Lucene search
K

33 matches found

GithubExploit
GithubExploit
added 2025/04/07 2:33 a.m.187 views

Exploit for Improper Input Validation in Microsoft

CVE-2023-23397 Exploitation & Mitigation Demo 📌 Overview...

9.8CVSS10AI score0.97408EPSS
Exploits18
GithubExploit
GithubExploit
added 2025/04/07 2:33 a.m.187 views

Exploit for Improper Input Validation in Microsoft

CVE-2023-23397 Exploitation & Mitigation Demo 📌 Overview...

9.8CVSS10AI score0.97408EPSS
Exploits18
The Hacker News
The Hacker News
added 2024/05/04 8:38 a.m.46 views

Microsoft Outlook Flaw Exploited by Russia's APT28 to Hack Czech, German Entities

Czechia and Germany on Friday revealed that they were the target of a long-term cyber espionage campaign conducted by the Russia-linked nation-state actor known as APT28, drawing condemnation from the European Union E.U., the North Atlantic Treaty Organization NATO, the U.K., and the U.S. The Cze...

9.8CVSS7.6AI score0.97408EPSS
Exploits18
The Hacker News
The Hacker News
added 2024/04/23 4:23 a.m.111 views

Russia's APT28 Exploited Windows Print Spooler Flaw to Deploy 'GooseEgg' Malware

The Russia-linked nation-state threat actor tracked as APT28 weaponized a security flaw in the Microsoft Windows Print Spooler component to deliver a previously unknown custom malware called GooseEgg. The post-compromise tool, which is said to have been used since at least June 2020 and possibly ...

9.8CVSS9.8AI score0.97798EPSS
Exploits67
GithubExploit
GithubExploit
added 2024/03/20 9:49 a.m.420 views

Exploit for Improper Input Validation in Microsoft

CVE-2023-23397-PoW Proof of Work of CVE-2023-23397 for vulnera...

9.8CVSS10AI score0.97408EPSS
Exploits18
The Hacker News
The Hacker News
added 2024/02/28 5:47 a.m.103 views

Cybersecurity Agencies Warn Ubiquiti EdgeRouter Users of APT28's MooBot Threat

In a new joint advisory, cybersecurity and intelligence agencies from the U.S. and other countries are urging users of Ubiquiti EdgeRouter to take protective measures, weeks after a botnet comprising infected routers was felled by law enforcement as part of an operation codenamed Dying Ember. The...

9.8CVSS9.7AI score0.97408EPSS
Exploits18
The Hacker News
The Hacker News
added 2024/02/02 2:49 p.m.94 views

Russian APT28 Hackers Targeting High-Value Orgs with NTLM Relay Attacks

Russian state-sponsored actors have staged NT LAN Manager NTLM v2 hash relay attacks through various methods from April 2022 to November 2023, targeting high-value targets worldwide. The attacks, attributed to an "aggressive" hacking crew called APT28, have set their eyes on organizations dealing...

9.8CVSS8.5AI score0.97798EPSS
Exploits67
Securelist
Securelist
added 2023/12/01 10:0 a.m.196 views

IT threat evolution Q3 2023

IT threat evolution in Q3 2023 IT threat evolution in Q3 2023. Non-mobile statistics IT threat evolution in Q3 2023. Mobile statistics Targeted attacks Unknown threat actor targets power generator with DroxiDat and Cobalt Strike Earlier this year, we reported on a new variant of SystemBC called...

9.3CVSS8.3AI score0.99945EPSS
Exploits80
GithubExploit
GithubExploit
added 2023/10/26 9:26 a.m.419 views

Exploit for Improper Input Validation in Microsoft

CVE-2023-23397 Vulnerability Details 🚨💻 Microsoft has recent...

9.8CVSS8.9AI score0.97408EPSS
Exploits18
GithubExploit
GithubExploit
added 2023/05/07 6:21 p.m.665 views

Exploit for Improper Input Validation in Microsoft

PoC exploit for CVE-2023-23397, a vulnerability in the Apache HT...

9.8CVSS9.2AI score0.97408EPSS
Exploits18
GithubExploit
GithubExploit
added 2023/03/24 7:54 p.m.261 views

Exploit for Improper Input Validation in Microsoft

CVE-2023-23397 Windows Update Patch CVE-2023-23397 powershell...

9.8CVSS10AI score0.97408EPSS
Exploits18
Microsoft Malware Protection
Microsoft Malware Protection
added 2023/03/24 6:30 p.m.314 views

Guidance for investigating attacks using CVE-2023-23397

This guide provides steps organizations can take to assess whether users have been targeted or compromised by threat actors exploiting CVE-2023-23397. A successful exploit of this vulnerability can result in unauthorized access to an organization’s environment by triggering a Net-NTLMv2 hash leak...

9.6AI score0.97408EPSS
Exploits18
Microsoft Secure
Microsoft Secure
added 2023/03/24 6:30 p.m.67 views

Guidance for investigating attacks using CVE-2023-23397

This guide provides steps organizations can take to assess whether users have been targeted or compromised by threat actors exploiting CVE-2023-23397. A successful exploit of this vulnerability can result in unauthorized access to an organization’s environment by triggering a Net-NTLMv2 hash leak...

9.6AI score0.97408EPSS
Exploits18
GithubExploit
GithubExploit
added 2023/03/21 6:38 p.m.304 views

Exploit for Improper Input Validation in Microsoft

CVE-2023-23397 Outlook Privilege Escalation Proof of Concept...

9.8CVSS8.8AI score0.97408EPSS
Exploits18
GithubExploit
GithubExploit
added 2023/03/19 8:7 a.m.395 views

Exploit for Improper Input Validation in Microsoft

CVE-2023-23397-POC-Using-...

9.8CVSS10AI score0.97408EPSS
Exploits18
GithubExploit
GithubExploit
added 2023/03/18 9:44 p.m.274 views

Exploit for Improper Input Validation in Microsoft

CVE-2023-23397 CVE-2023-23397 C PoC 1- download the msgkit 2...

9.8CVSS8.8AI score0.97408EPSS
Exploits18
GithubExploit
GithubExploit
added 2023/03/17 10:18 a.m.534 views

Exploit for Improper Input Validation in Microsoft

CVE-2023-23397-POC Exploit POC for CVE-2023-23397 Appointment...

9.8CVSS10AI score0.97408EPSS
Exploits18
Trellix
Trellix
added 2023/03/17 12:0 a.m.69 views

CVE-2023-23397: The Notification Sound You Don’t Want to Hear

CVE-2023-23397: The Notification Sound You Don’t Want to Hear By Mark Bereza · March 17, 2023 This story was also written by John Dunlap. Overview During the March "Patch Tuesday" security update, a new Outlook security vulnerability was revealed as being exploited in the wild. This is a serious...

8.5AI score0.97408EPSS
Exploits18
GithubExploit
GithubExploit
added 2023/03/16 7:10 p.m.485 views

Exploit for Improper Input Validation in Microsoft

A Simple PoC in PowerShell for CVE-2023-23397 CVE-2023-23397...

9.8CVSS10AI score0.97408EPSS
Exploits18
Talos Blog
Talos Blog
added 2023/03/15 11:46 p.m.92 views

Threat Advisory: Microsoft Outlook privilege escalation vulnerability being exploited in the wild

Update March 21, 2023: To aid defenders trying to detect and mitigate this vulnerability, we are providing a couple of additional resources. First, we are providing a ClamAV signature that detects this threat -- the rule can be found on our GitHub here and can be leveraged anywhere ClamAV...

9.8AI score0.97408EPSS
Exploits18
Rows per page
Query Builder