Lucene search
K

169 matches found

ThreatPost
ThreatPost
added 2022/05/31 11:38 a.m.38 views

ChromeLoader Browser Hijacker Provides Gateway to Bigger Threats

ChromeLoader may seem on the surface like a run-of-the-mill browser hijacker that merely redirects victims to advertisement websites. However, its use of PowerShell could pose a greater risk by leading to further and advanced malicious activity, such as the propagation of ransomware or spyware or...

7.3AI score
Exploits0References6
The Hacker News
The Hacker News
added 2022/05/17 1:38 p.m.29 views

UpdateAgent Returns with New macOS Malware Dropper Written in Swift

A new variant of the macOS malware tracked as UpdateAgent has been spotted in the wild, indicating ongoing attempts on the part of its authors to upgrade its functionalities. "Perhaps one of the most identifiable features of the malware is that it relies on the AWS infrastructure to host its...

1.3AI score
Exploits0
ThreatPost
ThreatPost
added 2022/01/28 2:0 p.m.24 views

Shlayer and Bundlore MacOS Malware Strains – How Uptycs EDR Detection Can Help

Adware strains Shlayer and Bundlore are the most common malware in macOS – although they have slight variations, they have long invaded and bypassed Xprotect, Notarization, Gatekeeper, and File Quarantine, all security features pre-built into macOS. The Uptycs threat research team has tracked the...

8.1AI score
Exploits0References16
NVD
NVD
added 2021/06/29 4:15 p.m.36 views

CVE-2021-21871

A memory corruption vulnerability exists in the DMG File Format Handler functionality of PowerISO 7.9. A specially crafted DMG file can lead to an out-of-bounds write. An attacker can provide a malicious file to trigger this vulnerability. The vendor fixed it in a bug-release of the current versi...

8.8CVSS0.00947EPSS
Exploits1References1
Prion
Prion
added 2021/06/29 4:15 p.m.17 views

Memory corruption

A memory corruption vulnerability exists in the DMG File Format Handler functionality of PowerISO 7.9. A specially crafted DMG file can lead to an out-of-bounds write. An attacker can provide a malicious file to trigger this vulnerability. The vendor fixed it in a bug-release of the current versi...

6.8CVSS7.7AI score0.00947EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2021/06/29 3:10 p.m.39 views

CVE-2021-21871

A memory corruption vulnerability exists in the DMG File Format Handler functionality of PowerISO 7.9. A specially crafted DMG file can lead to an out-of-bounds write. An attacker can provide a malicious file to trigger this vulnerability. The vendor fixed it in a bug-release of the current versi...

8.8CVSS7.9AI score0.00947EPSS
Exploits1References1
CVE
CVE
added 2021/06/29 3:10 p.m.51 views

CVE-2021-21871

PowerISO 7.9 DMG File Format Handler memory corruption (CVE-2021-21871) results from improper boundary checks during DMG decompression. The PoC/malformed ZLIB handling can cause an out-of-bounds write, leading to a crash or potential code execution as described by TALOS. Affected component: Power...

8.8CVSS7.7AI score0.00947EPSS
Exploits1References1Affected Software1
Talos Blog
Talos Blog
added 2021/06/28 8:5 a.m.27 views

Vulnerability Spotlight: Memory corruption vulnerability in PowerISO’s DMG handler

Piotr Bania of Cisco Talos discovered this vulnerability. Blog by Jon Munshaw. Cisco Talos recently discovered a memory corruption vulnerability in PowerISO’s handler that deals with DMG files. PowerISO is a CD/DVD/BD image file processing tool, which allows users to open, extract,... This is onl...

1.2AI score
Exploits0
Talos
Talos
added 2021/06/28 12:0 a.m.112 views

PowerISO DMG File Format Handler memory corruption vulnerability

Summary A memory corruption vulnerability exists in the DMG File Format Handler functionality of PowerISO 7.9. A specially crafted DMG file can lead to an out-of-bounds write. An attacker can provide a malicious file to trigger this vulnerability. The vendor fixed it in a bug-release of the curre...

8.8CVSS7.8AI score0.00947EPSS
Exploits1
CNNVD
CNNVD
added 2021/05/26 12:0 a.m.5 views

dmg2img 缓冲区错误漏洞

dmg2img is a software application. Provides a function to convert Apple compressed dmg archives into standard hfsplus image disk files. A security vulnerability exists in Dmg2img prior to version 20170502, which stems from the program's mishblk function not checking the length of the read buffer...

