Lucene search
K

840 matches found

The Hacker News
The Hacker News
added 2013/09/11 9:5 p.m.28 views

Kaspersky revealed "Kimsuky" Cyber Espionage campaign targeting South Korea

Russian Security Firm Kaspersky Lab has revealed that it has been following a sustained attack on South Korea by hackers seemingly based in North Korea., This new Cyber Espionage campaign dubbed "Kimsuky" has targeted several South Korean think tanks. Researchers believe the Kimsuky malware is mo...

7.1AI score
Exploits0
The Hacker News
The Hacker News
added 2013/05/02 12:14 a.m.15 views

Mysterious Avatar rootkit with API, SDK, and Yahoo Groups for C&C communication

Early 2012 ESET company a mysterious malware, dubbed the Avatar rootkit Win32/Rootkit.Avatar, advertised in the underground forums by Russian cyber crime. "We present you here previously announced product. In connection with work on other projects, we moved the release date for the public from Ma...

6.9AI score
Exploits0
The Hacker News
The Hacker News
added 2013/04/09 7:15 a.m.14 views

Malware that turns computers into Bitcoin miners

Researchers from Kaspersky Lab have discovered a new spam message campaign being transmitted via Skype contains malware capable of using an infected computer to mine for Bitcoins. The malware, identified as Trojan.Win32.Jorik.IRCbot.xkt. Bitcoin is a non-governmental, fully-digital currency based...

6.8AI score
Exploits0
Metasploit
Metasploit
added 2013/03/21 1:40 p.m.99 views

Apache Struts ParametersInterceptor Remote Code Execution

This module exploits a remote command execution vulnerability in Apache Struts versions 'Apache Struts ParametersInterceptor Remote Code Execution', 'Description' = %q This module exploits a remote command execution vulnerability in Apache Struts versions 'Meder Kydyraliev', Vulnerability Discove...

9.8CVSS9.3AI score0.88829EPSS
Exploits16
The Hacker News
The Hacker News
added 2013/02/03 4:56 a.m.15 views

PiceBOT Crimeware Kit targeting Latin America Banks

A new Cyber Crimeware kit arrived in Hacking scenes called 'PiceBOT' just like other Latin American botnets such as vOlk Mexico & S.A.P.Z Peru and cost just $140 in underground market for Cyber criminals. Like other amazing exploit kits, the main purpose is the distribution of malware that steals...

6.5AI score
Exploits0
Metasploit
Metasploit
added 2012/10/23 5:41 p.m.23 views

ManageEngine Security Manager Plus 5.5 Build 5505 SQL Injection

This module exploits a SQL injection found in ManageEngine Security Manager Plus advanced search page, which results in remote code execution under the context of SYSTEM in Windows; or as the user in Linux. Authentication is not required in order to exploit this vulnerability. This module require...

0.2AI score
Exploits0
ThreatPost
ThreatPost
added 2012/08/27 1:21 p.m.8 views

New Java Zero Day Being Used in Targeted Attacks

There is a newly discovered zero day vulnerability in Java 7 that is being used in some targeted attacks right now. The vulnerability works against Internet Explorer and Firefox and researchers say that attackers are exploiting in the wild and installing a version of the Poison Ivy RAT on...

6.8AI score
Exploits0References4
ThreatPost
ThreatPost
added 2012/08/07 2:10 p.m.14 views

Zeus Comes to the BlackBerry

Researchers have found several samples of a new version of the mobile version of the Zeus malware, with these newest ones targeting the BlackBerry platform. BlackBerry has not been a common target for attackers, despite the high-value user base of corporate executives and government officials, bu...

1.5AI score
Exploits0References4
ThreatPost
ThreatPost
added 2012/03/15 3:3 p.m.11 views

Trojan Dropper Uses Valid Certificate Issued For Swiss Company

A pair of trojan droppers affiliated with a pay-per-click scam are using valid digital signatures from a certificate that was issued for a Swiss company, according to a report on Securelist. Between December 2011 and March 7, 2012, the Kaspersky Security Network has detected around 5,000 instance...

0.8AI score
Exploits0References7
The Hacker News
The Hacker News
added 2012/02/22 2:29 p.m.9 views

Dropper Malware comes with DLL Hijacking Feature

Dropper Malware comes with DLL Hijacking Feature Trojans, Viruses, Worms have become the scare of the year, and with good reason. Many of the recent files are malicious in nature, causing the infected user at the very worst, to lose everything on their computer. There are few specially coded...

