10 matches found
Exploit for CVE-2023-52271
Disclaimer: This repository contains code that is provided stric...
Researchers Uncover Malware Using BYOVD to Bypass Antivirus Protections
Cybersecurity researchers have uncovered a new malicious campaign that leverages a technique called Bring Your Own Vulnerable Driver BYOVD to disarm security protections and ultimately gain access to the infected system. "This malware takes a more sinister route: it drops a legitimate Avast...
When Guardians Become Predators: How Malware Corrupts the Protectors
When Guardians Become Predators: How Malware Corrupts the Protectors By Trellix · November 20, 2024 This blog was also written by Trishaan Kalra Introduction We often trust our security software to stand as an unbreakable wall against malware and attacks, but what happens when that very wall is...
hw: amd: SMM Lock Bypass
A flaw was found in hw. Improper validation in a model-specific register MSR could allow a malicious program with ring0 access to modify the SMM configuration while the SMI lock is enabled. This issue can lead to arbitrary code execution...
Exploring malicious Windows drivers (Part 2): the I/O system, IRPs, stack locations, IOCTLs and more
This blog post is part of a multi-part series, and it is highly recommended to read the first entry here before continuing. As the second entry in our "Exploring malicious Windows drivers" series, we will continue where the first left off: Discussing the I/O system and IRPs. We will expand on the...
Google Patches KRACK Vulnerability in Android
Google this week finally addressed the KRACK vulnerability in Android, three weeks after the WPA2 protocol flaw was publicly disclosed. The KRACK patches are the most high-profile fixes in the November Android Security Bulletin, which includes three patches levels; the KRACK patches are in the No...
Privilege escalation
An elevation of privilege vulnerability in the HTC touchscreen driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions:...
Microsoft Windows XP/Vista/2000/2003/2008 Kernel - Usermode Callback Privilege Escalation (MS08-025) (1)
/ source: https://www.securityfocus.com/bid/28554/info Microsoft Windows is prone to a local privilege-escalation vulnerability. The vulnerability resides in the Windows kernel. A locally logged-in user can exploit this issue to gain kernel-level access to the operating system. / include include...
SuSE-SA:2004:009: Linux Kernel
The remote host is missing the patch for the advisory SuSE-SA:2004:009 Linux Kernel. iDEFENSE Inc. informed us about a buffer overflow in the linux 2.4 kernel code which handles ISO9660 filesystems. The original code is not able to handle very long symlink names. The vulnerability can be triggere...
SYM04-008, Symantec Client Firewall Remote Access and Denial of Service Issues
Symantec Security Advisory SYM04-008 12 May, 2004 Symantec Client Firewall Remote Access and Denial of Service Issues Revision History None Risk Impact High Overview eEye Digital Security notified Symantec Corporation of four vulnerability issues they discovered in the Symantec Client Firewall...