepinComputer/status/1131712925880737795", "creation_timestamp": "2019-05-24T02:21:11.000000Z"}, {"uuid": "a1089a55-1fb5-4b47-a03a-7710c01e2b7d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-0708", "type": "seen", "source": "https://t.me/dataleak/2041", "content": "\u0412 \u043e\u0442\u043a\u0440\u044b\u0442\u044b\u0439 \u0434\u043e\u0441\u0442\u0443\u043f \u0431\u044b\u043b \u0432\u044b\u043b\u043e\u0436\u0435\u043d \u0434\u0430\u043c\u043f \u0441\u0435\u0440\u0432\u0435\u0440\u0430, \u0441\u043e\u0434\u0435\u0440\u0436\u0430\u0449\u0435\u0433\u043e \u0434\u043e\u043a\u0443\u043c\u0435\u043d\u0442\u044b \u043d\u0435\u0441\u043a\u043e\u043b\u044c\u043a\u0438\u0445 \u043c\u043e\u0441\u043a\u043e\u0432\u0441\u043a\u0438\u0445 \u043c\u0435\u0434\u0438\u0446\u0438\u043d\u0441\u043a\u0438\u0445 (\u0441\u0442\u043e\u043c\u0430\u0442\u043e\u043b\u043e\u0433\u0438\u0447\u0435\u0441\u043a\u0438\u0445) \u043e\u0440\u0433\u0430\u043d\u0438\u0437\u0430\u0446\u0438\u0439 \u2013 \u043f\u0440\u0435\u0434\u043f\u043e\u043b\u043e\u0436\u0438\u0442\u0435\u043b\u044c\u043d\u043e \u041e\u041e\u041e \u00ab\u042e\u041d\u041e\u0412\u0430\u00bb \u0438 \u041e\u041e\u041e \u00ab\u041a\u043b\u0438\u043d\u0438\u043a\u0430 \u0417\u0434\u043e\u0440\u043e\u0432\u044c\u0435\u00bb. \ud83d\ude31\n\n\u0412\u0441\u0435\u0433\u043e \u0432\u044b\u043b\u043e\u0436\u0435\u043d\u043e 120,085 \u0444\u0430\u0439\u043b\u043e\u0432 \u043e\u0431\u0449\u0438\u043c \u0440\u0430\u0437\u043c\u0435\u0440\u043e\u043c 248,38 \u0413\u0431, \u0432 \u0442\u043e\u043c \u0447\u0438\u0441\u043b\u0435 \u0434\u043e\u0433\u043e\u0432\u043e\u0440\u0430, \u0432\u043d\u0443\u0442\u0440\u0435\u043d\u043d\u0438\u0435 \u0434\u043e\u043a\u0443\u043c\u0435\u043d\u0442\u044b, \u0441\u043f\u0438\u0441\u043a\u0438 \u043f\u0430\u0446\u0438\u0435\u043d\u0442\u043e\u0432, \u0441\u043f\u0438\u0441\u043a\u0438 \u0441\u043e\u0442\u0440\u0443\u0434\u043d\u0438\u043a\u043e\u0432 \u0438 \u043c\u043d\u043e\u0433\u043e\u0435 \u0434\u0440\u0443\u0433\u043e\u0435. \u041d\u0435\u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0434\u043e\u043a\u0443\u043c\u0435\u043d\u0442\u044b \u0434\u0430\u0442\u0438\u0440\u0443\u044e\u0442\u0441\u044f 2004-2012 \u0433\u0433., \u043d\u043e \u0435\u0441\u0442\u044c \u0438 2019-2020 \u0433\u0433.\n\n\u041f\u0440\u0435\u0434\u043f\u043e\u043b\u043e\u0436\u0438\u0442\u0435\u043b\u044c\u043d\u043e \u0441\u0435\u0440\u0432\u0435\u0440 \u0441 \u043e\u0442\u043a\u0440\u044b\u0442\u044b\u043c \u043f\u043e\u0440\u0442\u043e\u043c 3389 (MS RDP) \u0431\u044b\u043b \u0432\u0437\u043b\u043e\u043c\u0430\u043d \u0447\u0435\u0440\u0435\u0437 \u043e\u0434\u043d\u0443 \u0438\u0437 \u0438\u0437\u0432\u0435\u0441\u0442\u043d\u044b\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 (CVE-2019-0708), \u043b\u0438\u0431\u043e \u043f\u0435\u0440\u0435\u0431\u043e\u0440\u043e\u043c \u043f\u0430\u0440\u043e\u043b\u0435\u0439.", "creation_timestamp": "2021-01-26T08:00:11.000000Z"}, {"uuid": "265cd173-72b8-4881-be09-ea63ffdc2a94", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-0708", "type": "seen", "source": "Telegram/dH9nJ24NArfkzignkNO3yFmaQA3HGs-6knNrGNPBh_LX2f1X", "content": "", "creation_timestamp": "2021-01-22T17:58:15.000000Z"}, {"uuid": "db1b7d4e-d188-41a5-b1d1-7ca582b82a73", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-0708", "type": "exploited", "source": "https://t.me/ton618cyber/3599", "content": "Kimsuky Exploits BlueKeep RDP Vulnerability to Breach Systems in South Korea and Japan\n\nKimsuky exploited CVE-2019-0708 and CVE-2017-11882 since Oct 2023 to target 15 countries.\n\nThe Hacker News | thehackernews.com \u2022 Apr 21, 2025", "creation_timestamp": "2025-04-26T03:07:11.000000Z"}, {"uuid": "c994b53c-4b74-4280-aa2d-83b3133ba2a2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-0708", "type": "seen", "source": "https://t.me/arpsyndicate/1233", "content": "#ExploitObserverAlert\n\nCVE-2019-0708\n\nDESCRIPTION: Exploit Observer has 459 entries related to CVE-2019-0708. A remote code execution vulnerability exists in Remote Desktop Services formerly known as Terminal Services when an unauthenticated attacker connects to the target system using RDP and sends specially crafted requests, aka 'Remote Desktop Services Remote Code Execution Vulnerability'.\n\nFIRST-EPSS: 0.974960000\nNVD-IS: 5.9\nNVD-ES: 3.9", "creation_timestamp": "2023-12-04T14:56:40.000000Z"}, {"uuid": "0f9a2854-2782-4bac-b8d4-0b6840a64f14", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-0708", "type": "exploited", "source": "Telegram/SC2xInvgM-e_XTck2Cz9JyxiBlqqNlnRXtj2i3WkYKfW_Q", "content": "", "creation_timestamp": "2025-03-03T03:11:47.000000Z"}, {"uuid": "0b876bd9-0b68-4d2f-906c-2c6a560ccc03", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-0708", "type": "exploited", "source": "https://t.me/CyberBulletin/3091", "content": "\u26a1\ufe0fKimsuky is back\u2014and digging deep.\n\nA new Larva-24005 campaign is exploiting old RDP bugs (BlueKeep, CVE-2019-0708) to breach systems in South Korea, Japan & beyond\u2014with targets across energy, finance & tech.\n\n#CyberBulletin", "creation_timestamp": "2025-04-22T15:59:42.000000Z"}, {"uuid": "76629d5b-9c5e-41a4-84cd-f704861a75d0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-0708", "type": "seen", "source": "https://t.me/r3_6j/479", "content": "dork shodan: Anonymous ftp country:\"il\"\n3.34.196.159\nuser: anonymous\npass: anonymous\n89.35.237.184\nuser: anonymous\npass: anonymous\n169.148.123.194 ==> sa\nuser: anonymous\npass: anonymous\n193.182.144.36 ==> isreal\nuser: anonymous\npass: anonymous\n46.210.112.166 ==> isreal\nuser: anonymous\npass: anonymous\n216.92.22.14\n66.39.110.59\n216.92.97.50\n\nvuln:\n212.199.95.119 ==> il : CVE-2019-0708\nhttps://www.shodan.io/host/63.249.81.145", "creation_timestamp": "2024-04-29T19:02:11.000000Z"}, {"uuid": "4b9da448-de82-4721-8866-3f6c82d8d668", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-0708", "type": "exploited", "source": "https://t.me/ton618cyber/8957", "content": "Kimsuky Exploits BlueKeep RDP Vulnerability to Breach Systems in South Korea and Japan\n\nKimsuky exploited CVE-2019-0708 and CVE-2017-11882 since Oct 2023 to target 15 countries.\n\nThe Hacker News | thehackernews.com \u2022 Apr 21, 2025", "creation_timestamp": "2025-04-26T03:07:09.000000Z"}, {"uuid": "0113be47-5032-40ad-afa8-4842cf901e33", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-0708", "type": "published-proof-of-concept", "source": "Telegram/gF9aeO87TCrDaH0AxPm6jfIrzXSEVlsEQbI9JSqrUCynF9M", "content": "", "creation_timestamp": "2024-06-03T20:11:18.000000Z"}, {"uuid": "f82f22d7-79f9-43a1-b8c5-5f35344f09b0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-0708", "type": "seen", "source": "https://t.me/arpsyndicate/104", "content": "#ExploitObserverAlert\n\nCVE-2019-0708\n\nDESCRIPTION: Exploit Observer has 455 entries related to CVE-2019-0708. A remote code execution vulnerability exists in Remote Desktop Services formerly known as Terminal Services when an unauthenticated attacker connects to the target system using RDP and sends specially crafted requests, aka 'Remote Desktop Services Remote Code Execution Vulnerability'.\n\nFIRST-EPSS: 0.975050000\nNVD-IS: 5.9\nNVD-ES: 3.9", "creation_timestamp": "2023-11-12T02:10:22.000000Z"}, {"uuid": "30613eb1-f3e0-4fb0-a422-d27b23196a7e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-0708", "type": "published-proof-of-concept", "source": "Telegram/gkCNfR7Ni8rR2WppI2P2QBVxwUSFSZSc7p9YHVFBW4FWSNc", "content": "", "creation_timestamp": "2025-02-18T20:03:02.000000Z"}, {"uuid": "226bb908-89b7-4f6c-a17e-c1b93eb168c2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-0708", "type": "exploited", "source": "Telegram/xveMwXWSaFoZQh5K9PQ9gZ-Z9BaMPxeUbxv3GKQ1mpA", "content": "", "creation_timestamp": "2024-05-13T16:21:00.000000Z"}, {"uuid": "cec3ee02-c400-4cbf-be95-9bd56a127904", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-0708", "type": "published-proof-of-concept", "source": "https://t.me/osintflow/108", "content": "https://anonfiles.com/3bxb75e8y2/vulnCVE-2019-0708_countryru_gz", "creation_timestamp": "2022-05-09T17:58:49.000000Z"}, {"uuid": "7321f14f-0e2f-4160-8689-e1fbe3d84603", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-0708", "type": "seen", "source": "Telegram/JV247pFH9A95oxLQt3jWKBzK4mLyNZYIWZe0MKrQbyGkeOs", "content": "", "creation_timestamp": "2024-05-15T06:47:06.000000Z"}, {"uuid": "2eed0ce3-7ab7-416c-a0e0-948342f8389d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-0708", "type": "published-proof-of-concept", "source": "Telegram/1YemRONjdrrcg05rJAKPLqcn4MScI-DVbpT9FwczuB8KHA", "content": "", "creation_timestamp": "2020-10-20T23:09:58.000000Z"}, {"uuid": "ba15fc5a-6a73-4891-b2cf-59a8a291190e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-0708", "type": "exploited", "source": "https://t.me/reconshell/350", "content": "ISPY-Exploiting #EternalBlue And BlueKeep #Vulnerabilities\n\n#CyberSecurity #BlueKeep #WannaCry #CVE-2019-0708 #MS17-010 #vulnerability\n\nhttps://reconshell.com/ispy-exploiting-eternalblue-and-bluekeep-vulnerabilities/", "creation_timestamp": "2021-01-22T20:30:04.000000Z"}, {"uuid": "de784234-9413-4dc2-a2fe-62abf75becd0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-0708", "type": "exploited", "source": "Telegram/nuAMqDjeafuLuc6awrwrPqAuit7T7wuRCRbR_BufP_5n", "content": "", "creation_timestamp": "2020-06-08T13:46:27.000000Z"}, {"uuid": "1740bbdd-8b25-4635-ab8b-9cc513d53c32", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-0708", "type": "seen", "source": "Telegram/0sD_EyHySREvSWLaWKL-XHqTqDduPkHhIy1vEKF4pCPQbv8", "content": "", "creation_timestamp": "2020-10-28T02:58:38.000000Z"}, {"uuid": "23bd5003-03c4-432b-8b20-55bd43af7bc3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-0708", "type": "seen", "source": "https://t.me/haccking/55124", "content": "#\u041e\u0431\u0443\u0447\u0435\u043d\u0438\u0435\n\u041a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0430\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 \u0441\u043b\u0443\u0436\u0431\u0435 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u0433\u043e \u0440\u0430\u0431\u043e\u0447\u0435\u0433\u043e \u0441\u0442\u043e\u043b\u0430 Windows (CVE-2019-0708 | BlueKeep)\n\u0427\u0438\u0442\u0430\u0442\u044c \u0434\u0430\u043b\u0435\u0435...", "creation_timestamp": "2019-09-19T15:00:29.000000Z"}, {"uuid": "3bffece0-3d56-49b6-8a29-68555d6b743e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-0708", "type": "seen", "source": "https://t.me/information_security_channel/28512", "content": "DHS Issues Alert for Windows 'BlueKeep' Vulnerability\nhttp://feedproxy.google.com/~r/Securityweek/~3/5KzgUANczTE/dhs-issues-alert-windows-bluekeep-vulnerability\n\nThe Cybersecurity and Infrastructure Security Agency (CISA) of the U.S. Department of Homeland Security (DHS) on Monday issued an alert for the Windows vulnerability tracked as BlueKeep and CVE-2019-0708.