6.7AI score
Exploits0
Metasploit
Metasploit
added 2012/02/16 6:34 p.m.38 views

Windows Escalate SMB Icon LNK Dropper

This module drops a shortcut LNK file that has a ICON reference existing on the specified remote host, causing SMB and WebDAV connections to be initiated from any user that views the shortcut. This module requires Metasploit: https://metasploit.com/download Current source:...

0.2AI score
Exploits0
Metasploit
Metasploit
added 2011/10/18 4:30 p.m.39 views

Cross Platform Webkit File Dropper

This module exploits a XSLT vulnerability in Webkit to drop ASCII or UTF-8 files to the target file-system. By default, the file will be dropped in C:\Program Files\ This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework cla...

8.8CVSS6.3AI score0.43195EPSS
Exploits11
The Hacker News
The Hacker News
added 2011/04/15 12:14 p.m.10 views

Attackers taking advantage of Epsilon !

We blogged about the Epsilon data breach to give our customers a heads-up on the situation. Recently, our ThreatSeeker® Network discovered a Web attack that takes advantage of the unfortunate news. As with anything our ThreatSeeker Network discovers, Websense customers are protected by ACE, our...

6.6AI score
Exploits0
ThreatPost
ThreatPost
added 2010/07/21 2:0 p.m.11 views

Inside the Black Energy 2 Botnet

By Dmitry Tarakanov Cybercriminals use a variety of bots to conduct DDoS attacks on Internet servers. One of the most popular tools is called Black Energy. To date, Kaspersky Lab has identified and implemented detection for over 4,000 modifications of this malicious program. In mid-2008 malware...

0.3AI score
Exploits0References11
0day.today
0day.today
added 2010/07/05 12:0 a.m.15 views

linux/x86 polymorphic Drop suid shell root /tmp/.hiddenshell 161 bytes

Exploit for linux/x86 platform in category shellcode ====================================================================== linux/x86 polymorphic Drop suid shell root /tmp/.hiddenshell 161 bytes ====================================================================== /...

7AI score
Exploits0
Check Point Advisories
Check Point Advisories
added 2009/09/01 12:0 a.m.2 views

Update Protection against Recent Malware Threats (1-Sep-09)

The update includes new protections against 9 recent malware threats:Backdoor-Trojan: Backdoor.Win32.Dreamy.bcTrickler: Trojan-Dropper.Win32.Agent.aqpnTrickler: Trojan-Downloader.Win32.Banload.bvkTrojan: Sus.BancDl-BTrojan: Trojan-Spy.Win32.VB.btmTrojan: Trojan-Downloader.Win32.VB.necTrojan:...

6.9AI score
Exploits0
ThreatPost
ThreatPost
added 2009/05/07 7:27 p.m.9 views

Patch coming for MS PowerPoint zero-day flaw

Exactly one month after malicious hackers started using rigged PowerPoint files to launch targeted attacks, Microsoft announced plans to ship a “critical” bulletin affecting its flagship presentation program. The PowerPoint update is the only bulletin scheduled for this month’s Patch Tuesday on M...

0.9AI score
Exploits0References5
ATTACKERKB
ATTACKERKB
added 2006/08/21 10:4 p.m.4 views

CVE-2006-4274

Rejected reason: Unknown vulnerability in Microsoft PowerPoint allows user-assisted attackers to execute arbitrary code via a crafted PPT document, as exploited by malware such as TROJMDROPPER.BH. NOTE: on 20060822, it was determined that TROJMDROPPER.BH was exploiting CVE-2006-0009, so this is n...

5.1CVSS6.3AI score0.14205EPSS
Exploits0References1
VulnCheck KEV
VulnCheck KEV
added 2006/03/14 12:0 a.m.11 views

VulnCheck KEV: CVE-2006-0009

Buffer overflow in Microsoft Office 2000 SP3, XP SP3, and other versions and packages, allows user-assisted attackers to execute arbitrary code via a routing slip that is longer than specified by the provided length field, as exploited by malware such as TROJMDROPPER.BH and Trojan.PPDropper.E in...

5.1CVSS6.2AI score0.14205EPSS
Exploits0References1
securityvulns
securityvulns
added 2001/09/03 12:0 a.m.43 views

OE6 + VBS + WSH + WIN200 + XP + HTML.DROPPER

We're examining resubmitting to bugtraq html.dropper now updated to in include an .exe http://www.securityfocus.com/bid/2260 - apparently the manufacturer didn't consider the original submission worthy of fixing as the same problem has been carried over to Outlook Express 6.00. On a default insta...

7.1AI score
Exploits0
Rows per page
Query Builder