Lucene search
K

31 matches found

Packet Storm News
Packet Storm News
added 2026/01/17 12:0 a.m.4 views

Hybrid IDS Using Signature-Based and Anomaly-Based Detection

Intrusion detection systems IDS are essential for protecting computer systems and networks against a wide range of cyber threats that continue to evolve over time. IDS are commonly categorized into two main types, each with its own strengths and limitations, such as difficulty in detecting...

5.4AI score
Exploits0
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2020-12789

Malware in sbrugna...

5.3CVSS5.5AI score0.01321EPSS
Exploits0References2
Packet Storm News
Packet Storm News
added 2025/08/13 12:0 a.m.2 views

Demystifying the Role of Rule-Based Detection in AI Systems for Windows Malware Detection

Malware detection increasingly relies on AI systems that integrate signature-based detection with machine learning. However, these components are typically developed and combined in isolation, missing opportunities to reduce data complexity and strengthen defenses against adversarial EXEmples,...

6.6AI score
Exploits0
Kitploit
Kitploit
added 2023/09/22 11:30 a.m.26 views

Dynmx - Signature-based Detection Of Malware Features Based On Windows API Call Sequences

dynmx spoken dynamics is a signature-based detection approach for behavioural malware features based on Windows API call sequences. In a simplified way, you can think of dynmx as a sort of YARA for API call traces so called function logs originating from malware sandboxes. Hence, the data basis f...

8.1AI score
Exploits0References4
Imperva Blog
Imperva Blog
added 2023/07/11 1:15 p.m.29 views

The Battle Against Business Logic Attacks: Why Traditional Security Tools Fall Short

As the digital landscape continues to evolve, so do the tactics utilized by bad actors that are seeking to exploit application vulnerabilities. Among the most insidious types of attacks are business logic attacks BLAs. Unlike known attacks, which can be identified by signatures or patterns, such ...

8.5AI score
Exploits0
Qualys Blog
Qualys Blog
added 2023/02/09 7:52 p.m.34 views

Real-Time Defense of Multi-Cloud Environments From Malicious Attacks and Threats

Organizations today cannot detect real-time threats at runtime due to the multi-cloud infrastructure, resulting in the possibility of malicious actors exploiting the environment. It is imperative for the modern organization to have a solution to detect advanced run-time threats in real-time to...

8AI score
Exploits0
exploitpack
exploitpack
added 2019/11/02 12:0 a.m.39 views

ClamAV 0.102.0 - bytecode_vm Code Execution

ClamAV 0.102.0 - bytecodevm Code Execution !/usr/bin/python ''' Finished : 22/07/2019 Pu8lished : 31/10/2019 Versi0n : Current ./exploit.py clambc --debug exploit SNIP $ ''' names = 'test1', 'read', 'write', 'seek', 'setvirusname',...

7.8AI score
Exploits0
Exploit DB
Exploit DB
added 2019/11/02 12:0 a.m.108 views

ClamAV < 0.102.0 - 'bytecode_vm' Code Execution

!/usr/bin/python ''' Finished : 22/07/2019 Pu8lished : 31/10/2019 Versi0n : Current ./exploit.py clambc --debug exploit SNIP $ ''' names = 'test1', 'read', 'write', 'seek', 'setvirusname',...

7.4AI score
Exploits0
ThreatPost
ThreatPost
added 2019/08/10 1:0 p.m.157 views

DEF CON 2019: MacOS Gets a Malware Beatdown in Attack Demo

LAS VEGAS – On Friday, Mac security researcher Patrick Wardle showed how an attacker can repurpose someone else’s Mac malware, create false attribution flags and sidestep Mac anti-malware defenses with ease. The attack scenarios were his own and meant to serve as cautionary examples and reasons w...

7.4AI score
Exploits0References6
Malwarebytes
Malwarebytes
added 2018/11/27 10:44 p.m.75 views

Why Malwarebytes decided to participate in AV testing

Starting this month, Malwarebytes began participating in the antivirus software for Windows comparison test performed by AV-test.org. This is uncharted territory for us, as we have refrained from participating in these types of tests since our inception. Although recent testing results show...

