Lucene search
K

9 matches found

Information Security Automation
Information Security Automation
added 2025/07/21 11:50 a.m.16 views

About Remote Code Execution – Internet Shortcut Files (CVE-2025-33053) vulnerability

About Remote Code Execution - Internet Shortcut Files CVE-2025-33053 vulnerability. A vulnerability from the June Microsoft Patch Tuesday. This vulnerability immediately showed signs of exploitation in the wild. This flaw allows a remote attacker to execute arbitrary code when a victim opens a...

8.8CVSS8.8AI score0.81558EPSS
Exploits10
The Hacker News
The Hacker News
added 2025/06/11 7:46 a.m.46 views

Microsoft Patches 67 Vulnerabilities Including WEBDAV Zero-Day Exploited in the Wild

Microsoft has released patches to fix 67 security flaws, including one zero-day bug in Web Distributed Authoring and Versioning WebDAV that it said has come under active exploitation in the wild. Of the 67 vulnerabilities, 11 are rated Critical and 56 are rated Important in severity. This include...

9.8CVSS9AI score0.81558EPSS
Exploits17
Rapid7 Blog
Rapid7 Blog
added 2025/06/10 8:8 p.m.51 views

Patch Tuesday - June 2025

Microsoft is addressing 67 vulnerabilities this June 2025 Patch Tuesday. Microsoft has evidence of in-the-wild exploitation for just one of the vulnerabilities published today, and that is reflected in CISA KEV. Separately, Microsoft is aware of existing public disclosure for one other freshly...

9.8CVSS9.5AI score0.81558EPSS
Exploits35
Positive Technologies
Positive Technologies
added 2025/01/30 12:0 a.m.10 views

PT-2025-24329

Name of the Vulnerable Software and Affected Versions Microsoft Windows versions prior to July 2025 Patch Tuesday Description A remote code execution vulnerability exists in the Web Distributed Authoring and Versioning WebDAV component of Microsoft Windows. This flaw, tracked as CVE-2025-33053,...

10CVSS8.8AI score0.81558EPSS
Exploits10References260
hivepro
hivepro
added 2023/09/28 5:29 a.m.24 views

Deadglyph Malware Emerges as a Game Changer for Stealth Falcon

Threat Level Actor Report For a detailed threat advisory, download the pdf file here Summary The cyber espionage group Stealth Falcon commenced covert operations and employed advanced backdoor malware called "Deadglyph" primarily to infiltrate Middle Eastern government entities. To receive...

6.9AI score
Exploits0
The Hacker News
The Hacker News
added 2023/09/23 11:10 a.m.185 views

Deadglyph: New Advanced Backdoor with Distinctive Malware Tactics

Cybersecurity researchers have discovered a previously undocumented advanced backdoor dubbed Deadglyph employed by a threat actor known as Stealth Falcon as part of a cyber espionage campaign. "Deadglyph's architecture is unusual as it consists of cooperating components – one a native x64 binary,...

7.8CVSS7.8AI score0.04196EPSS
Exploits0
ThreatPost
ThreatPost
added 2019/09/09 6:23 p.m.34 views

Stealth Falcon Targets Middle East with Windows BITS Feature

The notorious Stealth Falcon cyberespionage group has adopted a new backdoor using the Windows Background Intelligent Transfer Service BITS in its ongoing spyware attacks against journalists, activists and dissidents in the Middle East. According to researchers at ESET, attackers are exploiting t...

0.3AI score
Exploits0References5
The Hacker News
The Hacker News
added 2019/09/09 1:18 p.m.1 views

New Malware Uses Windows BITS Service to Stealthy Exfiltrate Data

Cybersecurity researchers have discovered a new computer virus associated with the Stealth Falcon state-sponsored cyber espionage group that abuses a built-in component of the Microsoft Windows operating system to stealthily exfiltrate stolen data to attacker-controlled server. Active since 2012,...

7.5AI score
Exploits0
The Hacker News
The Hacker News
added 2019/09/09 1:18 p.m.68 views

New Malware Uses Windows BITS Service to Stealthy Exfiltrate Data

Cybersecurity researchers have discovered a new computer virus associated with the Stealth Falcon state-sponsored cyber espionage group that abuses a built-in component of the Microsoft Windows operating system to stealthily exfiltrate stolen data to attacker-controlled server. Active since 2012,...

1.9AI score
Exploits0
Rows per page
Query Builder