14 matches found
Attacks, Vulnerabilities and Actors 5 to 11 February 2024
For a detailed threat digest, download the pdf file here Summary HiveForce Labs recently made several significant discoveries in the realm of cybersecurity threats. In the past week alone, a total of five attacks were executed, six vulnerabilities were uncovered, and two active adversaries were...
Mispadu Leverages CVE-2023-36025 Vulnerability in Latest Attack
Summary: A new variant of the Mispadu infostealer, a malware known for targeting Spanish and Portuguese speakers, specifically targets Mexican regions and leverages the CVE-2023-36025 vulnerability to gain access. It extends its data theft reach beyond previous versions, capturing browser history...
New Mispadu Banking Trojan Exploiting Windows SmartScreen Flaw
The threat actors behind the Mispadu banking Trojan have become the latest to exploit a now-patched Windows SmartScreen security bypass flaw to compromise users in Mexico. The attacks entail a new variant of the malware that was first observed in 2019, Palo Alto Networks Unit 42 said in a report...
Hackers Weaponize Windows Flaw to Deploy Crypto-Siphoning Phemedrone Stealer
Threat actors have been observed leveraging a now-patched security flaw in Microsoft Windows to deploy an open-source information stealer called Phemedrone Stealer. "Phemedrone targets web browsers and data from cryptocurrency wallets and messaging apps such as Telegram, Steam, and Discord," Tren...
CVE-2023-36025 Exploited for Defense Evasion in Phemedrone Stealer Campaign
This blog delves into the Phemedrone Stealer campaign's exploitation of CVE-2023-36025, the Windows Defender SmartScreen Bypass vulnerability, for its defense evasion and investigates the malware's payload...
Exploit for CVE-2023-36025
EXPLOIT CVE-2023-36025 - Description Windows SmartScreen Sec...
Exploit for CVE-2023-36025
CVE-2023-36025 Simple test for CVE-2023-36025, based...
CVE-2023-36025
creationtimestamp| type| source ---|---|--- 2023-11-14 21:10:02+00:00| seen| MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123 2023-11-15 04:00:00+00:00| seen| https://www.govcert.gov.hk/en/alertsdetail.php?id=1160 2023-11-15 12:34:59+00:00| seen| https://t.me/truesecator/5085 2023-11-17 08:13:29+00:00|...
CVE-2023-36025
Windows SmartScreen Security Feature Bypass Vulnerability...
CVE-2023-36025 Windows SmartScreen Security Feature Bypass Vulnerability
...
CVE-2023-36025
CVE-2023-36025 is a Windows SmartScreen Security Feature Bypass vulnerability. Affected product context is Microsoft Windows (SmartScreen). Root cause and impact are described as bypass of SmartScreen with high severity (CVSS v3.1: 8.8, HIGH) affecting confidentiality, integrity, and availability...
CVE-2023-36025
Windows SmartScreen Security Feature Bypass Vulnerability Recent assessments: Assessed Attacker Value: 0 Assessed Attacker Value: 0Assessed Attacker Value: 0...
VulnCheck KEV: CVE-2023-36025
Microsoft Windows SmartScreen contains a security feature bypass vulnerability that could allow an attacker to bypass Windows Defender SmartScreen checks and their associated prompts...
KB5032247: Windows Server 2012 Security Update (November 2023)
The remote Windows host is missing security update 5032247. It is, therefore, affected by multiple vulnerabilities - Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability CVE-2023-36402 - Windows Pragmatic General Multicast PGM Remote Code Execution Vulnerability...