Lucene search
K

23 matches found

Securelist
Securelist
added 2025/12/19 10:0 a.m.11 views

Cloud Atlas activity in the first half of 2025: what changed

Known since 2014, the Cloud Atlas group targets countries in Eastern Europe and Central Asia. Infections occur via phishing emails containing a malicious document that exploits an old vulnerability in the Microsoft Office Equation Editor process CVE-2018-0802 to download and execute malicious cod...

9.3CVSS8.8AI score0.93289EPSS
Exploits7
The Hacker News
The Hacker News
added 2024/12/27 11:10 a.m.23 views

Cloud Atlas Deploys VBCloud Malware: Over 80% of Targets Found in Russia

The threat actor known as Cloud Atlas has been observed using a previously undocumented malware called VBCloud as part of its cyber attack campaigns targeting "several dozen users" in 2024. "Victims get infected via phishing emails containing a malicious document that exploits a vulnerability in...

7.8CVSS8AI score0.99945EPSS
Exploits36
Securelist
Securelist
added 2024/12/23 10:0 a.m.41 views

Cloud Atlas seen using a new tool in its attacks

Introduction Known since 2014, Cloud Atlas targets Eastern Europe and Central Asia. We're shedding light on a previously undocumented toolset, which the group used heavily in 2024. Victims get infected via phishing emails containing a malicious document that exploits a vulnerability in the formul...

7.8CVSS8.4AI score0.93289EPSS
Exploits7
The Hacker News
The Hacker News
added 2023/09/06 1:50 p.m.57 views

Alert: Phishing Campaigns Deliver New SideTwist Backdoor and Agent Tesla Variant

The Iranian threat actor tracked as APT34 has been linked to a new phishing attack that leads to the deployment of a variant of a backdoor called SideTwist. "APT34 has a high level of attack technology, can design different intrusion methods for different types of targets, and has supply chain...

9.3CVSS7.7AI score0.99945EPSS
Exploits36
CISA KEV Catalog
CISA KEV Catalog
added 2021/11/03 12:0 a.m.39 views

Microsoft Office Memory Corruption Vulnerability

Microsoft Office contains a memory corruption vulnerability due to the way objects are handled in memory. Successful exploitation allows for remote code execution in the context of the current user. This vulnerability is known to be chained with CVE-2018-0802...

9.3CVSS8.8AI score0.95121EPSS
In wildExploits7
Securelist
Securelist
added 2021/08/12 10:0 a.m.615 views

IT threat evolution Q2 2021

Targeted attacks The leap of a Cycldek-related threat actor It is quite common for Chinese-speaking threat actors to share tools and methodologies: one such example is the infamous "DLL side-loading triad": a legitimate executable, a malicious DLL to be side-loaded by it and an encoded payload,...

9.3CVSS0.99999EPSS
Exploits84
myhack58
myhack58
added 2018/12/25 12:0 a.m.2660 views

A use cve-2017-11882 and cve-2018-0802 combination of vulnerability a malicious document analysis-vulnerability warning-the black bar safety net

! Recently intercepted an extension doc word document to attack the samples, which format is actually RTF format. By analyzing the document composition the use of a cve-2017-11882 and cve-2018-0802 vulnerability, and use the embedded excel object is used to trigger the vulnerability. The release ...

9.3CVSS8.4AI score0.99945EPSS
Exploits36
Microsoft KB
Microsoft KB
added 2018/01/19 8:0 a.m.534 views

Description of the security update for Microsoft Office Compatibility Pack Service Pack 3: January 9, 2018

Description of the security update for Microsoft Office Compatibility Pack Service Pack 3: January 9, 2018 Summary This security update resolves vulnerabilities in Microsoft Office that could allow remote code execution if a user opens a specially crafted Office file. To learn more about the...

9.3CVSS9.1AI score0.95121EPSS
Exploits7
Microsoft KB
Microsoft KB
added 2018/01/19 8:0 a.m.849 views

Description of the security update for Office 2016: January 9, 2018

Description of the security update for Office 2016: January 9, 2018 Summary This security update resolves vulnerabilities in Microsoft Office that could allow remote code execution if a user opens a specially crafted Office file. To learn more about the vulnerabilities, go to the following Common...

