Lucene search
K

9 matches found

ThreatPost
ThreatPost
added 2018/03/23 11:52 a.m.17 views

A Closer Look at APT Group Sofacy’s Latest Targets

Threatpost talks to Kaspersky Lab researcher Kurt Baumgartner who was instrumental in tracking the latest activities of the Russian-speaking Sofacy APT gang. Research shows a continual march toward Far East targets and overlapping of activities with other groups such as Lamberts, Turla and Danti...

2.1AI score
Exploits0References2
ThreatPost
ThreatPost
added 2018/03/09 12:11 p.m.12 views

Sofacy APT Adopts New Tactics and Far East Targets

CANCUN, Mexico – A new analysis of the Russian-speaking Sofacy APT gang shows a continual march toward Far East targets and overlapping of activities with other groups such as Lamberts, Turla and Danti. Researchers at Kaspersky Lab this morning at its Security Analyst Summit, released their updat...

0.9AI score
Exploits0
ThreatPost
ThreatPost
added 2016/05/25 12:58 p.m.56 views

APT Groups Exploiting Patch Microsoft Office Flaw CVE-2015-2545

A Microsoft Office vulnerability patched six months ago continues to be a valuable tool for APT gangs operating primarily in Southeast Asia and the Far East. Researchers at Kaspersky Lab today published a report describing how attackers continue to flourish exploiting CVE-2015-2545, a remote code...

9.3CVSS0.7AI score0.86053EPSS
Exploits39References7
NVD
NVD
added 2012/09/17 5:55 p.m.18 views

CVE-2011-4959

SQL injection vulnerability in the addslashes method in SilverStripe 2.3.x before 2.3.12 and 2.4.x before 2.4.6, when connected to a MySQL database using far east character encodings, allows remote attackers to execute arbitrary SQL commands via unspecified vectors...

6.8CVSS8.3AI score0.01452EPSS
Exploits1References7
Prion
Prion
added 2012/09/17 5:55 p.m.14 views

Sql injection

SQL injection vulnerability in the addslashes method in SilverStripe 2.3.x before 2.3.12 and 2.4.x before 2.4.6, when connected to a MySQL database using far east character encodings, allows remote attackers to execute arbitrary SQL commands via unspecified vectors...

6.8CVSS9AI score0.01452EPSS
Exploits1References7Affected Software1
CVE
CVE
added 2012/09/17 5:0 p.m.54 views

CVE-2011-4959

CVE-2011-4959 affects SilverStripe: SQL injection in the addslashes method for SilverStripe 2.3.x < 2.3.12 and 2.4.x

6.8CVSS8.6AI score0.01452EPSS
Exploits1References7Affected Software1
Cvelist
Cvelist
added 2012/09/17 5:0 p.m.20 views

CVE-2011-4959

SQL injection vulnerability in the addslashes method in SilverStripe 2.3.x before 2.3.12 and 2.4.x before 2.4.6, when connected to a MySQL database using far east character encodings, allows remote attackers to execute arbitrary SQL commands via unspecified vectors...

8.3AI score0.01452EPSS
Exploits1References7
securityvulns
securityvulns
added 2006/05/20 12:0 a.m.45 views

Targeted attack: experience from the trenches

Targeted attack: experience from the trenches Published: 2006-05-19, Last Updated: 2006-05-19 17:36:01 UTC by Chris Carboni Version: 2click to highlight changes Learning lessons from incidents is a very important part of incident handling. Yet with targeted attacks it is very hard as you need to...

Exploits0
CVE
CVE
added 2001/02/02 5:0 a.m.84 views

CVE-2000-1090

Microsoft IIS for Far East editions 4.0 and 5.0 are affected by CVE-2000-1090, where a malformed URL employing the lead-byte of a double-byte character allows remote attackers to read source code of parsed pages. The root cause is improper handling of lead-byte in double-byte character sequences ...

5CVSS7.1AI score0.16659EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder