Lucene search
+L

106 matches found

prion
prion
added 2021/08/09 1:15 p.m.21 views

Denial of service

A Denial-of-Service DoS vulnerability was discovered in Team Server in HelpSystems Cobalt Strike 4.2 and 4.3. It allows remote attackers to crash the C2 server thread and block beacons' communication with it...

5CVSS7.5AI score0.04292EPSS
Exploits1References2Affected Software1
threatpost
threatpost
added 2021/05/10 5:37 p.m.799 views

Lemon Duck Cryptojacking Botnet Changes Up Tactics

The Lemon Duck cryptocurrency-mining botnet has added the ProxyLogon group of exploits to its bag of tricks, targeting Microsoft Exchange servers. That’s according to researchers at Cisco Talos, who said that the cybercrime group behind Lemon Duck has also added the Cobalt Strike attack framework...

10CVSS7.7AI score0.99999EPSS
Exploits189References15
cnnvd
cnnvd
added 2021/02/01 12:0 a.m.8 views

Qualcomm Wlan Firmware Buffer Error Vulnerability

Qualcomm Wlan Firmware is a Wlan support firmware from Qualcomm Incorporated USA. A security vulnerability exists in Qualcomm Wlan Firmware that originates from a buffer over-read due to improper IE length checking in receive beacons...

9.4CVSS7.5AI score0.00806EPSS
Exploits0References3
nvd
nvd
added 2021/01/21 10:15 a.m.23 views

CVE-2020-11212

Out of bounds reads while parsing NAN beacons attributes and OUIs due to improper length of field check in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon...

9.8CVSS9.5AI score0.00873EPSS
Exploits0References2
prion
prion
added 2021/01/21 10:15 a.m.13 views

Input validation

Out of bounds reads while parsing NAN beacons attributes and OUIs due to improper length of field check in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon...

7.5CVSS9.3AI score0.00873EPSS
Exploits0References2
cvelist
cvelist
added 2021/01/21 9:41 a.m.30 views

CVE-2020-11212

Out of bounds reads while parsing NAN beacons attributes and OUIs due to improper length of field check in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon...

9.5AI score0.00873EPSS
Exploits0References1
cve
cve
added 2021/01/21 9:41 a.m.56 views

CVE-2020-11212

CVE-2020-11212 describes an out-of-bounds read during parsing of NAN beacon attributes and OUIs caused by an improper length check in Qualcomm Snapdragon components (Auto, Compute, Connectivity, CE Connectivity, Consumer IoT, Industrial IoT, IoT, Mobile, Voice & Music, Wired Infrastructure and Ne...

9.8CVSS9.3AI score0.00873EPSS
Exploits0References2Affected Software541
osv
osv
added 2020/10/16 11:15 p.m.4 views

CVE-2020-16969

An information disclosure vulnerability exists in how Microsoft Exchange validates tokens when handling certain messages. An attacker who successfully exploited the vulnerability could use this to gain further information from a user. To exploit the vulnerability, an attacker could include...

7.1CVSS7.1AI score0.0273EPSS
Exploits0References1
nvd
nvd
added 2020/10/16 11:15 p.m.18 views

CVE-2020-16969

An information disclosure vulnerability exists in how Microsoft Exchange validates tokens when handling certain messages. An attacker who successfully exploited the vulnerability could use this to gain further information from a user. To exploit the vulnerability, an attacker could include...

7.1CVSS0.0273EPSS
Exploits0References1
prion
prion
added 2020/10/16 11:15 p.m.15 views

Information disclosure

An information disclosure vulnerability exists in how Microsoft Exchange validates tokens when handling certain messages. An attacker who successfully exploited the vulnerability could use this to gain further information from a user. To exploit the vulnerability, an attacker could include...

