Downloads Resources over HTTP in dalek-browser-chrome-canary

Affected versions of dalek-browser-chrome-canary insecurely download an executable over an unencrypted HTTP connection. In scenarios where an attacker has a privileged network position, it is possible to intercept the response and replace the executable with a malicious one, resulting in code...

robot-js downloads Resources over HTTP

Affected versions of robot-js insecurely download an executable over an unencrypted HTTP connection. In scenarios where an attacker has a privileged network position, it is possible to intercept the response and replace the executable with a malicious one, resulting in code execution on the syste...

The vulnerability of Cisco Email Security Appliances arises from deficiencies in the mechanisms for detecting malicious content in executable files. This allows attackers to circumvent security restrictions.

The vulnerability of Cisco Email Security Appliances’ security systems stems from deficiencies in the mechanisms for detecting malicious content in executable files EXE files. Exploiting this vulnerability allows a malicious actor to send messages containing malicious files remotely...

Gaza Cybergang Returns With New Attacks On Palestinian Authority

Security researchers from Check Point Threat Intelligence Team have discovered the comeback of an APT advanced persistent threat surveillance group targeting institutions across the Middle East, specifically the Palestinian Authority. The attack, dubbed "Big Bang," begins with a phishing email se...

PT-2018-3037 · Microsoft +3 · Windows 10 +5

Name of the Vulnerable Software and Affected Versions: Firefox versions prior to 61 Firefox ESR versions prior to 60.1 Firefox ESR versions prior to 52.9 Thunderbird versions prior to 60 Thunderbird versions prior to 52.9 Description: The issue is related to security setting errors in Firefox,...

google-closure-tools-latest code execution vulnerability

google-closure-tools-latest is a package for downloading/installing the latest version of Google Closure tools. A security vulnerability exists in google-closure-tools-latest, which originates when the program downloads an executable file over an unencrypted HTTP connection. A remote attacker cou...

tomita Remote Code Execution Vulnerability

tomita is a parser that can extract structured data from natural language text. A security vulnerability exists in tomita that originates when the program downloads an executable file over an unencrypted HTTP connection. A remote attacker can exploit the vulnerability by intercepting the response...

Haxe 3 Remote Code Execution Vulnerability

Haxe 3 is a toolkit for building cross-platform tools and frameworks. A security vulnerability exists in Haxe 3 that originates when a program downloads a binary file over an unencrypted HTTP connection. A remote attacker can exploit the vulnerability by intercepting the response and replacing th...

CVE-2017-6015

Without quotation marks, any whitespace in the file path for Rockwell Automation FactoryTalk Activation version 4.00.02 remains ambiguous, which may allow an attacker to link to or run a malicious executable. This may allow an authorized, but not privileged local user to execute arbitrary code wi...

IBM Notes DLL Loading Remote Code Execution Vulnerability

IBM Notes for Windows is a set of IBM's Windows-based platform for collaborative office software. The software has e-mail, calendar, scheduling and other office functions. A remote code execution vulnerability exists in IBM Notes for Windows. A remote attacker can cause a user to double-click on ...

CVE-2018-7217

In Bravo Tejari Procurement Portal, uploaded files are not properly validated by the application either on the client or the server side. An attacker can take advantage of this vulnerability and upload malicious executable files to compromise the application, as demonstrated by an...

CVE-2018-7217

In Bravo Tejari Procurement Portal, uploaded files are not properly validated by the application either on the client or the server side. An attacker can take advantage of this vulnerability and upload malicious executable files to compromise the application, as demonstrated by an...

CVE-2017-17551

The Backup and Restore feature in Mobotap Dolphin Browser for Android 12.0.2 suffers from an arbitrary file write vulnerability when attempting to restore browser settings from a malicious Dolphin Browser backup file. This arbitrary file write vulnerability allows an attacker to overwrite a...

Design/Logic Flaw

The Backup and Restore feature in Mobotap Dolphin Browser for Android 12.0.2 suffers from an arbitrary file write vulnerability when attempting to restore browser settings from a malicious Dolphin Browser backup file. This arbitrary file write vulnerability allows an attacker to overwrite a...

Bad Rabbit ransomware

UPDATE 27.10.2017. Decryption opportunity assessment. File recovery possibility. Verdicts What happened? On October 24th we observed notifications of mass attacks with ransomware called Bad Rabbit. It has been targeting organizations and consumers, mostly in Russia but there have also been report...

Nero Elevation of Privilege Vulnerability

Nero is a suite of CD burning software that offers burning, copying, editing, ripping and converting features. A security vulnerability exists in Nero version 7.10.1.0. The vulnerability can be exploited to invoke malicious code with elevated privileges via a malicious Nero.exe file in the...

Partner Perspectives – Detecting Ransomware: Behind the Scenes of an Attack

Editor's Note: This blog originally appeared on RedCanary.com Ransomware has been the threat of the year. If you’ve had even a lazy eye on current events in information security, you’ve heard about the WannaCry infection that recently took out endpoints for hundreds of companies. By now you’ve...

Microsoft Programming Error is Behind Dangerous Kernel Bug, Researchers Claim

Researchers claim a programming error in the Microsoft Windows kernel cracks the door open for malicious executables to bypass security software. The flaw, according to security firm EnSilo, has been present on previous versions of Windows dating back to Windows 2000 and can be found on Windows 1...

Default configuration

In Adam Kropelin adk0212 APC UPS Daemon through 3.14.14, the default installation of APCUPSD allows a local authenticated, but unprivileged, user to run arbitrary code with elevated privileges by replacing the service executable apcupsd.exe with a malicious executable that will run with SYSTEM...

Chromebackdoor - Backdoor C&C for Populars Browsers

Chromebackdoor is a pentest tool, this tool use a MITB technique for generate a windows executable ".exe" after launch run a malicious extension or script on most popular browsers, and send all DOM datas on command and control. VIDEO Install Text V 3.0 Install Video OLD Binder guide Module guide...