\nread more (https://www.securityweek.com/dhs-issues-alert-windows-bluekeep-vulnerability)", "creation_timestamp": "2019-06-17T20:26:57.000000Z"}, {"uuid": "cca667fa-4431-4961-b346-65cd2cb61361", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-0708", "type": "seen", "source": "https://t.me/DerechodelaRed/2327", "content": "Seguimos en las mismas. Se comenta que AENA tambi\u00e9n puede estar afectada, pero no hay fuente fiable alguna que lo confirme.\n\nMientras tanto para securizar los sistemas vulnerables:\n(Windows 7, Windows Server 2008 & Windows Server 2008 R2)\n-Bloquear el puerto 3389 en firewalls\n-Deshabilitar el servicio de Escritorio Remoto \n-Activar Network Level Authentication (NLA)\n\n+info de CVE-2019-0708 https://t.co/34t5SL4Yzg", "creation_timestamp": "2019-11-04T14:18:07.000000Z"}, {"uuid": "94987733-9a06-4d77-a893-90eafc36ed10", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-0708", "type": "seen", "source": "https://t.me/DerechodelaRed/2319", "content": "Nos confirman desde Everis que en su caso se trata de bluekeep ( CVE-2019-0708 )", "creation_timestamp": "2019-11-04T12:21:45.000000Z"}, {"uuid": "9cd977a3-1bb0-4759-8361-13b5ad47e10e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-0708", "type": "seen", "source": "Telegram/CT-RA0nUkhZ05suTNd2pjhpszAksyK5ydW1302SPx8d0XJM", "content": "", "creation_timestamp": "2020-10-13T09:57:13.000000Z"}, {"uuid": "a25c8fc5-3397-4e32-b0f9-670402fcd1fe", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-0708", "type": "seen", "source": "https://t.me/information_security_channel/27594", "content": "CVE-2019-0708 \u2013 A Critical \u201cWormable\u201d Remote Code Execution Vulnerability in Windows RDP\nhttps://blogs.quickheal.com/cve-2019-0708-critical-wormable-remote-code-execution-vulnerability-windows-rdp/\n\nThis is an important security advisory related to a recently patched Critical remote code execution vulnerability in Microsoft Windows Remote Desktop Service (RDP). The vulnerability is identified as \u201cCVE-2019-0708 \u2013 Remote Desktop Services\u00a0Remote Code Execution Vulnerability\u201d. MSRC blog mentions This vulnerability is pre-authentication and requires no user interaction. In other\u2026", "creation_timestamp": "2019-05-17T08:19:32.000000Z"}, {"uuid": "8a2ade64-a183-4633-849d-d1446a2f2d9f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-0708", "type": "published-proof-of-concept", "source": "https://t.me/HackerOne/2439", "content": "Proof of concept for CVE-2019-0708\nhttps://github.com/Ekultek/BlueKeep", "creation_timestamp": "2019-05-30T16:53:02.000000Z"}, {"uuid": "be519d71-66f6-482a-980b-38b5ebdaf1cb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-0708", "type": "exploited", "source": "https://t.me/information_security_channel/31768", "content": "ISPY : Eternalblue/Bluekeep Scanner & Exploit\nhttps://kalilinuxtutorials.com/ispy-eternalblue-bluekeep-scanner-exploit/\n\nISPY V1.0 is a eternalblue(ms17-010)/bluekeep(CVE-2019-0708) scanner and exploit ( Metasploit automation ) . How to install? git clone https://github.com/Cyb0r9/ispy.git cd ispy chmod +x setup.sh ./setup.sh Also Read \u2013 B2R2 : A Collection of Algorithms, Functions And Tools For Binary Analysis Screenshots Tested On Parrot OS Kali linux Demo Disclaimer Usage of ispy for attacking targets [\u2026]\nThe post ISPY : Eternalblue/Bluekeep Scanner & Exploit (https://kalilinuxtutorials.com/ispy-eternalblue-bluekeep-scanner-exploit/) appeared first on Kali Linux Tutorials (https://kalilinuxtutorials.com/).", "creation_timestamp": "2019-10-13T05:15:48.000000Z"}, {"uuid": "fea25c81-4e0f-4716-b5c1-e33452892d7a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-0708", "type": "seen", "source": "https://t.me/legened/2574", "content": "\u0623\u0647\u0645 2 \u0646\u0642\u0627\u0637 \u0636\u0639\u0641 \u0645\u0639\u0631\u0648\u0641\u0629 \u0648\u0627\u0644\u062a\u064a \u062a\u0634\u0643\u0644 \u062a\u0647\u062f\u064a\u062f\u0627 \u0644\u0648\u0636\u0639\u0643 \u0627\u0644\u0627\u0645\u0646\u064a \u062d\u062a\u064a \u0627\u0644\u0627\u0646 2021 ! \n\n\n1. CVE-2019-0708\n\n\u0627\u0644\u0627\u0646\u0638\u0645\u0629 \u0627\u0644\u0645\u062a\u0627\u062b\u0631\u0629 : \u0645\u0627\u064a\u0643\u0631\u0648\u0633\u0648\u0641\u062a \u0648 \u0648\u064a\u0646\u062f\u0648\u0632 \n\n\u0627\u0644\u0648\u0635\u0641 :\n\n\u062a\u0648\u062c\u062f \u062b\u063a\u0631\u0629 \u0623\u0645\u0646\u064a\u0629 \u0641\u064a \u062a\u0646\u0641\u064a\u0630 \u0627\u0644\u062a\u0639\u0644\u064a\u0645\u0627\u062a \u0627\u0644\u0628\u0631\u0645\u062c\u064a\u0629 \u0639\u0646 \u0628\u0639\u062f \u0641\u064a \u062e\u062f\u0645\u0627\u062a \u0633\u0637\u062d \u0627\u0644\u0645\u0643\u062a\u0628 \u0627\u0644\u0628\u0639\u064a\u062f \u0627\u0644\u0645\u0639\u0631\u0648\u0641\u0629 \u0633\u0627\u0628\u0642\u0627 \u0628\u0627\u0633\u0645 \u0627\u0644\u062e\u062f\u0645\u0627\u062a \u0627\u0644\u0637\u0631\u0641\u064a\u0629 \u0639\u0646\u062f\u0645\u0627 \u064a\u062a\u0635\u0644 \u0645\u0647\u0627\u062c\u0645 \u063a\u064a\u0631 \u0645\u0635\u0627\u062f\u0642 \u0628\u0627\u0644\u0646\u0638\u0627\u0645 \u0627\u0644\u0645\u0633\u062a\u0647\u062f\u0641 \u0628\u0627\u0633\u062a\u062e\u062f\u0627\u0645 RDP \u0648\u064a\u0631\u0633\u0644 \u0637\u0644\u0628\u0627\u062a \u0645\u0635\u0645\u0645\u0629 \u062e\u0635\u064a\u0635\u0627 \u0648\u064a\u0639\u0631\u0641 \u0623\u064a\u0636\u0627 \u0628\u0627\u0633\u0645 \"\u062b\u063a\u0631\u0629 \u062a\u0646\u0641\u064a\u0630 \u0627\u0644\u062a\u0639\u0644\u064a\u0645\u0627\u062a \u0627\u0644\u0628\u0631\u0645\u062c\u064a\u0629 \u0639\u0646 \u0628\u0639\u062f \u0644\u062e\u062f\u0645\u0627\u062a \u0633\u0637\u062d \u0627\u0644\u0645\u0643\u062a\u0628 \u0627\u0644\u0628\u0639\u064a\u062f ! \n\n\u062a\u0627\u062b\u064a\u0631 \u0627\u0644\u062b\u063a\u0631\u0629 \u061b\n\n\u062a\u0623\u062b\u064a\u0631 \u064a\u0645\u0643\u0646 \u0644\u0627\u064a \u0634\u062e\u0635 \u0627\u0633\u062a\u062e\u062f\u0627\u0645 \u0645\u064a\u0632\u0629 \u0633\u0637\u062d \u0627\u0644\u0645\u0643\u062a\u0628 \u0627\u0644\u0628\u0639\u064a\u062f \u0645\u0646 Windows \u0644\u062a\u0633\u062c\u064a\u0644 \u0627\u0644\u062f\u062e\u0648\u0644 \u0627\u0644\u064a \u062c\u0647\u0627\u0632 \u0627\u0644\u0643\u0645\u0628\u064a\u0648\u062a\u0631 \u0627\u0644\u062e\u0627\u0635 \u0628\u0643 \u0648\u0627\u0644\u062a\u062d\u0643\u0645. \u0647\u0646\u0627\u0643 \u0627\u0641\u0634\u0627\u0621 \u0643\u0627\u0645\u0644 \u0644\u0644\u0645\u0639\u0644\u0648\u0645\u0627\u062a \u0645\u0645\u0627 \u0627\u062f\u0649 \u0627\u0644\u064a \u0627\u0644\u0643\u0634\u0641 \u0639\u0646 \u062c\u0645\u064a\u0639 \u0645\u0644\u0641\u0627\u062a \u0627\u0644\u0646\u0638\u0627\u0645 !\n\n2. CVE-2017-5715\n\n\u0627\u0644\u0627\u0646\u0638\u0645\u0629 \u0627\u0644\u0645\u062a\u0627\u062b\u0631\u0629 : ARM, Intel\u202f\n\n\u0648\u0635\u0641: \n\n\u0642\u062f \u062a\u0633\u0645\u062d \u0627\u0644\u0627\u0646\u0638\u0645\u0629 \u0630\u0627\u062a \u0627\u0644\u0645\u0639\u0627\u0644\u062c\u0627\u062a \u0627\u0644\u062f\u0642\u064a\u0642\u0629 \u0627\u0644\u062a\u064a \u062a\u0633\u062a\u062e\u062f\u0645 \u0627\u0644\u062a\u0646\u0641\u064a\u0630 \u0627\u0644\u062a\u062e\u0645\u064a\u0646\u064a \u0648\u0627\u0644\u062a\u0646\u0628\u0648 \u0628\u0627\u0644\u0641\u0631\u0639 \u063a\u064a\u0631 \u0627\u0644\u0645\u0628\u0627\u0634\u0631 \u0628\u0627\u0644\u0643\u0634\u0641 \u063a\u064a\u0631 \u0627\u0644\u0645\u0635\u0631\u062d \u0628\u0647 \u0639\u0646 \u0627\u0644\u0645\u0639\u0644\u0648\u0645\u0627\u062a \u0644\u0645\u0647\u0627\u062c\u0645 \u0645\u0639 \u0648\u0635\u0648\u0644 \u0627\u0644\u0645\u0633\u062a\u062e\u062f\u0645 \u0627\u0644\u0645\u062d\u0644\u064a \u0639\u0628\u0631 \u062a\u062d\u0644\u064a\u0644 \u0627\u0644\u0642\u0646\u0627\u0629 \u0627\u0644\u062c\u0627\u0646\u0628\u064a\u0629\u060c\n\n\u062a\u0627\u062b\u064a\u0631 \u0627\u0644\u062b\u063a\u0631\u0629 :\n\n\u064a\u0645\u0643\u0646 \u0644\u0644\u0645\u0633\u062a\u062e\u062f\u0645 \u0627\u0644\u0645\u062d\u0644\u064a \u062a\u0634\u063a\u064a\u0644 \u062a\u0639\u0644\u064a\u0645\u0627\u062a \u0628\u0631\u0645\u062c\u064a\u0629 \u0645\u0639\u062f\u0629 \u062e\u0635\u064a\u0635\u0627 \u0644\u062c\u0639\u0644 \u0648\u062d\u062f\u0629 \u0627\u0644\u0645\u0639\u0627\u0644\u062c\u0629 \u0627\u0644\u0645\u0631\u0643\u0632\u064a\u0629 \u062a\u0642\u0648\u0645 \u0639\u0644\u0649 \u0646\u062d\u0648 \u062a\u062e\u0645\u064a\u0646\u064a \u0628\u062a\u0646\u0641\u064a\u0630 \u0641\u0631\u0639 \u063a\u064a\u0631 \u0645\u0628\u0627\u0634\u0631 \u0644\u062a\u0633\u0631\u064a\u0628 \u0645\u062d\u062a\u0648\u064a\u0627\u062a \u0627\u0644\u0630\u0627\u0643\u0631\u0629 \u0645\u0646 \u0639\u0645\u0644\u064a\u0629 \u0627\u062e\u0631\u0649 \u0627\u0644\u064a \u0630\u0627\u0643\u0631\u0629 \u0627\u0644\u062a\u062e\u0632\u064a\u0646 \u0627\u0644\u0645\u0648\u0642\u062a \u0644\u0648\u062d\u062f\u0629 \u0627\u0644\u0645\u0639\u0627\u0644\u062c\u0629 \u0627\u0644\u0645\u0631\u0643\u0632\u064a\u0629 \u062b\u0645 \u0642\u0631\u0627\u0621\u0629 \u0645\u062d\u062a\u0648\u064a\u0627\u062a \u0630\u0627\u0643\u0631\u0629 \u0627\u0644\u062a\u062e\u0632\u064a\u0646 \u0627\u0644\u0645\u0648\u0642\u062a [CVE-2017-5715]. \u064a\u0645\u0643\u0646 \u0644\u0644\u0645\u0633\u062a\u062e\u062f\u0645 \u0627\u0644\u0645\u062d\u0644\u064a \u0639\u0631\u0636 \u0645\u062d\u062a\u0648\u064a\u0627\u062a \u0627\u0644\u0630\u0627\u0643\u0631\u0629 \u0627\u0644\u0638\u0627\u0647\u0631\u064a\u0629 \u0627\u0644\u062a\u0639\u0633\u0641\u064a\u0629 \u0639\u0644\u0649 \u062c\u0647\u0627\u0632 \u0648\u062d\u062f\u0629 \u0627\u0644\u0645\u0639\u0627\u0644\u062c\u0629 \u0627\u0644\u0645\u0631\u0643\u0632\u064a\u0629 \u0627\u0644\u0647\u062f\u0641 [\u0648\u0627\u0644\u0630\u064a \u064a\u0645\u0643\u0646 \u0627\u0646 \u064a\u0648\u062f\u064a \u0627\u0644\u064a \u0627\u0645\u062a\u064a\u0627\u0632\u0627\u062a \u0645\u0631\u062a\u0641\u0639\u0629 \u0639\u0644\u0649 \u0627\u0644\u0646\u0638\u0627\u0645 \u0627\u0644\u0647\u062f\u0641] !", "creation_timestamp": "2021-01-23T12:58:53.000000Z"}, {"uuid": "e377913b-5d83-4c47-bf46-5721b1a7b5d7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-0708", "type": "exploited", "source": "https://t.me/information_security_channel/28616", "content": "RDPScan : A Quick Scanner For \u201cBlueKeep\u201d  Vulnerability\nhttps://kalilinuxtutorials.com/rdpscan-bluekeep-vulnerability/\n\nRDPScan is a quick-and-dirty scanner for the CVE-2019-0708 vulnerability in Microsoft Remote Desktop. Right now, there are about 900,000 machines on the public Internet vulnerable to this vulnerability, so many are to expect a worm soon like WannaCry and notPetya. Therefore, scan your networks and patch (or at least, enable NLA) on vulnerable systems. This [\u2026]\nThe post RDPScan : A Quick Scanner For \u201cBlueKeep\u201d  Vulnerability (https://kalilinuxtutorials.com/rdpscan-bluekeep-vulnerability/) appeared first on Kali Linux Tutorials (https://kalilinuxtutorials.com/).", "creation_timestamp": "2019-06-20T06:32:25.000000Z"}, {"uuid": "f3553219-44c1-46aa-ab8e-25ab69f895b1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-0708", "type": "seen", "source": "https://t.me/information_security_channel/28098", "content": "[papers] Analysis of CVE-2019-0708 (BlueKeep)\nhttps://www.exploit-db.com/docs/english/46947-analysis-of-cve-2019-0708-(bluekeep).pdf\n\nAnalysis of CVE-2019-0708 (BlueKeep)", "creation_timestamp": "2019-06-03T21:32:29.000000Z"}, {"uuid": "7259aefa-4e15-4be5-b78d-173093a3321b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-0708", "type": "seen", "source": "https://t.me/information_security_channel/28106", "content": "Microsoft Urges Businesses to Patch 'BlueKeep' Flaw\nhttps://www.darkreading.com/threat-intelligence/microsoft-urges-businesses-to-patch-bluekeep-flaw/d/d-id/1334862?_mc=rss_x_drr_edt_aud_dr_x_x-rss-simple\n\nFearing another worm of WannaCry severity, Microsoft warns vulnerable users to apply the software update for CVE-2019-0708.", "creation_timestamp": "2019-06-04T00:10:58.000000Z"}, {"uuid": "0623da69-91ab-4983-b104-d0ff31704911", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-0708", "type": "seen", "source": "https://t.me/information_security_channel/28169", "content": "NSA Urges Windows Users to Patch 'BlueKeep' Vulnerability\nhttp://feedproxy.google.com/~r/Securityweek/~3/RouL41HU0sI/nsa-urges-windows-users-patch-bluekeep-vulnerability\n\nThe U.S. National Security Agency (NSA) on Tuesday urged Windows users and administrators to immediately address the vulnerability tracked as BlueKeep and CVE-2019-0708.\nread more (https://www.securityweek.com/nsa-urges-windows-users-patch-bluekeep-vulnerability)", "creation_timestamp": "2019-06-05T15:40:10.000000Z"}, {"uuid": "514e6c9f-7f3b-4315-9317-bc210b193053", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-0708", "type": "seen", "source": "https://t.me/information_security_channel/28183", "content": "NSA Issues Advisory for 'BlueKeep' Vulnerability\nhttps://www.darkreading.com/threat-intelligence/nsa-issues-advisory-for-bluekeep-vulnerability/d/d-id/1334880?_mc=rss_x_drr_edt_aud_dr_x_x-rss-simple\n\nThe National Security Agency joins Microsoft in urging Windows admins to patch wormable bug CVE-2019-0708.", "creation_timestamp": "2019-06-05T18:54:54.000000Z"}, {"uuid": "84cd09ad-54a6-4fdb-9996-42b082c679b9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-0708", "type": "seen", "source": "https://t.me/information_security_channel/27615", "content": "When Older Windows Systems Won't Die\nhttps://www.darkreading.com/perimeter/when-older-windows-systems-wont-die/d/d-id/1334749?_mc=rss_x_drr_edt_aud_dr_x_x-rss-simple\n\nMicrosoft's decision to patch unsupported machines for the critical CVE-2019-0708 flaw is a reminder that XP, 2003, and other older versions of Windows still run in some enterprises.", "creation_timestamp": "2019-05-17T20:24:55.000000Z"}, {"uuid": "d0354dba-f081-40a6-9bc0-d9a395fc016b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-0708", "type": "exploited", "source": "https://t.me/information_security_channel/27802", "content": "PoC Exploits Created for Wormable Windows RDS Flaw\nhttp://feedproxy.google.com/~r/Securityweek/~3/caeeIsSwf4I/poc-exploits-created-wormable-windows-rds-flaw\n\nSeveral proof-of-concept (PoC) exploits, including ones that can be used for remote code execution, have been developed for the recently patched Windows Remote Desktop Services (RDS) vulnerability tracked as CVE-2019-0708 and dubbed BlueKeep.\nread more (https://www.securityweek.com/poc-exploits-created-wormable-windows-rds-flaw)", "creation_timestamp": "2019-05-23T15:41:52.000000Z"}, {"uuid": "fa60fc57-139c-4962-8719-27251ef9d143", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-0708", "type": "seen", "source": "https://t.me/information_security_channel/27930", "content": "Siemens Medical Products Affected by Wormable Windows Flaw\nhttp://feedproxy.google.com/~r/Securityweek/~3/4BfvQgZRcq4/siemens-medical-products-affected-wormable-windows-flaw\n\nSeveral products made by Siemens Healthineers, a Siemens company that specializes in medical technology, are affected by a recently patched Windows vulnerability tracked as CVE-2019-0708 and BlueKeep.\nread more (https://www.securityweek.com/siemens-medical-products-affected-wormable-windows-flaw)", "creation_timestamp": "2019-05-28T07:52:41.000000Z"}, {"uuid": "e1aa5e87-8bce-4b36-ba60-deaad7eb0825", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-0708", "type": "seen", "source": "https://t.me/information_security_channel/28044", "content": "Microsoft Reminds Users to Patch Wormable 'BlueKeep' Vulnerability\nhttp://feedproxy.google.com/~r/Securityweek/~3/JGDwh5MgUv8/microsoft-reminds-users-patch-wormable-bluekeep-vulnerability\n\nMicrosoft has reminded users to patch the Windows vulnerability tracked as BlueKeep and CVE-2019-0708 due to the high risk of exploitation.\nread more (https://www.securityweek.com/microsoft-reminds-users-patch-wormable-bluekeep-vulnerability)", "creation_timestamp": "2019-05-31T16:48:40.000000Z"}, {"uuid": "36023ccb-a9f7-4aa7-b58e-5d42abb65782", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-0708", "type": "exploited", "source": "https://t.me/information_security_channel/28060", "content": "Its a second time Microsoft urged users to update the recently patched Warmable BlueKeep Remote desktop protocol vulnerability due to the seriousness of this flaw let the hackers perform WannaCry level Attack. Microsoft already warned first on May 14 when they released a patch for a critical Remote Code Execution vulnerability,\u00a0CVE-2019-0708. We have reported about [\u2026]\nThe post Microsoft Warned Second Time to Update Windows for Bluekeep RDP Flaw \u2013 Exploits Already Available in Hackers Hand (https://gbhackers.com/update-windows-for-bluekeep-rdp-flaw/) appeared first on GBHackers On Security (https://gbhackers.com/).", "creation_timestamp": "2019-06-01T05:08:50.000000Z"}, {"uuid": "588387c0-be45-4aca-aed2-da7a4b08c796", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-0708", "type": "seen", "source": "https://t.me/thehackernews/305", "content": "Microsoft releases May 2019 security updates to patch a critical \"Wormable Flaw\" [CVE-2019-0708] and 78 other CVE-listed vulnerabilities in its software and Windows operating systems\n \nhttps://thehackernews.com/2019/05/microsoft-security-updates.html", "creation_timestamp": "2019-05-14T20:27:23.000000Z"}, {"uuid": "7f308cc8-5f32-4ee1-967b-15ddae7908d4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-0708", "type": "exploited", "source": "https://t.me/information_security_channel/29469", "content": "Over 800,000 Systems Still Vulnerable to BlueKeep Attacks\nhttp://feedproxy.google.com/~r/Securityweek/~3/QNLX5IymuZg/over-800000-systems-still-vulnerable-bluekeep-attacks\n\nUsers and organizations continue to patch the Windows vulnerability tracked as BlueKeep and CVE-2019-0708 (https://www.securityweek.com/microsoft-patches-rds-vulnerability-allowing-wannacry-attacks), but over 800,000 systems are still exposed to attacks.