Malware Delivery via Cloud Services Exploits Unicode Trick to Deceive Users

A new attack campaign dubbed CLOUDREVERSER has been observed leveraging legitimate cloud storage services like Google Drive and Dropbox to stage malicious payloads. "The VBScript and PowerShell scripts in the CLOUDREVERSER inherently involves command-and-control-like activities by using Google...

SUSE CVE-2010-2230

The KSES text cleaning filter in lib/weblib.php in Moodle before 1.8.13 and 1.9.x before 1.9.9 does not properly handle vbscript URIs, which allows remote authenticated users to conduct cross-site scripting XSS attacks via HTML input...

FIN7 Hackers Using Windows 11 Themed Documents to Drop Javascript Backdoor

A recent wave of spear-phishing campaigns leveraged weaponized Windows 11 Alpha-themed Word documents with Visual Basic macros to drop malicious payloads, including a JavaScript implant, against a point-of-sale PoS service provider located in the U.S. The attacks, which are believed to have taken...

SolarWinds DameWare Mini Remote Control 10.0 - Denial of Service

Vendor: Solarwinds Site Vendor: https://www.dameware.com/ Product: Dameware Mini Remote Control Version: 10.0 x64 Platform: Windows Tested on: Windows 7 SP1 x64 Dscription: The DWRCC executable file is affected by a buffer overflow vulnerability. The buffer size passed in on the machine name...

SolarWinds DameWare Mini Remote Control 10.0 Denial Of Service

Vendor: Solarwinds Site Vendor: https://www.dameware.com/ Product: Dameware Mini Remote Control Version: 10.0 x64 Platform: Windows Tested on: Windows 7 SP1 x64 Dscription: The DWRCC executable file is affected by a buffer overflow vulnerability. The buffer size passed in on the machine name...

CVE-2018-8619

A remote code execution vulnerability exists when the Internet Explorer VBScript execution policy does not properly restrict VBScript under specific conditions, aka "Internet Explorer Remote Code Execution Vulnerability." This affects Internet Explorer 9, Internet Explorer 11, Internet Explorer 1...

How To Find QQ's Bugs-bug warning-the black bar safety net

How To Find QQ' Bugs. For the QQ installation file scan to the next, almost no encryption program file, but the specific analysis is more wordy. But I think so much of a mess of things in a large heap, bufferflow is certainly might exist. But lazy of going to get. In the QQ directory below have a...

Vulnerable function in newest PowerPoint case (MS Advisory #925984)

This PowerPoint vulnerability is described at Microsoft Security Advisory 925984 http://www.microsoft.com/technet/security/advisory/925984.mspx It appears that the vulnerability is due to errors when executing VB script SlideShowWindows.View.GotoNamedShow automatically inside a PowerPoint...