Lucene search
+L

296 matches found

The Hacker News
The Hacker News
added 2022/04/25 8:0 p.m.120 views

Researchers Takeover Unpatched 3rd-Party Antivirus Sandboxes via VirusTotal

Security researchers have disclosed a security issue that could have allowed attackers to weaponize the VirusTotal platform as a conduit to achieve remote code execution RCE on unpatched third-party sandboxing machines employed antivirus engines. The flaw, now patched, made it possible to "execut...

10CVSS2.2AI score0.99981EPSS
Exploits57
Malwarebytes
Malwarebytes
added 2022/04/18 3:33 p.m.39 views

Why you shouldn’t automate your VirusTotal uploads

It is important to realize that uploading certain files to VirusTotal may result in leaking confidential data, which could result in a breach of confidentiality, or worse. We have warned against uploading personal information, as does VirusTotal itself on their home page. But apparently some...

Exploits0
The Hacker News
The Hacker News
added 2022/04/07 3:29 p.m.40 views

First Malware Targeting AWS Lambda Serverless Platform Discovered

A first-of-its-kind malware targeting Amazon Web Services' AWS Lambda serverless computing platform has been discovered in the wild. Dubbed "Denonia" after the name of the domain it communicates with, "the malware uses newer address resolution techniques for command and control traffic to evade...

0.8AI score
Exploits0
ThreatPost
ThreatPost
added 2022/03/07 5:46 p.m.167 views

NVIDIA’s Stolen Code-Signing Certs Used to Sign Malware

Two of NVIDIA’s code-signing certificates were part of the Feb. 23 Lapsus$ Group ransomware attack the company suffered – certificates that are now being used to sign malware so malicious programs can slide past security safeguards on Windows machines. The Feb. 23 attack saw 1TB of data bleed fro...

8.7AI score
Exploits0References35
Kitploit
Kitploit
added 2022/02/25 8:30 p.m.26 views

openSquat - Detection Of Phishing Domains And Domain Squatting. Supports Permutations Such As Homograph Attack, Typosquatting And Bitsquatting

What is openSquat openSquat is an opensource Intelligence OSINT security tool to identify cyber squatting threats to specific companies or domains, such as: Phishing campaigns Domain squatting Typo squatting Bitsquatting IDN homograph attacks Doppenganger domains Other brand/domain related scams ...

7.6AI score
Exploits0References3
NVD
NVD
added 2022/02/04 7:15 p.m.18 views

CVE-2021-45429

A Buffer Overflow vulnerablity exists in VirusTotal YARA git commit: 605b2edf07ed8eb9a2c61ba22eb2e7c362f47ba7 via yrsetconfiguration in yara/libyara/libyara.c, which could cause a Denial of Service...

5.5CVSS0.0084EPSS
Exploits1References1
OSV
OSV
added 2022/02/04 7:15 p.m.2 views

DEBIAN-CVE-2021-45429

A Buffer Overflow vulnerablity exists in VirusTotal YARA git commit: 605b2edf07ed8eb9a2c61ba22eb2e7c362f47ba7 via yrsetconfiguration in yara/libyara/libyara.c, which could cause a Denial of Service...

5.5CVSS6.3AI score0.0084EPSS
Exploits1References1
OSV
OSV
added 2022/02/04 7:15 p.m.19 views

CVE-2021-45429

A Buffer Overflow vulnerablity exists in VirusTotal YARA git commit: 605b2edf07ed8eb9a2c61ba22eb2e7c362f47ba7 via yrsetconfiguration in yara/libyara/libyara.c, which could cause a Denial of Service...

5.5CVSS6.8AI score
Exploits0References1
Prion
Prion
added 2022/02/04 7:15 p.m.17 views

Buffer overflow

A Buffer Overflow vulnerablity exists in VirusTotal YARA git commit: 605b2edf07ed8eb9a2c61ba22eb2e7c362f47ba7 via yrsetconfiguration in yara/libyara/libyara.c, which could cause a Denial of Service...

4.3CVSS5.4AI score0.0084EPSS
Exploits1References1Affected Software1
UbuntuCve
UbuntuCve
added 2022/02/04 7:15 p.m.16 views

CVE-2021-45429

A Buffer Overflow vulnerablity exists in VirusTotal YARA git commit: 605b2edf07ed8eb9a2c61ba22eb2e7c362f47ba7 via yrsetconfiguration in yara/libyara/libyara.c, which could cause a Denial of Service...