\nread more (https://www.securityweek.com/over-800000-systems-still-vulnerable-bluekeep-attacks)", "creation_timestamp": "2019-07-18T19:21:59.000000Z"}, {"uuid": "ae4af77b-cff6-40aa-b814-055ce9edca1f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-0708", "type": "exploited", "source": "https://t.me/information_security_channel/29681", "content": "The new variant of Linux botnet WatchBog adds BlueKeep Vulnerability Scanner module to prepare a list of vulnerable windows RDP servers. The hackers behind WatchBog is familiar with exploiting know vulnerabilities. Bluekeep is windows-based vulnerability which allows an attacker to access the vulnerable machine without authentication. The vulnerability can be tracked as CVE-2019-0708, till now [\u2026]\nThe post Linux Botnet WatchBog adds BlueKeep Vulnerability Scanner Module to List Vulnerable RDP Systems (https://gbhackers.com/bluekeep-vulnerability-scanner/) appeared first on GBHackers On Security (https://gbhackers.com/).", "creation_timestamp": "2019-07-26T01:59:48.000000Z"}, {"uuid": "cbc0505a-188c-402d-866c-968c69846fad", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-0708", "type": "exploited", "source": "https://t.me/information_security_channel/32293", "content": "Security researchers spotted the first mass cyberattack campaign exploiting BlueKeep RDP Flaw to install a cryptocurrency miner on the vulnerable installations. Bluekeep(CVE-2019-0708) is a wormable critical RCE vulnerability in Remote desktop services that let hackers access the vulnerable machine without authentication. As vulnerability is wormable, it could rapidly compromise millions of machines in a short [\u2026]\nThe post First Cyberattack Spotted in Wild to Exploit Windows BlueKeep RDP Flaw (https://gbhackers.com/mass-cyberattack-bluekeep/) appeared first on GBHackers On Security (https://gbhackers.com/).", "creation_timestamp": "2019-11-04T07:46:52.000000Z"}, {"uuid": "f2005f23-e730-4e1c-bd5a-daa4a7c4760e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-0708", "type": "exploited", "source": "https://t.me/information_security_channel/32297", "content": "BlueKeep Vulnerability Exploited to Deliver Cryptocurrency Miner\nhttp://feedproxy.google.com/~r/Securityweek/~3/1llPo6rp0M4/bluekeep-vulnerability-exploited-deliver-cryptocurrency-miner\n\nThe notorious Windows Remote Desktop Services (RDS) vulnerability tracked as CVE-2019-0708 and BlueKeep has been exploited in the wild to deliver cryptocurrency mining malware, researchers warned over the weekend.\nread more (https://www.securityweek.com/bluekeep-vulnerability-exploited-deliver-cryptocurrency-miner)", "creation_timestamp": "2019-11-04T10:57:05.000000Z"}, {"uuid": "c2c339f8-4925-437d-baf6-d0f4e933d4bd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-0708", "type": "exploited", "source": "https://t.me/information_security_channel/32446", "content": "BlueKeep Attacks seen in the wild!\nhttps://blogs.quickheal.com/bluekeep-attacks-seen-wild/\n\nCVE-2019-0708, popularly known as BlueKeep, is a RDP pre-authentication vulnerability which allows attacker to compromise a vulnerable system without user\u2019s interaction. This exploit is also wormable, meaning that it can spread to other vulnerable systems in a similar way as the WannaCry malware spread across the globe in 2017. Interestingly,\u2026", "creation_timestamp": "2019-11-08T11:12:17.000000Z"}, {"uuid": "856b426f-d425-4646-9b0e-8c5e52a6ba44", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-0708", "type": "exploited", "source": "https://t.me/xakep_ru/6687", "content": "\u041f\u0440\u043e\u0434\u0435\u043c\u043e\u043d\u0441\u0442\u0440\u0438\u0440\u043e\u0432\u0430\u043d\u044b \u044d\u043a\u0441\u043f\u043b\u043e\u0438\u0442\u044b \u0434\u043b\u044f RCE-\u043f\u0440\u043e\u0431\u043b\u0435\u043c\u044b BlueKeep\n\n\u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u0438\u0437\u0443\u0447\u0430\u044e\u0442 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2019-0708, \u0431\u043b\u0430\u0433\u043e\u0434\u0430\u0440\u044f \u043a\u043e\u0442\u043e\u0440\u043e\u0439 \u0430\u0442\u0430\u043a\u0443\u044e\u0449\u0438\u0435 \u043c\u043e\u0433\u0443\u0442 \u0440\u0430\u0441\u043f\u0440\u043e\u0441\u0442\u0440\u0430\u043d\u044f\u0442\u044c \u043c\u0430\u043b\u0432\u0430\u0440\u044c \u043f\u043e\u0434\u043e\u0431\u043d\u043e \u0447\u0435\u0440\u0432\u044e. \n\nhttps://xakep.ru/2019/05/23/bluekeep-exploits/", "creation_timestamp": "2019-05-23T12:35:14.000000Z"}, {"uuid": "8f70567f-7146-4c5d-946c-531a887ef60d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-0708", "type": "exploited", "source": "https://t.me/thehackernews/6699", "content": "\ud83d\udd75\ufe0f\u200d\u2642\ufe0f Kimsuky is back\u2014and digging deep.\n\nA new Larva-24005 campaign is exploiting old RDP bugs (BlueKeep, CVE-2019-0708) to breach systems in South Korea, Japan & beyond\u2014with targets across energy, finance & tech.\n\nLearn more: https://thehackernews.com/2025/04/kimsuky-exploits-bluekeep-rdp.html", "creation_timestamp": "2025-04-21T18:45:57.000000Z"}, {"uuid": "86575e16-3cb4-4fed-a81c-b14e76fc1302", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-0708", "type": "seen", "source": "https://t.me/xakep_ru/8488", "content": "ESET \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0430 \u0431\u0435\u0441\u043f\u043b\u0430\u0442\u043d\u044b\u0439 \u0438\u043d\u0441\u0442\u0440\u0443\u043c\u0435\u043d\u0442 \u0434\u043b\u044f \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 BlueKeep\n\n\u042d\u043a\u0441\u043f\u0435\u0440\u0442\u044b \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0438 ESET \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u0438\u043b\u0438 \u0431\u0435\u0441\u043f\u043b\u0430\u0442\u043d\u0443\u044e \u0443\u0442\u0438\u043b\u0438\u0442\u0443 \u0434\u043b\u044f \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0438 Windows-\u0441\u0438\u0441\u0442\u0435\u043c \u043d\u0430 \u043d\u0430\u043b\u0438\u0447\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 BlueKeep (CVE-2019-0708). \n\nhttps://xakep.ru/2019/12/18/bluekeep-test/", "creation_timestamp": "2019-12-18T09:40:19.000000Z"}, {"uuid": "8daa949f-bf53-42b3-8e13-20e6d40cc043", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-0708", "type": "exploited", "source": "https://t.me/xakep_ru/6726", "content": "\u041d\u0435\u0438\u0437\u0432\u0435\u0441\u0442\u043d\u044b\u0435 \u0430\u043a\u0442\u0438\u0432\u043d\u043e \u0441\u043a\u0430\u043d\u0438\u0440\u0443\u044e\u0442 \u0441\u0435\u0442\u044c \u0432 \u043f\u043e\u0438\u0441\u043a\u0430\u0445 \u043c\u0430\u0448\u0438\u043d, \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u0445 \u043f\u0435\u0440\u0435\u0434 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u043e\u0439 BlueKeep\n\n\u041e\u043f\u0430\u0441\u043d\u043e\u0439 RDP-\u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c\u044e CVE-2019-0708 \u0443\u0436\u0435 \u0438\u043d\u0442\u0435\u0440\u0435\u0441\u0443\u044e\u0442\u0441\u044f \u043f\u0440\u0435\u0441\u0442\u0443\u043f\u043d\u0438\u043a\u0438: \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u043b\u0438 \u043c\u0430\u0441\u0441\u043e\u0432\u044b\u0435 \u0441\u043a\u0430\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u044f \u0441\u0435\u0442\u0438. \n\nhttps://xakep.ru/2019/05/28/bluekeep-scans/", "creation_timestamp": "2019-05-28T20:10:16.000000Z"}, {"uuid": "6f859654-f994-4704-a68c-af3ca135ac52", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-0708", "type": "exploited", "source": "https://t.me/xakep_ru/6728", "content": "\u041e\u043a\u043e\u043b\u043e \u043c\u0438\u043b\u043b\u0438\u043e\u043d\u0430 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432 \u0432\u0441\u0435 \u0435\u0449\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u044b \u043f\u0435\u0440\u0435\u0434 RDP-\u043f\u0440\u043e\u0431\u043b\u0435\u043c\u043e\u0439 BlueKeep\n\n\u0421\u043e\u0433\u043b\u0430\u0441\u043d\u043e \u043d\u043e\u0432\u043e\u043c\u0443 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u043d\u0438\u044e, \u043f\u0435\u0440\u0435\u0434 RDP-\u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c\u044e CVE-2019-0708, \u043e\u0431\u043b\u0430\u0434\u0430\u044e\u0449\u0435\u0439 \u043f\u043e\u0442\u0435\u043d\u0446\u0438\u0430\u043b\u043e\u043c \u0447\u0435\u0440\u0432\u044f, \u0443\u044f\u0437\u0432\u0438\u043c\u044b \u043e\u043a\u043e\u043b\u043e \u043c\u0438\u043b\u043b\u0438\u043e\u043d\u0430 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432 \u043f\u043e \u0432\u0441\u0435\u043c\u0443 \u043c\u0438\u0440\u0443.\n\nhttps://xakep.ru/2019/05/29/bluekeep-stats/", "creation_timestamp": "2019-05-29T09:35:21.000000Z"}, {"uuid": "51ebc669-cd96-4442-a59d-bd2c3852a9e7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-0708", "type": "seen", "source": "https://t.me/canyoupwnme/5523", "content": "Prevent a worm by updating Remote Desktop Services (CVE-2019-0708)\nhttps://blogs.technet.microsoft.com/msrc/2019/05/14/prevent-a-worm-by-updating-remote-desktop-services-cve-2019-0708/", "creation_timestamp": "2019-05-15T01:20:29.000000Z"}, {"uuid": "0234ddfc-71da-4290-949e-43c86f97e245", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-0708", "type": "exploited", "source": "https://t.me/xakep_ru/8914", "content": "\u0417\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u043c\u043e\u0433\u0443\u0442 \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u043a\u0430\u0436\u0434\u043e\u043c\u0443 \u0434\u0435\u0441\u044f\u0442\u043e\u043c\u0443 \u043e\u0442\u043a\u0440\u044b\u0442\u043e\u043c\u0443 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u043c\u0443 \u0440\u0430\u0431\u043e\u0447\u0435\u043c\u0443 \u0441\u0442\u043e\u043b\u0443\n\n\u042d\u043a\u0441\u043f\u0435\u0440\u0442\u044b Positive Technologies \u043f\u043e\u0434\u0441\u0447\u0438\u0442\u0430\u043b\u0438, \u0447\u0442\u043e \u0431\u043e\u043b\u0435\u0435 10% \u0440\u0435\u0441\u0443\u0440\u0441\u043e\u0432, \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u044b\u0445 \u0447\u0435\u0440\u0435\u0437 RDP, \u0443\u044f\u0437\u0432\u0438\u043c\u044b \u043f\u0435\u0440\u0435\u0434 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u043e\u0439 BlueKeep (CVE-2019-0708), \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0430\u0442\u0430\u043a\u0443\u044e\u0449\u0435\u043c\u0443 \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u043f\u043e\u043b\u043d\u044b\u0439 \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u044c \u043d\u0430\u0434 \u043a\u043e\u043c\u043f\u044c\u044e\u0442\u0435\u0440\u043e\u043c \u043d\u0430 \u0431\u0430\u0437\u0435 Windows.