Hackers Using Self-Extracting Archives Exploit for Stealthy Backdoor Attacks

An unknown threat actor used a malicious self-extracting archive SFX file in an attempt to establish persistent backdoor access to a victim's environment, new findings from CrowdStrike show. SFX files are capable of extracting the data contained within them without the need for dedicated software...

CVE-2017-5565

Code injection vulnerability in Trend Micro Maximum Security 11.0 and earlier, Internet Security 11.0 and earlier, and Antivirus+ Security 11.0 and earlier allows a local attacker to bypass a self-protection mechanism, inject arbitrary code, and take full control of any Trend Micro process via a...

CVE-2017-5566

Code injection vulnerability in AVG Ultimate 17.1 and earlier, AVG Internet Security 17.1 and earlier, and AVG AntiVirus FREE 17.1 and earlier allows a local attacker to bypass a self-protection mechanism, inject arbitrary code, and take full control of any AVG process via a "DoubleAgent" attack...

CVE-2017-5567

Code injection vulnerability in Avast Premier 12.3 and earlier, Internet Security 12.3 and earlier, Pro Antivirus 12.3 and earlier, and Free Antivirus 12.3 and earlier allows a local attacker to bypass a self-protection mechanism, inject arbitrary code, and take full control of any Avast process...