37 matches found
EUVD-2010-5309
Malware in sbrugna...
CVE-2010-10015
AOL versions up to and including 9.5 includes an ActiveX control Phobos.dll that exposes a method called Import via the Phobos.Playlist COM object. This method is vulnerable to a stack-based buffer overflow when provided with an excessively long string argument. Exploitation allows remote attacke...
CVE-2010-10015
AOL versions up to and including 9.5 includes an ActiveX control Phobos.dll that exposes a method called Import via the Phobos.Playlist COM object. This method is vulnerable to a stack-based buffer overflow when provided with an excessively long string argument. Exploitation allows remote attacke...
CVE-2010-10015
AOL versions up to and including 9.5 includes an ActiveX control Phobos.dll that exposes a method called Import via the Phobos.Playlist COM object. This method is vulnerable to a stack-based buffer overflow when provided with an excessively long string argument. Exploitation allows remote attacke...
CVE-2010-10015
CVE-2010-10015 affects AOL software up to version 9.5, where Phobos.dll exposes Import() via Phobos.Playlist and suffers a stack-based buffer overflow on long string arguments. Exploitation requires a locally opened malicious HTML file, allowing code execution in the user context. The vulnerabili...
CVE-2010-10015 AOL <= 9.5 Phobos.Playlist 'Import()' Stack-Based Buffer Overflow
AOL versions up to and including 9.5 includes an ActiveX control Phobos.dll that exposes a method called Import via the Phobos.Playlist COM object. This method is vulnerable to a stack-based buffer overflow when provided with an excessively long string argument. Exploitation allows remote attacke...
CVE-2010-10015 AOL <= 9.5 Phobos.Playlist 'Import()' Stack-Based Buffer Overflow
AOL versions up to and including 9.5 includes an ActiveX control Phobos.dll that exposes a method called Import via the Phobos.Playlist COM object. This method is vulnerable to a stack-based buffer overflow when provided with an excessively long string argument. Exploitation allows remote attacke...
AOL 安全漏洞
AOL is a web portal of the American company AOL. AOL 9.5 and prior versions have a security vulnerability that originates from a stack buffer overflow in the Import method of the Phobos.Playlist COM object, which could lead to the execution of arbitrary code...
PT-2025-34284 · America Online · Phobos.Dll +3
Name of the Vulnerable Software and Affected Versions: AOL versions prior to 9.6 Description: AOL versions up to and including 9.5 include an ActiveX control Phobos.dll that exposes a method called Import via the Phobos.Playlist COM object. This method is vulnerable to a stack-based buffer overfl...
basecamper (>=0.1.1.dev1 <=0.10.9), fedsim (>=0.2.0 <=0.9.0) +5 more potentially affected by CVE-2024-9362 via polyaxon (>=1.1.7.post4 <=2.9.4)
polyaxon PYPI version =1.1.7.post4, =0.1.1.dev1, =0.2.0, =0.0.1, =0.0.0, =0.2.1, =0.1.0b5, =0.1.2 Source cves: CVE-2024-9362 Source advisory: SNYK:PYTHON-POLYAXON-9585349...
basecamper (>=0.1.1.dev1 <=0.10.9), fedsim (>=0.2.0 <=0.9.0) +5 more potentially affected by CVE-2024-9365 via polyaxon (>=1.1.7.post4 <=2.9.4)
polyaxon PYPI version =1.1.7.post4, =0.1.1.dev1, =0.2.0, =0.0.1, =0.0.0, =0.2.1, =0.1.0b5, =0.1.2 Source cves: CVE-2024-9365 Source advisory: SNYK:PYTHON-POLYAXON-9584622...
FBI, Europol, and NCA Take Down 8Base Ransomware Data Leak and Negotiation Sites
--- Source: The Nation A coordinated law enforcement operation has taken down the dark web data leak and negotiation sites associated with the 8Base ransomware gang. Visitors to the data leak site are now greeted with a seizure banner that says: "This hidden site and the criminal content have bee...
A week in security (December 2 – December 8)
Last week on Malwarebytes Labs: Europol takes down criminal data hub Manson Market in busy month for law enforcement Americans urged to use encrypted messaging after large, ongoing cyberattack Crypto’s rising value likely to bring new wave of scams AI chatbot provider exposes 346,000 customer...
No company too small for Phobos ransomware gang, indictment reveals
The US Department of Justice has charged a Russian national named Evgenii Ptitsyn with selling, operating, and distributing a ransomware variant known as “Phobos” during a four-year cybercriminal campaign that extorted at least $16 million from victims across the world. The government’s indictmen...
Phobos: Stealthy Ransomware That Operated Under the Radar - Until Now
Phobos: Stealthy Ransomware That Operated Under the Radar - Until Now By Jambul Tologonov, John Fokker and Duy-Phuc Pham · November 20, 2024 On November 18th, the US Justice Department unsealed criminal charges against a Russian national for allegedly administering the sale, distribution, and...
Russian Man Extradited to US, Face Charges in Phobos Ransomware Operation
Russian national Evgenii Ptitsyn, linked to Phobos ransomware, faces U.S. charges for extortion and hacking, with over $16M…...
Phobos Ransomware Aggressively Targeting U.S. Critical Infrastructure
U.S. cybersecurity and intelligence agencies have warned of Phobos ransomware attacks targeting government and critical infrastructure entities, outlining the various tactics and techniques the threat actors have adopted to deploy the file-encrypting malware. "Structured as a ransomware as a...
CISA, FBI, and MS-ISAC Release Advisory on Phobos Ransomware
Today, CISA, the Federal Bureau of Investigation FBI, and the Multi-State Information Sharing and Analysis Center MS-ISAC released a joint Cybersecurity Advisory CSA, StopRansomware: Phobos Ransomware, to disseminate known tactics, techniques, and procedures TTPs and indicators of compromise IOCs...
FAUST: A Phobos Ransomware Variant Launches Fileless Attack
Summary: FAUST ransomware, a variant of the Phobos family, exhibiting intricate deployment stages, from decoding Base64 data to injecting shellcode. Notably, it employs a fileless attack through an Office document with a VBA script, emphasizing the need for user caution with document files from...
Albabat, Kasseika, Kuiper: New Ransomware Gangs Rise with Rust and Golang
Cybersecurity researchers have detected in the wild yet another variant of the Phobos ransomware family known as Faust. Fortinet FortiGuard Labs, which detailed the latest iteration of the ransomware, said it's being propagated by means of an infection that delivers a Microsoft Excel document .XL...