Lucene search
K

477 matches found

The Hacker News
The Hacker News
added 2024/04/18 2:25 p.m.27 views

OfflRouter Malware Evades Detection in Ukraine for Almost a Decade

Select Ukrainian government networks have remained infected with a malware called OfflRouter since 2015. Cisco Talos said its findings are based on an analysis of over 100 confidential documents that were infected with the VBA macro virus and uploaded to the VirusTotal malware scanning platform...

7.6AI score
Exploits0
Kitploit
Kitploit
added 2024/04/14 9:24 p.m.53 views

Toolkit - The Essential Toolkit For Reversing, Malware Analysis, And Cracking

This tool compilation is carefully crafted with the purpose of being useful both for the beginners and veterans from the malware analysis world. It has also proven useful for people trying their luck at the cracking underworld. It's the ideal complement to be used with the manuals from the site,...

7.2AI score
Exploits0References6
The Hacker News
The Hacker News
added 2024/04/12 4:32 a.m.35 views

U.S. Federal Agencies Ordered to Hunt for Signs of Microsoft Breach and Mitigate Risks

The U.S. Cybersecurity and Infrastructure Security Agency CISA on Thursday issued an emergency directive ED 24-02 urging federal agencies to hunt for signs of compromise and enact preventive measures following the recent compromise of Microsoft's systems that led to the theft of email...

7.3AI score
Exploits0
Malwarebytes
Malwarebytes
added 2024/03/28 7:9 p.m.23 views

Stopping a K-12 cyberattack (SolarMarker) with ThreatDown MDR

In early 2024, a large K-12 school district partnered with ThreatDown MDR to strengthen its cybersecurity posture. Shortly after onboarding, ThreatDown MDR analysts detected unusual patterns of activity subsequently identified as the work of SolarMarker, a sophisticated backdoor. It became eviden...

8AI score
Exploits0
OSV
OSV
added 2024/03/22 11:15 p.m.3 views

PYSEC-2024-257

Mobile Security Framework MobSF is a pen-testing, malware analysis and security assessment framework capable of performing static and dynamic analysis. In version 3.9.5 Beta and prior, MobSF does not perform any input validation when extracting the hostnames in android:host, so requests can also ...

7.5CVSS6.9AI score0.00712EPSS
Exploits1References4
OSV
OSV
added 2024/03/22 10:12 p.m.36 views

CVE-2024-29190 MobSF SSRF Vulnerability on assetlinks_check(act_name, well_knowns)

Mobile Security Framework MobSF is a pen-testing, malware analysis and security assessment framework capable of performing static and dynamic analysis. In version 3.9.5 Beta and prior, MobSF does not perform any input validation when extracting the hostnames in android:host, so requests can also ...

7.5CVSS7.1AI score0.00712EPSS
Exploits1References5
CNVD
CNVD
added 2024/02/22 12:0 a.m.9 views

Cisco Secure Endpoint Buffer Overflow Vulnerability

Cisco Secure Endpoint Cisco AMP for Endpoints is the United States Cisco Cisco company's set of integrated static and dynamic malware analysis and threat intelligence in one of the endpoint applications. A buffer overflow vulnerability exists in the Cisco Secure Endpoint Connector for Windows...

7.5CVSS6.9AI score0.33558EPSS
Exploits0References1
The Hacker News
The Hacker News
added 2024/01/25 2:23 p.m.32 views

SystemBC Malware's C2 Server Analysis Exposes Payload Delivery Tricks

Cybersecurity researchers have shed light on the command-and-control C2 server workings of a known malware family called SystemBC. "SystemBC can be purchased on underground marketplaces and is supplied in an archive containing the implant, a command-and-control C2 server, and a web administration...

7.2AI score
Exploits0
OSV
OSV
added 2024/01/15 5:15 p.m.3 views

CVE-2024-0320

Cross-Site Scripting in FireEye Malware Analysis AX affecting version 9.0.3.936530. This vulnerability allows an attacker to send a specially crafted JavaScript payload in the application URL to retrieve the session details of a legitimate user...

6.1CVSS5.8AI score0.00309EPSS
Exploits0References1
NVD
NVD
added 2024/01/15 5:15 p.m.29 views

CVE-2024-0320

Cross-Site Scripting in FireEye Malware Analysis AX affecting version 9.0.3.936530. This vulnerability allows an attacker to send a specially crafted JavaScript payload in the application URL to retrieve the session details of a legitimate user...

