EUVD-2021-14829

Malware in sbrugna...

📄 Remote Keyboard Desktop 1.0.1 Remote Code Execution

Remote Keyboard Desktop version 1.0.1 suffers from a remote code execution vulnerability. Exploit Title: Remote Keyboard Desktop 1.0.1 Remote Code Execution Date: 05/17/2025 Exploit Author: Chokri Hammedi Vendor Homepage: https://remotecontrolio.web.app/ Software Link:...

CVE-2024-34329

Insecure permissions in Entrust Datacard XPS Card Printer Driver 8.5 and earlier without the dxp1-patch-E24-004 patch allows unauthenticated attackers to execute arbitrary code as SYSTEM via a crafted DLL payload...

CVE-2024-34329

Insecure permissions in Entrust Datacard XPS Card Printer Driver 8.5 and earlier without the dxp1-patch-E24-004 patch allows unauthenticated attackers to execute arbitrary code as SYSTEM via a crafted DLL payload...

CVE-2024-34329

CVE-2024-34329 affects Entrust Datacard XPS Card Printer Driver (versions 8.5 and earlier). The root cause is insecure permissions in the driver allowed by default installation paths, enabling unauthenticated local attackers to execute arbitrary code as SYSTEM via a crafted DLL payload. Multiple ...

StrelaStealer Resurfaces with Upgraded Attack Chain

Summary: A recent wave of phishing attacks has been detected, targeting over 100 organizations across the United States and the European Union. These attacks aim to distribute StrelaStealer, a dynamic information-stealing malware. The attackers employ spam emails containing attachments that...

New StrelaStealer Phishing Attacks Hit Over 100 Organizations in E.U. and U.S.

Cybersecurity researchers have detected a new wave of phishing attacks that aim to deliver an ever-evolving information stealer referred to as StrelaStealer. The campaigns impact more than 100 organizations in the E.U. and the U.S., Palo Alto Networks Unit 42 researchers said in a new report...

SMB Fetch, Windows shellcode stage, Windows x64 Bind Named Pipe Stager

Fetch and execute an x64 payload from an SMB server. Custom shellcode stage. Listen for a pipe connection Windows x64 Module Options msf use payload/cmd/windows/smb/x64/custom/bindnamedpipe msf payloadbindnamedpipe show actions ...actions... msf payloadbindnamedpipe set ACTION msf...

Exploit for CVE-2021-1675

CVE-2021-1675 - PrintNightmare LPE PowerShell Caleb Stewa...

Russian Hackers Use Zulip Chat App for Covert C&C in Diplomatic Phishing Attacks

An ongoing campaign targeting ministries of foreign affairs of NATO-aligned countries points to the involvement of Russian threat actors. The phishing attacks feature PDF documents with diplomatic lures, some of which are disguised as coming from Germany, to deliver a variant of a malware called...

Hackers Using Stolen Bank Information to Trick Victims into Downloading BitRAT Malware

A new malware campaign has been observed using sensitive information stolen from a bank as a lure in phishing emails to drop a remote access trojan called BitRAT. The unknown adversary is believed to have hijacked the IT infrastructure of a Colombian cooperative bank, using the information to cra...

Exploit for CVE-2021-1675

CVE-2021-1675 - PrintNightmare LPE PowerShell Caleb Stewa...

Exploit for CVE-2021-1675

CVE-2021-1675 LPE PoC not my exploit! just wanted to play aro...

Exploit for CVE-2021-1675

CVE-2021-1675 LPE PoC not my exploit! just wanted to play aro...

Exploit for CVE-2021-1675

CVE-2021-1675 LPE PoC not my exploit! just wanted to play aro...

Windows 10 Privilege-Escalation Zero-Day Gets Unofficial Fix

A partially unpatched security bug in Windows that could allow local privilege escalation from a regular user to System remains unaddressed fully by Microsoft – but an unofficial micropatch from oPatch has hit the scene. The bug CVE-2021-34484 was originally disclosed and patched as part of...

Exploit for Path Traversal in Microsoft

CVE-2021-40444-POC An attempt to reproduce Microsoft MSHTML Re...

Exploit for CVE-2021-34527

CVE-2021-34527 - PrintNightmare LPE PowerShell Caleb Stew...

Emotet returns just in time for Christmas

Emotet is a threat we have been tracking very closely throughout the year thanks to its large email distribution campaigns. Once again, and for about two months, the botnet stopped its malspam activity only to return days before Christmas. In typical Emotet fashion, the threat actors continue to...

Telerik UI - Remote Code Execution via Insecure Deserialization

Telerik UI - Remote Code Execution via Insecure Deserialization See the full write-up at Bishop Fox, CVE-2019-18935: https://know.bishopfox.com/research/cve-2019-18935-remote-code-execution-in-telerik-ui, for a complete walkthrough of vulnerability and exploit details for this issue along with...