4.3CVSS7.1AI score0.0273EPSS
Exploits0References1Affected Software1
gitee
gitee
added 2020/10/15 7:37 p.m.2 views

suricata-rules

This repository contains Suricata IDS Intrusion Detection System rules for detecting various types of malicious activity, including CobaltStrike, CryptoMiner, and other threats. The rules are designed to identify specific patterns and behaviors associated with these threats. The rules are organiz...

7.2AI score
Exploits0
mscve
mscve
added 2020/10/13 7:0 a.m.55 views

Microsoft Exchange Information Disclosure Vulnerability

An information disclosure vulnerability exists in how Microsoft Exchange validates tokens when handling certain messages. An attacker who successfully exploited the vulnerability could use this to gain further information from a user. To exploit the vulnerability, an attacker could include...

7.1CVSS0.7AI score0.0273EPSS
Exploits0
osv
osv
added 2020/05/18 5:15 a.m.3 views

CVE-2020-12858

Non-reinitialisation of random data in the advertising payload in COVIDSafe v1.0.15 and v1.0.16 allows a remote attacker to re-identify Android devices running COVIDSafe by scanning for their advertising beacons...

7.5CVSS5.8AI score0.01806EPSS
Exploits0References2
prion
prion
added 2020/05/18 5:15 a.m.11 views

Code injection

Non-reinitialisation of random data in the advertising payload in COVIDSafe v1.0.15 and v1.0.16 allows a remote attacker to re-identify Android devices running COVIDSafe by scanning for their advertising beacons...

5CVSS7.4AI score0.01806EPSS
Exploits0References2Affected Software1
threatpost
threatpost
added 2020/04/29 1:40 p.m.72 views

EFF: Google, Apple's Contact-Tracing System Open to Cyberattacks

Privacy advocates are urging developers to proceed with caution as they use technology released by Apple and Google to build COVID-19 contact-tracing apps — and are warning against the potential for cybercriminal use. On the latter point, the system is meant to help people know if they have come...

6.8AI score
Exploits0References11
thn
thn
added 2020/04/11 4:0 a.m.4 views

Google and Apple Plan to Turn Phones into COVID-19 Contact-Tracking Devices

Tech giants Apple and Google have joined forces to develop an interoperable contact-tracing tool that will help individuals determine if they have come in contact with someone infected with COVID-19. As part of this new initiative, the companies are expected to release an API that public agencies...

5.7AI score
Exploits0
thn
thn
added 2020/04/11 4:0 a.m.133 views

Google and Apple Plan to Turn Phones into COVID-19 Contact-Tracking Devices

Tech giants Apple and Google have joined forces to develop an interoperable contact-tracing tool that will help individuals determine if they have come in contact with someone infected with COVID-19. As part of this new initiative, the companies are expected to release an API that public agencies...

6.7AI score
Exploits0
schneier
schneier
added 2017/05/08 2:16 p.m.24 views

Using Ultrasonic Beacons to Track Users

I've previously written about ad networks using ultrasonic communications to jump from one device to another. The idea is for devices like televisions to play ultrasonic codes in advertisements and for nearby smartphones to detect them. This way the two devices can be linked. Creepy, yes. And als...

6.9AI score
Exploits0
thn
thn
added 2017/05/05 10:13 p.m.16 views

Wikileaks Unveils CIA's Man-in-the-Middle Attack Tool

Wikileaks has published a new batch of the Vault 7 leak, detailing a man-in-the-middle MitM attack tool allegedly created by the United States Central Intelligence Agency CIA to target local networks. Since March, WikiLeaks has published thousands of documents and other secret tools that the...

6.8AI score
Exploits0
threatpost
threatpost
added 2017/05/05 1:32 p.m.22 views

Ultrasonic Beacons Are Tracking Your Every Movement

More than 200 Android mobile applications listen surreptitiously for ultrasonic beacons embedded in audio that are used to track users and serve them with targeted advertising. Academics from Technische Universitat Braunschweig in Germany recently published a paper in which they describe their...

6.6AI score
Exploits0References1
Rows per page
Query Builder