Lucene search
K

4 matches found

OSV
OSV
added 2024/12/12 7:8 p.m.7 views

MAL-2024-11817 Malicious code in planweb-core-ui (npm)

This package contains code to download a second stage payload which establishes a C2 connection and persistence via registry keys. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware acc967a53ff92a71f6b9518c692bf641aa3595a3b65f28cc403b471c0474b175 Any computer that has...

7.2AI score
Exploits0References3
Securelist
Securelist
added 2024/08/27 10:0 a.m.11 views

HZ Rat backdoor for macOS attacks users of China’s DingTalk and WeChat

In June 2024, we discovered a macOS version of the HZ Rat backdoor targeting users of the enterprise messenger DingTalk and the social network and messaging platform WeChat. The samples we found almost exactly replicate the functionality of the Windows version of the backdoor and differ only in t...

6.6AI score
Exploits0
Kitploit
Kitploit
added 2021/06/20 9:30 p.m.47 views

NamedPipePTH - Pass The Hash To A Named Pipe For Token Impersonation

This project is a PoC code to use Pass-the-Hash for authentication on a local Named Pipe user Impersonation. There also is a blog post for explanation: https://s3cur3th1ssh1t.github.io/Named-Pipe-PTH/ It is heavily based on the code from the projects Invoke-SMBExec.ps1 and RoguePotato. I faced...

7.8AI score
Exploits0References6
Trellix
Trellix
added 2020/12/17 12:0 a.m.9 views

Additional Analysis into the SUNBURST Backdoor | McAfee Blogs

ARCHIVED STORY Additional Analysis into the SUNBURST Backdoor Christiaan Beek · DEC 17, 2020 Executive Summary There has been considerable focus on the recent disclosures associated with SolarWinds, and while existing analysis on the broader campaign has resulted in detection against specific IoC...

Exploits0
Rows per page
Query Builder