Lucene search
K

198 matches found

hivepro
hivepro
added 2023/12/26 11:14 a.m.15 views

Muddywater Utilizes Custom Tools to Target Telecom Companies

Summary: Iranian espionage group Muddywater,targeted telecommunications companies in Egypt, Sudan, and Tanzania in November 2023. The attackers employed a diverse set of tools for this activity, including leveraging the MuddyC2Go infrastructure. Additionally, they utilized the SimpleHelp remote...

7.3AI score
Exploits0
hivepro
hivepro
added 2023/12/05 7:41 a.m.12 views

SugarGh0st RAT A Customized Gh0st Variant in Cyber Espionage

Summary: A malicious campaign deploying the customized SugarGh0st RAT, likely orchestrated by a Chinese-speaking threat actor targeting the Uzbekistan Ministry of Foreign Affairs and South Korean users. SugarGh0st, a variant of Gh0st RAT, exhibits advanced features for remote control, keylogging,...

7.4AI score
Exploits0
hivepro
hivepro
added 2023/11/23 6:35 a.m.14 views

The Lethal Advancement of DarkGate Malware-as-a-Service

Summary: DarkGate, a formidable Remote Access Trojan RAT, functions as a Malware-as-a-Service MaaS and is masterminded by the elusive RastaFarEye within the underground cybercrime landscape. The latest iteration, DarkGate 5.0.19, advances upon its predecessors with sophisticated evasion technique...

7.4AI score
Exploits0
ATTACKERKB
ATTACKERKB
added 2023/11/22 6:15 p.m.6 views

CVE-2023-47250

In mprivacy-tools before 2.0.406g in m-privacy TightGate-Pro Server, broken Access Control on X11 server sockets allows authenticated attackers with access to a VNC session to access the X11 desktops of other users by specifying their DISPLAY ID. This allows complete control of their desktop,...

8.8CVSS5.8AI score0.01395EPSS
Exploits2References6
NVD
NVD
added 2023/11/22 6:15 p.m.28 views

CVE-2023-47250

In mprivacy-tools before 2.0.406g in m-privacy TightGate-Pro Server, broken Access Control on X11 server sockets allows authenticated attackers with access to a VNC session to access the X11 desktops of other users by specifying their DISPLAY ID. This allows complete control of their desktop,...

8.8CVSS0.01395EPSS
Exploits2References5
Prion
Prion
added 2023/11/22 6:15 p.m.29 views

Improper access control

In mprivacy-tools before 2.0.406g in m-privacy TightGate-Pro Server, broken Access Control on X11 server sockets allows authenticated attackers with access to a VNC session to access the X11 desktops of other users by specifying their DISPLAY ID. This allows complete control of their desktop,...

6.5CVSS6.9AI score0.01395EPSS
Exploits2References5Affected Software3
Cvelist
Cvelist
added 2023/11/22 12:0 a.m.26 views

CVE-2023-47250

In mprivacy-tools before 2.0.406g in m-privacy TightGate-Pro Server, broken Access Control on X11 server sockets allows authenticated attackers with access to a VNC session to access the X11 desktops of other users by specifying their DISPLAY ID. This allows complete control of their desktop,...

8.8AI score0.01395EPSS
Exploits2References5
Trellix
Trellix
added 2023/11/21 12:0 a.m.36 views

The Continued Evolution of the DarkGate Malware-as-a-Service

The Continued Evolution of the DarkGate Malware-as-a-Service By Ernesto Fernández Provecho, Pham Duy Phuc, Ciana Driscoll and Vinoo Thomas · November 21, 2023 On September 2023, the Trellix Security Operations Center SOC successfully detected and stopped an attack against Musarubra, the holding...

7.6AI score
Exploits0
Trellix
Trellix
added 2023/11/21 12:0 a.m.25 views

The Continued Evolution of the DarkGate Malware-as-a-Service

The Continued Evolution of the DarkGate Malware-as-a-Service By Ernesto Fernández Provecho, Pham Duy Phuc, Ciana Driscoll and Vinoo Thomas · November 21, 2023 On September 2023, the Trellix Security Operations Center SOC successfully detected and stopped an attack against Musarubra, the holding...

7.6AI score
Exploits0
hivepro
hivepro
added 2023/10/09 5:37 a.m.26 views

BunnyLoader: The New Malware-as-a-Service Threat

Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary BunnyLoader is a Malware-as-a-Service threat, boasting advanced features like anti-sandbox techniques, keylogging, stealing data, cryptocurrency wallets, and remote command execution, posing risks to...

