EUVD-2022-15915

Malicious code in bioql PyPI...

The Evolution of DEEP#GOSU Attack Campaign by Kimsuky Group

Summary: A sophisticated multi-stage attack campaign linked to the North Korean Kimsuky group, dubbed DEEPGOSU. Using PowerShell and VBScript, the attackers leverage remote access trojan RAT software for full control over infected hosts, while employing legitimate services like Dropbox for comman...

Iranian Hackers Launch Sophisticated Attacks Targeting Israel with PowerLess Backdoor

An Iranian nation-state threat actor has been linked to a new wave of phishing attacks targeting Israel that's designed to deploy an updated version of a Windows backdoor called PowerLess. Cybersecurity firm Check Point is tracking the activity cluster under its mythical creature handle Educated...

Iranian Hackers Exploiting Unpatched Log4j 2 Bugs to Target Israeli Organizations

Iranian state-sponsored actors are leaving no stone unturned to exploit unpatched systems running Log4j to target Israeli entities, indicating the vulnerability's long tail for remediation. Microsoft attributed the latest set of activities to the umbrella threat group tracked as MuddyWater aka...

CVE-2022-0878

Electric Vehicle EV commonly utilises the Combined Charging System CCS for DC rapid charging. To exchange important messages such as the State of Charge SoC with the Electric Vehicle Supply Equipment EVSE CCS uses a high-bandwidth IP link provided by the HomePlug Green PHY HPGP power-line...

Design/Logic Flaw

Electric Vehicle EV commonly utilises the Combined Charging System CCS for DC rapid charging. To exchange important messages such as the State of Charge SoC with the Electric Vehicle Supply Equipment EVSE CCS uses a high-bandwidth IP link provided by the HomePlug Green PHY HPGP power-line...

Experts Detail Malicious Code Dropped Using ManageEngine ADSelfService Exploit

At least nine entities across the technology, defense, healthcare, energy, and education industries were compromised by leveraging a recently patched critical vulnerability in Zoho's ManageEngine ADSelfService Plus self-service password management and single sign-on SSO solution. The spying...

Blackmoon Banking Trojan Using New Infection Technique

New clues have surfaced on how the Blackmoon banking Trojan is infecting its victims using a new framework to deliver the malware. “We noticed recent campaigns two weeks ago where Blackmoon had shifted its infection strategy and is now utilizing a unique and interesting technique,” said Hardik...

HP Data Protector 6.20 - EXEC_CMD Buffer Overflow

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Core Security Technologies - Corelabs Advisory http://corelabs.coresecurity.com/ HP Data Protector EXECCMD Buffer Overflow Vulnerability 1. Advisory Information Title: HP Data Protector EXECCMD Buffer Overflow Vulnerability Advisory ID: CORE-2011-0606...

Core Security Technologies Advisory 2011.0514

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Core Security Technologies - Corelabs Advisory http://corelabs.coresecurity.com/ Multiple vulnerabilities in HP Data Protector 1. Advisory Information Title: Multiple vulnerabilities in HP Data Protector Advisory ID: CORE-2011-0514 Advisory URL:...

HP Data Protector 6.20 Multiple Vulnerabilities

Exploit for windows platform in category dos / poc Core Security Technologies - Corelabs Advisory http://corelabs.coresecurity.com/ Multiple vulnerabilities in HP Data Protector 1. Advisory Information Title: Multiple vulnerabilities in HP Data Protector Advisory ID: CORE-2011-0514 Advisory URL:...

HP Data Protector Client EXEC_CMD Command Execution

Added: 06/07/2011 CVE: CVE-2011-0923 BID: 46234 OSVDB: 72526 Background HP OpenView Storage Data Protector is a backup solution for enterprise and distributed environments. Problem The HP Data Protector Client is vulnerable to remote code execution as a result of insufficient input validation of...