Lucene search
K

27 matches found

The Hacker News
The Hacker News
added 2022/06/22 5:41 a.m.137 views

RIG Exploit Kit Now Infects Victims' PCs With Dridex Instead of Raccoon Stealer

The operators behind the Rig Exploit Kit have swapped the Raccoon Stealer malware for the Dridex financial trojan as part of an ongoing campaign that commenced in January 2022. The switch in modus operandi, spotted by Romanian company Bitdefender, comes in the wake of Raccoon Stealer temporarily...

8.8CVSS1AI score0.87814EPSS
Exploits15
Malwarebytes
Malwarebytes
added 2020/12/15 1:58 p.m.20575 views

Threat profile: Egregor ransomware is making a name for itself

What is Egregor? Egregor ransomware is a relatively new ransomware first spotted in September 2020 that seems intent on making its way to the top right now. Egregor is considered a variant of Ransom.Sekhmet based on similarities in obfuscation, API-calls, and the ransom note. As weve reported in...

10CVSS8.9AI score0.99965EPSS
Exploits70
Securelist
Securelist
added 2020/06/24 10:0 a.m.878 views

Magnitude exploit kit – evolution

Exploit kits are not as widespread as they used to be. In the past, they relied on the use of already patched vulnerabilities. Newer and more secure web browsers with automatic updates simply do not allow known vulnerabilities to be exploited. It was very different back in the heyday of Adobe Fla...

7.6CVSS8.7AI score0.87814EPSS
Exploits31
GithubExploit
GithubExploit
added 2019/05/23 10:28 a.m.206 views

Exploit for Out-of-bounds Write in Microsoft

IE11 VBScript Exploit Exploit Generator for CVE-2018-8174 &amp...

7.6CVSS0.4AI score0.87814EPSS
Exploits14
Malwarebytes
Malwarebytes
added 2019/05/14 3:57 p.m.628 views

Exploit kits: spring 2019 review

Exploit kit activity remains fairly unchanged since our last winter review in terms of active distribution campaigns. But this spring edition will feature a new exploit kit and another atypical EK, in that it specifically goes after routers. The main driver behind these drive-by download attacks...

10CVSS9.3AI score0.89618EPSS
Exploits40
HackRead
HackRead
added 2019/03/08 3:56 p.m.551 views

New backdoor malware hits Slack and Github platforms

By Waqas The cybersecurity researchers at Trend Micro have discovered A new malware strain tapped into GitHub posts and Slack channels. Dubbed Slub by researchers; the malware works by exploiting a VBScript engine vulnerability that is classified as CVE-2018-8174 patched by Microsoft last year. B...

7.6CVSS0.6AI score0.87814EPSS
Exploits9
Malwarebytes
Malwarebytes
added 2019/02/12 4:0 p.m.752 views

Exploit kits: winter 2019 review

Active malvertising campaigns in December and the new year have kept exploit kit activity from hibernating in winter 2019. We mostly observed Fallout and RIG with the occasional, limited GrandSoft appearance for wider geo-targeting. In addition, narrowly-focused exploit kits such as Magnitude,...

10CVSS9.6AI score0.89618EPSS
Exploits40
Malwarebytes
Malwarebytes
added 2018/10/24 4:10 p.m.919 views

Exploit kits: fall 2018 review

Exploit kit EK activity continues to surprise us as the weather cools, the leaves change, and we move into the fall of 2018. Indeed, shortly after our summer review, a new exploit kit was discovered, and while no new vulnerabilities were added to the current EKs, several malvertising chains are...

7.6CVSS9.1AI score0.89618EPSS
Exploits28
Talos Blog
Talos Blog
added 2018/07/31 9:38 a.m.1160 views

Multiple Cobalt Personality Disorder

Introduction Despite the notion that modern cybersecurity protocols have stopped email-based attacks, email continues to be one of the primary attack vectors for malicious actors — both for widespread and targeted operations. Recently, Cisco Talos has observed numerous email-based attacks that ar...

9.3CVSS0.99945EPSS
Exploits79
Malwarebytes
Malwarebytes
added 2018/06/12 7:4 p.m.621 views

Exploit kits: Spring 2018 review

Since our last report on exploit kits, there have been some new developments with the wider adoption of the February Flash zero-day, as well as the inclusion of a new exploit for Internet Explorer. We have not seen that many changes in the drive-by landscape for a long time, although these are th...