7AI score
Exploits0
The Hacker News
The Hacker News
added 2023/09/12 10:1 a.m.41 views

Sophisticated Phishing Campaign Deploying Agent Tesla, OriginBotnet, and RedLine Clipper

A sophisticated phishing campaign is using a Microsoft Word document lure to distribute a trifecta of threats, namely Agent Tesla, OriginBotnet, and RedLine Clipper, to gather a wide range of information from compromised Windows machines. "A phishing email delivers the Word document as an...

7AI score
Exploits0
Malwarebytes
Malwarebytes
added 2023/09/12 4:0 a.m.16 views

Microsoft Teams used to deliver DarkGate Loader malware

Researchers have found a new method by which cybercriminals are spreading the DarkGate Loader malware. Until now, DarkGate was typically distributed via phishing emails. The malspam campaign used stolen email threads to lure victims into clicking a hyperlink, which downloaded the malware. But...

7.3AI score
Exploits0
0day.today
0day.today
added 2023/07/04 12:0 a.m.217 views

WBCE CMS 1.6.1 - Open Redirect & CSRF Vulnerability

Exploit Title: WBCE CMS 1.6.1 - Open Redirect & CSRF Version: 1.6.1 Bugs: Open Redirect + CSRF = CSS KEYLOGGING Technology: PHP Vendor URL: https://wbce-cms.org/ Software Link: https://github.com/WBCE/WBCECMS/releases/tag/1.6.1 Date of found: 03-07-2023 Author: Mirabbas Ağalarov Tested on: Linux ...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2023/07/03 12:0 a.m.276 views

WBCE CMS 1.6.1 Cross Site Request Forgery / Open Redirection

Exploit Title: WBCE CMS 1.6.1 - Open Redirect & CSRF Version: 1.6.1 Bugs: Open Redirect + CSRF = CSS KEYLOGGING Technology: PHP Vendor URL: https://wbce-cms.org/ Software Link: https://github.com/WBCE/WBCECMS/releases/tag/1.6.1 Date of found: 03-07-2023 Author: Mirabbas Ağalarov Tested on: Linux ...

7.1AI score
Exploits0
Exploit DB
Exploit DB
added 2023/07/03 12:0 a.m.405 views

WBCE CMS 1.6.1 - Open Redirect & CSRF

Exploit Title: WBCE CMS 1.6.1 - Open Redirect & CSRF Version: 1.6.1 Bugs: Open Redirect + CSRF = CSS KEYLOGGING Technology: PHP Vendor URL: https://wbce-cms.org/ Software Link: https://github.com/WBCE/WBCECMS/releases/tag/1.6.1 Date of found: 03-07-2023 Author: Mirabbas Ağalarov Tested on: Linux ...

7.4AI score
Exploits0
Kitploit
Kitploit
added 2023/06/09 12:30 p.m.45 views

XSS-Exploitation-Tool - An XSS Exploitation Tool

XSS Exploitation Tool is a penetration testing tool that focuses on the exploit of Cross-Site Scripting vulnerabilities. This tool is only for educational purpose, do not use it against real environment Features Technical Data about victim browser Geolocation of the victim Snapshot of the...

6.2AI score
Exploits0References4
Securelist
Securelist
added 2023/05/19 10:30 a.m.44 views

CloudWizard APT: the bad magic story goes on

In March 2023, we uncovered a previously unknown APT campaign in the region of the Russo-Ukrainian conflict that involved the use of PowerMagic and CommonMagic implants. However, at the time it was not clear which threat actor was behind the attack. Since the release of our report about...

7.2AI score
Exploits0
The Hacker News
The Hacker News
added 2023/04/03 9:20 a.m.49 views

Crypto-Stealing OpcJacker Malware Targets Users with Fake VPN Service

A piece of new information-stealing malware called OpcJacker has been spotted in the wild since the second half of 2022 as part of a malvertising campaign. "OpcJacker's main functions include keylogging, taking screenshots, stealing sensitive data from browsers, loading additional modules, and...

7AI score
Exploits0
The Hacker News
The Hacker News
added 2023/03/27 10:38 a.m.33 views

New MacStealer macOS Malware Steals iCloud Keychain Data and Passwords

A new information-stealing malware has set its sights on Apple's macOS operating system to siphon sensitive information from compromised devices. Dubbed MacStealer, it's the latest example of a threat that uses Telegram as a command-and-control C2 platform to exfiltrate data. It primarily affects...

6.3AI score
Exploits0
The Hacker News
The Hacker News
added 2023/03/10 1:39 p.m.3 views

International Law Enforcement Takes Down Infamous NetWire Cross-Platform RAT

A coordinated international law enforcement exercise has taken down the online infrastructure associated with a cross-platform remote access trojan RAT known as NetWire. Coinciding with the seizure of the sales website www.worldwiredlabs.com, a Croatian national who is suspected to be the website...

6.7AI score
Exploits0
Rows per page
Query Builder