Lucene search
K

329 matches found

Redos
Redos
added 2021/12/24 12:0 a.m.6 views

ROS-2-2532

2.2532 Notification on the update of the Red OS OPERATION SYSTEM MIS Due to quality improvement and bug fixing, an updated version of the "RED OS" Operating System "RED OS" 7.3 antimalware protection system has been released. You can contact the technical support service within the framework of...

7AI score
Exploits0
Redos
Redos
added 2021/12/24 12:0 a.m.5 views

ROS-2-2413

2.2413 Notification on the update of the Red OS OPERATION SYSTEM MIS Due to quality improvement and bug fixing, an updated version of the "RED OS" Operating System "RED OS" 7.3 antimalware protection system has been released. You can contact the technical support service within the framework of...

7AI score
Exploits0
Redos
Redos
added 2021/12/24 12:0 a.m.5 views

ROS-2-2448

2.2448 Notification on the update of the Red OS OPERATION SYSTEM MIS Due to quality improvement and bug fixing, an updated version of the "RED OS" Operating System "RED OS" 7.3 antimalware protection system has been released. You can contact the technical support service within the framework of...

7AI score
Exploits0
Redos
Redos
added 2021/12/24 12:0 a.m.5 views

ROS-2-2428

2.2428 Notification on the update of the Red OS OPERATIONAL SYSTEM MIS Due to quality improvement and bug fixing, an updated version of the "RED OS" Operating System "RED OS" 7.3 antimalware protection system has been released. You can contact the technical support service within the framework of...

7AI score
Exploits0
Redos
Redos
added 2021/12/24 12:0 a.m.8 views

ROS-2-2485

2.2485 Notification on the update of the Red OS OPERATING SYSTEM MIS Due to quality improvement and bug fixing, an updated version of the "RED OS" Operating System "RED OS" 7.3 antimalware protection system has been released. You can contact the technical support service within the framework of...

7AI score
Exploits0
Redos
Redos
added 2021/12/24 12:0 a.m.9 views

ROS-2-2440

2.2440 Notification on the update of the Red OS OPERATION SYSTEM MIS Due to quality improvement and bug fixing, an updated version of the "RED OS" Operating System "RED OS" 7.3 antimalware protection system has been released. You can contact the technical support service within the framework of...

7AI score
Exploits0
Redos
Redos
added 2021/12/24 12:0 a.m.6 views

ROS-2-2596

2.2596 Notification on the update of the Red OS OPERATIONAL SYSTEM MIS Due to quality improvement and bug fixing, an updated version of the "RED OS" Operating System "RED OS" 7.3 antimalware protection system has been released. You can contact the technical support service within the framework of...

7AI score
Exploits0
The Hacker News
The Hacker News
added 2021/12/16 10:19 a.m.45 views

New Fileless Malware Uses Windows Registry as Storage to Evade Detection

A new JavaScript-based remote access Trojan RAT propagated via a social engineering campaign has been observed employing sneaky "fileless" techniques as part of its detection-evasion methods to elude discovery and analysis. Dubbed DarkWatchman by researchers from Prevailion's Adversarial...

0.9AI score
Exploits0
Kitploit
Kitploit
added 2021/11/30 8:30 p.m.85 views

ZipExec - A Unique Technique To Execute Binaries From A Password Protected Zip

ZipExec is a Proof-of-Concept POC tool to wrap binary-based tools into a password-protected zip file. This zip file is then base64 encoded into a string that is rebuilt on disk. This encoded string is then loaded into a JScript file that when executed, would rebuild the password-protected zip fil...

7.7AI score
Exploits0References1
ThreatPost
ThreatPost
added 2021/10/04 8:31 p.m.40 views

Encrypted & Fileless Malware Sees Big Growth

A full 91.5 percent of malware was delivered using HTTPS-encrypted connections in the second quarter, researchers said, making attacks more evasive. That’s according to WatchGuard Technologies’ latest report on findings within its telemetry, which also found that these detections come primarily...

7.4AI score
Exploits0References2
Prion
Prion
added 2021/09/15 12:15 p.m.35 views

Remote code execution

Microsoft is investigating reports of a remote code execution vulnerability in MSHTML that affects Microsoft Windows. Microsoft is aware of targeted attacks that attempt to exploit this vulnerability by using specially-crafted Microsoft Office documents. An attacker could craft a malicious Active...

