3059 matches found
Emotet's Thanksgiving Campaign Delivers New Recipes for Compromise
Emotet, the seemingly ubiquitous banking trojan, has turned up again after a small hiatus, this time as the anchor in a Thanksgiving-themed campaign that cranked up in the U.S. this week. It has also upgraded its capabilities with new tactics and modules, which has boosted its efficacy, according...
HASSH - A Network Fingerprinting Standard Which Can Be Used To Identify Specific Client And Server SSH Implementations
"HASSH" is a network fingerprinting standard which can be used to identify specific Client and Server SSH implementations. The fingerprints can be easily stored, searched and shared in the form of an MD5 fingerprint. What can HASSH help with: Use in highly controlled, well understood environments...
Remote Code Execution (RCE)
Microsoft.PowerShell.EditorServices.Protocol is vulnerable to remote code execution. Improper processing of local connections allow a remote attacker to execute arbitrary commands in the context of the authenticated user...
Microsoft Windows PowerShell Remote Code Execution Vulnerability
Microsoft.PowerShell.Archive and others are products of Microsoft Corporation.Microsoft Windows 10 is a suite of operating systems.PowerShell Core is a set of cross-platform command-line script execution environments built for heterogeneous environments and hybrid clouds.PowerShell Core is a suit...
Microsoft Powershell Tampering Security Bypass Vulnerability
Microsoft Windows 10 and others are products of Microsoft Corporation, U.S.A. Microsoft Windows 10 is a suite of operating systems.PowerShell Core is a cross-platform command-line script execution environment built for heterogeneous environments and hybrid clouds. A tamper security bypass...
Code Injection
PowerShell is vulnerable to code injection. NULL characters are not properly logged in ScriptBlock, which would allow an attacker to tamper with the log management and execute unlogged code. The attacker requires access to the affected system and permissions to run a specially crafted application...
CNNVD about Microsoft more security vulnerability Advisory-vulnerability warning-the black bar safety net
Recently, the official Microsoft has released multiple security vulnerabilities in the Bulletin, including Microsoft Internet Explorer security vulnerability, CNNVD-201811-349, CVE-2018-8570, the Microsoft Word security vulnerabilities CNNVD-201811-387, CVE-2018-8539)、(CNNVD-201811-388,...
Microsoft PowerShell Core 6.0 <= 6.0.4 / 6.1 Multiple Vulnerabilities - Windows
PowerShell Core is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:microsoft:powershell";...
Microsoft PowerShell Core 6.0 <= 6.0.4 / 6.1 Multiple Vulnerabilities - Linux
PowerShell Core is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:microsoft:powershell";...
Microsoft PowerShell Core 6.0 <= 6.0.4 / 6.1 Multiple Vulnerabilities - Mac OS X
PowerShell Core is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:microsoft:powershell";...
FLARE VM Update
FLARE VM is the first of its kind reverse engineering and malware analysis distribution on Windows platform. Since its introduction in July 2017, FLARE VM has been continuously trusted and used by many reverse engineers, malware analysts, and security researchers as their go-to environment for...
CVE-2018-8415
A tampering vulnerability exists in PowerShell that could allow an attacker to execute unlogged code, aka "Microsoft PowerShell Tampering Vulnerability." This affects Windows 7, PowerShell Core 6.1, Windows Server 2012 R2, Windows RT 8.1, PowerShell Core 6.0, Windows Server 2019, Windows Server...
CVE-2018-8415
A tampering vulnerability exists in PowerShell that could allow an attacker to execute unlogged code, aka "Microsoft PowerShell Tampering Vulnerability." This affects Windows 7, PowerShell Core 6.1, Windows Server 2012 R2, Windows RT 8.1, PowerShell Core 6.0, Windows Server 2019, Windows Server...
CVE-2018-8256
A remote code execution vulnerability exists when PowerShell improperly handles specially crafted files, aka "Microsoft PowerShell Remote Code Execution Vulnerability." This affects Windows RT 8.1, PowerShell Core 6.0, Microsoft.PowerShell.Archive 1.2.2.0, Windows Server 2016, Windows Server 2012...
CVE-2018-8415
A tampering vulnerability exists in PowerShell that could allow an attacker to execute unlogged code, aka "Microsoft PowerShell Tampering Vulnerability." This affects Windows 7, PowerShell Core 6.1, Windows Server 2012 R2, Windows RT 8.1, PowerShell Core 6.0, Windows Server 2019, Windows Server...
CVE-2018-8256
A remote code execution vulnerability exists when PowerShell improperly handles specially crafted files, aka "Microsoft PowerShell Remote Code Execution Vulnerability." This affects Windows RT 8.1, PowerShell Core 6.0, Microsoft.PowerShell.Archive 1.2.2.0, Windows Server 2016, Windows Server 2012...
Code injection
A tampering vulnerability exists in PowerShell that could allow an attacker to execute unlogged code, aka "Microsoft PowerShell Tampering Vulnerability." This affects Windows 7, PowerShell Core 6.1, Windows Server 2012 R2, Windows RT 8.1, PowerShell Core 6.0, Windows Server 2019, Windows Server...
Remote code execution
A remote code execution vulnerability exists when PowerShell improperly handles specially crafted files, aka "Microsoft PowerShell Remote Code Execution Vulnerability." This affects Windows RT 8.1, PowerShell Core 6.0, Microsoft.PowerShell.Archive 1.2.2.0, Windows Server 2016, Windows Server 2012...
CVE-2018-8256
CVE-2018-8256 is a remote code execution vulnerability in PowerShell triggered by processing specially crafted files. Affected are Windows PowerShell/PowerShell Core and several Windows OS versions (e.g., Windows 7/8.1/10, Windows Server 2008R2/2012/2016/2019, etc.). The root cause is improper ha...
CVE-2018-8415
CVE-2018-8415 is a PowerShell tampering vulnerability that could let an attacker execute unlogged code locally on affected Windows platforms (Windows 7/10, Windows Server 2012/2016/2019, and PowerShell Core 6.x). Root cause: tampering in PowerShell allowing unlogged code execution. CVSSv3 base sc...