Lucene search
K

16 matches found

The Hacker News
The Hacker News
added 2024/08/02 4:32 p.m.45 views

APT41 Hackers Use ShadowPad, Cobalt Strike in Taiwanese Institute Cyber Attack

A Taiwanese government-affiliated research institute that specializes in computing and associated technologies was breached by nation-state threat actors with ties to China, according to new findings from Cisco Talos. The unnamed organization was targeted as early as mid-July 2023 to deliver a...

8.8CVSS8.1AI score0.73469EPSS
Exploits6
Talos Blog
Talos Blog
added 2024/08/01 12:0 p.m.51 views

APT41 likely compromised Taiwanese government-affiliated research institute with ShadowPad and Cobalt Strike

Cisco Talos discovered a malicious campaign that compromised a Taiwanese government-affiliated research institute that started as early as July 2023, delivering the ShadowPad malware, Cobalt Strike and other customized tools for post-compromise activities. The activity conducted on the victim...

8.8CVSS8AI score0.73469EPSS
Exploits6
Metasploit
Metasploit
added 2018/10/19 11:15 p.m.101 views

Windows unmarshal post exploitation

This module exploits a local privilege escalation bug which exists in microsoft COM for windows when it fails to properly handle serialized objects. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModu...

8.8CVSS7.5AI score0.73469EPSS
Exploits6
canvas
canvas
added 2018/09/07 2:29 p.m.612 views

Immunity Canvas: UNMARSHAL_TO_SYSTEM

Name| unmarshaltosystem ---|--- CVE| CVE-2018-0824 Exploit Pack| CANVAS Description| CVE-2018-0824 QC Marshal Interceptor Insecure COM Unmarshal LPE Notes| CVE Name: CVE-2018-0824 VENDOR: Microsoft Notes: Tested against: --------------- Windows 7 x86 - NOT VULNERABLE Windows Server 2016 - NOT...

6.8CVSS8.1AI score0.73469EPSS
Exploits6
0day.today
0day.today
added 2018/06/19 12:0 a.m.82 views

Microsoft COM for Windows - Privilege Escalation Exploit

Exploit for windows platform in category local exploits Writeup: https://codewhitesec.blogspot.com/2018/06/cve-2018-0624.html In May 2018 Microsoft patched an interesting vulnerability CVE-2018-0824 which was reported by Nicolas Joly of Microsoft's MSRC: A remote code execution vulnerability exis...

5.1CVSS0.73469EPSS
Exploits6
Exploit DB
Exploit DB
added 2018/06/18 12:0 a.m.77 views

Microsoft COM for Windows - Privilege Escalation

Writeup: https://codewhitesec.blogspot.com/2018/06/cve-2018-0624.html In May 2018 Microsoft patched an interesting vulnerability CVE-2018-0824 which was reported by Nicolas Joly of Microsoft's MSRC: A remote code execution vulnerability exists in "Microsoft COM for Windows" when it fails to...

8.8CVSS7.8AI score0.73469EPSS
Exploits6
Circl
Circl
added 2018/06/15 10:35 p.m.14 views

CVE-2018-0824

creationtimestamp| type| source ---|---|--- 2018-06-15 22:35:54+00:00| seen| https://t.me/canyoupwnme/3973 2018-10-25 18:31:34+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/post/windows/escalate/unmarshalcmdexec.rb 2024-08-02 14:37:18+00:00| exploited|...

8.8CVSS7.4AI score0.73469EPSS
Exploits6References7
CVE
CVE
added 2018/05/09 7:0 p.m.337 views

CVE-2018-0824

CVE-2018-0824 is a Microsoft Windows remote code execution vulnerability in the COM subsystem due to improper handling of serialized objects. Public writeups and advisories summarize that a specially crafted file or script can trigger code execution, with potential remote impact when users open o...

8.8CVSS7.9AI score0.73469EPSS
In wildExploits6References5Affected Software13
ATTACKERKB
ATTACKERKB
added 2018/05/09 12:0 a.m.16 views

CVE-2018-0824

A remote code execution vulnerability exists in “Microsoft COM for Windows” when it fails to properly handle serialized objects, aka “Microsoft COM for Windows Remote Code Execution Vulnerability.” This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server...

8.8CVSS8.7AI score0.73469EPSS
In wildExploits6References6
OpenVAS
OpenVAS
added 2018/05/09 12:0 a.m.139 views

Microsoft Windows Multiple Vulnerabilities (KB4103723)

This host is missing a critical security update according to Microsoft KB4103723 SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.3CVSS7.3AI score0.87814EPSS
Exploits38References3
OpenVAS
OpenVAS
added 2018/05/09 12:0 a.m.261 views

Microsoft Windows Multiple Vulnerabilities (KB4103718)

This host is missing a critical security update according to Microsoft KB4103718 SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.3CVSS7.3AI score0.87814EPSS
Exploits49References3
OpenVAS
OpenVAS
added 2018/05/09 12:0 a.m.634 views

Microsoft Windows Multiple Vulnerabilities (KB4103725)

This host is missing a critical security update according to Microsoft KB4103725 SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.3CVSS7.3AI score0.87814EPSS
Exploits32References3
OpenVAS
OpenVAS
added 2018/05/09 12:0 a.m.172 views

Microsoft Windows Multiple Vulnerabilities (KB4103731)

This host is missing a critical security update according to Microsoft KB4103731 SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.3CVSS7.3AI score0.87814EPSS
Exploits39References3
Tenable Nessus
Tenable Nessus
added 2018/05/08 12:0 a.m.170 views

KB4103731: Windows 10 Version 1703 May 2018 Security Update

The remote Windows host is missing security update 4103731. It is, therefore, affected by multiple vulnerabilities : - A security feature bypass vulnerability exists in .Net Framework which could allow an attacker to bypass Device Guard. An attacker who successfully exploited this vulnerability...

9.3CVSS8.3AI score0.87814EPSS
Exploits35References39
Symantec
Symantec
added 2018/05/08 12:0 a.m.48 views

Microsoft Windows CVE-2018-0824 Remote Code Execution Vulnerability

Description Microsoft Windows is prone to a remote code-execution vulnerability. Successfully exploiting this issue may result in the execution of arbitrary code in the context of the affected system. Failed exploit attempts will likely result in denial-of-service conditions. Technologies Affecte...

1AI score0.73469EPSS
Exploits6Affected Software3
Tenable Nessus
Tenable Nessus
added 2018/05/08 12:0 a.m.329 views

KB4103721: Windows 10 Version 1803 and Windows Server Version 1803 May 2018 Security Update

The remote Windows host is missing security update 4103721. It is, therefore, affected by multiple vulnerabilities : - A security feature bypass vulnerability exists in .Net Framework which could allow an attacker to bypass Device Guard. An attacker who successfully exploited this vulnerability...

9.3CVSS8.3AI score0.87814EPSS
Exploits38References39
Rows per page
Query Builder