AutoMalDesc: Large-Scale Script Analysis for Cyber Threat Research

Generating thorough natural language explanations for threat detections remains an open problem in cybersecurity research, despite significant advances in automated malware detection systems. In this work, we present AutoMalDesc, an automated static analysis summarization framework that, followin...

EUVD-2022-44361

Malicious code in bioql PyPI...

PolyDrop - A BYOSI (Bring-Your-Own-Script-Interpreter) Rapid Payload Deployment Toolkit

BYOSI - Bring-Your-Own-Script-Interpreter - Leveraging the abuse of trusted applications, one is able to deliver a compatible script interpreter for a Windows, Mac, or Linux system as well as malicious source code in the form of the specific script interpreter of choice. Once both the malicious...

The vulnerability of the Windows Scripting Languages component of the Windows operating system allows a perpetrator to execute arbitrary code.

The vulnerability of the Windows Scripting Languages component of the Windows operating system exists due to insufficient checking of input data. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

CVE-2022-41128

Windows Scripting Languages Remote Code Execution Vulnerability...

CVE-2022-41118

Windows Scripting Languages Remote Code Execution Vulnerability...

Remote code execution

Windows Scripting Languages Remote Code Execution Vulnerability...

Remote code execution

Windows Scripting Languages Remote Code Execution Vulnerability...

CVE-2022-41128

Windows Scripting Languages Remote Code Execution Vulnerability Recent assessments: Assessed Attacker Value: 0 Assessed Attacker Value: 0Assessed Attacker Value: 0...

CVE-2022-41118 Windows Scripting Languages Remote Code Execution Vulnerability

...

CVE-2022-41128 Windows Scripting Languages Remote Code Execution Vulnerability

...

CVE-2022-41118

Technical details about CVE-2022-41118 are not provided in the supplied documents. No product/vendor/version or exploit information is available here. Monitor for updates from official sources; further details and remediation would require vendor advisories.

Windows Scripting Languages Remote Code Execution Vulnerability

...

PT-2022-5510 · Microsoft · Windows

Name of the Vulnerable Software and Affected Versions: Windows affected versions not specified Description: The issue exists due to insufficient input validation in the Windows Scripting Languages component. This allows a remote attacker to execute arbitrary code. The vulnerability can be exploit...

KLA20047 Multiple vulnerabilities in Microsoft Windows

Multiple vulnerabilities were found in Microsoft Windows. Malicious users can exploit these vulnerabilities to gain privileges, cause denial of service, execute arbitrary code, bypass security restrictions, obtain sensitive information. Below is a complete list of vulnerabilities: 1. An elevation...

[SECURITY] Fedora 30 Update: PyYAML-5.3.1-1.fc30

YAML is a data serialization format designed for human readability and interaction with scripting languages. PyYAML is a YAML parser and emitter for Python. PyYAML features a complete YAML 1.1 parser, Unicode support, pickle support, capable extension API, and sensible error messages. PyYAML...

Fedora Update for PyYAML FEDORA-2019-bed9afe622

The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

DOSfuscation: Exploring the Depths of Cmd.exe Obfuscation and Detection Techniques

Skilled attackers continually seek out new attack vectors, while employing evasion techniques to maintain the effectiveness of old vectors, in an ever-changing defensive landscape. Many of these threat actors employ obfuscation frameworks for common scripting languages such as JavaScript and...

Targeted Attacks In The Middle East

This blog post is authored by Paul Rascagneres with assistance of Martin Lee. Executive Summary Talos has identified a targeted attacks affecting the Middle East. This campaign contains the following elements, which are described in detail in this article. The use of allegedly confidential decoy...

Korea In The Crosshairs

This blog post is authored by Warren Mercer and Paul Rascagneres and with contributions from Jungsoo An. A one year review of campaigns performed by an actor with multiple campaigns mainly linked to South Korean targets. Executive Summary This article exposes the malicious activities of Group 123...