40 matches found
AutoMalDesc: Large-Scale Script Analysis for Cyber Threat Research
Generating thorough natural language explanations for threat detections remains an open problem in cybersecurity research, despite significant advances in automated malware detection systems. In this work, we present AutoMalDesc, an automated static analysis summarization framework that, followin...
EUVD-2022-44361
Malicious code in bioql PyPI...
PolyDrop - A BYOSI (Bring-Your-Own-Script-Interpreter) Rapid Payload Deployment Toolkit
BYOSI - Bring-Your-Own-Script-Interpreter - Leveraging the abuse of trusted applications, one is able to deliver a compatible script interpreter for a Windows, Mac, or Linux system as well as malicious source code in the form of the specific script interpreter of choice. Once both the malicious...
CVE-2022-41128
Windows Scripting Languages Remote Code Execution Vulnerability...
CVE-2022-41118
Windows Scripting Languages Remote Code Execution Vulnerability...
Remote code execution
Windows Scripting Languages Remote Code Execution Vulnerability...
Remote code execution
Windows Scripting Languages Remote Code Execution Vulnerability...
CVE-2022-41128 Windows Scripting Languages Remote Code Execution Vulnerability
...
CVE-2022-41118
Technical details about CVE-2022-41118 are not provided in the supplied documents. No product/vendor/version or exploit information is available here. Monitor for updates from official sources; further details and remediation would require vendor advisories.
CVE-2022-41118 Windows Scripting Languages Remote Code Execution Vulnerability
...
CVE-2022-41128
Windows Scripting Languages Remote Code Execution Vulnerability Recent assessments: Assessed Attacker Value: 0 Assessed Attacker Value: 0Assessed Attacker Value: 0...
Windows Scripting Languages Remote Code Execution Vulnerability
...
PT-2022-5510 · Microsoft · Windows
Name of the Vulnerable Software and Affected Versions: Windows affected versions not specified Description: The issue exists due to insufficient input validation in the Windows Scripting Languages component. This allows a remote attacker to execute arbitrary code. The vulnerability can be exploit...
KLA20047 Multiple vulnerabilities in Microsoft Windows
Multiple vulnerabilities were found in Microsoft Windows. Malicious users can exploit these vulnerabilities to gain privileges, cause denial of service, execute arbitrary code, bypass security restrictions, obtain sensitive information. Below is a complete list of vulnerabilities: 1. An elevation...
[SECURITY] Fedora 30 Update: PyYAML-5.3.1-1.fc30
YAML is a data serialization format designed for human readability and interaction with scripting languages. PyYAML is a YAML parser and emitter for Python. PyYAML features a complete YAML 1.1 parser, Unicode support, pickle support, capable extension API, and sensible error messages. PyYAML...
Fedora Update for PyYAML FEDORA-2019-bed9afe622
The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
DOSfuscation: Exploring the Depths of Cmd.exe Obfuscation and Detection Techniques
Skilled attackers continually seek out new attack vectors, while employing evasion techniques to maintain the effectiveness of old vectors, in an ever-changing defensive landscape. Many of these threat actors employ obfuscation frameworks for common scripting languages such as JavaScript and...
Targeted Attacks In The Middle East
This blog post is authored by Paul Rascagneres with assistance of Martin Lee. Executive Summary Talos has identified a targeted attacks affecting the Middle East. This campaign contains the following elements, which are described in detail in this article. The use of allegedly confidential decoy...
Korea In The Crosshairs
This blog post is authored by Warren Mercer and Paul Rascagneres and with contributions from Jungsoo An. A one year review of campaigns performed by an actor with multiple campaigns mainly linked to South Korean targets. Executive Summary This article exposes the malicious activities of Group 123...
PostgreSQL CREATE LANGUAGE Execution
Some installations of Postgres 8 and 9 are configured to allow loading external scripting languages. Most commonly this is Perl and Python. When enabled, command execution is possible on the host. To execute system commands, loading the "untrusted" version of the language is necessary. This...