Researchers Shed Light on CatB Ransomware's Evasion Techniques

The threat actors behind the CatB ransomware operation have been observed using a technique called DLL search order hijacking to evade detection and launch the payload. CatB, also referred to as CatB99 and Baxtoy, emerged late last year and is said to be an "evolution or direct rebrand" of anothe...

Microsoft Windows MSDTC Invalid Memory Access Denial Of Service Vulnerability

Description Microsoft Windows Distributed Transaction Coordinator is prone to a denial-of-service vulnerability. Attackers can exploit this vulnerability remotely to disrupt the MSDTC service and any services that depend on MSDTC. This vulnerability affects Windows NT and Windows 2000 by default,...

Microsoft Windows - MSDTC Service Remote Memory Modification (PoC) (MS05-051)

Microsoft Windows - MSDTC Service Remote Memory Modification PoC MS05-051 / \ MSDTC remote PoC exploit / by Darkeagle \ / \ Unl0ck Research Team / \ / Greetingz: all UKT boys, 0x557 guys, Sowhat, GHC/RST guys \ / Exploit tested on: Windows 2000 Professional Russian Service Pack 4 \ /...

CVE-2005-1979

Distributed Transaction Controller in Microsoft Windows allows remote servers to cause a denial of service MSDTC service exception and exit via an "unexpected protocol command during the reconnection request," which is not properly handled by the Transaction Internet Protocol TIP functionality...

Microsoft MSDTC COM+ Remote Code Execution Vulnerability

Description Microsoft Windows is prone to a vulnerability in the COM+ Component Object Model functionality of the MSDTC Microsoft Distribution Transaction Coordinator service. This issue may permit remote and local attackers to execute arbitrary code in the context of the service. This issue may ...