Lucene search
K

10 matches found

The Hacker News
The Hacker News
added 2024/05/21 2:19 p.m.14 views

Malware Delivery via Cloud Services Exploits Unicode Trick to Deceive Users

A new attack campaign dubbed CLOUDREVERSER has been observed leveraging legitimate cloud storage services like Google Drive and Dropbox to stage malicious payloads. "The VBScript and PowerShell scripts in the CLOUDREVERSER inherently involves command-and-control-like activities by using Google...

6.7AI score
Exploits0
Krebs on Security
Krebs on Security
added 2023/08/04 1:49 p.m.20 views

Teach a Man to Phish and He’s Set for Life

One frustrating aspect of email phishing is the frequency with which scammers fall back on tried-and-true methods that really have no business working these days. Like attaching a phishing email to a traditional, clean email message, or leveraging link redirects on LinkedIn, or abusing an encodin...

6.5AI score
Exploits0
NVD
NVD
added 2022/02/25 3:15 p.m.16 views

CVE-2022-24346

In JetBrains IntelliJ IDEA before 2021.3.1, local code execution via RLO Right-to-Left Override characters was possible...

7.8CVSS0.0042EPSS
Exploits0References2
Prion
Prion
added 2022/02/25 3:15 p.m.19 views

Code injection

In JetBrains IntelliJ IDEA before 2021.3.1, local code execution via RLO Right-to-Left Override characters was possible...

4.6CVSS7.8AI score0.0042EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2022/02/25 2:36 p.m.275 views

CVE-2022-24346

The CVE-2022-24346 issue affects JetBrains IntelliJ IDEA prior to 2021.3.1, where local code execution could be triggered via Right-to-Left Override (RLO) characters embedded in a project/file. Red Hat and NVD entries confirm the same description. Impact is defined as local code execution with pa...

7.8CVSS7.7AI score0.0042EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2022/02/25 2:36 p.m.19 views

CVE-2022-24346

In JetBrains IntelliJ IDEA before 2021.3.1, local code execution via RLO Right-to-Left Override characters was possible...

8.6AI score0.0042EPSS
Exploits0References2
ThreatPost
ThreatPost
added 2021/11/01 4:28 p.m.113 views

‘Trojan Source’ Hides Invisible Bugs in Source Code

Researchers have found a new way to encode potentially evil source code, such that human reviewers see a harmless version and compilers see the invisible, wicked version. Named “Trojan Source attacks,” the method “exploits subtleties in text-encoding standards such as Unicode to produce source co...

8.3CVSS8.8AI score0.12205EPSS
Exploits5References15
The Hacker News
The Hacker News
added 2018/02/13 1:36 p.m.32 views

Hackers Exploit 'Telegram Messenger' Zero-Day Flaw to Spread Malware

A zero-day vulnerability has been discovered in the desktop version for end-to-end encrypted Telegram messaging app that was being exploited in the wild in order to spread malware that mines cryptocurrencies such as Monero and ZCash. The Telegram vulnerability was uncovered by security researcher...

7AI score
Exploits0
Securelist
Securelist
added 2018/02/13 9:0 a.m.40 views

Zero-day vulnerability in Telegram

In October 2017, we learned of a vulnerability in Telegram Messenger's Windows client that was being exploited in the wild. It involves the use of a classic right-to-left override attack when a user sends files over the messenger service. Right-to-left override in a nutshell The special nonprinti...

7.1AI score
Exploits0
ThreatPost
ThreatPost
added 2013/08/20 10:10 a.m.21 views

Sirefef Malware Found Using Unicode Right-to-Left Override Technique

Old malware tricks never really die, they just get recycled and passed down to the next generation of attackers. The latest technique to get run through the wayback machine is the use of the right-to-left override character in Unicode, a tactic that enables malware authors to hide the real name o...

6.9AI score
Exploits0References1
Rows per page
Query Builder