ThreatExploiter

🔴 ThreatExploiter Automated Network Penetration Testing & E...

CVE-2024-8982

A Local File Inclusion LFI vulnerability in OpenLLM version 0.6.10 allows attackers to include files from the local server through the web application. This flaw could expose internal server files and potentially sensitive information such as configuration files, passwords, and other critical dat...

Russian State-Backed 'Infamous Chisel' Android Malware Targets Ukrainian Military

Cybersecurity and intelligence agencies from Australia, Canada, New Zealand, the U.K., and the U.S. on Thursday disclosed details of a mobile malware strain targeting Android devices used by the Ukrainian military. The malicious software, dubbed Infamous Chisel and attributed to a Russian...

CVE-2023-31222

Deserialization of untrusted data in Microsoft Messaging Queuing Service in Medtronic's Paceart Optima versions 1.11 and earlier on Windows allows an unauthorized user to impact a healthcare delivery organization’s Paceart Optima system cardiac device causing data to be deleted, stolen, or...

CVE-2023-31222

Deserialization of untrusted data in Microsoft Messaging Queuing Service in Medtronic's Paceart Optima versions 1.11 and earlier on Windows allows an unauthorized user to impact a healthcare delivery organization’s Paceart Optima system cardiac device causing data to be deleted, stolen, or...

Deserialization of untrusted data

Deserialization of untrusted data in Microsoft Messaging Queuing Service in Medtronic's Paceart Optima versions 1.11 and earlier on Windows allows an unauthorized user to impact a healthcare delivery organization’s Paceart Optima system cardiac device causing data to be deleted, stolen, or...

CVE-2023-31222 Medtronic Paceart MSMQ Deserialization of Untrusted Data

Deserialization of untrusted data in Microsoft Messaging Queuing Service in Medtronic's Paceart Optima versions 1.11 and earlier on Windows allows an unauthorized user to impact a healthcare delivery organization’s Paceart Optima system cardiac device causing data to be deleted, stolen, or...

CVE-2023-31222 Medtronic Paceart MSMQ Deserialization of Untrusted Data

Deserialization of untrusted data in Microsoft Messaging Queuing Service in Medtronic's Paceart Optima versions 1.11 and earlier on Windows allows an unauthorized user to impact a healthcare delivery organization’s Paceart Optima system cardiac device causing data to be deleted, stolen, or...

Trickbot module descriptions

Trickbot aka TrickLoader or Trickster, is a successor of the Dyre banking Trojan that was active from 2014 to 2016 and performed man-in-the-browser attacks in order to steal banking credentials. Trickbot was first discovered in October 2016. Just like Dyre, its main functionality was initially th...

Mexico’s Banking System Sees $18M Siphoned Off in Phantom Transactions

Somewhere between $18 million to $20 million has gone missing during unauthorized interbank money transfers in Mexico’s central banking system. Authorities are investigating the shadow transactions, but answers are thus far scarce. The affected banks and government officials are determining wheth...

The IoT Attack Vector “BlueBorne” Exposes Almost Every Connected Device (BlueBorne)

General Overview Armis Labs revealed a new attack vector endangering major mobile, desktop, and IoT operating systems, including Android, iOS, Windows, and Linux, and the devices using them. The new vector is dubbed “BlueBorne”, as it spread through the air airborne and attacks devices via...

Hack That Fueled Insider Trading Ring Netted $100M

Hackers based in Ukraine and Russia allegedly broke into servers belonging to several newswires and passed sensitive information onto an underground trading ring as part of what’s being referred to as an unprecedented new level of insider trading. Prosecutors claimed Tuesday that corporate...

Microsoft Windows 2000 - Subnet Bandwidth Manager RSVP Server Authority Hijacking Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/8397/info A problem has been identified in the RSVP Server for Microsoft Windows 2000 that may allow an attacker to hijack management of the network. This could allow an attacker control of network Quality of Service...

European Union Parliament Under Cyber Attack !

Following on the heels of a sophisticated cyber assault against the European Union's Commission and External Action Service, reports have surfaced that the EU Parliament's information systems are also being targeted in an attack. Officials indicate that the attacks have successfully penetrated th...

Simple Network penetration spying on a command-vulnerability warning-the black bar safety net

ipconfig /all //You can view the current network card configuration information, including the domain and IP section This command can be seen: the host name---shwdm, IP--192.168.103.8, the gateway IP---192.168.103.10,DNS domain name resolution IP address---192.168.100.1 to an primary WINS server...

Network penetration copying SAM file-a vulnerability warning-the black bar safety net

First:use WinHex this software,go to disk edit, and then enter c:\windows\system32\config copy the SAM and SYSTEM to any directory can be Second:use ice edge,directly by the ice edge copy c:\windows\system32\config copy the SAM and SYSTEM to any directory can be Summary The following easy...

PsTools in the penetration of little application-vulnerability warning-the black bar safety net

Author:zero soulzerosoul Blog: Recent bad luck, take down a network, Server area all not even outside, no rally socks out, cause penetration of the network within other segments of the time very hard. One of the MSSQL and Web are separated, the server although the take down, but sometimes up to...

smb 0day network penetration and Defense-vulnerability warning-the black bar safety net

This smb 0day vulnerabilities out for a long time, since the bun work is too busy, has not bother to pay attention to it. The vulnerability affects vista, Windows 7 and windows 2 0 0 8, EXP now surely everyone on hand the others also have, it was tested can be very good to attack vista and 2 0 0 ...

ARP Sinffer the user offensive and defensive examples of the detailed explanation-vulnerability warning-the black bar safety net

ARP attack in recent years, the hacker community was on the rise to one in the LAN the internal implementation of the means of attack, usually use to install arp-sniffer tools to capture, such as account password, ftp user name, a user password such valuable information. This attack means belongi...

union select control ewebeditor Upload File suffix-vulnerability warning-the black bar safety net

Form:dark group technology Forum union select control ewebeditor Upload File suffix2.16 Currently circulating online too much ewebeidtor a modified version of the lite version 2 1 6 version of ewebeditor the presence of an injection vulnerabilities after a version also exists such a problem Some...