\n\nhttps://xakep.ru/2020/03/30/bluekeep-still-dangerous/", "creation_timestamp": "2020-03-30T09:40:08.000000Z"}, {"uuid": "1cc7fba4-f074-4bd4-81de-6bfae97774bf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-0708", "type": "exploited", "source": "https://t.me/canyoupwnme/5876", "content": "Initial Metasploit Exploit Module for BlueKeep (CVE-2019-0708)\nhttps://blog.rapid7.com/2019/09/06/initial-metasploit-exploit-module-for-bluekeep-cve-2019-0708/", "creation_timestamp": "2019-09-07T23:34:02.000000Z"}, {"uuid": "4dd2afb6-705d-4e47-a4cf-572cc15c9e20", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-0708", "type": "seen", "source": "https://t.me/canyoupwnme/5524", "content": "Whatsapp g\u00fcvenlik ekibi, Whatsapp sesli arama \u00f6zelli\u011fini kullanarak uzaktan casus yaz\u0131l\u0131m kurulabilmesine izin veren ciddi bir g\u00fcvenlik a\u00e7\u0131\u011f\u0131 tespit etti.\nhttps://www.prismacsi.com/haftanin-onemli-gelismeleri/\nCVE-2019-0708, RDP Uzaktan Kod \u00c7al\u0131\u015ft\u0131rmas\u0131na Neden Olan Zafiyeti \u00d6nleyen Kritik Yama Yay\u0131nland\u0131\nhttps://www.prismacsi.com/rdp-cve-2019-0708-zafiyeti/", "creation_timestamp": "2019-05-15T17:50:36.000000Z"}, {"uuid": "a7171d7a-6ad9-49a2-899b-6feb4737232c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-0708", "type": "published-proof-of-concept", "source": "https://t.me/canyoupwnme/5541", "content": "CVE-2019-0708\nScanner PoC for CVE-2019-0708 RDP RCE vuln\nhttps://github.com/zerosum0x0/CVE-2019-0708", "creation_timestamp": "2019-05-22T18:01:43.000000Z"}, {"uuid": "2c199743-ab42-425c-a07c-8a62e7345af5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-0708", "type": "seen", "source": "https://t.me/canyoupwnme/5563", "content": "A Debugging Primer with CVE-2019\u20130708\nhttps://medium.com/@straightblast426/a-debugging-primer-with-cve-2019-0708-ccfa266682f6", "creation_timestamp": "2019-05-30T10:52:58.000000Z"}, {"uuid": "0c2d1f26-8765-4f5d-a626-399d7dfb02a4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-0708", "type": "exploited", "source": "https://t.me/canyoupwnme/5566", "content": "Proof of concept for CVE-2019-0708\nhttps://github.com/Ekultek/BlueKeep", "creation_timestamp": "2019-05-30T16:18:59.000000Z"}, {"uuid": "360a4c0e-accc-4429-a8de-cb9d252f2f73", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-0708", "type": "published-proof-of-concept", "source": "https://t.me/SecLabNews/4948", "content": "\u041d\u0430 \u043c\u0438\u043d\u0443\u0432\u0448\u0435\u0439 \u043d\u0435\u0434\u0435\u043b\u0435 \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u044f Microsoft \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0430 \u043f\u0430\u0442\u0447, \u0443\u0441\u0442\u0440\u0430\u043d\u044f\u044e\u0449\u0438\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2019-0708 (\u043f\u043e\u043b\u0443\u0447\u0438\u043b\u0430 \u043d\u0430\u0437\u0432\u0430\u043d\u0438\u0435 BlueKeep), \u043f\u0440\u0435\u0434\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u044e\u0449\u0443\u044e \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e\u0441\u0442\u044c \u043e\u0441\u0443\u0449\u0435\u0441\u0442\u0432\u0438\u0442\u044c \u0430\u0442\u0430\u043a\u0438 \u043d\u0430\u043f\u043e\u0434\u043e\u0431\u0438\u0435 \u044d\u043f\u0438\u0434\u0435\u043c\u0438\u0438 WannaCry, \u043e\u0442 \u043a\u043e\u0442\u043e\u0440\u043e\u0439 \u0432 2017 \u0433\u043e\u0434\u0443 \u043f\u043e\u0441\u0442\u0440\u0430\u0434\u0430\u043b\u0438 \u0441\u043e\u0442\u043d\u0438 \u0442\u044b\u0441\u044f\u0447 \u043a\u043e\u043c\u043f\u044c\u044e\u0442\u0435\u0440\u043e\u0432 \u043f\u043e \u0432\u0441\u0435\u043c\u0443 \u043c\u0438\u0440\u0443. \u0411\u0430\u0433 \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u0435\u0442 \u0441\u043b\u0443\u0436\u0431\u044b \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u0433\u043e \u0440\u0430\u0431\u043e\u0447\u0435\u0433\u043e \u0441\u0442\u043e\u043b\u0430 (Remote Desktop Services), \u0440\u0430\u043d\u0435\u0435 \u0438\u0437\u0432\u0435\u0441\u0442\u043d\u044b\u0435 \u043a\u0430\u043a \u0441\u043b\u0443\u0436\u0431\u044b \u0442\u0435\u0440\u043c\u0438\u043d\u0430\u043b\u043e\u0432 (Terminal Services). \u0425\u043e\u0442\u044f \u0432 \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0438 \u043d\u0435 \u0437\u0430\u0444\u0438\u043a\u0441\u0438\u0440\u043e\u0432\u0430\u043b\u0438 \u0430\u0442\u0430\u043a \u0441 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435\u043c \u0434\u0430\u043d\u043d\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438, \u0440\u044f\u0434 \u0418\u0411-\u044d\u043a\u0441\u043f\u0435\u0440\u0442\u043e\u0432 \u0443\u0436\u0435 \u043f\u043e\u0434\u0442\u0432\u0435\u0440\u0434\u0438\u043b\u0438, \u0447\u0442\u043e \u0435\u0435 \u043c\u043e\u0436\u043d\u043e \u043f\u0440\u043e\u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u0434\u043b\u044f \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u0433\u043e \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u043a\u043e\u0434\u0430, \u0438 \u0440\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u0430\u043b\u0438 \u0441\u043e\u043e\u0442\u0432\u0435\u0442\u0441\u0442\u0432\u0443\u044e\u0449\u0438\u0435 PoC-\u044d\u043a\u0441\u043f\u043b\u043e\u0438\u0442\u044b.    \n\u0414\u043b\u044f \u00ab\u0447\u0435\u0440\u0432\u0435\u043f\u043e\u0434\u043e\u0431\u043d\u043e\u0439\u00bb \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 Windows \u0440\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u0430\u043d\u044b \u044d\u043a\u0441\u043f\u043b\u043e\u0438\u0442\u044b", "creation_timestamp": "2019-05-21T10:34:22.000000Z"}, {"uuid": "32fbc729-2f8e-423a-ae7c-8aad570b1136", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-0708", "type": "seen", "source": "https://t.me/haccking/4097", "content": "#\u041e\u0431\u0443\u0447\u0435\u043d\u0438\u0435\n\u041a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0430\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 \u0441\u043b\u0443\u0436\u0431\u0435 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u0433\u043e \u0440\u0430\u0431\u043e\u0447\u0435\u0433\u043e \u0441\u0442\u043e\u043b\u0430 Windows (CVE-2019-0708 | BlueKeep)\n\u0427\u0438\u0442\u0430\u0442\u044c \u0434\u0430\u043b\u0435\u0435...", "creation_timestamp": "2019-09-19T17:00:26.000000Z"}, {"uuid": "b2937a9b-a840-40ec-ad03-724f4e8f1f1a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-0708", "type": "exploited", "source": "https://t.me/SecLabNews/4995", "content": "\u041a\u0438\u0431\u0435\u0440\u043f\u0440\u0435\u0441\u0442\u0443\u043f\u043d\u0438\u043a\u0438 \u0430\u043a\u0442\u0438\u0432\u043d\u043e \u0441\u043a\u0430\u043d\u0438\u0440\u0443\u044e\u0442 \u0421\u0435\u0442\u044c \u0432 \u043f\u043e\u0438\u0441\u043a\u0430\u0445 \u0441\u0438\u0441\u0442\u0435\u043c \u043d\u0430 \u0431\u0430\u0437\u0435 \u041e\u0421 Windows, \u043f\u043e\u0434\u0432\u0435\u0440\u0436\u0435\u043d\u043d\u044b\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 BlueKeep (CVE-2019-0708), \u043f\u0430\u0442\u0447 \u0434\u043b\u044f \u043a\u043e\u0442\u043e\u0440\u043e\u0439 \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u044f Microsoft \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0430 \u0432 \u0441\u0435\u0440\u0435\u0434\u0438\u043d\u0435 \u043c\u0430\u044f (Windows XP, Windows 7, Windows Server 2003, Windows Server 2008 R2 \u0438 Windows Server 2008). \u041e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u044c \u0431\u0430\u0433\u0430 \u0437\u0430\u043a\u043b\u044e\u0447\u0430\u0435\u0442\u0441\u044f \u0432 \u0442\u043e\u043c, \u0447\u0442\u043e \u043e\u043d \u043d\u0435 \u0442\u0440\u0435\u0431\u0443\u0435\u0442 \u0432\u0437\u0430\u0438\u043c\u043e\u0434\u0435\u0439\u0441\u0442\u0432\u0438\u044f \u0441 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439 \u0438 \u043c\u043e\u0436\u0435\u0442 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c\u0441\u044f \u0434\u043b\u044f \u043c\u0430\u0441\u0441\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0445 \u0430\u0442\u0430\u043a \u043d\u0430\u043f\u043e\u0434\u043e\u0431\u0438\u0435 \u0432\u044b\u043c\u043e\u0433\u0430\u0442\u0435\u043b\u044c\u0441\u043a\u043e\u0439 \u043a\u0430\u043c\u043f\u0430\u043d\u0438\u0438 WannaCry, \u043e\u0442 \u043a\u043e\u0442\u043e\u0440\u043e\u0439 \u0432 2017 \u043f\u043e\u0441\u0442\u0440\u0430\u0434\u0430\u043b\u0438 \u0441\u043e\u0442\u043d\u0438 \u0442\u044b\u0441\u044f\u0447 \u043a\u043e\u043c\u043f\u044c\u044e\u0442\u0435\u0440\u043e\u0432 \u043f\u043e \u0432\u0441\u0435\u043c\u0443 \u043c\u0438\u0440\u0443.    \n\u0417\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u0430\u043a\u0442\u0438\u0432\u043d\u043e \u0438\u0449\u0443\u0442 \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u0435 \u043a BlueKeep Windows-\u0441\u0438\u0441\u0442\u0435\u043c\u044b", "creation_timestamp": "2019-05-27T15:04:38.000000Z"}, {"uuid": "9f3ddf80-2ff5-4193-9efb-a5b34c2ede5a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-0708", "type": "exploited", "source": "https://t.me/SecLabNews/5002", "content": "\u0420\u044f\u0434 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u043e\u0432 Siemens Healthineers, \u0434\u043e\u0447\u0435\u0440\u043d\u0435\u0439 \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0438 Siemens, \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u0438\u0437\u0438\u0440\u0443\u044e\u0449\u0435\u0439\u0441\u044f \u043d\u0430 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0441\u0442\u0432\u0435 \u043c\u0435\u0434\u0438\u0446\u0438\u043d\u0441\u043a\u043e\u0433\u043e \u043e\u0431\u043e\u0440\u0443\u0434\u043e\u0432\u0430\u043d\u0438\u044f, \u0441\u043e\u0434\u0435\u0440\u0436\u0430\u0442 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u0433\u043e \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u043a\u043e\u0434\u0430, \u043f\u043e\u043b\u0443\u0447\u0438\u0432\u0448\u0443\u044e \u043d\u0430\u0437\u0432\u0430\u043d\u0438\u0435 BlueKeep (CVE-2019-0708), \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u0435\u0442 \u0441\u043b\u0443\u0436\u0431\u044b \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u0433\u043e \u0440\u0430\u0431\u043e\u0447\u0435\u0433\u043e \u0441\u0442\u043e\u043b\u0430 Windows. \u0414\u0430\u043d\u043d\u0430\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043c\u043e\u0436\u0435\u0442 \u0431\u044b\u0442\u044c \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0430 \u0434\u043b\u044f \u0430\u0442\u0430\u043a \u043d\u0430\u043f\u043e\u0434\u043e\u0431\u0438\u0435 \u043f\u0435\u0447\u0430\u043b\u044c\u043d\u043e \u0438\u0437\u0432\u0435\u0441\u0442\u043d\u043e\u0439 WannaCry. \u041f\u0430\u0442\u0447 \u0434\u043b\u044f \u0434\u0430\u043d\u043d\u043e\u0439 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u044b \u0431\u044b\u043b \u0432\u044b\u043f\u0443\u0449\u0435\u043d \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0435\u0439 Microsoft 14 \u043c\u0430\u044f.    \nSiemens \u043f\u0440\u0435\u0434\u0443\u043f\u0440\u0435\u0434\u0438\u043b\u0430 \u043e \u043d\u0430\u043b\u0438\u0447\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 BlueKeep \u0432 \u0435\u0435 \u043c\u0435\u0434\u0438\u0446\u0438\u043d\u0441\u043a\u043e\u043c \u043e\u0431\u043e\u0440\u0443\u0434\u043e\u0432\u0430\u043d\u0438\u0438", "creation_timestamp": "2019-05-28T11:44:38.000000Z"}, {"uuid": "547a6622-a58c-4357-8eab-ecb995b9e6a5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-0708", "type": "seen", "source": "https://t.me/SecLabNews/5007", "content": "\u041d\u0435\u0441\u043c\u043e\u0442\u0440\u044f \u043d\u0430 \u0442\u043e, \u0447\u0442\u043e \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u044f Microsoft \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0430 \u043f\u0430\u0442\u0447 \u0434\u043b\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u0433\u043e \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u043a\u043e\u0434\u0430 CVE-2019-0708, \u0442\u0430\u043a\u0436\u0435 \u0438\u0437\u0432\u0435\u0441\u0442\u043d\u043e\u0439 \u043a\u0430\u043a BlueKeep, \u043f\u043e\u0440\u044f\u0434\u043a\u0430 \u0434\u0432\u0443\u0445 \u043d\u0435\u0434\u0435\u043b\u044c \u043d\u0430\u0437\u0430\u0434, \u0431\u043e\u043b\u0435\u0435 963 \u0442\u044b\u0441. \u043a\u043e\u043c\u043f\u044c\u044e\u0442\u0435\u0440\u043e\u0432 \u0432\u0441\u0435 \u0435\u0449\u0435 \u043d\u0430\u0445\u043e\u0434\u044f\u0442\u0441\u044f \u043f\u043e\u0434 \u0443\u0433\u0440\u043e\u0437\u043e\u0439 \u0430\u0442\u0430\u043a, \u043f\u043e\u043a\u0430\u0437\u0430\u043b\u043e \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u043d\u0438\u0435, \u043f\u0440\u043e\u0432\u0435\u0434\u0435\u043d\u043d\u043e\u0435 \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u0438\u0441\u0442\u0430\u043c\u0438 \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0438 Errata Security.    \n\u041f\u043e\u0447\u0442\u0438 1 \u043c\u043b\u043d \u043a\u043e\u043c\u043f\u044c\u044e\u0442\u0435\u0440\u043e\u0432 \u0432\u0441\u0435 \u0435\u0449\u0435 \u0443\u044f\u0437\u0432\u0438\u043c \u043a BlueKeep", "creation_timestamp": "2019-05-28T16:44:38.000000Z"}, {"uuid": "71345ecf-8534-48de-8fdc-e3f1a9b2897f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-0708", "type": "published-proof-of-concept", "source": "https://t.me/DC8044_Info/225", "content": "https://github.com/SherlockSec/CVE-2019-0708 #poc #cve #rdp", "creation_timestamp": "2019-05-15T12:04:39.000000Z"}, {"uuid": "a6e7566e-4c5d-4fff-9d5e-fb80a8a4e185", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-0708", "type": "exploited", "source": "https://t.me/SecLabNews/5441", "content": "\u041d\u0430 GitHub \u043e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043d \u043f\u043e\u0434\u0440\u043e\u0431\u043d\u044b\u0439 \u0442\u0435\u0445\u043d\u0438\u0447\u0435\u0441\u043a\u0438\u0439 \u0430\u043d\u0430\u043b\u0438\u0437 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 (CVE-2019-0708), \u043f\u043e\u043b\u0443\u0447\u0438\u0432\u0448\u0435\u0439 \u043d\u0430\u0437\u0432\u0430\u043d\u0438\u0435 BlueKeep, \u0430 \u0442\u0430\u043a\u0436\u0435 \u043d\u0435\u0437\u0430\u0432\u0435\u0440\u0448\u0435\u043d\u043d\u044b\u0439 PoC-\u043a\u043e\u0434 \u0434\u043b\u044f \u0430\u0442\u0430\u043a \u043d\u0430 \u0441\u0438\u0441\u0442\u0435\u043c\u044b \u043f\u043e\u0434 \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0435\u043c Windows XP. \u0421\u043e\u0433\u043b\u0430\u0441\u043d\u043e \u0441\u0442\u0430\u0442\u0438\u0441\u0442\u0438\u043a\u0435 \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0438 BitSight, \u043f\u043e \u0441\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u044e \u043d\u0430 2 \u0438\u044e\u043b\u044f 2019 \u0433\u043e\u0434\u0430 \u0447\u0438\u0441\u043b\u043e \u0441\u0438\u0441\u0442\u0435\u043c, \u043f\u043e\u0434\u0432\u0435\u0440\u0436\u0435\u043d\u043d\u044b\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 BlueKeep, \u043f\u0440\u0435\u0432\u044b\u0448\u0430\u043b\u043e 805 000 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432.    \n\u041d\u0430 GitHub \u043e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043d \u0442\u0435\u0445\u043d\u0438\u0447\u0435\u0441\u043a\u0438\u0439 \u0430\u043d\u0430\u043b\u0438\u0437 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 BlueKeep", "creation_timestamp": "2019-07-25T11:00:15.000000Z"}, {"uuid": "80a37a67-1120-4250-a496-413f4081a8be", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-0708", "type": "exploited", "source": "https://t.me/SecLabNews/6140", "content": "\u042d\u043a\u0441\u043f\u0435\u0440\u0442\u044b \u0432 \u043e\u0431\u043b\u0430\u0441\u0442\u0438 \u043a\u0438\u0431\u0435\u0440\u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0432\u044b\u044f\u0432\u0438\u043b\u0438 \u043f\u0435\u0440\u0432\u044b\u0435 \u0430\u043c\u0430\u0442\u043e\u0440\u0441\u043a\u0438\u0435 \u043f\u043e\u043f\u044b\u0442\u043a\u0438 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u043d\u0430\u0448\u0443\u043c\u0435\u0432\u0448\u0435\u0439 RCE-\u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 Windows \u0434\u043b\u044f \u0434\u043e\u0431\u044b\u0447\u0438 \u043a\u0440\u0438\u043f\u0442\u043e\u0432\u0430\u043b\u044e\u0442\u044b \u043d\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c\u0430\u0445. \u0420\u0435\u0447\u044c \u0438\u0434\u0435\u0442 \u043e\u0431 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 CVE-2019-0708 (BlueKeep), \u043f\u0430\u0442\u0447 \u0434\u043b\u044f \u043a\u043e\u0442\u043e\u0440\u043e\u0439 Microsoft \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0430 \u0435\u0449\u0435 \u0432 \u043c\u0430\u0435 \u0442\u0435\u043a\u0443\u0449\u0435\u0433\u043e \u0433\u043e\u0434\u0430.\n\n\n\u0417\u0430\u0444\u0438\u043a\u0441\u0438\u0440\u043e\u0432\u0430\u043d\u044b \u043f\u0435\u0440\u0432\u044b\u0435 \u043f\u043e\u043f\u044b\u0442\u043a\u0438 \u043c\u0430\u0441\u0441\u043e\u0432\u043e\u0439 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 BlueKeep \u0432 Windows", "creation_timestamp": "2019-11-04T09:42:03.000000Z"}, {"uuid": "26cd18a1-53a5-42b0-b3b7-2835cfb31b2f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-0708", "type": "exploited", "source": "https://t.me/SecLabNews/7204", "content": "\u0412 \u0445\u043e\u0434\u0435 \u043c\u043e\u043d\u0438\u0442\u043e\u0440\u0438\u043d\u0433\u0430 \u0430\u043a\u0442\u0443\u0430\u043b\u044c\u043d\u044b\u0445 \u0443\u0433\u0440\u043e\u0437 (threat intelligence) \u044d\u043a\u0441\u043f\u0435\u0440\u0442\u044b Positive Technologies \u0432\u044b\u044f\u0441\u043d\u0438\u043b\u0438, \u0447\u0442\u043e \u0447\u0438\u0441\u043b\u043e \u0441\u0435\u0442\u0435\u0432\u044b\u0445 \u0443\u0437\u043b\u043e\u0432 \u0432 \u0420\u043e\u0441\u0441\u0438\u0438, \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u044b\u0445 \u043f\u043e \u043f\u0440\u043e\u0442\u043e\u043a\u043e\u043b\u0443 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u0433\u043e \u0440\u0430\u0431\u043e\u0447\u0435\u0433\u043e \u0441\u0442\u043e\u043b\u0430 (RDP) \u0432\u0441\u0435\u0433\u043e \u0437\u0430 \u0442\u0440\u0438 \u043d\u0435\u0434\u0435\u043b\u0438 (\u0441 \u043a\u043e\u043d\u0446\u0430 \u0444\u0435\u0432\u0440\u0430\u043b\u044f 2020 \u0433\u043e\u0434\u0430) \u0443\u0432\u0435\u043b\u0438\u0447\u0438\u043b\u043e\u0441\u044c \u043d\u0430 9% \u0438 \u0441\u043e\u0441\u0442\u0430\u0432\u0438\u043b\u043e \u0431\u043e\u043b\u0435\u0435 112 000. \u0423\u0436\u0435 \u0441\u0435\u0439\u0447\u0430\u0441 \u0441\u0432\u044b\u0448\u0435 10% \u0442\u0430\u043a\u0438\u0445 \u0440\u0435\u0441\u0443\u0440\u0441\u043e\u0432 \u0443\u044f\u0437\u0432\u0438\u043c\u044b \u0434\u043b\u044f \u043e\u0448\u0438\u0431\u043a\u0438 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 BlueKeep (CVE-2019-0708), \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0432\u0437\u043b\u043e\u043c\u0449\u0438\u043a\u0443 \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u043f\u043e\u043b\u043d\u044b\u0439 \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u044c \u043d\u0430\u0434 \u043a\u043e\u043c\u043f\u044c\u044e\u0442\u0435\u0440\u043e\u043c \u043d\u0430 \u0431\u0430\u0437\u0435 Windows.