Swap & Evolve | Glubiz Site | Utah Meetup | Progress | Microsoft Word Exploit "Follina"
Mod Appreciation | SafeMoon Standard | Crypto News | SafeMoon Memes
Partner News | SafeMoon Stats | Reminders
Swap & Evolve
Yesterday, SafeMoon Tweeted, "As part of our rollout, we have completed the final stages of our pre-flight checks on Swap and Evolve.✅
That means the #SAFEMOONARMY got an extra S&E ahead of time! 🥳
The one that you've been tracking will continue as planned as well! ❤️🔥
Crypto Yoda Tweeted when the first S&E was executed! "Let's build that liquidity ;-)" Swap and Evolve purchased 23,941,208 SFM for $21,131!
SafeMoonBot, created by the wonderful Danny, let us know that SafeMoon's second S&E was executed! For more updates on changes with the SafeMoon Swap and SafeMoon Twitter, follow @SafeMoonNewsBot!
The second S&E execution purchased 24,007,469 SFM which was worth $21,056.
A community member asked, "Where is this purchase going?" in which Galan answered, "Into the liquidity pool. This is the sole purpose of S&E - to perform the auto generating liquidity function in a steady and positive fashion, rather than having a large sell of SafeMoon to collect the bnb necessary for the LP pairing."
Glubiz Site
Yesterday, SafeMoon retweeted a post by Glubiz wondering if it would help increase traffic on his site. Today he updated us with, "Did the @safemoon retweet help create more traffic to the site? 👀God yes! We are cruising at almost 700k page loads the past 24 hours 😅This community is wild!🙏 P.S Luckily the site haven’t had major issues (yet) 😂🚀"
Utah Meetup
Progress
Vico noticed that SafeMoon had changed their Twitter account to say "Prepping More Progress!" "Welcome lovely June! 📅The next 4 weeks will be fun and exciting. Only 4 weeks left in Q2. 🙌"
Microsoft Word Exploit "Follina"
Wallet Guard Tweeted a critical alert regarding a severe 0-day vulnerability called Follina.
🚨CRITICAL ALERT A severe 0-day vulnerability called #Follina has been exposed (since May 27th) in MS Word Documents. It could allow hackers to take full control of your computer, in some cases WITHOUT even opening the file. 1/ This exploit is a mountain of exploits stacked on top of eachother. However, it is unfortunately easy to re-create and cannot be detected by anti-virus. Strap in as we try to explain. 2/ The 0-day starts with a feature in MS Word called Templates. This feature allows Word to load and execute HTML and JS from external sources. Sound concerning? Don’t worry it gets way worse. 3/ Using the Template’s HTML and Javascript the payload then runs the following Powershell command to run a service called Microsoft Support Diagnostic Tool, or MSDT.
4/ MSDT is used by Microsoft Support to help debug issues with your operating system. MSDT also conveniently allows for remote access to your computer. (similar to TeamViewer)
5/ There’s just one problem. MSDT normally requires the user to input their password to run it. But MSDT has a buffer overflow vulnerability. So the hacker can bypass password protection entirely.
6/ (If this exploit happens to you and you ran Word as Administrator, wipe that machine. It's beyond saving) 7/ Wanna know how it becomes a “0-click” exploit? .rtf file previews execute the malicious code just by downloading the file and simply VIEWING it in the file explorer.
8/ Previously, the advice for malicious Word docs was to never click Enable Content. With this Templates exploit, ANY Word Doc can be INSTANTLY malicious from the second you open it. 9/ Why should web3 care? Exploits like these are why it is CRITICALLY important not to store private keys in plain text on your file system. Second, we’ve seen similar attacks work in the past, and this exploit is even more serious as a "0-click" exploit. 10/ The @arthur_0x attack displayed many similarities to this attack, detailed in our thread. 11/ The real world threat of this attack is that all .doc, .docx, and .rtf files need to be considered VULNERABLE at this point in time. This especially applies to VCs for example. Again, this exploit allows for remote code execution so it is very serious. 12/ Our recommendations:
- Discontinue use of Word for the time being
- Utilize Google Docs
- Disable MSDT (see next tweets)
- Utilize PDF instead of vulnerable extension types
13/ Microsoft’s “Workarounds”: Microsoft is currently REFUSING to fix this 0-day and seem reluctant to even call it that. (even though it absolutely is).
To read the FULL thread, please check it out by clicking the Twitter icon below!👇👇👇👇
Mod Appreciation
Discord regular Meris gave SafeMoon moderators some love!
"Just wanted to give a much needed to shoutout to our wonder #SAFEMOON MODERATORS, as well as the team at safemoon! Thank you again for all the education you provide in the space, and being there for the community! You’re appreciated ❤️🥰"
Thank you so much for your kind words and your support!!
SafeMoon Standard
Don Bailey shared, "Your daily reminder. Even though we are simply Twitter profiles online. We’re real people in life. But words are real regardless. Let’s focus on kindness! #lovethyneighbor" 🥰🥰🥰
Crypto News
SafeMoon Memes
Partner News
Click the image below to view SafeMoon Education's Partner Page where you can find our partner's most recent news.
SafeMoon Stats
CoinGecko
SafeMoon Glubiz
Swap Volume by Hydra
Reminders
Educational Articles
The SafeMoon Education Team released two educational articles about what Swap & Evolve is and how it works! Stay tuned for educational images.
For a simplified explanation of Swap & Evolve, click here.
For an in-depth technical explanation, click here.
MoonCast
📝MoonCast will resume in June! Education Manager and Mooncast Host CatsRus is on a much-deserved vacation!!! We all hope he has a wonderful and safe trip!
Fund Launch Live
SafeMoon CEO John Karony delivered a keynote at Fund Launch Live in Las Vegas on April 28th, 2022.
Click here to view the full article
SafeMoon Careers
To apply or see what listings are currently open visit safemoon.com/careers anytime.
April Captain's Log
Click here to read the full Captain's Log!
Upcoming Card Features
Sign-up for the Pre-launch waitlist here
SafeMoon SWaP Listings
(Official links to partners in the bottom page link list)
SafeMoon Key Moments
(current and planned products/listings)
Pulse (Monthly SafeMoon Recap)
SafeMoon Education's Official Twitter
Disclaimer: