New Stealthy Bandit Stealer Targeting Web Browsers and Cryptocurrency Wallets

A new stealthy information stealer malware called Bandit Stealer has caught the attention of cybersecurity researchers for its ability to target numerous web browsers and cryptocurrency wallets. "It has the potential to expand to other platforms as Bandit Stealer was developed using the Go...

Rapid7 Insight Agent has an unspecified vulnerability

Rapid7 Insight Agent is a lightweight software from Rapid7, Inc. The software is capable of collecting data from IT assets.A security vulnerability exists in Rapid7 Insight Agent version 3.1.2.38 and prior versions, which stems from the fact that Rapid7 Insight Agent version 3.1.2.38 and prior...

Privilege escalation

Rapid7 Insight Agent versions 3.1.2.38 and earlier suffer from a privilege escalation vulnerability, whereby an attacker can hijack the flow of execution due to an unquoted argument to the runas.exe command used by the iragent.exe component, resulting in elevated rights and persistent access to t...

CVE-2022-0237 Rapid7 Insight Agent Privilege Escalation

Rapid7 Insight Agent versions 3.1.2.38 and earlier suffer from a privilege escalation vulnerability, whereby an attacker can hijack the flow of execution due to an unquoted argument to the runas.exe command used by the iragent.exe component, resulting in elevated rights and persistent access to t...

CVE-2001-1518

CVE-2001-1518 affects Windows 2000 where RunAs (runas.exe) can hang by a local user launching a named pipe session with the authentication server, because only a single session instance is created at a time. The Red Hat/NVD/CVEs reproduce the same description; no explicit affected build numbers b...