5.5CVSS6.8AI score0.0084EPSS
Exploits1References4
OSV
OSV
added 2022/02/04 7:15 p.m.3 views

UBUNTU-CVE-2021-45429

A Buffer Overflow vulnerablity exists in VirusTotal YARA git commit: 605b2edf07ed8eb9a2c61ba22eb2e7c362f47ba7 via yrsetconfiguration in yara/libyara/libyara.c, which could cause a Denial of Service...

5.5CVSS6.8AI score0.0084EPSS
Exploits1References5
Cvelist
Cvelist
added 2022/02/04 6:9 p.m.24 views

CVE-2021-45429

A Buffer Overflow vulnerablity exists in VirusTotal YARA git commit: 605b2edf07ed8eb9a2c61ba22eb2e7c362f47ba7 via yrsetconfiguration in yara/libyara/libyara.c, which could cause a Denial of Service...

5.7AI score0.0084EPSS
Exploits1References1
CVE
CVE
added 2022/02/04 6:9 p.m.73 views

CVE-2021-45429

CVE-2021-45429 impacts the VirusTotal YARA core library (yr_set_configuration in yara/libyara/libyara.c) and can cause a denial of service via a buffer overflow. Public advisories (e.g., Ubuntu USN-7177-1, OSV entries, NVD/NSS translations) confirm the issue and reference vendor updates for affec...

5.5CVSS5.3AI score0.0084EPSS
Exploits1References1Affected Software1
Debian CVE
Debian CVE
added 2022/02/04 6:9 p.m.49 views

CVE-2021-45429

A Buffer Overflow vulnerablity exists in VirusTotal YARA git commit: 605b2edf07ed8eb9a2c61ba22eb2e7c362f47ba7 via yrsetconfiguration in yara/libyara/libyara.c, which could cause a Denial of Service...

5.5CVSS4AI score0.0084EPSS
Exploits1
AlpineLinux
AlpineLinux
added 2022/02/04 6:9 p.m.35 views

CVE-2021-45429

A Buffer Overflow vulnerablity exists in VirusTotal YARA git commit: 605b2edf07ed8eb9a2c61ba22eb2e7c362f47ba7 via yrsetconfiguration in yara/libyara/libyara.c, which could cause a Denial of Service...

5.5CVSS5.5AI score0.0084EPSS
Exploits1
Positive Technologies
Positive Technologies
added 2022/02/04 12:0 a.m.7 views

PT-2022-12351

Name of the Vulnerable Software and Affected Versions VirusTotal YARA affected versions not specified Description A Buffer Overflow issue exists in VirusTotal YARA, specifically via yr set configuration in yara/libyara/libyara.c, which could cause a Denial of Service. Recommendations At the momen...

9.1CVSS6.6AI score0.02996EPSS
Exploits12References30
The Hacker News
The Hacker News
added 2022/01/28 10:48 a.m.22 views

How Wazuh Can Improve Digital Security for Businesses

2021 was a year peppered by cyberattacks, with numerous data breaches happening. Not only that, but ransomware has also become a prominent player in the hackers' world. Now, more than ever, it's important for enterprises to step up cybersecurity measures. They can do this through several pieces o...

8AI score
Exploits0
HackRead
HackRead
added 2022/01/19 9:31 p.m.24 views

VirusTotal hacking – Hackers can access trove of stolen credentials on VirusTotal

By Waqas Dubbed VirusTotal Hacking; the attack allowed researchers to access 1,000,000 login credentials exfiltrated by unencrypted crypto wallets and… This is a post from HackRead.com Read the original post: VirusTotal hacking - Hackers can access trove of stolen credentials on VirusTotal...

3.9AI score
Exploits0
CISA
CISA
added 2022/01/12 12:0 a.m.21 views

CNMF Identifies and Discloses Malware used by Iranian APT MuddyWater

U.S. Cyber Command’s Cyber National Mission Force CNMF has identified multiple open-source tools used by an Iranian advanced persistent threat APT group known as MuddyWater. According to CNMF, “MuddyWater has been seen using a variety of techniques to maintain access to victim networks. These...

7AI score
Exploits0References2
ThreatPost
ThreatPost
added 2022/01/11 3:0 p.m.59 views

‘Fully Undetected’ SysJoker Backdoor Malware Targets Windows, Linux & macOS

A brand-new multiplatform malware, likely distributed via malicious npm packages, is spreading under the radar with Linux and Mac versions going fully undetected in VirusTotal, researchers warned. The Windows version, according to a Tuesday writeup from Intezer, has only six detections as of this...

7.3AI score
Exploits0References6
Rows per page
Query Builder