3059 matches found
CVE-2024-23464
In certain cases, Zscaler Internet Access ZIA can be disabled by PowerShell commands with admin rights. This affects Zscaler Client Connector on Windows 4.2.1...
CVE-2024-23464
In certain cases, Zscaler Internet Access ZIA can be disabled by PowerShell commands with admin rights. This affects Zscaler Client Connector on Windows 4.2.1...
CVE-2024-23464 Zscaler bypass with administrative privileges on Windows
In certain cases, Zscaler Internet Access ZIA can be disabled by PowerShell commands with admin rights. This affects Zscaler Client Connector on Windows 4.2.1...
CVE-2024-23464
CVE-2024-23464 affects Zscaler Client Connector on Windows prior to 4.2.1. The issue is described as improper preservation of permissions, enabling an attacker with admin rights to run PowerShell commands that can disable Zscaler Internet Access (ZIA) covered by the affected client. The vulnerabi...
CVE-2024-23464 Zscaler bypass with administrative privileges on Windows
In certain cases, Zscaler Internet Access ZIA can be disabled by PowerShell commands with admin rights. This affects Zscaler Client Connector on Windows 4.2.1...
With the PVS console installed, PowerShell cmdlets targeting On-Prem DDCs prompt for cloud login
On a server with the PVS console installed, executing CVAD cmdlets targeting on-prem DDCs e.g. Get-BrokerSite -AdminAddress will encounter popups prompting for Citrix Cloud sign-on...
Zscaler Client Connector 安全漏洞
Zscaler Client Connector is a lightweight agent from Zscaler, Inc. A security vulnerability exists in Zscaler Client Connector versions prior to 4.2.1, which stems from the fact that it can be disabled via a PowerShell command with administrator privileges...
Microsoft PowerShell Reference for Office Products officedocs-cdn Uncontrolled Search Path Element Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft PowerShell Reference for Office Products. Authentication is not required to exploit this vulnerability. The specific flaw exists within the installation of PowerShell Reference for Office...
Microsoft PowerShell Gallery psg-prod-centralus Uncontrolled Search Path Element Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft PowerShell Gallery. Authentication is not required to exploit this vulnerability. The specific flaw exists within the installation of PowerShell Gallery. When installed from the official...
APT41 Hackers Use ShadowPad, Cobalt Strike in Taiwanese Institute Cyber Attack
A Taiwanese government-affiliated research institute that specializes in computing and associated technologies was breached by nation-state threat actors with ties to China, according to new findings from Cisco Talos. The unnamed organization was targeted as early as mid-July 2023 to deliver a...
Detecting evolving threats: NetSupport RAT campaign
Cisco Talos is actively tracking multiple malware campaigns that utilize NetSupport RAT for persistent infections. These campaigns evade detection through obfuscation and updates. Snort can provide a strong defense before this malware reaches endpoints. In this first Deep Dive with NTDR, we explo...
OneDrive Phishing Scam Tricks Users into Running Malicious PowerShell Script
Cybersecurity researchers are warning about a new phishing campaign that targets Microsoft OneDrive users with the aim of executing a malicious PowerShell script. "This campaign heavily relies on social engineering tactics to deceive users into executing a PowerShell script, thereby compromising...
OneDrive Pastejacking
OneDrive Pastejacking: The crafty phishing and downloader campaign By Rafael Pena · July 29, 2024 Over the past few weeks, the Trellix Advanced Research Center has observed a sophisticated Phishing/downloader campaign targeting Microsoft OneDrive users. This campaign heavily relies on social...
Photon OS 3.0: Powershell PHSA-2024-3.0-0717
An update of the powershell package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2024-3.0-0717. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...
Photon OS 4.0: Powershell PHSA-2024-4.0-0556
An update of the powershell package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2024-4.0-0556. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...
Photon OS 5.0: Powershell PHSA-2023-5.0-0180
An update of the powershell package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2023-5.0-0180. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...
Photon OS 3.0: Powershell PHSA-2022-3.0-0488
An update of the powershell package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2022-3.0-0488. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...
Photon OS 5.0: Powershell PHSA-2024-5.0-0195
An update of the powershell package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2024-5.0-0195. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...
Photon OS 4.0: Powershell PHSA-2022-4.0-0274
An update of the powershell package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2022-4.0-0274. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...
Photon OS 3.0: Powershell PHSA-2020-3.0-0151
An update of the powershell package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2020-3.0-0151. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...