7.2AI score
Exploits0
Malwarebytes
Malwarebytes
added 2017/10/27 7:1 a.m.41 views

Traditional AV solutions shown ineffective in real-time global heat map

It's no secret that antivirus technology AV has faced increased scrutiny in the tech industry for quite some time. With signature-based detection methods, traditional AV solutions are simply weak against unknown malware and other malicious content. Meanwhile, consumers and businesses continue to...

6.9AI score
Exploits0
Trend Micro Simply Security
Trend Micro Simply Security
added 2017/10/23 9:9 p.m.79 views

Fileless Malware: A Hidden Threat

Malware is advancing at an unprecedented rate, with four new strains discovered every minute, Slate reported. This is already a lot for businesses to worry about and it doesn't even cover the other threats that haven't been detected. Many attackers have evolved their techniques to evade common...

7.3AI score
Exploits0
FireEye
FireEye
added 2017/06/30 7:0 p.m.24 views

Obfuscation in the Wild: Targeted Attackers Lead the Way in Evasion Techniques

Throughout 2017 we have observed a marked increase in the use of command line evasion and obfuscation by a range of targeted attackers. Cyber espionage groups and financial threat actors continue to adopt the latest cutting-edge application whitelisting bypass techniques and introduce innovative...

7.2AI score
Exploits0
FireEye
FireEye
added 2017/06/30 7:0 p.m.18 views

Obfuscation in the Wild: Targeted Attackers Lead the Way in Evasion Techniques

Throughout 2017 we have observed a marked increase in the use of command line evasion and obfuscation by a range of targeted attackers. Cyber espionage groups and financial threat actors continue to adopt the latest cutting-edge application whitelisting bypass techniques and introduce innovative...

0.7AI score
Exploits0
0day.today
0day.today
added 2013/07/13 12:0 a.m.107 views

Microsoft Windows Authenticated Powershell Command Execution

This Metasploit module uses a valid administrator username and password to execute a powershell payload using a similar technique to the "psexec" utility provided by SysInternals. The payload is encoded in base64 and executed from the commandline using the -encodedcommand flag. Using this method,...

7.5CVSS6.7AI score0.63703EPSS
Exploits13
NVD
NVD
added 2012/08/25 9:55 p.m.19 views

CVE-2010-5175

Race condition in PrivateFirewall 7.0.20.37 on Windows XP allows local users to bypass kernel-mode hook handlers, and execute dangerous code that would otherwise be blocked by a handler but not blocked by signature-based malware detection, via certain user-space memory changes during hook-handler...

6.2CVSS6.7AI score0.00306EPSS
Exploits0References9
NVD
NVD
added 2012/08/25 9:55 p.m.19 views

CVE-2010-5152

Race condition in AVG Internet Security 9.0.791 on Windows XP allows local users to bypass kernel-mode hook handlers, and execute dangerous code that would otherwise be blocked by a handler but not blocked by signature-based malware detection, via certain user-space memory changes during...

6.2CVSS6.7AI score0.00303EPSS
Exploits0References9
Prion
Prion
added 2012/08/25 9:55 p.m.15 views

Race condition

Race condition in Avira Premium Security Suite 10.0.0.536 on Windows XP allows local users to bypass kernel-mode hook handlers, and execute dangerous code that would otherwise be blocked by a handler but not blocked by signature-based malware detection, via certain user-space memory changes durin...

6.2CVSS7.2AI score0.00683EPSS
Exploits0References9Affected Software1
Cvelist
Cvelist
added 2012/08/25 9:0 p.m.22 views

CVE-2010-5158

Race condition in DefenseWall Personal Firewall 3.00 on Windows XP allows local users to bypass kernel-mode hook handlers, and execute dangerous code that would otherwise be blocked by a handler but not blocked by signature-based malware detection, via certain user-space memory changes during...

6.7AI score0.00303EPSS
Exploits0References9
Cvelist
Cvelist
added 2012/08/25 9:0 p.m.26 views

CVE-2010-5157

Race condition in Comodo Internet Security before 4.1.149672.916 on Windows XP allows local users to bypass kernel-mode hook handlers, and execute dangerous code that would otherwise be blocked by a handler but not blocked by signature-based malware detection, via certain user-space memory change...

6.6AI score0.00387EPSS
Exploits0References11
Rows per page
Query Builder