CVE-2022-26122

An insufficient verification of data authenticity vulnerability CWE-345 in FortiClient, FortiMail and FortiOS AV engines version 6.2.168 and below and version 6.4.274 and below may allow an attacker to bypass the AV engine via manipulating MIME attachment with junk and pad characters in base64...

CVE-2022-26122

CVE-2022-26122 affects Fortinet products FortiClient, FortiMail and FortiOS AV engines. The vulnerability, CWE-345, arises from insufficient verification of data authenticity and can allow bypass of the AV engine by manipulating MIME attachments encoded in base64. Affected versions are FortiClien...

CVE-2022-26122

An insufficient verification of data authenticity vulnerability CWE-345 in FortiClient, FortiMail and FortiOS AV engines version 6.2.168 and below and version 6.4.274 and below may allow an attacker to bypass the AV engine via manipulating MIME attachment with junk and pad characters in base64...

Protect

An insufficient verification of data authenticity vulnerability CWE-345 in FortiClient, FortiMail and FortiOS AV engines may allow an attacker to bypass the AV engine via manipulating MIME attachment with junk and pad characters in base64...

Forblaze - A Python Mac Steganography Payload Generator

Forblaze is a project designed to provide steganography capabilities to Mac OS payloads. Using python3, it will build an Obj-C file for you which will be compiled to pull desired encrypted URLs out of the stego file, fetch payloads over https, and execute them directly into memory. It utilizes...

Purgalicious VBA: Macro Obfuscation With VBA Purging

Malicious Office documents remain a favorite technique for every type of threat actor, from red teamers to FIN groups to APTs. In this blog post, we will discuss "VBA Purging", a technique we have increasingly observed in the wild and that was first publicly documented by Didier Stevens in Februa...

A Five-Year Journey: How Trend Micro Helped Bring Down Scan4You

Trend Micro has always had a close relationship with law enforcement around the globe, because we believe that only together can we make the world a safer place in which to exchange digital information. As the business of cybercrime continues to grow and evolve, so must our response. That’s why w...

Year-Old Coldroot RAT Targets MacOS, Still Evades Detection

Researchers are warning users about the Coldroot remote access Trojan that is going undetected by AV engines and targets MacOS computers. The RAT is cross-platform and capable of planting a keylogger on MacOS systems prior to the OS High Sierra and is designed to steal banking credentials. Coldro...

Gojdue Variant Eludes Microsoft, Google Cloud Protection, Researchers Say

Researchers have identified a new ransomware strain that went undetected by built-in anti-malware protection used by cloud heavyweights Microsoft and Google as recently as January. According to researchers at the cloud service firm Bitglass, both Google Drive and Microsoft Office 365’s SharePoint...