42 matches found
EUVD-2022-29909
Malicious code in bioql PyPI...
EUVD-2025-23622
Malicious code in bioql PyPI...
CVE-2025-29745
A vulnerability affecting the scanning module in Emsisoft Anti-Malware prior to 2024.12 allows attackers on a remote server to obtain Net-NTLMv2 hash information via a specially created A2S Emsisoft Custom Scan extension file...
CVE-2025-29745
A vulnerability affecting the scanning module in Emsisoft Anti-Malware prior to 2024.12 allows attackers on a remote server to obtain Net-NTLMv2 hash information via a specially created A2S Emsisoft Custom Scan extension file...
PT-2025-31932 · Emsisoft · Emsisoft Anti-Malware
Name of the Vulnerable Software and Affected Versions: Emsisoft Anti-Malware versions prior to 2024.12 Description: A vulnerability in the scanning module of Emsisoft Anti-Malware allows attackers on a remote server to obtain Net-NTLMv2 hash information by using a specially crafted A2S Emsisoft...
CVE-2025-29745
CVE-2025-29745 affects the scanning module of Emsisoft Anti-Malware older than 2024.12. The vulnerability allows a remote attacker to obtain Net-NTLMv2 hash information by supplying a specially crafted A2S (Emsisoft Custom Scan) extension file. Affected product: Emsisoft Anti-Malware; vulnerable ...
CVE-2025-29745
A vulnerability affecting the scanning module in Emsisoft Anti-Malware prior to 2024.12 allows attackers on a remote server to obtain Net-NTLMv2 hash information via a specially created A2S Emsisoft Custom Scan extension file...
CVE-2025-29745
A vulnerability affecting the scanning module in Emsisoft Anti-Malware prior to 2024.12 allows attackers on a remote server to obtain Net-NTLMv2 hash information via a specially created A2S Emsisoft Custom Scan extension file...
CVE-2024-1243
Improper input validation in the Wazuh agent for Windows prior to version 4.8.0 allows an attacker with control over the Wazuh server or agent key to configure the agent to connect to a malicious UNC path. This results in the leakage of the machine account NetNTLMv2 hash, which can be relayed for...
CVE-2022-25166
An issue was discovered in Amazon AWS VPN Client 2.0.0. It is possible to include a UNC path in the OpenVPN configuration file when referencing file paths for parameters such as auth-user-pass. When this file is imported and the client attempts to validate the file path, it performs an open...
Emsisoft Anti-Malware Net-NTLMv2 Hash Information Disclosure
A vulnerability affecting the scanning module in Emsisoft Anti-Malware versions prior to 2024.12 allows attackers on a remote server to obtain Net-NTLMv2 hash information via a specially created A2S Emsisoft Custom Scan extension file. Title: Emsisoft Anti-Malware 2024.12 - ".A2S" Net-NTLMv2 Hash...
Microsoft Patch Tuesday, November 2024 Edition
Microsoft today released updates to plug at least 89 security holes in its Windows operating systems and other software. November's patch batch includes fixes for two zero-day vulnerabilities that are already being exploited by attackers, as well as two other flaws that were publicly disclosed...
Microsoft Outlook Flaw Exploited by Russia's APT28 to Hack Czech, German Entities
Czechia and Germany on Friday revealed that they were the target of a long-term cyber espionage campaign conducted by the Russia-linked nation-state actor known as APT28, drawing condemnation from the European Union E.U., the North Atlantic Treaty Organization NATO, the U.K., and the U.S. The Cze...
Security Updates Outlook for Windows (April 2024)
The Microsoft Outlook application installed on the remote host is missing a security update. It is, therefore, affected by a spoofing vulnerability. External attackers could send specially crafted emails that will cause a connection from the victim to an untrusted location of attackers' control...
Microsoft Warns of Kremlin-Backed APT28 Exploiting Critical Outlook Vulnerability
Microsoft on Monday said it detected Kremlin-backed nation-state activity exploiting a now-patched critical security flaw in its Outlook email service to gain unauthorized access to victims' accounts within Exchange servers. The tech giant attributed the intrusions to a threat actor it called...
IT threat evolution Q3 2023
IT threat evolution in Q3 2023 IT threat evolution in Q3 2023. Non-mobile statistics IT threat evolution in Q3 2023. Mobile statistics Targeted attacks Unknown threat actor targets power generator with DroxiDat and Cobalt Strike Earlier this year, we reported on a new variant of SystemBC called...
PT-2023-27915 · Geoserver · Geoserver
Name of the Vulnerable Software and Affected Versions: GeoServer versions prior to 2.22.5 GeoServer versions prior to 2.23.2 GeoServer version 2.10.3 GeoServer version 2.11.1 Description: The issue concerns the use of dynamic styles in GeoServer, which can lead to Service Side Request Forgery. Th...
Exploit for Improper Input Validation in Microsoft
PoC exploit for CVE-2023-23397, a vulnerability in the Apache HT...
Microsoft Warns of Stealthy Outlook Vulnerability Exploited by Russian Hackers
Microsoft on Friday shared guidance to help customers discover indicators of compromise IoCs associated with a recently patched Outlook vulnerability. Tracked as CVE-2023-23397 CVSS score: 9.8, the critical flaw relates to a case of privilege escalation that could be exploited to steal NT LAN...
Guidance for investigating attacks using CVE-2023-23397
This guide provides steps organizations can take to assess whether users have been targeted or compromised by threat actors exploiting CVE-2023-23397. A successful exploit of this vulnerability can result in unauthorized access to an organization’s environment by triggering a Net-NTLMv2 hash leak...