\n\n\nPositive Technologies: \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u043c\u043e\u0433\u0443\u0442 \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u043a\u0430\u0436\u0434\u043e\u043c\u0443 \u0434\u0435\u0441\u044f\u0442\u043e\u043c\u0443 \u043e\u0442\u043a\u0440\u044b\u0442\u043e\u043c\u0443 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u043c\u0443 \u0440\u0430\u0431\u043e\u0447\u0435\u043c\u0443 \u0441\u0442\u043e\u043b\u0443", "creation_timestamp": "2020-03-27T10:40:02.000000Z"}, {"uuid": "ac4a12ba-fb9a-4c1a-a197-993af69f7635", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-0708", "type": "published-proof-of-concept", "source": "https://t.me/DC8044_Info/226", "content": "", "creation_timestamp": "2019-05-15T18:02:48.000000Z"}, {"uuid": "835d5bbe-31bd-4ad8-b826-20b48f98364e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-0708", "type": "exploited", "source": "https://t.me/DC8044_Info/227", "content": "\u041e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043d \u0440\u0430\u0431\u043e\u0447\u0438\u0439 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442 \u043d\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2019-0708 #rdp\nhttps://github.com/k8gege/CVE-2019-0708/blob/master/CVE-2019-0708-POC.py", "creation_timestamp": "2019-05-15T22:23:34.000000Z"}, {"uuid": "4968f72a-8cd6-4472-9445-8611db225ef0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-0708", "type": "exploited", "source": "https://t.me/thebugbountyhunter/7977", "content": "BlueKeep: A Journey from DoS to RCE (CVE-2019-0708) \u2013 MalwareTech\n\nhttps://malwaretech.com/2019/09/bluekeep-a-journey-from-dos-to-rce-cve-2019-0708.html", "creation_timestamp": "2023-11-05T23:30:25.000000Z"}, {"uuid": "6026218c-9ac3-41c8-9b84-f6bbc3430f92", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-0708", "type": "exploited", "source": "https://t.me/Bl4ck_Room/1917", "content": "\ud83c\udf00- \u062a\u0633\u062a \u0646\u0641\u0648\u0630 \u0628\u0647 \u0648\u06cc\u0646\u062f\u0648\u0632 \u0628\u0627 \u0622\u0633\u06cc\u0628 \u067e\u0630\u06cc\u0631\u06cc BlueKeep \u0648 \u0627\u0628\u0632\u0627\u0631 \u0645\u062a\u0627\u0627\u0633\u067e\u0644\u0648\u06cc\u062a\n\n\u2022 \u0627\u06a9\u0633\u067e\u0644\u0648\u06cc\u062a \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc \u067e\u0631\u0648\u062a\u06a9\u0644 RDP \u0648\u06cc\u0646\u062f\u0648\u0632 \u0628\u0627 \u0646\u0627\u0645 BlueKeep \u0628\u0627 \u0634\u0646\u0627\u0633\u0647\u200c\u06cc CVE-2019-0708 \u06cc\u06a9 \u0633\u0627\u0644 \u067e\u06cc\u0634 \u0645\u0646\u062a\u0634\u0631 \u0634\u062f.\n\n\u062f\u0631 \u0627\u062f\u0627\u0645\u0647 \u0646\u062d\u0648\u0647 \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0627\u0632 \u0627\u06cc\u0646 \u0622\u0633\u06cc\u0628 \u067e\u0630\u06cc\u0631\u06cc \u0631\u0648 \u06cc\u0627\u062f \u0645\u06cc\u06af\u06cc\u0631\u06cc\u0645.\n\n\u2022\u062f\u0631 \u0627\u06cc\u0646 \u0622\u0645\u0648\u0632\u0634 \u0645\u0627 \u0627\u0632 \u0633\u06cc\u0633\u062a\u0645 \u0639\u0627\u0645\u0644 \u06a9\u0627\u0644\u06cc \u0644\u06cc\u0646\u0648\u06a9\u0633 \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0645\u06cc\u06a9\u0646\u06cc\u0645.\n\u0628\u0631\u0627\u06cc \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0627\u0632 \u0627\u06cc\u0646 \u0627\u06a9\u0633\u067e\u0644\u0648\u06cc\u062a \u0628\u0627\u06cc\u062f \u0627\u0628\u0632\u0627\u0631\u062a\u0648\u0646 \u0631\u0648 \u0622\u067e\u062f\u06cc\u062a \u06a9\u0646\u06cc\u062f\n\u0628\u0631\u0627\u06cc \u0627\u06cc\u0646 \u06a9\u0627\u0631 \u0628\u0627 \u062f\u0633\u062a\u0648\u0631\u0627\u062a \u0632\u06cc\u0631 \u0633\u06cc\u0633\u062a\u0645 \u0639\u0627\u0645\u0644 \u062e\u0648\u062f \u0631\u0627 \u0627\u067e\u062f\u06cc\u062a \u06a9\u0646\u06cc\u062f.\n\n\ud83d\udccd apt-get update && apt-get upgrade\n\n\ud83c\udf00- \u062a\u0633\u062a \u0622\u0633\u06cc\u0628 \u067e\u0630\u06cc\u0631 \u0628\u0648\u062f\u0646 \u06cc\u06a9 \u062a\u0627\u0631\u06af\u062a \u0628\u0647 \u0622\u0633\u06cc\u0628 \u067e\u0630\u06cc\u0631\u06cc BlueKeep\n\n\u2022 \u0628\u0639\u062f \u0627\u0632 \u0622\u067e\u062f\u06cc\u062a \u0634\u062f\u0646 \u0633\u06cc\u0633\u062a\u0645 \u0639\u0627\u0645\u0644 \u06a9\u0627\u0644\u06cc\u060c \u06a9\u0627\u0631\u0645\u0648\u0646 \u0631\u0648 \u0627\u0633\u062a\u0627\u0631\u062a \u0645\u06cc\u0632\u0646\u06cc\u0645.\n\u062f\u0631 \u0627\u0628\u062a\u062f\u0627 \u0627\u06af\u0647 \u0628\u062e\u0648\u0627\u0647\u06cc\u0645 \u0628\u062f\u0648\u0646\u06cc\u0645 \u06a9\u0647 \u0627\u06cc\u0646 \u0622\u0633\u06cc\u0628 \u067e\u0630\u06cc\u0631\u06cc \u062f\u0631 \u06cc\u06a9 \u0633\u0631\u0648\u0631 \u06cc\u0627 \u0648\u06cc\u0646\u062f\u0648\u0632 \u0648\u062c\u0648\u062f \u062f\u0627\u0631\u0647 \u06cc\u0627 \u0646\u0647 \u0645\u06cc\u062a\u0648\u0646\u06cc\u0645 \u0628\u0647 \u0635\u0648\u0631\u062a \u0632\u06cc\u0631 \u0639\u0645\u0644 \u06a9\u0646\u06cc\u0645:\n\n\u2022 \u0627\u0628\u062a\u062f\u0627 \u0645\u062a\u0627\u0627\u0633\u067e\u0644\u0648\u06cc\u062a \u0631\u0648 \u0627\u0632 \u0637\u0631\u06cc\u0642 \u062f\u0633\u062a\u0648\u0631 \u0632\u06cc\u0631 \u0627\u0633\u062a\u0627\u0631\u062a \u0645\u06cc \u06a9\u0646\u06cc\u0645.\n\n\ud83d\udccd msfconsole\n\n\u2022 \u0633\u067e\u0633\u00a0auxiliary\u00a0\u0632\u06cc\u0631 \u0631\u0648 \u0641\u0631\u0627\u062e\u0648\u0627\u0646\u06cc \u0645\u06cc \u06a9\u0646\u06cc\u0645.\n\n\ud83d\udccd use auxiliary/scanner/rdp/cve_2019_0708_bluekeep\n\n\n\u2022 \u0628\u0631\u0627\u06cc \u0627\u06cc\u0646\u06a9\u0647\u00a0auxiliary\u00a0\u0631\u0648 \u0627\u062c\u0631\u0627 \u06a9\u0646\u06cc\u0645 \u0627\u0648\u0644 \u0628\u0627 \u062f\u0633\u062a\u0648\u0631 \u0632\u06cc\u0631 \u0646\u06cc\u0627\u0632\u0645\u0646\u062f\u06cc \u0647\u0627\u06cc \u0627\u0648\u0646 \u0631\u0648 \u062a\u0646\u0638\u06cc\u0645 \u0645\u06cc \u06a9\u0646\u06cc\u0645:\n\n\ud83d\udccd show options\n\n\u2022 \u062a\u0646\u0647\u0627 \u0646\u06cc\u0627\u0632\u0645\u0646\u062f\u06cc \u0622\u0646 \u0627\u06cc\u067e\u06cc \u062a\u0627\u0631\u06af\u062a \u0647\u0633\u062a \u06a9\u0647 \u0628\u0647 \u0635\u0648\u0631\u062a \u0632\u06cc\u0631 \u062a\u0646\u0638\u06cc\u0645 \u0645\u06cc \u06a9\u0646\u06cc\u0645.\n\n\ud83d\udccd set RHOSTS IP target\n\n\ud83d\udccc \u0628\u0647 \u062c\u0627\u06cc ( IP target ) \u0622\u06cc \u067e\u06cc \u0648\u06cc\u0646\u062f\u0648\u0632 \u0633\u0631\u0648\u0631 \u0645\u0648\u0631\u062f \u0646\u0638\u0631 \u0628\u0632\u0627\u0631\u06cc\u062f\n\n\u2022 \u0628\u0639\u062f \u0628\u0627 \u062f\u0633\u062a\u0648\u0631 run \u0627\u0648\u0646 \u0631\u0648 \u0627\u062c\u0631\u0627 \u0645\u06cc\u06a9\u0646\u06cc\u0645. \u0627\u06af\u0631 \u06cc\u06a9 \u062a\u0627\u0631\u06af\u062a \u0627\u0633\u06cc\u0628 \u067e\u0630\u06cc\u0631 \u062f\u0631 \u0634\u0628\u06a9\u0647 \u062f\u0627\u0634\u062a\u0647 \u0628\u0627\u0634\u06cc\u0645 \u0628\u0631 \u0627\u0633\u0627\u0633 \u0622\u06cc\u067e\u06cc \u06a9\u0647 \u0628\u0627\u0644\u0627 \u062a\u0646\u0638\u06cc\u0645 \u06a9\u0631\u062f\u06cc\u0645 \u0622\u0646 \u0631\u0627 \u0628\u0647 \u0645\u0627 \u0646\u0634\u0627\u0646 \u062e\u0648\u0627\u0647\u062f \u062f\u0627\u062f.\n\n[*] 192.168.1.199:3389\u00a0\u00a0\u00a0 \u2013 The target service is not running, or refused our connection.\n[*] 192.168.1.200:3389\u00a0\u00a0\u00a0 \u2013 The target service is not running, or refused our connection.\n\ud83d\udea8 [+] 192.168.1.201:3389\u00a0\u00a0\u00a0 \u2013 The target is vulnerable.\n[*] 192.168.1.202:3389\u00a0\u00a0\u00a0 \u2013 The target service is not running, or refused our connection.\n\n\ud83c\udf00- \u0627\u06a9\u0633\u067e\u0644\u0648\u0631\u062a \u06a9\u0631\u062f\u0646 \u0622\u0633\u06cc\u0628 \u067e\u0630\u06cc\u0631\u06cc BlueKeep\n\n\u26e9- \u0644\u0627\u0632\u0645 \u0628\u0647 \u0630\u06a9\u0631 \u0627\u0633\u062a \u06a9\u0647 \u0627\u06cc\u0646 \u0622\u0633\u06cc\u0628 \u067e\u0630\u06cc\u0631\u06cc \u062f\u0631 \u0633\u06cc\u0633\u062a\u0645 \u0639\u0627\u0645\u0644 \u0647\u0627\u06cc\n( \u0648\u06cc\u0646\u062f\u0648\u0632 xp\u060c \u0633\u0648\u0646\u060c \u0648\u06cc\u0633\u062a\u0627 \u0648 \u0633\u0631\u0648\u0631\u0647\u0627\u06cc 2003 \u0648 2008 )\n\u06a9\u0647 \u0647\u0646\u0648\u0632 \u0628\u0647 \u0631\u0648\u0632 \u0631\u0633\u0627\u0646\u06cc \u0647\u0627\u06cc \u0644\u0627\u0632\u0645 \u0631\u0627 \u0627\u0646\u062c\u0627\u0645 \u0646\u062f\u0627\u062f\u0647 \u0627\u0646\u062f \u0648\u062c\u0648\u062f \u062f\u0627\u0631\u062f.\n\n\ud83d\udd77- \u0645\u062a\u0627\u0633\u0641\u0627\u0646\u0647 \u0627\u06cc\u0646 \u0622\u0633\u06cc\u0628 \u067e\u0630\u06cc\u0631\u06cc \u0628\u0639\u062f \u06af\u0630\u0634\u062a \u06cc\u06a9 \u0633\u0627\u0644 \u0647\u0646\u0648\u0632 \u0647\u0645 \u06a9\u0644\u06cc \u0633\u0631\u0648\u0631 \u0622\u0633\u06cc\u0628 \u067e\u0630\u06cc\u0631 \u062f\u0631 \u0633\u0637\u062d \u0646\u062a \u0648 \u0627\u06cc\u0631\u0627\u0646 \u062f\u0627\u0631\u0647 \u0645\u062e\u0635\u0648\u0635\u0627 \u0633\u0631\u0648\u0631 \u0647\u0627\u06cc \u062f\u0648\u0644\u062a\u06cc.\n\ud83c\udf34- \u0628\u0647\u062a\u0631\u06cc\u0646 \u0631\u0627\u0647 \u0628\u0631\u0627\u06cc \u062c\u0644\u0648\u06af\u06cc\u0631\u06cc \u0627\u0632 \u0627\u06cc\u0646 \u0622\u0633\u06cc\u0628 \u067e\u0630\u06cc\u0631\u06cc \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0646\u06a9\u0631\u062f\u0645 \u0627\u0632 \u0627\u06cc\u0646 \u0633\u06cc\u0633\u062a\u0645 \u0639\u0627\u0645\u0644 \u0647\u0627\u0633\u062a \u0628\u062e\u0635\u0648\u0635 \u0628\u0631\u0627\u06cc \u0633\u0631\u0648\u0631 \u0647\u0627 \u0648 \u06cc\u0627 \u0646\u0635\u0628 \u06a9\u0631\u062f\u0645 \u067e\u0686 \u0647\u0627\u06cc \u0627\u0645\u0646\u06cc\u062a\u06cc \u06a9\u0647 \u062e\u06cc\u0644\u06cc \u06a9\u0645\u06a9\u062a\u0648\u0646 \u0646\u0645\u06cc\u06a9\u0646\u0647 \u0686\u0648\u0646 \u0631\u0627\u0647 \u0647\u0627\u06cc \u062f\u06cc\u06af\u0647 \u0647\u0645 \u0628\u0631\u0627\u06cc \u0646\u0641\u0648\u0630 \u0628\u0647 \u0627\u06cc\u0646 \u0633\u06cc\u0633\u062a\u0645 \u0639\u0627\u0645\u0644 \u0647\u0627 \u0648\u062c\u0648\u062f \u062f\u0627\u0631\u0647.\n\n\u2022 \u062f\u0631 \u0627\u0628\u062a\u062f\u0627 \u0641\u0631\u06cc\u0645 \u0648\u0631\u06a9 \u0645\u062d\u0628\u0648\u0628 \u0645\u062a\u0627\u0627\u0633\u067e\u0644\u0648\u06cc\u062a \u0631\u0627 \u0641\u0631\u0627\u062e\u0648\u0627\u0646\u06cc \u0645\u06cc \u06a9\u0646\u06cc\u0645:\n\n\ud83d\udccd msfconsole\n\n\u2022 \u0628\u0639\u062f \u0628\u0627 \u062f\u0633\u062a\u0648\u0631 \u0632\u06cc\u0631 \u0627\u06a9\u0633\u067e\u0644\u0648\u06cc\u062a \u0628\u0647\u0631\u0647 \u0628\u0631\u062f\u0627\u0631\u06cc \u0627\u0632 \u0627\u06cc\u0646 \u0622\u0633\u06cc\u0628 \u067e\u0630\u06cc\u0631\u06cc \u0631\u0627 \u0641\u0631\u0627\u062e\u0648\u0627\u0646\u06cc \u0645\u06cc \u06a9\u0646\u06cc\u0645:\n\n\ud83d\udccd use exploit/windows/rdp/cve_2019_0708_bluekeep_rce\n\n\u2022 \u0633\u067e\u0633 \u0622\u06cc\u067e\u06cc \u062a\u0627\u0631\u06af\u062a \u0622\u0633\u06cc\u0628 \u067e\u0630\u06cc\u0631 \u062e\u0648\u062f \u06a9\u0647 \u067e\u06cc\u062f\u0627 \u06a9\u0631\u062f\u0647 \u0628\u0648\u062f\u06cc\u0645 \u0631\u0627 \u0628\u0627 \u062f\u0633\u062a\u0648\u0631 \u0632\u06cc\u0631 \u062f\u0631 \u0627\u06a9\u0633\u067e\u0644\u0648\u0631\u062a \u062a\u0646\u0638\u06cc\u0645 \u0645\u06cc \u06a9\u0646\u06cc\u0645:\n\n\ud83d\udccd set RHOSTS IP target\n\n\u2022 \u0628\u0639\u062f \u0627\u0632 \u062a\u0646\u0638\u06cc\u0645 \u0622\u06cc\u067e\u06cc \u0628\u0627\u06cc\u062f \u06cc\u06a9 \u067e\u06cc\u0644\u0648\u062f \u0628\u0631\u0627\u06cc \u0628\u0647\u0631\u0647 \u0628\u0631\u062f\u0627\u0631\u06cc \u0627\u0632 \u0622\u0633\u06cc\u0628 \u067e\u0630\u06cc\u0631\u06cc \u0631\u0627 \u0627\u0646\u062a\u062e\u0627\u0628 \u06a9\u0646\u06cc\u0645 \u06a9\u0647 \u0628\u0647 \u0635\u0648\u0631\u062a \u0632\u06cc\u0631 \u0639\u0645\u0644 \u0645\u06cc \u06a9\u0646\u06cc\u0645:\n\n\ud83d\udccd set PAYLOAD windows/meterpreter/reverse_tcp\n\n\u2022 \u0648 \u0633\u067e\u0633 \u0628\u0627 \u062f\u0633\u062a\u0648\u0631 run \u06cc\u0627 exploit \u0645\u06cc\u062a\u0648\u0627\u0646\u06cc\u0645 \u0639\u0645\u0644\u06cc\u0627\u062a \u062a\u0633\u062a \u0646\u0641\u0648\u0630 \u062e\u0648\u062f \u0631\u0627 \u0634\u0631\u0648\u0639 \u06a9\u0646\u06cc\u0645.\n\n                        \u0645\u0648\u0641\u0642 \u067e\u06cc\u0631\u0648\u0632 \u0628\u0627\u0634\u06cc\u062f\n=====================\n\ud83c\udf10 \u2022[ @Bl4ck_Room ]\u2022", "creation_timestamp": "2021-06-12T16:25:50.000000Z"}, {"uuid": "ab4cdc3a-a55e-4229-a271-8c9f8e8a75e6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-0708", "type": "seen", "source": "https://t.me/VulnerabilityNews/7091", "content": "[papers] A Debugging Primer with CVE-2019-0708\nRead More", "creation_timestamp": "2019-05-30T17:47:17.000000Z"}, {"uuid": "327576b4-534e-480c-9fec-95270e6e4e58", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-0708", "type": "seen", "source": "https://t.me/VulnerabilityNews/7133", "content": "[papers] Analysis of CVE-2019-0708 (BlueKeep)\nRead More", "creation_timestamp": "2019-06-03T21:37:21.000000Z"}, {"uuid": "5965916f-9d53-4db1-aa39-4fc46ae6547f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-0708", "type": "seen", "source": "Telegram/V1HdJIL4JCLUEE5wbCfm6IRtLRhhrscJwVVe9_woeQfAQwed", "content": "", "creation_timestamp": "2021-08-17T13:01:03.000000Z"}, {"uuid": "bd1e0e60-c93c-4579-a886-bcf91de8786a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-0708", "type": "exploited", "source": "Telegram/vADt7DcbrhLVZsg1fmdc0-b2odDpkJzEr64V3IBDm4dQyk4k", "content": "", "creation_timestamp": "2024-07-17T00:34:29.000000Z"}, {"uuid": "1988be5c-daa9-4189-b5b3-4773773019ba", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-0708", "type": "seen", "source": "https://t.me/CyberSecurityTechnologies/156", "content": "#exploit\n1. CVE-2019-6447:\nES File Explorer Open Port Vulnerability\nhttps://github.com/fs0c131y/ESFileExplorerOpenPortVuln\n\n2. CVE-2018-0708:\nCommand injection in networking of QNAP Q'center Virtual Appliance <=1.7.1063 could allow authenticated users to run arbitrary commands\nhttps://github.com/ntkernel0/CVE-2019-0708\n\n3. CVE-2019-0604:\nMicrosoft SharePoint RCE Vulnerability\nhttps://www.zerodayinitiative.com/blog/2019/3/13/cve-2019-0604-details-of-a-microsoft-sharepoint-rce-vulnerability", "creation_timestamp": "2024-10-10T11:12:45.000000Z"}, {"uuid": "e1f07c08-c687-4571-853a-4dfd79349993", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-0708", "type": "seen", "source": "Telegram/GKkFCGvRxGEqKEAseTUTD4-zBmawces1yI9Z6wyS5cbRWuQ", "content": "", "creation_timestamp": "2021-01-22T17:58:15.000000Z"}, {"uuid": "2d81cf61-ef09-4db5-97ba-3d536424a1d8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-0708", "type": "exploited", "source": "Telegram/9Xi4D0JOr_fD1TH8EvCo94k2TsJyNE8TQVeILdpzetBt7WDl", "content": "", "creation_timestamp": "2024-05-07T12:11:46.000000Z"}, {"uuid": "a45727b2-ab96-4f71-99f1-792d0a62de25", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-0708", "type": "seen", "source": "Telegram/a90ZRLnrBhRFI63LSPY1A_iOPAAAHO77aTdfUajxRw-P", "content": "", "creation_timestamp": "2019-06-01T02:41:44.000000Z"}, {"uuid": "e732fe73-5e1b-422e-a1d7-9ef412e48aea", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-0708", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/246", "content": "#exploit\nCVE-2019-0708:\nBlueKeep Vulnerability\nhttps://blog.erratasec.com/2019/05/almost-one-million-vulnerable-to.html\n]-> Potential signs of CVE-2019-0708:\nhttps://github.com/nccgroup/Cyber-Defence/blob/master/Signatures/suricata/2019_05_rdp_cve_2019_0708.txt\n]-> Public work for CVE-2019-0708:\nhttps://github.com/0xeb-bp/bluekeep\n]-> Metasploit Exploit Module:\nhttps://blog.rapid7.com/2019/09/06/initial-metasploit-exploit-module-for-bluekeep-cve-2019-0708", "creation_timestamp": "2024-05-06T09:11:34.000000Z"}, {"uuid": "25e03799-3bd7-40f3-ae29-247f79c595d1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-0708", "type": "exploited", "source": "Telegram/jr-upOPr9nqAaVz0sK7oubm4sPSc8956tbrNHGDpjf5G3Xw", "content": "", "creation_timestamp": "2020-03-31T01:16:45.000000Z"}, {"uuid": "145b40f7-b067-48c2-aa98-5bd5b36b7331", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-0708", "type": "exploited", "source": "Telegram/beX-SazL3DIjAf8J5eNMhkME08rVJgHmOdfyh1fL9-wzKtk", "content": "", "creation_timestamp": "2024-05-07T11:57:01.000000Z"}, {"uuid": "1abf554d-e6cc-4339-a9b6-7c5b83af939b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-0708", "type": "seen", "source": "Telegram/2O7wdpubDWPgvTuulVQJBOr0gOhvB3pGAE48vIOnU9TC", "content": "", "creation_timestamp": "2019-09-08T07:22:29.000000Z"}, {"uuid": "8035e28b-db1f-4563-a1e2-01c115eb8be1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-0708", "type": "exploited", "source": "https://t.me/cibsecurity/4590", "content": "\u26a0 A million devices still vulnerable to \u2018wormable\u2019 RDP hole \u26a0\n\nAn internet-wide scan has revealed almost one million devices vulnerable to CVE-2019-0708.\n\n\ud83d\udcd6 Read\n\nvia \"Naked Security\".", "creation_timestamp": "2019-05-30T13:23:11.000000Z"}, {"uuid": "e13c8b7d-4c8c-4e98-a10a-e2684951747d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-0708", "type": "seen", "source": "https://t.me/cibsecurity/4369", "content": "\ud83d\udd74 When Older Windows Systems Won't Die \ud83d\udd74\n\nMicrosoft's decision to patch unsupported machines for the critical CVE-2019-0708 flaw is a reminder that XP, 2003, and other older versions of Windows still run in some enterprises.\n\n\ud83d\udcd6 Read\n\nvia \"Dark Reading: \".", "creation_timestamp": "2019-05-17T20:01:45.000000Z"}, {"uuid": "3fc409af-5417-457f-8404-e95d27a8f543", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-0708", "type": "exploited", "source": "https://t.me/cibsecurity/5256", "content": "\u26a0 RDP BlueKeep exploit shows why you really, really need to patch \u26a0\n\nA video of the exploit shows CVE-2019-0708 being exploited remotely, without authentication.\n\n\ud83d\udcd6 Read\n\nvia \"Naked Security\".", "creation_timestamp": "2019-07-01T16:32:04.000000Z"}, {"uuid": "4754ff66-b594-4fa2-9c9b-ae896b263905", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-0708", "type": "published-proof-of-concept", "source": "Telegram/Whrwc6zp22H-i7RO8GCmvdOyfJOJgx16f1eXWLVWkheyHpg", "content": "", "creation_timestamp": "2022-06-27T04:28:33.000000Z"}, {"uuid": "6bfbae95-268f-450a-94ce-79be7ec9bd70", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-0708", "type": "seen", "source": "https://t.me/cibsecurity/4656", "content": "\ud83d\udd74 Microsoft Urges Businesses to Patch 'BlueKeep' Flaw \ud83d\udd74\n\nFearing another worm of WannaCry severity, Microsoft warns vulnerable users to apply the software update for CVE-2019-0708.\n\n\ud83d\udcd6 Read\n\nvia \"Dark Reading: \".", "creation_timestamp": "2019-06-04T00:04:12.000000Z"}, {"uuid": "bad4a073-2388-410f-9ac9-647860ee885e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-0708", "type": "seen", "source": "https://t.me/cibsecurity/4699", "content": "\ud83d\udd74 NSA Issues Advisory for 'BlueKeep' Vulnerability \ud83d\udd74\n\nThe National Security Agency joins Microsoft in urging Windows admins to patch wormable bug CVE-2019-0708.\n\n\ud83d\udcd6 Read\n\nvia \"Dark Reading: \".", "creation_timestamp": "2019-06-05T18:34:24.000000Z"}, {"uuid": "25b4a88f-12e7-44f8-aae9-073e43083df1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-0708", "type": "seen", "source": "Telegram/93kzr5lbaB5xo9mqhoCIJDnpWoVReRUbwMIp6OneKAED", "content": "", "creation_timestamp": "2019-09-11T19:57:13.000000Z"}, {"uuid": "03c4c7be-625e-4aaf-9cbc-a93c7a090c04", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-0708", "type": "seen", "source": "https://bsky.app/profile/patchdayalert.com/post/3mmn5khzffg2a", "content": "Microsoft patched Windows XP for CVE-2019-0708. A wormable RDP bug with no auth. Read why it scared them and what it taught us about internet-facing RDP.", "creation_timestamp": "2026-05-24T23:47:05.144360Z"}, {"uuid": "011ea976-96df-41ca-8910-4d9a76708c00", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-0708", "type": "seen", "source": "https://t.me/cve_mitre_org/24", "content": "CVE-2019-0708 A remote code execution vulnerability exists in Remote Desktop Services formerly known as Terminal Services when an unauthenticated attacker connects to the target system using RDP and sends specially crafted requests, aka 'Remote Desktop ... https://t.co/hbKrHoicGJ\u2014 CVE (@CVEnew) May 16, 2019\n\nMay 16, 2019 at 11:30PM\nvia Twitter https://twitter.com/CVEnew", "creation_timestamp": "2019-05-16T20:35:08.000000Z"}]}