Lucene search
K

53 matches found

The Hacker News
The Hacker News
added 2024/02/21 1:3 p.m.26 views

Mustang Panda Targets Asia with Advanced PlugX Variant DOPLUGS

The China-linked threat actor known as Mustang Panda has targeted various Asian countries using a variant of the PlugX aka Korplug backdoor dubbed DOPLUGS. "The piece of customized PlugX malware is dissimilar to the general type of the PlugX malware that contains a completed backdoor command...

9.8CVSS9.8AI score0.12661EPSS
Exploits0
Malwarebytes
Malwarebytes
added 2019/02/22 5:59 p.m.198 views

The Advanced Persistent Threat Files: APT1

We've heard a lot about Advanced Persistent Threats APTs over the past few years. As a refresher, APTs are prolonged, aimed attacks on specific targets with the intention to compromise their systems and gain information from or about that target. While the targets may be anyone or anything—a...

7.2AI score
Exploits0
Malwarebytes
Malwarebytes
added 2019/01/16 5:0 p.m.134 views

The Advanced Persistent Threat files: APT10

We've heard a lot about Advanced Persistent Threats APTs over the past few years. As a refresher, APTs are prolonged, aimed attacks on specific targets with the intention to compromise their systems and gain information from or about that target. While the targets may be anyone or anything—a...

0.1AI score
Exploits0
Securelist
Securelist
added 2017/11/14 9:41 a.m.531 views

APT Trends report Q3 2017

Introduction Beginning in the second quarter of 2017, Kaspersky's Global Research and Analysis Team GReAT began publishing summaries of the quarter's private threat intelligence reports in an effort to make the public aware of what research we have been conducting. This report serves as the next...

9.3CVSS8.2AI score0.99933EPSS
Exploits29
FireEye
FireEye
added 2017/02/22 2:45 p.m.12 views

Spear Phishing Techniques Used in Attacks Targeting the Mongolian Government

Introduction FireEye recently observed a sophisticated campaign targeting individuals within the Mongolian government. Targeted individuals that enabled macros in a malicious Microsoft Word document may have been infected with Poison Ivy, a popular remote access tool RAT that has been used for...

8.1AI score
Exploits0References2
FireEye
FireEye
added 2017/02/22 9:45 a.m.34 views

Spear Phishing Techniques Used in Attacks Targeting the Mongolian Government

Introduction FireEye recently observed a sophisticated campaign targeting individuals within the Mongolian government. Targeted individuals that enabled macros in a malicious Microsoft Word document may have been infected with Poison Ivy, a popular remote access tool RAT that has been used for...

0.8AI score
Exploits0
pwnmalw
pwnmalw
added 2017/01/14 12:0 a.m.541 views

Malware exploit: Poisonivy

Type: Stack Buffer Overflow Author: Gal Badishi This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class MetasploitModule Msf::Exploit::Remote Rank = NormalRanking include Msf::Exploit::Remote::Tcp def...

0.5AI score
Exploits0
CNVD
CNVD
added 2016/09/23 12:0 a.m.4 views

Poison Ivy C2 Server Buffer Overflow Vulnerability

Poison Ivy is a remote control tool. Poison Ivy 2.1.x suffers from a buffer overflow vulnerability that can be exploited by a remote attacker to execute arbitrary code in the context of the application...

8.1AI score
Exploits0References1
0day.today
0day.today
added 2016/06/10 12:0 a.m.46 views

Poison Ivy 2.1.x - C2 Buffer Overflow (Metasploit)

Exploit for windows platform in category remote exploits This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class MetasploitModule 'Poison Ivy 2.1.x C2 Buffer Overflow', 'Description' = %q This module...

7.1AI score
Exploits0
exploitpack
exploitpack
added 2016/06/10 12:0 a.m.22 views

Poison Ivy 2.1.x (C2 Server) - Remote Buffer Overflow (Metasploit)

Poison Ivy 2.1.x C2 Server - Remote Buffer Overflow Metasploit This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class MetasploitModule 'Poison Ivy 2.1.x C2 Buffer Overflow', 'Description' = %q This...

