Malicious trading website drops malware that hands your browser to attackers

During our threat hunting, we found a campaign using the same malware loader from our previous research to deliver a different threat: Needle Stealer , data-stealing malware designed to quietly harvest sensitive information from infected devices, including browser data, login sessions, and...

Meta-Learning Based Radio Frequency Fingerprinting for GNSS Spoofing Detection

The rapid development of technology has led to an increase in the number of devices that rely on position, velocity, and time PVT information to perform their functions. As such, the Global Navigation Satellite Systems GNSS have been adopted as one of the most promising solutions to provide PVT...

EUVD-2012-6191

Malware in sbrugna...

EUVD-2012-6189

Malware in sbrugna...

EUVD-2012-6190

Malware in sbrugna...

Malicious code in spoofer-ip (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 2da3af6f33c88ebffe3e46690a63880708c162a1c710ff72131cf99f3ead9674 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

WPAD.dat File Server

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'WPAD.dat File Server', 'Description' = %q This module generates a valid wpad.dat file for WPAD mitm attacks. Usually this module is used in...

SilentMoonwalk - PoC Implementation Of A Fully Dynamic Call Stack Spoofer

PoC Implementation of a fully dynamic call stack spoofer TL;DR SilentMoonwalk is a PoC implementation of a fully dynamic call stack spoofer, implementing a technique to remove the original caller from the call stack, using ROP to desynchronize unwinding from control flow. Authors This PoC is the...

MAL-2022-3180 Malicious code in free-pokemon-go-spoofer-ios-apk-2022 (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 0db129f987cd3dc788ee2d248495349ba7c3cae85e9f80507bfdfc9ca48f91e9 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in free-pokemon-go-spoofer-ios-apk-2022 (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 0db129f987cd3dc788ee2d248495349ba7c3cae85e9f80507bfdfc9ca48f91e9 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in free-pokemon-go-coins-2022-pogokemon-go-spoofer (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 141ceab944168cc7605a0806e8bd0110153e3d611d4a2ae23f5723a45b243a68 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Spoofer 1.4.6 Privilege Escalation / Unquoted Service Path Vulnerabilities

Exploit Title: Spoofer 1.4.6 – Local Privilege Escalation via Unquoted Service Path Exploit Author: Asim Sattar @MAsim1 Vendor Homepage: https://www.caida.org/projects/spoofer/ Software Link: https://www.caida.org/projects/spoofer/downloads/Spoofer-1.4.6-win32.exe Version: 1.4.6 Tested: Windows 1...

Spoofer 1.4.6 Privilege Escalation / Unquoted Service Path

Exploit Title: Spoofer 1.4.6 – Local Privilege Escalation via Unquoted Service Path Date: 24/01/2022 Exploit Author: Asim Sattar @MAsim1 Vendor Homepage: https://www.caida.org/projects/spoofer/ Software Link: https://www.caida.org/projects/spoofer/downloads/Spoofer-1.4.6-win32.exe Version: 1.4.6...

Microsoft Windows SMB Direct Session Takeover Exploit

This Metasploit module will intercept direct SMB authentication requests to another host, gaining access to an authenticated SMB session if successful. If the connecting user is an administrator and network logins are allowed to the target machine, this module will execute an arbitrary payload. T...

Microsoft Windows SMB Direct Session Takeover

This module will intercept direct SMB authentication requests to another host, gaining access to an authenticated SMB session if successful. If the connecting user is an administrator and network logins are allowed to the target machine, this module will execute an arbitrary payload. To exploit...

Microsoft Windows SMB Direct Session Takeover

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Microsoft Windows SMB Direct Session Takeover', 'Description' = %q This module will intercept direct SMB authentication requests to another host,...

InveighZero - Windows C# LLMNR/mDNS/NBNS/DNS/DHCPv6 Spoofer/Man-In-The-Middle Tool

InveighZero is a C LLMNR/NBNS/mDNS/DNS/DHCPv6 spoofer and man-in-the-middle tool designed to assist penetration testers/red teamers that find themselves limited to a Windows system. This version shares many features with the PowerShell version of Inveigh. Privileged Mode Features elevated admin...

TinkererShell - A Simple Python Reverse Shell Written Just For Fun

A simple reverse shell written in python 3.7 just for fun. Actually it supports Windows and Linux OS and integrates some basic features like keylogging and AES encrypted communications. Supported operating systems: Windows Linux OSX Functions and characteristics: Reverse connection. AES encrypted...

Native DNS Spoofer (Example)

This module provides a Rex based DNS service to resolve queries intercepted via the capture mixin. Configure STATICENTRIES to contain host-name mappings desired for spoofing using a hostsfile or space/semicolon separated entries. In the default configuration, the service operates as a normal nati...

Fake GPS GO Location Spoofer Free - Dangerous filesystem permissions, WebView code execution vulnerabilities

HackApp vulnerability scanner discovered that application Fake GPS GO Location Spoofer Free published at the 'play' market has multiple vulnerabilities...