Italian Users Warned of Malware Attack Targeting Sensitive Information

A new malware campaign has been observed targeting Italy with phishing emails designed to deploy an information stealer on compromised Windows systems. "The info-stealer malware steals sensitive information like system info, crypto wallet and browser histories, cookies, and credentials of crypto...

Italian Users Warned of Malware Attack Targeting Sensitive Information

A new malware campaign has been observed targeting Italy with phishing emails designed to deploy an information stealer on compromised Windows systems. "The info-stealer malware steals sensitive information like system info, crypto wallet and browser histories, cookies, and credentials of crypto...

Southeast Asian APT Group Saaiwc Targets Military and Financial Departments with PowerDism Backdoor

Threat Level Actor Report For a detailed threat advisory, download the pdf file here Summary Saaiwc Group APT-LY-1005 is a newly identified APT group that is thought to operate in Southeast Asia. The groups main tactic is to use an ISO file as a malicious payload, which when executed, injects a...

Description of the security update for Microsoft Exchange Server 2013: January 10, 2023 (KB5022188)

Description of the security update for Microsoft Exchange Server 2013: January 10, 2023 KB5022188 This security update rollup resolves vulnerabilities in Microsoft Exchange Server. To learn more about these vulnerabilities, see the following Common Vulnerabilities and Exposures CVE: CVE-2023-2176...

Description of the security update for Microsoft Exchange Server 2019: January 10, 2023 (KB5022193)

Description of the security update for Microsoft Exchange Server 2019: January 10, 2023 KB5022193 This security update rollup resolves vulnerabilities in Microsoft Exchange Server. To learn more about these vulnerabilities, see the following Common Vulnerabilities and Exposures CVE CVE-2023-21745...

Microsoft PowerShell Remote Code Execution Vulnerability

PowerShell is a task automation and configuration management framework developed by Microsoft Corporation USA, consisting of a command line interface shell layer related manuscript language built from . exploit this vulnerability to bypass sandbox restrictions and execute arbitrary code on the...

Malicious PyPI Packages Using Cloudflare Tunnels to Sneak Through Firewalls

In yet another campaign targeting the Python Package Index PyPI repository, six malicious packages have been found deploying information stealers on developer systems. The now-removed packages, which were discovered by Phylum between December 22 and December 31, 2022, include pyrologin,...

The vulnerability of the PowerShell command line interface on Microsoft Windows operating systems, allowing a hacker to execute arbitrary code.

The vulnerability of the PowerShell command line interface on Microsoft Windows operating systems is related to insufficient validation of entered data. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

CVE-2022-22744

The constructed curl command from the "Copy as curl" feature in DevTools was not properly escaped for PowerShell. This could have lead to command injection if pasted into a Powershell prompt.This bug only affects Thunderbird for Windows. Other operating systems are unaffected.. This vulnerability...

CVE-2022-22744

The constructed curl command from the "Copy as curl" feature in DevTools was not properly escaped for PowerShell. This could have lead to command injection if pasted into a Powershell prompt.This bug only affects Thunderbird for Windows. Other operating systems are unaffected.. This vulnerability...

Command injection

The constructed curl command from the "Copy as curl" feature in DevTools was not properly escaped for PowerShell. This could have lead to command injection if pasted into a Powershell prompt.This bug only affects Thunderbird for Windows. Other operating systems are unaffected.. This vulnerability...

UBUNTU-CVE-2022-22744

The constructed curl command from the "Copy as curl" feature in DevTools was not properly escaped for PowerShell. This could have lead to command injection if pasted into a Powershell prompt.This bug only affects Thunderbird for Windows. Other operating systems are unaffected.. This vulnerability...

NetLlix - A Project Created With An Aim To Emulate And Test Exfiltration Of Data Over Different Network Protocols

A project created with an aim to emulate and test exfiltration of data over different network protocols. The emulation is performed w/o the usage of native API's. This will help blue teams write correlation rules to detect any type of C2 communication or data exfiltration. Currently, this project...

Exploit for Deserialization of Untrusted Data in Microsoft

CVE-2022-41082-POC PoC for the CVE-2022-41082 NotProxyShell OW...

CVE-2022-22744

CVE-2022-22744 affects Thunderbird for Windows via the DevTools Copy as curl feature, where the constructed curl command was not properly escaped for PowerShell, potentially allowing command injection when pasted into a PowerShell prompt. Public details indicate affected software includes Thunder...

CVE-2022-22744

The constructed curl command from the "Copy as curl" feature in DevTools was not properly escaped for PowerShell. This could have lead to command injection if pasted into a Powershell prompt.This bug only affects Thunderbird for Windows. Other operating systems are unaffected.. This vulnerability...

CVE-2022-22744

The constructed curl command from the "Copy as curl" feature in DevTools was not properly escaped for PowerShell. This could have lead to command injection if pasted into a Powershell prompt.This bug only affects Thunderbird for Windows. Other operating systems are unaffected.. This vulnerability...

Adding Azure Compute Account Fails With "This server does not seem to have Azure PowerShell installed"

Challenge When attempting to add an Azure Compute Account using the "Create a new account" option, the error message is shown stating that "This server does not seem to have Azure PowerShell installed." even though the Azure PowerShell is installed. Get-Module -ListAvailable -Name Azure -Refresh...

Ransomware Hackers Using New Way to Bypass MS Exchange ProxyNotShell Mitigations

Threat actors affiliated with a ransomware strain known as Play are leveraging a never-before-seen exploit chain that bypasses blocking rules for ProxyNotShell flaws in Microsoft Exchange Server to achieve remote code execution RCE through Outlook Web Access OWA. "The new exploit method bypasses...

Microsoft Patch Tuesday, December 2022 Edition

Microsoft has released its final monthly batch of security updates for 2022, fixing more than four dozen security holes in its various Windows operating systems and related software. The most pressing patches include a zero-day in a Windows feature that tries to flag malicious files from the Web,...