Lucene search
K

14 matches found

hivepro
hivepro
added 2024/02/13 11:12 a.m.40 views

Attacks, Vulnerabilities and Actors 5 to 11 February 2024

For a detailed threat digest, download the pdf file here Summary HiveForce Labs recently made several significant discoveries in the realm of cybersecurity threats. In the past week alone, a total of five attacks were executed, six vulnerabilities were uncovered, and two active adversaries were...

6.8CVSS7.6AI score0.88196EPSS
Exploits2
hivepro
hivepro
added 2024/02/08 2:6 p.m.49 views

Mispadu Leverages CVE-2023-36025 Vulnerability in Latest Attack

Summary: A new variant of the Mispadu infostealer, a malware known for targeting Spanish and Portuguese speakers, specifically targets Mexican regions and leverages the CVE-2023-36025 vulnerability to gain access. It extends its data theft reach beyond previous versions, capturing browser history...

6.8CVSS7.4AI score0.88196EPSS
Exploits2
The Hacker News
The Hacker News
added 2024/02/05 3:45 a.m.82 views

New Mispadu Banking Trojan Exploiting Windows SmartScreen Flaw

The threat actors behind the Mispadu banking Trojan have become the latest to exploit a now-patched Windows SmartScreen security bypass flaw to compromise users in Mexico. The attacks entail a new variant of the malware that was first observed in 2019, Palo Alto Networks Unit 42 said in a report...

8.8CVSS9.4AI score0.88196EPSS
Exploits2
The Hacker News
The Hacker News
added 2024/01/16 7:13 a.m.63 views

Hackers Weaponize Windows Flaw to Deploy Crypto-Siphoning Phemedrone Stealer

Threat actors have been observed leveraging a now-patched security flaw in Microsoft Windows to deploy an open-source information stealer called Phemedrone Stealer. "Phemedrone targets web browsers and data from cryptocurrency wallets and messaging apps such as Telegram, Steam, and Discord," Tren...

8.8CVSS7AI score0.88196EPSS
Exploits2
Trend Micro Simply Security
Trend Micro Simply Security
added 2024/01/12 12:0 a.m.48 views

CVE-2023-36025 Exploited for Defense Evasion in Phemedrone Stealer Campaign

This blog delves into the Phemedrone Stealer campaign's exploitation of CVE-2023-36025, the Windows Defender SmartScreen Bypass vulnerability, for its defense evasion and investigates the malware's payload...

6.8CVSS7.2AI score0.88196EPSS
Exploits2
GithubExploit
GithubExploit
added 2023/12/28 11:29 p.m.411 views

Exploit for CVE-2023-36025

EXPLOIT CVE-2023-36025 - Description Windows SmartScreen Sec...

8.8CVSS9.1AI score0.88196EPSS
Exploits2
GithubExploit
GithubExploit
added 2023/11/17 3:46 p.m.377 views

Exploit for CVE-2023-36025

CVE-2023-36025 Simple test for CVE-2023-36025, based...

8.8CVSS9AI score0.88196EPSS
Exploits2
Circl
Circl
added 2023/11/14 9:10 p.m.17 views

CVE-2023-36025

creationtimestamp| type| source ---|---|--- 2023-11-14 21:10:02+00:00| seen| MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123 2023-11-15 04:00:00+00:00| seen| https://www.govcert.gov.hk/en/alertsdetail.php?id=1160 2023-11-15 12:34:59+00:00| seen| https://t.me/truesecator/5085 2023-11-17 08:13:29+00:00|...

8.8CVSS7.1AI score0.88196EPSS
Exploits2References47
NVD
NVD
added 2023/11/14 6:15 p.m.27 views

CVE-2023-36025

Windows SmartScreen Security Feature Bypass Vulnerability...

8.8CVSS0.88196EPSS
Exploits2References2
Vulnrichment
Vulnrichment
added 2023/11/14 5:57 p.m.13 views

CVE-2023-36025 Windows SmartScreen Security Feature Bypass Vulnerability

...

8.8CVSS7.1AI score0.88196EPSS
Exploits2References1
CVE
CVE
added 2023/11/14 5:57 p.m.556 views

CVE-2023-36025

CVE-2023-36025 is a Windows SmartScreen Security Feature Bypass vulnerability. Affected product context is Microsoft Windows (SmartScreen). Root cause and impact are described as bypass of SmartScreen with high severity (CVSS v3.1: 8.8, HIGH) affecting confidentiality, integrity, and availability...

8.8CVSS9.5AI score0.88196EPSS
In wildExploits2References2Affected Software13
ATTACKERKB
ATTACKERKB
added 2023/11/14 12:0 a.m.89 views

CVE-2023-36025

Windows SmartScreen Security Feature Bypass Vulnerability Recent assessments: Assessed Attacker Value: 0 Assessed Attacker Value: 0Assessed Attacker Value: 0...

8.8CVSS6.8AI score0.88196EPSS
In wildExploits2References2
VulnCheck KEV
VulnCheck KEV
added 2023/11/14 12:0 a.m.5 views

VulnCheck KEV: CVE-2023-36025

Microsoft Windows SmartScreen contains a security feature bypass vulnerability that could allow an attacker to bypass Windows Defender SmartScreen checks and their associated prompts...

8.8CVSS7.4AI score0.88196EPSS
Exploits2References1
Tenable Nessus
Tenable Nessus
added 2023/11/14 12:0 a.m.135 views

KB5032247: Windows Server 2012 Security Update (November 2023)

The remote Windows host is missing security update 5032247. It is, therefore, affected by multiple vulnerabilities - Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability CVE-2023-36402 - Windows Pragmatic General Multicast PGM Remote Code Execution Vulnerability...

9.8CVSS7.2AI score0.88196EPSS
Exploits4References20
Rows per page
Query Builder