The vulnerability of the Intel Dynamic Application Loader (DAL) subsystem of the Intel Converged Security and Manageability Engine (CSME) and Intel Trusted Execution Engine (TXE) allows a attacker to trigger a service failure.

The vulnerability of the Intel Dynamic Application Loader DAL subsystem within the Intel Converged Security and Manageability Engine CSME and Intel Trusted Execution Engine TXE is related to an incorrect restriction on the path name to the restricted directory. Exploiting this vulnerability could...

Release the Kraken: Fileless injection into Windows Error Reporting service

This blog post was authored by Hossein Jazi and Jérôme Segura. On September 17th, we discovered a new attack called Kraken that injected its payload into the Windows Error Reporting WER service as a defense evasion mechanism. That reporting service, WerFault.exe, is usually invoked when an error...

Cooolis-ms - A Server That Supports The Metasploit Framework RPC

Cooolis-ms is a server that supports Metasploit Framework RPC. It is used to work for Shellcode and PE loader, bypassing the static detection of anti-virus software to a certain extent, and allows the Cooolis-ms server to perform with the Metasploit server separate. Loader execution process: 1...

Security Bulletin:Security Vulnerability in IBM Java SDK for Quarterly CPU - April 2017 affect IBM Rational Software Architect and Rational Software Architect for WebSphere Software (CVE-2017-3511)

Summary Security vulnerability in IBM® SDK Java™ Technology Edition, Versions 7 and 8 that are used by IBM Rational Software Architect and Rational Software Architect for WebSphere Software..The CVE CVE-2017-3511 were disclosed as part of the IBM Java SDK updates in April 2017. Vulnerability...

Malvertising campaigns come back in full swing

Malvertising campaigns leading to exploit kits are nowhere near as common these days. Indeed, a number of threat actors have moved on to other delivery methods instead of relying on drive-by downloads. However, occasionally we see spikes in activity that are noticeable enough that they highlight ...

CVE-2019-10562

u'Improper authentication and signature verification of debug polices in secure boot loader will allow unverified debug policies to be loaded into secure memory and leads to memory corruption' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon...

CVE-2019-10562

CVE-2019-10562 affects Qualcomm Snapdragon families (including IPQ6018, MSM CPUs) with an improper authentication and signature verification of debug policies in the secure boot loader. The root cause is insecure policy loading into secure memory, leading to memory corruption and potential local ...

CVE-2019-10562

u'Improper authentication and signature verification of debug polices in secure boot loader will allow unverified debug policies to be loaded into secure memory and leads to memory corruption' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon...

PT-2020-9078 · Qualcomm · Ipq6018 +34

Name of the Vulnerable Software and Affected Versions: Qualcomm Snapdragon versions affected versions not specified Description: The issue is related to improper authentication and signature verification of debug policies in the secure boot loader, which allows unverified debug policies to be...

GHSA-9CPH-CQQH-36PW Malicious Package in babel-loqder

All versions of this package contained malware. The package was designed to find and exfiltrate cryptocurrency wallets. Recommendation Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be rotated...

Malicious Package in babel-loadre

All versions of this package contained malware. The package was designed to find and exfiltrate cryptocurrency wallets. Recommendation Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be rotated...

Malicious Package in babel-laoder

All versions of this package contained malware. The package was designed to find and exfiltrate cryptocurrency wallets. Recommendation Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be rotated...

GHSA-QP6M-JQFR-2F7V Malicious Package in babel-laoder

All versions of this package contained malware. The package was designed to find and exfiltrate cryptocurrency wallets. Recommendation Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be rotated...

Windows Inject Reflective PE Files, Windows x64 Bind TCP Stager

Inject a custom native PE file into the exploited process using a reflective PE loader. The reflective PE loader will execute the pre-mapped PE image starting from the address of entry after performing image base relocation and API address resolution. This module requires a PE file that contains...

Windows Inject Reflective PE Files, Windows x64 Reverse TCP Stager

Inject a custom native PE file into the exploited process using a reflective PE loader. The reflective PE loader will execute the pre-mapped PE image starting from the address of entry after performing image base relocation and API address resolution. This module requires a PE file that contains...

Windows Inject Reflective PE Files, Reverse TCP Stager (RC4 Stage Encryption, Metasm)

Inject a custom native PE file into the exploited process using a reflective PE loader. The reflective PE loader will execute the pre-mapped PE image starting from the address of entry after performing image base relocation and API address resolution. This module requires a PE file that contains...

Windows Inject Reflective PE Files, Windows x64 IPv6 Bind TCP Stager

Inject a custom native PE file into the exploited process using a reflective PE loader. The reflective PE loader will execute the pre-mapped PE image starting from the address of entry after performing image base relocation and API address resolution. This module requires a PE file that contains...

Windows Inject Reflective PE Files, Windows x64 Bind Named Pipe Stager

Inject a custom native PE file into the exploited process using a reflective PE loader. The reflective PE loader will execute the pre-mapped PE image starting from the address of entry after performing image base relocation and API address resolution. This module requires a PE file that contains...

Windows Inject Reflective PE Files, Bind TCP Stager (RC4 Stage Encryption, Metasm)

Inject a custom native PE file into the exploited process using a reflective PE loader. The reflective PE loader will execute the pre-mapped PE image starting from the address of entry after performing image base relocation and API address resolution. This module requires a PE file that contains...

Windows Inject Reflective PE Files, Reverse TCP Stager with UUID Support (Windows x64)

Inject a custom native PE file into the exploited process using a reflective PE loader. The reflective PE loader will execute the pre-mapped PE image starting from the address of entry after performing image base relocation and API address resolution. This module requires a PE file that contains...