44 matches found
anti-exploit-agent-test
...
EUVD-2014-1070
Malware in sbrugna...
EUVD-2023-31245
Malicious code in bioql PyPI...
CVE-2023-27469
Malwarebytes Anti-Exploit 4.4.0.220 is vulnerable to arbitrary file deletion and denial of service via an ALPC message in which FullFileNamePath lacks a '\0' character...
CVE-2014-100039
mbae.sys in Malwarebytes Anti-Exploit before 1.05.1.2014 allows local users to cause a denial of service crash via a crafted size in an unspecified IOCTL call, which triggers an out-of-bounds read. NOTE: some of these details are obtained from third party information...
CVE-2023-27469
Malwarebytes Anti-Exploit 4.4.0.220 is vulnerable to arbitrary file deletion and denial of service via an ALPC message in which FullFileNamePath lacks a '\0' character...
PT-2023-21147 · Malwarebytes · Malwarebytes Anti-Exploit
Name of the Vulnerable Software and Affected Versions: Malwarebytes Anti-Exploit version 4.4.0.220 Description: The issue allows for arbitrary file deletion and denial of service via an ALPC message where FullFileNamePath lacks a '0' character. Recommendations: For Malwarebytes Anti-Exploit versi...
CVE-2023-27469
CVE-2023-27469 affects Malwarebytes Anti-Exploit 4.4.0.220. The vulnerability allows arbitrary file deletion and denial of service via an ALPC message where FullFileNamePath lacks a '\0' terminator. Impact is described as local, with high integrity and availability impact. Public exploit details ...
Malwarebytes 安全漏洞
Malwarebytes is an application from the American company Malwarebytes that provides anti-malware features to devices. The software is designed to protect against viruses, spyware, Trojans, worms, dial-up programs, and other malware. A security vulnerability exists in Malwarebytes Anti-Exploit...
CVE-2023-27469
Malwarebytes Anti-Exploit 4.4.0.220 is vulnerable to arbitrary file deletion and denial of service via an ALPC message in which FullFileNamePath lacks a '\0' character...
FormBook spam campaign targets citizens of Ukraine️
Our Threat Intelligence team has been closely monitoring cyber threats related to the war in Ukraine. Today, we discovered a malicious spam campaign dropping the Formbook stealer specifically targeting Ukrainians. Formbook is part of a long-running malspam operation that we observe on a regular...
Dridex affiliate dresses up as Scrooge
Threat actors are hoping to catch a few more victims before they leave work for the Christmas holidays. The recent malicious spam campaigns malspam we and others have observed appear to have been created by someone who wants to play Scrooge and add onto peoples already heightened state of anxiety...
QBot Trojan delivered via malspam campaign exploiting US election uncertainties
This blog post was authored by Jérôme Segura and Hossein Jazi. The 2020 US elections have been the subject of intense scrutiny and emotions, while happening in the middle of a global pandemic. As election night ended and uncertainty regarding the results began to creep in, threat actors decided t...
Microsoft Windows: Turn off Data Execution Prevention for Explorer
Disabling data execution prevention can allow certain legacy plug-in applications to function without terminating Explorer. C Microsoft Corporation 2015. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the...
Microsoft Windows: MS Security Guide: Enable Structured Exception Handling Overwrite Protection
If this setting is enabled, SEHOP is enforced. If this setting is disabled or not configured, SEHOP is not enforced for 32-bit processes. C Microsoft Corporation 2015. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright ...
Exosrv.com, an ad server for adult sites, tops Malwarebytes detections
Update 12/18/2017: Upon review, we have decided to lift the block on those two ad servers. You can read ExoClick's comments below: At Exoclick we use large resources to ensure that the ads that we serve are clear, clean and issue free. Where malwares and other forms of malvertising are detected...
Next Windows 10 Version May Have Built-in EMET Anti-Exploit Program
It seems Microsoft is planning to build its EMET anti-exploit tool into the kernel of Windows 10 Creator Update also known as RedStone 3, which is expected to release in September/October 2017. So you may not have to separately download and install EMET in the upcoming version of the Windows 10. ...
CVE-2 0 1 6-1 0 1 9: a Magnitude attack tool flash vulnerability-vulnerability warning-the black bar safety net
Last month, Proofpoint has a security researchers found the Magnitude of attack tools there appears to be some new stuff. So in their cooperation we analyzed the sample and found that Magnitude EK added before exist in the Adobe Flash Player Vulnerability, cve-2 0 1 6-1 0 1 9, and then the wild u...
Malwarebytes Anti-Exploit < 1.05.1.1014 DoS
The Malwarebytes Anti-Exploit installed on the remote Windows host is a version prior to 1.05.1.1014. It is, therefore, affected by a out-of-bounds read flaw in the 'mbae.sys' driver when handling certain IOCTL calls. A local attacker can exploit this to cause access of invalid memory, resulting ...
Malwarebytes Anti-Exploit < 1.04.1.1012 RCE
The Malwarebytes Anti-Exploit installed on the remote Windows host is a version prior to 1.04.1.1012. It is, therefore, affected by a vulnerability that allows a man-in-the-middle attacker to spoof the update server in order to upload and execute arbitrary code on the remote host. C Tenable Netwo...