A week in security (November 24 – November 30)

Last week on Malwarebytes Labs: How CVSS v4.0 works: characterizing and scoring vulnerabilities Millions at risk after nationwide CodeRED alert system outage and data breach Holiday shoppers targeted as Amazon and FBI warn of surge in account takeover attacks Fake LinkedIn jobs trick Mac users in...

EUVD-2001-1115

Malware in sbrugna...

Understanding Malware Propagation Dynamics through Scientific Machine Learning

Accurately modeling malware propagation is essential for designing effective cybersecurity defenses, particularly against adaptive threats that evolve in real time. While traditional epidemiological models and recent neural approaches offer useful foundations, they often fail to fully capture the...

Torchbox Wagtail Path Traversal Vulnerability

Torchbox Wagtail is an open source content management system CMS from Torchbox UK. A security vulnerability exists in Wagtail CRX CodeRed Extensions CodeRed CMS/coderedcms versions prior to 0.22.3, which stems from a path traversal allowed by views.py when serving protected media...

PT-2023-12617 · Unknown · Wagtail Crx Codered Extensions

Name of the Vulnerable Software and Affected Versions: Wagtail CRX CodeRed Extensions versions prior to 0.22.3 Description: The issue allows upward protected/..%2f..%2f path traversal when serving protected media. This is due to a problem in views.py. Recommendations: For versions prior to 0.22.3...

What is fileless malware?

Unlike traditional malware, which relies on a file being written to a disk, fileless malware is intended to be memory resident only, ideally leaving no trace after its execution. The malicious payload exists in the computer’s memory, which means nothing is ever written directly to the hard drive...

CVE-2017-5949

JavaScriptCore in WebKit, as distributed in Safari Technology Preview Release 22, allows remote attackers to cause a denial of service heap-based out-of-bounds write and application crash or possibly have unspecified other impact via crafted JavaScript code that triggers access to red-zone memory...

CentOS Update for firefox CESA-2017:0558 centos7

Check the version of firefox SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.882683";...

MS Index Server 2.0 and Indexing Service for Win 2000 ISAPI Extension Buffer Overflow (3)

No description provided by source. source: http://www.securityfocus.com/bid/2880/info Windows Index Server ships with Windows NT 4.0 Option Pack; Windows Indexing Service ships with Windows 2000. An unchecked buffer resides in the 'idq.dll' ISAPI extension associated with each service. A...

MS Index Server 2.0 and Indexing Service for Win 2000 ISAPI Extension Buffer Overflow (2)

No description provided by source. source: http://www.securityfocus.com/bid/2880/info Windows Index Server ships with Windows NT 4.0 Option Pack; Windows Indexing Service ships with Windows 2000. An unchecked buffer resides in the 'idq.dll' ISAPI extension associated with each service. A...

MS Index Server 2.0 and Indexing Service for Win 2000 ISAPI Extension Buffer Overflow (4)

No description provided by source. source: http://www.securityfocus.com/bid/2880/info Windows Index Server ships with Windows NT 4.0 Option Pack; Windows Indexing Service ships with Windows 2000. An unchecked buffer resides in the 'idq.dll' ISAPI extension associated with each service. A...

MS Index Server 2.0 and Indexing Service for Win 2000 ISAPI Extension Buffer Overflow (1)

No description provided by source. source: http://www.securityfocus.com/bid/2880/info Windows Index Server ships with Windows NT 4.0 Option Pack; Windows Indexing Service ships with Windows 2000. An unchecked buffer resides in the 'idq.dll' ISAPI extension associated with each service. A...

How I Got Here: Marc Maiffret

Dennis Fisher talks with Marc Maiffret about his teenage years as a phone phreaker and BBS denizen, the early years of the vulnerability research scene, the Code Red worm and its aftermath and how the security scene has changed in the past 15 years. Download: 10maiffret.mp3...

Android Security - Boot Camp Workshop & Presentation #1

Document Title: =============== Android Security - Boot Camp Workshop & Presentation 1 References: =========== http://www.vulnerability-lab.com/resources/documents/454.rar Release Date: ============= 2012-02-26 Vulnerability Laboratory ID VL-ID: ==================================== 454 Discovery...

UPDATE: Slammed And Blasted A Decade Ago, Microsoft Got Serious About Security

UPDATE: A decade ago this week, Chairman Bill Gates kicked off the Trustworthy Computing Initiative at Microsoft with a company-wide memo. The echoes of that memo still resonate throughout the software industry today as other firms, from Apple to Adobe, and Oracle to Google have followed the path...

Marc Maiffret on Modern Malware, Code Red and the State of Security Research

Dennis Fisher talks with researcher Marc Maiffret of FireEye about the evolution of modern malware, the discovery of the Code Red worm and how far security research has come in the last 10 years. Podcast audio courtesy of sykboy65 Subscribe to the Digital Underground podcast on...

ShellCode writing example-break through the firewall to the ShellCode-exploit warning-the black bar safety net

Text/figure ww0830 Now on the network to get the console ShellCode either on the target machine to open a port, wait for the attacker is connected; either let the target machine actively connected to the attacker's host, commonly known as a reverse connection. But the former method will generally...

Code Red X Worm Detection - Active Check

Your machine is infected with the SPDX-FileCopyrightText: 2001 SecuriTeam Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:microsoft:internetinformationservices";...

FreeBSD Security Advisory FreeBSD-SA-02:26.accept

-----BEGIN PGP SIGNED MESSAGE----- ============================================================================= FreeBSD-SA-02:26.accept Security Advisory The FreeBSD Project Topic: Remote denial-of-service when using accept filters Category: core Module: kernel Announced: 2002-05-29 Credits: Mik...

CVE-2001-1134

Xerox DocuPrint N40 Printers allow remote attackers to cause a denial of service via malformed data, such as that produced by the Code Red worm...