The outstanding stealth of Operation Triangulation

Introduction In our previous blogpost on Triangulation, we discussed the details of TriangleDB, the main implant used in this campaign, its C2 protocol and the commands it can receive. We mentioned, among other things, that it is able to execute additional modules. We also mentioned that this...

Zscaler Client Connector Data Forgery Issue Vulnerability

Zscaler Client Connector is an application from zscaler. An application that is installed on a device to ensure that Internet traffic and access to an organization's internal applications are secure and in compliance with the organization's policies, even when not on the corporate network. A...

Jira Server/Data Center STAGIL Navigation plugin Path Traversal CVE-2023-26256

Binary data jiraCVE-2023-26256.nbin...

SentinelOne Agent Installed (Windows)

Binary data sentineloneagentwininstalled.nbin...

Jira Server/Data Center STAGIL Navigation plugin Path Traversal CVE-2023-26255

Binary data jiraCVE-2023-26255.nbin...

D-Link D-View 8 Hard-coded JWT Key (CVE-2023-5074)

Binary data dlinkdview8staticjwtkey.nbin...

D-Link D-View 8 Web Server Detection

Binary data dlinkdview8webserverdetect.nbin...

CVE-2022-26941

A format string vulnerability exists in Motorola MTM5000 series firmware AT command handler for the AT+CTGL command. An attacker-controllable string is improperly handled, allowing for a write-anything-anywhere scenario. This can be leveraged to obtain arbitrary code execution inside the tedsapp...

Motorola MTM5000 Formatting String Error Vulnerability

The Motorola MTM5000 is a mobile radio from Motorola, USA. A security vulnerability exists in the Motorola MTM5000 that stems from a format string vulnerability in the AT+CTGL command in the command handler, which results in a write-anywhere scenario that can be exploited to obtain arbitrary code...

Cisco IOS XE CVE-2023-20198 Implant Indicator of Compromise

Binary data ciscoiosxeimplantCVE-2023-20198.nbin...

ImageMagick Installed (macOS)

Binary data imagemagickmacosinstalled.nbin...

LG LED Assistant Path Traversal (CVE-2023-4613)

Binary data lgledassistantcve-2023-4613.nbin...

LG LED Assistant Detection

Binary data lgledassistantdetect.nbin...

Trellix Enterprise Security Manager Web Interface Detection

Binary data enterprisesecuritymanagerdetect.nbin...

An analysis of an in-the-wild iOS Safari WebContent to GPU Process exploit

By Ian Beer A graph representation of the sandbox escape NSExpression payload In April this year Google's Threat Analysis Group, in collaboration with Amnesty International, discovered an in-the-wild iPhone zero-day exploit chain being used in targeted attacks delivered via malicious link. The...

Binary vulnerability in Linux kernel (CNVD-2023-87918)

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. Linux kernel suffers from a binary vulnerability that can be exploited by attackers to cause a system crash or local elevation of privilege...

Apple iOS < 16.7.1 Multiple Vulnerabilities (HT213972)

Binary data appleios1671check.nbin...

Microsoft Identity Linux Broker Installed (Linux)

Binary data microsoftidentitybrokernixinstalled.nbin...

libcurl Installed (Windows)

Binary data libcurlwininstalled.nbin...

Microsoft Windows Server 2012 / 2012 R2 ESU Status Check

Binary data wmiwin2012esustatus.nbin...