CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

An advanced strain of malware masquerading as a cryptocurrency miner has managed to fly the radar for over five years, infecting no less than one million devices around the world in the process. That's according to findings from Kaspersky, which has codenamed the threat StripedFly, describing it ...

7.8AI score

Exploits0

Securelist•added 2023/10/26 4:0 a.m.•45 views

StripedFly: Perennially flying under the radar

Introduction Its just another cryptocurrency miner… Nobody would even suspect the mining malware was merely a mask, masquerading behind an intricate modular framework that supports both Linux and Windows. It comes equipped with a built-in TOR network tunnel for communication with command servers,...

7.5AI score

Exploits0

Gitee•added 2021/10/17 12:0 a.m.•2 views

MS17-011

This is a repository for exploiting the MS17-010 vulnerability in Windows SMB. The repository contains various proof-of-concept PoC exploits and tools for exploiting this vulnerability. The MS17-010 vulnerability is a remote code execution vulnerability in the Windows SMB service. It allows an...

8.7AI score

Exploits0

ThreatPost•added 2021/06/30 8:19 p.m.•48 views

Indexsinas SMB Worm Campaign Infests Whole Enterprises

The Indexsinas SMB worm is on the hunt for vulnerable environments to self-propagate into, researchers warned – with a particular focus on the healthcare, hospitality, education and telecommunications sectors. Its end goal is to drop cryptominers on compromised machines. Indexsinas, aka...

7.7AI score

Exploits0References9

Gitee•added 2020/09/10 10:27 a.m.•3 views

MS17-010

This repository is a collection of exploits and tools for the MS17-010 vulnerability, also known as the EternalBlue exploit. The vulnerability is a remote code execution RCE bug in the SMBv1 protocol, which was used by the WannaCry ransomware in 2017. The repository contains various exploits and...

9AI score

Exploits0

Securelist•added 2020/06/09 10:0 a.m.•43 views

Looking at Big Threats Using Code Similarity. Part 1

Today, we are announcing the release of KTAE, the Kaspersky Threat Attribution Engine. This code attribution technology, developed initially for internal use by the Kaspersky Global Research and Analysis Team, is now being made available to a wider audience. You can read more about KTAE in our...

6.9AI score

Exploits0

Gitee•added 2020/04/26 9:31 a.m.•8 views

Exploit for CVE-2017-0144

PoC exploit for CVE-2017-0144 EternalBlue using the Doublepulsar backdoor, implemented as a Metasploit module. The target product/service is Windows, and the vulnerability class is RCE Remote Code Execution. The probable entry point is the Metasploit module, and the notable dependency is the...

9.3CVSS7.3AI score0.94318EPSS

Exploits50

The Hacker News•added 2019/09/18 1:0 p.m.•51 views

Smominru Botnet Indiscriminately Hacked Over 90,000 Computers Just Last Month

Insecure Internet-connected devices have aided different types of cybercrime for years, most common being DDoS and spam campaigns. But cybercriminals have now shifted toward a profitable scheme where botnets do not just launch DDoS or spam—they mine cryptocurrencies as well. Smominru, an infamous...

7.1AI score

Exploits0

The Hacker News•added 2019/09/18 1:0 p.m.•1 views

Smominru Botnet Indiscriminately Hacked Over 90,000 Computers Just Last Month

6.9AI score

Exploits0

ThreatPost•added 2019/05/10 4:53 p.m.•272 views

The WannaCry Security Legacy and What’s to Come

May 12 will mark the second anniversary of the WannaCry ransomware cryptoworm attack. It was a troubling time: During the four-day long ordeal, the cryptoworm infected more than 300,000 endpoints among 200,000 separate victims throughout 150 countries. It propagated rapidly through the EternalBlu...

7.3AI score

Exploits0References3

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by