7.6CVSS9.4AI score0.93165EPSS
Exploits38
Malwarebytes
Malwarebytes
added 2018/05/10 7:58 p.m.2865 views

Internet Explorer zero-day: browser is once again under attack

Update 2018-05-25: CVE-2018-8174 has been added to the RIG exploit kit MDNC. Update 2018-05-22: Security researcher Richard Warren mentioned that a fully working IE zero-day now patched with payload was uploaded to VirusTotal. We decided to test Malwarebytes against it, since last time we only ha...

9.3CVSS8.3AI score0.99933EPSS
Exploits48
Vulnrichment
Vulnrichment
added 2018/05/09 7:0 p.m.13 views

CVE-2018-8174

A remote code execution vulnerability exists in the way that the VBScript engine handles objects in memory, aka "Windows VBScript Engine Remote Code Execution Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2012, Windows 8.1,...

8.3AI score0.87814EPSS
Exploits9References4
CVE
CVE
added 2018/05/09 7:0 p.m.2166 views

CVE-2018-8174

CVE-2018-8174 is a Windows VBScript Engine out-of-bounds write vulnerability enabling remote code execution. Public documentation confirms an RCE when the VBScript engine handles in-memory objects, affecting Windows 7, Server 2008/2012/2016, Windows 8.1, Windows 10 and server variants. Public wri...

7.6CVSS8.1AI score0.87814EPSS
In wildExploits9References5Affected Software10
The Hacker News
The Hacker News
added 2018/05/09 6:14 a.m.2 views

Microsoft Patches Two Zero-Day Flaws Under Active Attack

It's time to gear up for the latest May 2018 Patch Tuesday. Microsoft has today released security patches for a total of 67 vulnerabilities, including two zero-days that have actively been exploited in the wild by cybercriminals, and two publicly disclosed bugs. In brief, Microsoft is addressing ...

7.6CVSS7.7AI score0.87814EPSS
Exploits27
The Hacker News
The Hacker News
added 2018/05/09 6:14 a.m.1404 views

Microsoft Patches Two Zero-Day Flaws Under Active Attack

It's time to gear up for the latest May 2018 Patch Tuesday. Microsoft has today released security patches for a total of 67 vulnerabilities, including two zero-days that have actively been exploited in the wild by cybercriminals, and two publicly disclosed bugs. In brief, Microsoft is addressing ...

7.6CVSS1AI score0.87814EPSS
Exploits27
Circl
Circl
added 2018/05/09 4:0 a.m.18 views

CVE-2018-8174

creationtimestamp| type| source ---|---|--- 2018-05-09 04:00:00+00:00| seen| https://www.govcert.gov.hk/en/alertsdetail.php?id=289 2018-05-09 08:16:21+00:00| published-proof-of-concept| https://t.me/R0Crew/593 2018-05-09 09:25:28+00:00| seen| MISP/5af2be06-dc9c-4086-a6aa-45d9950d210f 2018-05-09...

7.6CVSS6.8AI score0.87814EPSS
Exploits9References22
ATTACKERKB
ATTACKERKB
added 2018/05/09 12:0 a.m.168 views

CVE-2018-8174

A remote code execution vulnerability exists in the way that the VBScript engine handles objects in memory, aka “Windows VBScript Engine Remote Code Execution Vulnerability.” This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2012, Windows 8.1,...

7.6CVSS7.3AI score0.87814EPSS
In wildExploits9References6
OpenVAS
OpenVAS
added 2018/05/09 12:0 a.m.139 views

Microsoft Windows Multiple Vulnerabilities (KB4103723)

This host is missing a critical security update according to Microsoft KB4103723 SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.3CVSS7.3AI score0.87814EPSS
Exploits38References3
OpenVAS
OpenVAS
added 2018/05/09 12:0 a.m.634 views

Microsoft Windows Multiple Vulnerabilities (KB4103725)

This host is missing a critical security update according to Microsoft KB4103725 SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.3CVSS7.3AI score0.87814EPSS
Exploits32References3
OpenVAS
OpenVAS
added 2018/05/09 12:0 a.m.171 views

Microsoft Windows Multiple Vulnerabilities (KB4103731)

This host is missing a critical security update according to Microsoft KB4103731 SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.3CVSS7.3AI score0.87814EPSS
Exploits39References3
Rows per page
Query Builder