CVE-2024-38033

Technical details about CVE-2024-38033 are not provided in the supplied documents. Monitor for updates from Microsoft and vulnerability feeds for affected products, versions, and fixes.

CVE-2024-38043 PowerShell Elevation of Privilege Vulnerability

...

CVE-2024-38043

Technical details for CVE-2024-38043 are not publicly provided in the supplied documents. No affected product/version or root cause is specified here. Monitor for updates from Microsoft and CVE repositories.

CVE-2024-38043 PowerShell Elevation of Privilege Vulnerability

...

PowerShell Elevation of Privilege Vulnerability

...

PowerShell Elevation of Privilege Vulnerability

...

PowerShell Elevation of Privilege Vulnerability

...

PT-2024-5472 · Microsoft · Windows Powershell +1

Name of the Vulnerable Software and Affected Versions: Windows PowerShell affected versions not specified Description: The issue is related to insufficient input validation in the Windows operating system's PowerShell command-line shell. It allows an attacker to elevate their privileges. There is...

PT-2024-5474 · Microsoft · Windows Powershell +1

Name of the Vulnerable Software and Affected Versions: Windows PowerShell affected versions not specified Description: The vulnerability is related to insufficient input validation in the Windows PowerShell command-line shell. It allows an attacker to elevate their privileges. The issue may be...

PT-2024-5473 · Microsoft · Windows Powershell +1

Name of the Vulnerable Software and Affected Versions: Windows PowerShell affected versions not specified Description: The vulnerability is related to insufficient input validation in the Windows PowerShell command-line shell. It allows an attacker to elevate their privileges. The issue can be...

The Mechanics of ViperSoftX: Exploiting AutoIt and CLR for Stealthy PowerShell Execution

The Mechanics of ViperSoftX: Exploiting AutoIt and CLR for Stealthy PowerShell Execution By Sijo Jacob · July 9, 2024 This blog was also written by Mathanraj Thangaraju Threat Summary In the dynamic landscape of cyber threats, ViperSoftX has emerged as a highly sophisticated malware, adept at...

Microsoft Windows PowerShell Security Vulnerability

Microsoft Windows PowerShell is a command line shell program and scripting environment from Microsoft Corporation USA that enables command line users and script writers to take advantage of the power of . A security vulnerability exists in Microsoft Windows PowerShell. An attacker could exploit t...

Microsoft Windows PowerShell Security Vulnerability

Microsoft Windows PowerShell is a command line shell program and scripting environment from Microsoft Corporation USA that enables command line users and script writers to take advantage of the power of . A security vulnerability exists in Microsoft Windows PowerShell. An attacker could exploit t...

Microsoft Windows PowerShell Security Vulnerability

Microsoft Windows PowerShell is a command line shell program and scripting environment from Microsoft Corporation USA that enables command line users and script writers to take advantage of the power of . A security vulnerability exists in Microsoft Windows PowerShell. An attacker could exploit t...

GootLoader Malware Still Active, Deploys New Versions for Enhanced Attacks

The malware known as GootLoader continues to be in active use by threat actors looking to deliver additional payloads to compromised hosts. "Updates to the GootLoader payload have resulted in several versions of GootLoader, with GootLoader 3 currently in active use," cybersecurity firm Cybereason...

8220 Gang Exploits Oracle WebLogic Server Flaws for Cryptocurrency Mining

Security researchers have shed more light on the cryptocurrency mining operation conducted by the 8220 Gang by exploiting known security flaws in the Oracle WebLogic Server. "The threat actor employs fileless execution techniques, using DLL reflective and process injection, allowing the malware...

Warning: New Adware Campaign Targets Meta Quest App Seekers

A new campaign is tricking users searching for the Meta Quest formerly Oculus application for Windows into downloading a new adware family called AdsExhaust. "The adware is capable of exfiltrating screenshots from infected devices and interacting with browsers using simulated keystrokes,"...

Exploit for Injection in Datagear

CVE-2024-37759 PoC Description DataGear version 5.0.0 and...

New Rust-based Fickle Malware Uses PowerShell for UAC Bypass and Data Exfiltration

A new Rust-based information stealer malware called Fickle Stealer has been observed being delivered via multiple attack chains with the goal of harvesting sensitive information from compromised hosts. Fortinet FortiGuard Labs said it's aware of four different distribution methods -- namely VBA...

Cybercriminals Exploit Free Software Lures to Deploy Hijack Loader and Vidar Stealer

Threat actors are luring unsuspecting users with free or pirated versions of commercial software to deliver a malware loader called Hijack Loader, which then deploys an information stealer known as Vidar Stealer. "Adversaries had managed to trick users into downloading password-protected archive...