Lucene search
K

14 matches found

The Hacker News
The Hacker News
added 2022/12/08 7:59 a.m.89 views

Google Warns of Internet Explorer Zero-Day Vulnerability Exploited by ScarCruft Hackers

An Internet Explorer zero-day vulnerability was actively exploited by a North Korean threat actor to target South Korean users by capitalizing on the recent Itaewon Halloween crowd crush to trick users into downloading malware. The discovery, reported by Google Threat Analysis Group researchers...

8.8CVSS8.3AI score0.80667EPSS
Exploits0
ThreatPost
ThreatPost
added 2021/08/19 8:19 p.m.112 views

InkySquid State Actor Exploiting Known IE Bugs

The InkySquid advanced persistent threat APT group, which researchers have linked to the North Korean government, was caught launching watering hole attacks against a South Korean newspaper using known Internet Explorer vulnerabilities. New analysis from Volexity reported its team of researchers...

8.8CVSS8.9AI score0.80667EPSS
Exploits0References4
The Hacker News
The Hacker News
added 2021/08/18 8:33 a.m.170 views

NK Hackers Deploy Browser Exploits on South Korean Sites to Spread Malware

A North Korean threat actor has been discovered taking advantage of two exploits in Internet Explorer to infect victims with a custom implant as part of a strategic web compromise SWC targeting a South Korean online newspaper. Cybersecurity firm Volexity attributed the watering hole attacks to a...

8.8CVSS1.1AI score0.80667EPSS
Exploits0
NVD
NVD
added 2020/08/17 7:15 p.m.26 views

CVE-2020-1380

A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully...

8.8CVSS8.7AI score0.24188EPSS
Exploits0References3
CVE
CVE
added 2020/08/17 7:13 p.m.1180 views

CVE-2020-1380

CVE-2020-1380 : Internet Explorer Scripting Engine memory corruption vulnerability in which memory objects mishandled by the scripting engine (jscript9.dll) can allow remote code execution in the context of the current user..attack vector: web-based via crafted websites or hosting IE rendering en...

8.8CVSS9.2AI score0.24188EPSS
In wildExploits0References3Affected Software1
Vulnrichment
Vulnrichment
added 2020/08/17 7:13 p.m.12 views

CVE-2020-1380 Scripting Engine Memory Corruption Vulnerability

...

7.8CVSS7.8AI score0.24188EPSS
Exploits0References2
Cvelist
Cvelist
added 2020/08/17 7:13 p.m.38 views

CVE-2020-1380 Scripting Engine Memory Corruption Vulnerability

...

7.8CVSS8.9AI score0.24188EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2020/08/17 12:0 a.m.71 views

CVE-2020-1380

A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully...

8.8CVSS8.4AI score0.24188EPSS
In wildExploits0References6
Securelist
Securelist
added 2020/08/12 7:0 a.m.866 views

Internet Explorer and Windows zero-day exploits used in Operation PowerFall

Executive summary In May 2020, Kaspersky technologies prevented an attack on a South Korean company by a malicious script for Internet Explorer. Closer analysis revealed that the attack used a previously unknown full chain that consisted of two zero-day exploits: a remote code execution exploit f...

7.6CVSS8.5AI score0.86863EPSS
Exploits20
Circl
Circl
added 2020/08/12 4:0 a.m.23 views

CVE-2020-1380

creationtimestamp| type| source ---|---|--- 2020-08-12 04:00:00+00:00| seen| https://www.govcert.gov.hk/en/alertsdetail.php?id=499 2020-08-12 10:03:34+00:00| published-proof-of-concept| https://t.me/cKure/1816 2020-08-12 11:34:34+00:00| exploited| https://t.me/truesecator/839 2020-08-13...

8.8CVSS7.4AI score0.24188EPSS
Exploits0References11
OpenVAS
OpenVAS
added 2020/08/12 12:0 a.m.53 views

Microsoft Windows Multiple Vulnerabilities (KB4571703)

This host is missing a critical security update according to Microsoft KB4571703 SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

10CVSS7.3AI score0.99512EPSS
Exploits86References3
OpenVAS
OpenVAS
added 2020/08/12 12:0 a.m.42 views

Microsoft Windows Multiple Vulnerabilities (KB4571729)

This host is missing a critical security update according to Microsoft KB4571729 SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

10CVSS7.3AI score0.99512EPSS
Exploits86References3
Kaspersky
Kaspersky
added 2020/08/11 12:0 a.m.137 views

KLA11935 Multiple vulnerabilities in Microsoft Browsers

Multiple vulnerabilities were found in Microsoft Browsers. Malicious users can exploit these vulnerabilities to execute arbitrary code. Below is a complete list of vulnerabilities: 1. A memory corruption vulnerability in Microsoft Edge can be exploited remotely via specially crafted website to...

9.3CVSS7.9AI score0.24188EPSS
Exploits0References22
Tenable Nessus
Tenable Nessus
added 2020/08/11 12:0 a.m.123 views

Security Updates for Internet Explorer (August 2020)

The Internet Explorer installation on the remote host is missing security updates. It is, therefore, affected by multiple vulnerabilities : - A remote code execution vulnerability exists in the way that the MSHTML engine improperly validates input. An attacker could execute arbitrary code in the...

8.8CVSS7.9AI score0.24188EPSS
Exploits0References7
Rows per page
Query Builder