6.1CVSS5.5AI score0.00309EPSS
Exploits0References1
Prion
Prion
added 2024/01/15 5:15 p.m.12 views

Cross site scripting

Cross-Site Scripting in FireEye Malware Analysis AX affecting version 9.0.3.936530. This vulnerability allows an attacker to send a specially crafted JavaScript payload in the application URL to retrieve the session details of a legitimate user...

5.8CVSS6.4AI score0.00309EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2024/01/15 4:29 p.m.2 views

CVE-2024-0320 Cross-Site Scripting in FireEye Malware Analysis (AX)

Cross-Site Scripting in FireEye Malware Analysis AX affecting version 9.0.3.936530. This vulnerability allows an attacker to send a specially crafted JavaScript payload in the application URL to retrieve the session details of a legitimate user...

5.4CVSS5.5AI score0.00309EPSS
Exploits0References1
CVE
CVE
added 2024/01/15 4:29 p.m.40 views

CVE-2024-0320

CVE-2024-0320 is a Cross-Site Scripting issue in FireEye Malware Analysis (AX) affecting version 9.0.3.936530. The vulnerability allows an attacker to inject a crafted JavaScript payload via the application URL to retrieve a user’s session details. Public details consistently reference this vulne...

6.1CVSS5.9AI score0.00309EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2024/01/15 4:29 p.m.25 views

CVE-2024-0320 Cross-Site Scripting in FireEye Malware Analysis (AX)

Cross-Site Scripting in FireEye Malware Analysis AX affecting version 9.0.3.936530. This vulnerability allows an attacker to send a specially crafted JavaScript payload in the application URL to retrieve the session details of a legitimate user...

5.4CVSS6.1AI score0.00309EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/01/15 12:0 a.m.5 views

PT-2024-15468 · Fireeye · Fireeye Malware Analysis

Name of the Vulnerable Software and Affected Versions: FireEye Malware Analysis AX version 9.0.3.936530 Description: The issue allows an attacker to send a specially crafted JavaScript payload in the application URL to retrieve the session details of a legitimate user. This is achieved by...

6.1CVSS6AI score0.00309EPSS
Exploits0References4
CNNVD
CNNVD
added 2024/01/15 12:0 a.m.5 views

Trellix Malware Analysis Cross-Site Scripting Vulnerability

Trellix Malware Analysis is a malware analysis software from Trellix, Inc. A cross-site scripting vulnerability exists in Trellix Malware Analysis version 9.0.3.936530, which stems from the presence of a cross-site scripting vulnerability. The vulnerability allows an attacker to send a specially...

6.1CVSS6.1AI score0.00309EPSS
Exploits0References2
The Hacker News
The Hacker News
added 2023/12/13 12:2 p.m.33 views

How to Analyze Malware's Network Traffic in A Sandbox

Malware analysis encompasses a broad range of activities, including examining the malware's network traffic. To be effective at it, it's crucial to understand the common challenges and how to overcome them. Here are three prevalent issues you may encounter and the tools you'll need to address the...

6.8AI score
Exploits0
CNVD
CNVD
added 2023/12/05 12:0 a.m.7 views

MISP cross-site scripting vulnerability (CNVD-2023-9749884)

MISP is an open source software solution. The product is used to collect, store, distribute and share cybersecurity metrics and has features such as threat cybersecurity event analysis and malware analysis. Cross-site scripting vulnerability exists in versions prior to MISP 2.4.179. The...

6.1CVSS6.6AI score0.0041EPSS
Exploits0References1
The Hacker News
The Hacker News
added 2023/11/30 11:18 a.m.25 views

7 Uses for Generative AI to Enhance Security Operations

Welcome to a world where Generative AI revolutionizes the field of cybersecurity. Generative AI refers to the use of artificial intelligence AI techniques to generate or create new data, such as images, text, or sounds. It has gained significant attention in recent years due to its ability to...

7.1AI score
Exploits0
Talos Blog
Talos Blog
added 2023/11/17 1:1 p.m.35 views

A deep dive into Phobos ransomware, recently deployed by 8Base group

Cisco Talos has recently observed an increase in activity conducted by 8Base, a ransomware group that uses a variant of the Phobos ransomware and other publicly available tools to facilitate their operations. Most of the groups Phobos variants are distributed by SmokeLoader, a backdoor trojan. Th...

7.4AI score
Exploits0
Rows per page
Query Builder