9.3CVSS9AI score0.95121EPSS
Exploits7
GithubExploit
GithubExploit
added 2018/01/16 5:49 a.m.54 views

Exploit for Improper Restriction of Operations within the Bounds of a Memory Buffer in Microsoft

It is an exploit module for Apache HTTP Server. The target pr...

9.3CVSS9.5AI score0.99945EPSS
Exploits36
GithubExploit
GithubExploit
added 2018/01/12 11:38 a.m.19 views

Exploit for Improper Restriction of Operations within the Bounds of a Memory Buffer in Microsoft

PoC exploit for CVE-2018-0802 and CVE-2017-11882. The target pro...

9.3CVSS9.6AI score0.99945EPSS
Exploits36
GithubExploit
GithubExploit
added 2018/01/11 9:43 a.m.6 views

Exploit for Out-of-bounds Write in Microsoft

PoC exploit for CVE-2018-0802, an arbitrary code execution vulne...

9.3CVSS9.3AI score0.99945EPSS
Exploits36
GithubExploit
GithubExploit
added 2018/01/11 9:16 a.m.6 views

Exploit for Out-of-bounds Write in Microsoft

CVE-2018-0802POC usage: cv...

9.3CVSS8.7AI score0.93289EPSS
Exploits7
Vulnrichment
Vulnrichment
added 2018/01/10 1:0 a.m.15 views

CVE-2018-0802

Equation Editor in Microsoft Office 2007, Microsoft Office 2010, Microsoft Office 2013, and Microsoft Office 2016 allow a remote code execution vulnerability due to the way objects are handled in memory, aka "Microsoft Office Memory Corruption Vulnerability". This CVE is unique from CVE-2018-0797...

7.9AI score0.93289EPSS
Exploits7References7
CVE
CVE
added 2018/01/10 1:0 a.m.2384 views

CVE-2018-0802

CVE-2018-0802 is a Microsoft Office memory corruption/remote code execution vulnerability in the Equation Editor, triggered by crafted OLE/embedded objects in Office documents. Affected products include Office 2007, 2010, 2013, and 2016; the issue arises from the way Office handles in-memory obje...

9.3CVSS8.5AI score0.93289EPSS
In wildExploits7References8Affected Software3
ATTACKERKB
ATTACKERKB
added 2018/01/10 12:0 a.m.343 views

CVE-2018-0802

Equation Editor in Microsoft Office 2007, Microsoft Office 2010, Microsoft Office 2013, and Microsoft Office 2016 allow a remote code execution vulnerability due to the way objects are handled in memory, aka “Microsoft Office Memory Corruption Vulnerability”. This CVE is unique from CVE-2018-0797...

9.3CVSS8.6AI score0.99945EPSS
In wildExploits36References9
OpenVAS
OpenVAS
added 2018/01/10 12:0 a.m.279 views

Microsoft Word 2010 Service Pack 2 Multiple RCE Vulnerabilities (KB4011659)

This host is missing a critical security update according to Microsoft KB4011659 SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.3CVSS8.7AI score0.95121EPSS
Exploits7References3
OpenVAS
OpenVAS
added 2018/01/10 12:0 a.m.385 views

Microsoft Office 2013 Service Pack 1 Remote Code Execution Vulnerabilities (KB4011580)

This host is missing an important security update according to Microsoft KB4011580 SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescriptio...

9.3CVSS8.6AI score0.95121EPSS
Exploits7References3
OpenVAS
OpenVAS
added 2018/01/10 12:0 a.m.279 views

Microsoft Office 2010 Service Pack 2 Remote Code Execution Vulnerabilities (KB4011610)

This host is missing an important security update according to Microsoft KB4011610 SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescriptio...

9.3CVSS8.6AI score0.95121EPSS
Exploits7References3
OpenVAS
OpenVAS
added 2018/01/10 12:0 a.m.89 views

Microsoft Office Compatibility Pack Service Pack 3 Multiple RCE Vulnerabilities (KB4011607)

This host is missing a critical security update according to Microsoft KB4011607 SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.3CVSS8.7AI score0.95121EPSS
Exploits7References3
Rows per page
Query Builder