122 matches found
Dante Discovery < 1.2.1
The version of Dante Discovery installed on the remote Windows host is prior to 1.2.1. It is, therefore, affected by a vulnerability. mDNSResponder.exe is vulnerable to DLL Sideloading attack. Executable improperly specifies how to load the DLL, from which folder and under what conditions. In the...
How to load unsigned or fake-signed apps on iOS
TL;DR Issues commonly arise when clients provide an application which is unsigned or does not meet device requirements. Installing an application can be challenging without a Mac, access to Xcode or if the client is having trouble signing the application manually as this is normally done by the a...
CVE-2023-21257
In updateSettingsInternalLI of InstallPackageHelper.java, there is a possible way to sideload an app in the work profile due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for...
CVE-2023-24578
McAfee Total Protection prior to 16.0.49 allows attackers to elevate user privileges due to DLL sideloading. This could enable a user with lower privileges to execute unauthorized tasks...
Android's New Feature Blocks Fraudsters from Sideloading Apps During Calls
Google is working on a new security feature for Android that blocks device owners from changing sensitive settings when a phone call is in progress. Specifically, the in-call anti-scammer protections include preventing users from turning on settings to install apps from unknown sources and granti...
Dante Discovery Process Control Vulnerability
Dante Discovery contains a process control vulnerability in mDNSResponder.exe that all allows for a DLL sideloading attack. A local attacker can leverage this vulnerability in the Dante Application Library to execute arbitrary code...
CVE-2022-1824
An uncontrolled search path vulnerability in McAfee Consumer Product Removal Tool prior to version 10.4.128 could allow a local attacker to perform a sideloading attack by using a specific file name. This could result in the user gaining elevated permissions and being able to execute arbitrary co...
Researchers Uncover Hijack Loader Malware Using Stolen Code-Signing Certificates
Cybersecurity researchers have disclosed a new malware campaign that delivers Hijack Loader artifacts that are signed with legitimate code-signing certificates. French cybersecurity company HarfangLab, which detected the activity at the start of the month, said the attack chains aim to deploy an...
Google Blocks Unsafe Android App Sideloading in India for Improved Fraud Protection
Google has announced that it's piloting a new security initiative that automatically blocks sideloading of potentially unsafe Android apps in India, after similar tests in Singapore, Thailand, and Brazil. The enhanced fraud protection feature aims to keep users safe when they attempt to install...
Hackers Use Fake GlobalProtect VPN Software in New WikiLoader Malware Attack
A new malware campaign is spoofing Palo Alto Networks' GlobalProtect VPN software to deliver a variant of the WikiLoader aka WailingCrab loader by means of a search engine optimization SEO campaign. The malvertising activity, observed in June 2024, is a departure from previously observed tactics...
Info Stealing Campaign Uses DLL Sideloading Through Legitimate Cisco Webex’s Binaries for Initial Execution and Defense Evasion
Info Stealing Campaign Uses DLL Sideloading Through Legitimate Cisco Webex’s Binaries for Initial Execution and Defense Evasion By Ale Houspanossian · June 17, 2024 Case Summary It was a quiet Monday morning in March 2024 when the EDR researchers with our Trellix Advanced Research Center identifi...
DarkGate again but... Improved?
DarkGate again but... Improved? By Ernesto Fernández Provecho · June 3, 2024 Executive summary During 2023, DarkGate made a comeback with a version full of new features, becoming one of the most preferred Remote Access Trojans RATs by malicious actors. However, this momentum also required...
CVE-2024-2451
Improper fingerprint validation in the TeamViewer Client Full & Host prior Version 15.54 for Windows and macOS allows an attacker with administrative user rights to further elevate privileges via executable sideloading...
CVE-2024-2451 Improper fingerprint validation in the TeamViewer Client
Improper fingerprint validation in the TeamViewer Client Full & Host prior Version 15.54 for Windows and macOS allows an attacker with administrative user rights to further elevate privileges via executable sideloading...
CVE-2024-2451 Improper fingerprint validation in the TeamViewer Client
Improper fingerprint validation in the TeamViewer Client Full & Host prior Version 15.54 for Windows and macOS allows an attacker with administrative user rights to further elevate privileges via executable sideloading...
PT-2024-20428 · Teamviewer · Teamviewer Client
Name of the Vulnerable Software and Affected Versions: TeamViewer Client Full & Host versions prior to 15.54 Description: The issue concerns improper fingerprint validation, allowing an attacker with administrative user rights to elevate privileges via executable sideloading. Recommendations: For...
eScan Antivirus Update Mechanism Exploited to Spread Backdoors and Miners
A new malware campaign has been exploiting the updating mechanism of the eScan antivirus software to distribute backdoors and cryptocurrency miners like XMRig through a long-standing threat codenamed GuptiMiner targeting large corporate networks. Cybersecurity firm Avast said the activity is the...
Active Nitrogen campaign delivered via malicious ads for PuTTY, FileZilla
In the past couple of weeks, we have observed an ongoing campaign targeting system administrators with fraudulent ads for popular system utilities. The malicious ads are displayed as sponsored results on Googles search engine page and localized to North America. Victims are tricked into downloadi...
New CHAVECLOAK Banking Trojan Targets Brazilians via Malicious PDFs
By Deeba Ahmed The CHAVECLOAK banking Trojan employs PDFs, ZIP downloads, DLL sideloading, and deceptive pop-ups to target Brazil's unsuspecting banking users financial sector. This is a post from HackRead.com Read the original post: New CHAVECLOAK Banking Trojan Targets Brazilians via Malicious...
The Privacy Danger Lurking in Push Notifications
Plus: Apple warns about sideloading apps, a court orders NSO group to turn over the code of its Pegasus spyware, and an investigation finds widely available security cams are wildly insecure...