77 matches found
Design/Logic Flaw
The signature check in the Nokia ASIK AirScale system module version 474021A.101 can be bypassed allowing an attacker to run modified firmware. This could result in the execution of a malicious kernel, arbitrary programs, or modified Nokia programs...
How to Do Malware Analysis?
Based on the findings of Malwarebytes' Threat Review for 2022, 40 million Windows business computers' threats were detected in 2021. In order to combat and avoid these kinds of attacks, malware analysis is essential. In this article, we will break down the goal of malicious programs' investigatio...
Seven Cats Free Fiction has a flawed logic vulnerability
Seven Cats Free Novels is a great full-length novel reading program. Seven Cats Free Novels suffers from a logic flaw vulnerability that can be exploited by attackers to inject malicious programs into the application...
Several Malware Families Using Pay-Per-Install Service to Expand Their Targets
A detailed examination of a Pay-per-install PPI malware service called PrivateLoader has revealed its crucial role in the delivery of a variety of malware such as SmokeLoader, RedLine Stealer, Vidar, Raccoon, and GCleaner since at least May 2021. Loaders are malicious programs used for loading...
Microsoft Says Chinese Hackers Were Behind SolarWinds Serv-U SSH 0-Day Attack
Microsoft has shared technical details about a now-fixed, actively exploited critical security vulnerability affecting SolarWinds Serv-U managed file transfer service that it has attributed with "high confidence" to a threat actor operating out of China. In mid-July, the Texas-based company...
Arbitrary Code Execution
The bpf verifier in the Linux kernel is vulnerable to arbitrary code execution. A local attacker with the ability to load malicious bpf programs is able to exploit an out-of-bounds read through the bpf verifier and execute arbitrary code on the host OS...
Linux: Hidden executables
Malicious programs, code, and scripts usually start with a dot . to hide themselves. Note: This script dramatically increases the scan duration. SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective rig...
High-Severity Windows UAC Flaw Enables Privilege Escalation
Researchers disclosed details of a high-severity Microsoft Windows vulnerability that could give attackers elevated privileges – ultimately allowing them to install programs, and view, change or delete data. The bug stems from User Account Control UAC, a security feature of Windows within Secure...
Siemens SIMATIC WinCC PdlComponents.dll control has an arbitrary file write vulnerability
Siemens SIMATIC is an automation software with a single engineering environment.WinCC supports the discovery and configuration of LAN device information with the PN-DCP protocol at the Ethernet layer. An arbitrary file write vulnerability exists in the Siemens SIMATIC WinCC PdlComponents.dll...
ThreatList: Apple Adware, Phishing, APT Attacks Threaten macOS Users
While macOS is often touted as “safer” on the cybersecurity front compared to Windows-based systems, cybercriminals are in fact increasingly targeting Apple’s ecosystem. The number of attacks on macOS users through malicious and potentially unwanted programs has been increasing annually since 201...
Microsoft Compatibility Appraiser Elevation of Privilege Vulnerability
An elevation of privilege vulnerability exists in Microsoft Compatibility Appraiser where a configuration file, with local privileges, is vulnerable to symbolic link and hard link attacks. An attacker who successfully exploited this vulnerability could run processes in an elevated context. An...
CVE-2019-5587
Lack of root file system integrity checking in Fortinet FortiOS VM application images all versions below 6.0.5 may allow attacker to implant malicious programs into the installing image by reassembling the image through specific methods...
CVE-2019-5587
Lack of root file system integrity checking in Fortinet FortiOS VM application images all versions below 6.0.5 may allow attacker to implant malicious programs into the installing image by reassembling the image through specific methods...
CVE-2019-5587
Lack of root file system integrity checking in Fortinet FortiOS VM application images all versions below 6.0.5 may allow attacker to implant malicious programs into the installing image by reassembling the image through specific methods...
Knowing when it’s worth the risk: riskware explained
If there’s one thing I like more than trivia quizzes, it’s quotes. Positive, inspirational, and motivational quotes. Quotes that impart a degree of ancient wisdom, or those that make you stop and consider. Reading them melts our fears, sorrows, and feelings of inadequacy away. Some of the most...
CVE-2019-3827
An incorrect permission check in the admin backend in gvfs before version 1.39.4 was found that allows reading and modify arbitrary files by privileged users without asking for password when no authentication agent is running. This vulnerability can be exploited by malicious programs running unde...
WinRAR aeration elder has a major vulnerability that hackers can be malicious programs implanted in the boot process-vulnerability warning-the black bar safety net
Foreign security agencies to Check Point disclosed that of the famous compression software WinRAR the presence of a elder level of security vulnerability once used by hackers, hackers could a malicious app implant user's computer by a boot program, the vulnerability in 2005 already exists. WinRAR...
Introducing: Malwarebytes Browser Extension
Are you tired of all the unwanted content the world wide web offers up, whether you like it or not? It is our privilege to introduce you to the Malwarebytes Browser Extension BETA. Or, better said, the Malwarebytes Browser Extensions, because we have one for Firefox and one for Chrome. Introducti...
Microsoft Windows: Windows Defender SmartScreen (Explorer)
This policy allows you to turn Windows Defender SmartScreen on or off. SmartScreen helps protect PCs by warning users before running potentially malicious programs downloaded from the Internet. This warning is presented as an interstitial dialog shown before running an app that has been downloade...
Denis and Co.
In April 2017, we published a detailed review of a malicious program that used DNS tunneling to communicate to its C&C. That study prompted us to develop a technology to detect similar threats, which allowed us to collect a multitude of malware samples using DNS tunneling. In this article, we wil...