0.1AI score
Exploits0
Exploit DB
Exploit DB
added 2016/06/10 12:0 a.m.28 views

Poison Ivy 2.1.x (C2 Server) - Remote Buffer Overflow (Metasploit)

This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class MetasploitModule 'Poison Ivy 2.1.x C2 Buffer Overflow', 'Description' = %q This module exploits a stack buffer overflow in the Poison Ivy 2.1.x C...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2016/06/09 12:0 a.m.33 views

Poison Ivy 2.1.x C2 Buffer Overflow

This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class MetasploitModule 'Poison Ivy 2.1.x C2 Buffer Overflow', 'Description' = %q This module exploits a stack buffer overflow in the Poison Ivy 2.1.x C...

0.7AI score
Exploits0
Metasploit
Metasploit
added 2016/06/03 5:20 p.m.25 views

Poison Ivy 2.1.x C2 Buffer Overflow

This module exploits a stack buffer overflow in the Poison Ivy 2.1.x C server. The exploit does not need to know the password chosen for the bot/server communication. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework...

7.9AI score
Exploits0
ThreatPost
ThreatPost
added 2016/04/07 3:54 p.m.10 views

FBI Quietly Admits to Multi-Year APT Attack, Sensitive Data Stolen

The FBI issued a rare bulletin admitting that a group named Advanced Persistent Threat 6 APT6 hacked into US government computer systems as far back as 2011 and for years stole sensitive data. The FBI alert was issued in February and went largely unnoticed. Nearly a month later, security experts...

7.3AI score
Exploits0References4
ThreatPost
ThreatPost
added 2015/12/01 11:37 a.m.91 views

China APT Gang Targets Hong Kong Media via Dropbox

An APT gang linked to China and alleged to be responsible for targeted attacks against foreign governments and ministries, has now pointed its focus inward at China’s autonomous territory Hong Kong. An August attack against several media companies in Hong Kong was carried out shortly after a...

9.3CVSS1.1AI score0.99966EPSS
Exploits12References6
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.15 views

Poison Ivy 2.3.2 C&C Server Buffer Overflow

No description provided by source. This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit web site for more information on licensing and terms of use. http://metasploit.com/ require 'msf/core' class Metasploit3...

7.1AI score
Exploits0
The Hacker News
The Hacker News
added 2014/03/26 1:47 a.m.18 views

Malaysian flight MH370 tragedy abused by Chinese hackers for Espionage attacks

The Mysterious Malaysian Airlines flight MH370, a Boeing 777-200 aircraft that has gone missing by the time it flew from Kuala Lumpur to Beijing. The Malaysian Prime Minister had also confirmed that the Malaysia Airlines plane had crashed in a remote part of the southern Indian Ocean. Cyber...

6.7AI score
Exploits0
ThreatPost
ThreatPost
added 2014/03/25 4:4 p.m.162 views

Malaysia Airlines Flight 370 spear phishing emails spotted

Hold off on the notion that watering hole attacks may supplant phishing as the initial means of compromise in advanced attacks. A number of recent targeted campaigns have used the crash of Malaysia Airlines 370 as a lure to infect government officials in the U.S. and Asia-Pacific. FireEye today...

9.3CVSS0.8AI score0.99966EPSS
Exploits12References7
Metasploit
Metasploit
added 2013/12/15 2:34 p.m.17 views

Poison Ivy Command and Control Scanner

Enumerate Poison Ivy Command and Control C on ports 3460, 80, 8080 and 443. Adaptation of iTrust Python script. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Poison Ivy Command and Control...

7.5AI score
Exploits0
ThreatPost
ThreatPost
added 2013/09/19 3:55 p.m.52 views

Oil, Energy Watering Hole Attacks Linked to DOL attack

A string of watering hole attacks targeting oil and energy companies dating back to May could be linked to similar attacks against the U.S. Department of Labor website. Researchers at Cisco discovered the compromised domains of 10 oil and energy companies worldwide, including hydroelectric plants...

10CVSS0.93688EPSS
Exploits29References10
Rows per page
Query Builder