URL Path Containing Suspicious Executable

Certain URL paths may be indicative of malicious executable files that are characteristic of the Locky ransomware. A remote attacker could entice unsuspecting users to access such URLs, leading to execution of malicious files on the affected system...

CVE-2015-7262

QNAP iArtist Lite before 1.4.54, as distributed with QNAP Signage Station before 2.0.1, allows remote authenticated users to gain privileges by registering an executable file, and then waiting for this file to be run in a privileged context after a reboot...

Unrestricted file upload

Unrestricted file upload vulnerability in QNAP Signage Station before 2.0.1 allows remote authenticated users to execute arbitrary code by uploading an executable file, and then accessing this file via an unspecified URL...

CVE-2015-6022

Unrestricted file upload vulnerability in QNAP Signage Station before 2.0.1 allows remote authenticated users to execute arbitrary code by uploading an executable file, and then accessing this file via an unspecified URL...

About the security content of Apple TV 7.2.1

About the security content of Apple TV 7.2.1 This document describes the security content of Apple TV 7.2.1. For the protection of our customers, Apple does not disclose, discuss, or confirm security issues until a full investigation has occurred and any necessary patches or releases are availabl...

InstallShield DLL Hijacking

Hi @ll, executable installers ° created with InstallShield see alias are vulnerable: 1. Their wrappers/self-extractors load and execute a rogue/bogus/ malicious RichEd32.dll ' and other DLLs too, dependent on the version of Windows eventually found in the directory they are started from the...

CVE-2016-2542

Untrusted search path vulnerability in Flexera InstallShield through 2015 SP1 allows local users to gain privileges via a Trojan horse DLL in the current working directory of a setup-launcher executable file...

Design/Logic Flaw

Untrusted search path vulnerability in Flexera InstallShield through 2015 SP1 allows local users to gain privileges via a Trojan horse DLL in the current working directory of a setup-launcher executable file...

Suspicious Executable Mail Attachment

Certain malicious executable files can be hidden using a different extension for the file. A remote attacker could exploit this vulnerability to entice unsuspecting users to execute a malicious mail attachment. This method is often used by ransomware such as Locky, Cerber, CryptoXXX, and others...

Foolav - Pentest Tool For Antivirus Evasion and Running Arbitrary Payload on Target Wintel Host

Executable compiled with this code is useful during penetration tests where there is a need to execute some payload meterpreter maybe? while being certain that it will not be detected by antivirus software. The only requirement is to be able to upload two files: binary executable and payload file...

Mozilla Firefox < 44.0 Multiple Vulnerabilities

Binary data 9075.prm...

How Just Opening an MS Word Doc Can Hijack Every File On Your System

If you receive a mail masquerading as a company's invoice and containing a Microsoft Word file, think twice before clicking on it. Doing so could cripple your system and could lead to a catastrophic destruction. Hackers are believed to be carrying out social engineering hoaxes by adopting...

Venom - Metasploit Shellcode Generator / Compiler / Listenner

The script will use msfvenom metasploit to generate shellcode in diferent formats c | python | ruby | dll | msi | hta-psh , injects the shellcode generated into one funtion example: python "the python funtion will execute the shellcode in ram" and uses compilers like: gcc gnu cross compiler or...

Kaspersky Total Security Security Bypass Vulnerability

Kaspersky Total security is prone to a security bypass vulnerability. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

Trend Micro Password Manager program arbitrary command execution vulnerability verification-vulnerability and early warning-the black bar safety net

Trend Micro antivirus software to suit the windows version, contains a password management program, the program is also in the official website provides a single download connection, is a free service. The default installation of the latest TRAND Micro: the ! 1 Figure 1 Can in Data Security find...

Somebody Offered Money to Raspberry Pi Foundation for Pre-Installing Malware

The Raspberry Pi is now gaining attention from malware distributors who want the popular mini-computers to deliver with pre-install malware. The Raspberry Pi Foundation has made a shocking revelation that the charitable foundation has been offered money to install malware onto the Raspberry Pi...

ESET NOD32 Antivirus DLL Hijacking

Hi @ll, the executable installer ° of ESET's NOD32 antivirus, esetnod32antivirusliveinstaller.exe, loads and executes at least the rogue/bogus/malicious Cabinet.dll and DbgHelp.dll eventually found in the directory it is started from ' the "application directory". For software downloaded with a w...

JVN#64636058: WinRAR may insecurely load executable files

WinRAR contains a function where user specified files on the local disk can be executed. When this file does not have a file extension, a file of the same name with a file extension contained in the same folder may be executed by WinRAR instead of the user specified file. WinRAR also contains a...

Xcode 7 Bitcode workflow and Security Assessment-vulnerability warning-the black bar safety net

With Xcode 7, Apple is Xcode adds a new feature Bitcode 【1】： ! New features often mean new attack surface. This article first describes what is Bitcode and Bitcode workflow in the familiar with the Bitcode of the workflow, the next step is to assess the Bitcode related to the attack surface, and...

Google Chrome DLL Hijack

Hi @ll, the executable installers ° of Google Chrome are vulnerable: 1. ChromeStandaloneSetup.exe and ChromeSetup.exe load and execute a rogue/bogus/malicious CryptBase.dll under Windows NT6.x from their "application directory" '. For software downloaded with a web browser this is typically the...