Lucene search
K

4 matches found

Positive Technologies
Positive Technologies
added 2023/07/10 12:0 a.m.7 views

PT-2023-32956 · Undefined · Undefined

ParsedReport CompletenessHigh 10-07-2023 The five-day job: A BlackByte ransomware intrusion case study https://www.microsoft.com/en-us/security/blog/2023/07/06/the-five-day-job-a-blackbyte-ransomware-intrusion-case-study Report completeness: High Actors/Campaigns: Volt typhoon motivation: cyber...

10CVSS8AI score0.99999EPSS
Exploits24References1
Circl
Circl
added 2022/10/06 5:35 p.m.18 views

CVE-2019-16098

creationtimestamp| type| source ---|---|--- 2022-10-06 17:35:04+00:00| exploited| https://t.me/truesecator/3524 2024-05-21 13:04:44+00:00| seen| MISP/a9eb9e8e-d894-4f36-a6c2-ca8142f72d29 2025-08-31 03:00:54+00:00| seen| MISP/ab0b745f-bbd5-338e-8b92-97dd0c757e9d 2026-02-06 21:11:55+00:00| seen|...

7.8CVSS8.1AI score0.18188EPSS
Exploits5References1
Kitploit
Kitploit
added 2022/04/16 12:30 p.m.164 views

EDRSandblast - Tool That Weaponize A Vulnerable Signed Driver To Bypass EDR Detections And LSASS Protections

EDRSandBlast is a tool written in C that weaponize a vulnerable signed driver to bypass EDR detections Kernel callbacks and ETW TI provider and LSASS protections. Multiple userland unhooking techniques are also implemented to evade userland monitoring. As of release, combination of userland...

7.8CVSS7.6AI score0.18188EPSS
Exploits5References8
CVE
CVE
added 2019/09/11 4:20 p.m.462 views

CVE-2019-16098

CVE-2019-16098 affects the Micro‑Star MSI Afterburner driver (RTCore64.sys/RTCore32.sys). The connected documents confirm an arbitrary read/write primitive in the vulnerable driver that allows a local authenticated user to read/write arbitrary memory, I/O ports and MSRs, enabling privilege escala...

7.8CVSS7.7AI score0.18188EPSS
In wildExploits5References1Affected Software1
Rows per page
Query Builder