6.8CVSS8.6AI score0.96843EPSS
Exploits38References4Affected Software5
Positive Technologies
Positive Technologies
added 2021/09/07 12:0 a.m.7 views

PT-2021-3925

Name of the Vulnerable Software and Affected Versions Microsoft Windows affected versions not specified Description A remote code execution issue exists in MSHTML, the browser rendering engine used by Microsoft Internet Explorer and Microsoft Office. The flaw is caused by incorrect code generatio...

9CVSS7.8AI score0.96843EPSS
Exploits38References184
Kitploit
Kitploit
added 2021/07/05 12:30 p.m.92 views

Backstab - A Tool To Kill Antimalware Protected Processes

Have these local admin credentials but the EDR is standing in the way? Unhooking or direct syscalls are not working against the EDR? Well, why not just kill it? Backstab is a tool capable of killing antimalware protected processes by leveraging sysinternals’ Process Explorer ProcExp driver, which...

7.2AI score
Exploits0References2
OSV
OSV
added 2021/05/17 1:15 p.m.5 views

CVE-2021-31728

Incorrect access control in zam64.sys, zam32.sys in MalwareFox AntiMalware 2.74.0.150 allows a non-privileged process to open a handle to .\ZemanaAntiMalware, register itself with the driver by sending IOCTL 0x80002010, allocate executable memory using a flaw in IOCTL 0x80002040, install a hook...

7.8CVSS7.5AI score0.03371EPSS
Exploits2References1
NVD
NVD
added 2021/05/17 1:15 p.m.40 views

CVE-2021-31728

Incorrect access control in zam64.sys, zam32.sys in MalwareFox AntiMalware 2.74.0.150 allows a non-privileged process to open a handle to .\ZemanaAntiMalware, register itself with the driver by sending IOCTL 0x80002010, allocate executable memory using a flaw in IOCTL 0x80002040, install a hook...

7.8CVSS0.03371EPSS
Exploits2References1
Prion
Prion
added 2021/05/17 1:15 p.m.19 views

Design/Logic Flaw

Incorrect access control in zam64.sys, zam32.sys in MalwareFox AntiMalware 2.74.0.150 where IOCTL's 0x80002014, 0x80002018 expose unrestricted disk read/write capabilities respectively. A non-privileged process can open a handle to .\ZemanaAntiMalware, register with the driver using IOCTL...

7.2CVSS7.8AI score0.03371EPSS
Exploits2References1Affected Software1
Prion
Prion
added 2021/05/17 1:15 p.m.17 views

Design/Logic Flaw

Incorrect access control in zam64.sys, zam32.sys in MalwareFox AntiMalware 2.74.0.150 allows a non-privileged process to open a handle to .\ZemanaAntiMalware, register itself with the driver by sending IOCTL 0x80002010, allocate executable memory using a flaw in IOCTL 0x80002040, install a hook...

7.2CVSS7.9AI score0.03371EPSS
Exploits2References1Affected Software1
Cvelist
Cvelist
added 2021/05/17 12:6 p.m.45 views

CVE-2021-31728

Incorrect access control in zam64.sys, zam32.sys in MalwareFox AntiMalware 2.74.0.150 allows a non-privileged process to open a handle to .\ZemanaAntiMalware, register itself with the driver by sending IOCTL 0x80002010, allocate executable memory using a flaw in IOCTL 0x80002040, install a hook...

8.1AI score0.03371EPSS
Exploits2References1
CVE
CVE
added 2021/05/17 12:6 p.m.73 views

CVE-2021-31728

CVE-2021-31728 affects MalwareFox AntiMalware 2.74.0.150, with vulnerable drivers zam64.sys and zam32.sys. A non-privileged process can obtain a handle to \.\ZemanaAntiMalware, register via IOCTL 0x80002010, allocate executable memory via IOCTL 0x80002040, install a hook with IOCTL 0x80002044, an...

7.8CVSS7.8AI score0.03371EPSS
Exploits2References1Affected Software1
CVE
CVE
added 2021/05/17 12:5 p.m.66 views

CVE-2021-31727

MalwareFox AntiMalware 2.74.0.150 is affected by CVEs CVE-2021-31727 and CVE-2021-31728. The vulnerability stems from incorrect access control in zam64.sys and zam32.sys, enabling a non-privileged process to obtain a handle to \.\ZemanaAntiMalware and issue IOCTLs (notably 0x80002010, 0x80002014,...

7.8CVSS7.8AI score0.0037EPSS
Exploits2References1Affected Software1
Rows per page
Query Builder