7.1CVSS7.5AI score0.00908EPSS
Exploits0References2
Securelist
Securelist
added 2021/03/18 10:0 a.m.53 views

Convuster: macOS adware now in Rust

Introduction Traditionally, most malicious objects detected on the macOS platform are adware: besides the already familiar Shlayer family, the TOP 10 includes Bnodlero, Cimpli, Adload and Pirrit adware. As a rule, most tend to be written in C, Objective-C or Swift. Recently, however, cybercrimina...

7.3AI score
Exploits0
GithubExploit
GithubExploit
added 2019/06/07 11:48 p.m.87 views

Exploit for Improper Input Validation in Apple Mac_Os_X

CVE-2019-8561 Proof of concept exploit for CVE-2019-8561 disc...

7.8CVSS8.8AI score0.06578EPSS
Exploits1
Carbon Black Blog
Carbon Black Blog
added 2019/02/12 7:37 p.m.94 views

TAU Threat Intelligence Notification: New macOS Malware Variant of Shlayer (OSX) Discovered

Carbon Black’s Threat Analysis Unit TAU recently discovered a new variant of a family of macOS malware which was first discovered in February of 2018 by researchers from Intego. TAU has obtained new samples of this malware and observed downloads of the malware from multiple sites, primarily...

1.2AI score
Exploits0
The Hacker News
The Hacker News
added 2019/02/12 7:8 a.m.2 views

Beware!! New Windows .exe Malware Found Targeting macOS Computers

A malicious Windows EXE file can even infect your Mac computer as well. Yes, you heard me right — a .exe malware on macOS. Security researchers at antivirus firm Trend Micro have discovered a novel way hackers are using in the wild to bypass Apple's macOS security protection and infect Mac...

6.8AI score
Exploits0
Kitploit
Kitploit
added 2018/08/30 9:17 p.m.57 views

Darling - Darwin/macOS Emulation Layer For Linux

Darling is a runtime environment for OS X applications. Please note that no GUI applications are supported at the moment. Download Darling uses many Git submodules, so a plain clone will not do. git clone --recurse-submodules https://github.com/darlinghq/darling.git Updating sources: git pull git...

7.1AI score
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2018/08/23 12:0 a.m.55 views

Google Chrome < 68.0.3440.75 Multiple Vulnerabilities

Binary data 700361.pasl...

6.5CVSS7.3AI score0.03137EPSS
Exploits0References2
Securelist
Securelist
added 2018/07/20 10:0 a.m.50 views

Calisto Trojan for macOS

An interesting aspect of studying a particular piece of malware is tracing its evolution and observing how the creators gradually add new monetization or entrenchment techniques. Also of interest are developmental prototypes that have had limited distribution or not even occurred in the wild. We...

Exploits0
CNVD
CNVD
added 2018/05/10 12:0 a.m.5 views

Cisco Advanced Malware Protection for Endpoints macOS Connector Input Validation Vulnerability

Cisco Advanced Malware Protection AMP for Endpoints macOS Connector is an endpoint security solution that prevents, monitors, and responds to advanced threats for macOS devices from Cisco. An input validation vulnerability exists in the file type detection mechanism in Cisco AMP for Endpoints mac...

5.8CVSS6.8AI score0.01221EPSS
Exploits0References1
Prion
Prion
added 2018/04/19 8:29 p.m.19 views

Design/Logic Flaw

A vulnerability in the file type detection mechanism of the Cisco Advanced Malware Protection AMP for Endpoints macOS Connector could allow an unauthenticated, remote attacker to bypass malware detection. The vulnerability occurs because the software relies on only the file extension for detectin...

5CVSS5.5AI score0.01221EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2018/04/19 8:29 p.m.4 views

CVE-2018-0237

A vulnerability in the file type detection mechanism of the Cisco Advanced Malware Protection AMP for Endpoints macOS Connector could allow an unauthenticated, remote attacker to bypass malware detection. The vulnerability occurs because the software relies on only the file extension for detectin...

5.8CVSS5.8AI score0.01221EPSS
Exploits0References2
Rows per page
Query Builder