Lucene search
+L

91 matches found

ThreatPost
ThreatPost
added 2020/07/28 9:20 p.m.60 views

Lazarus Group Brings APT Tactics to Ransomware

Targeted ransomware attacks are on the rise, usually perpetrated by financially motivated threat gangs, which often work in concert together. However, researchers said that a recent strain of ransomware, called VHD, can be linked to an unusual source: The Lazarus Group APT. According to researche...

0.1AI score
Exploits0References8
Securelist
Securelist
added 2020/07/28 10:0 a.m.36 views

Lazarus on the hunt for big game

We may only be six months in, but theres little doubt that 2020 will go down in history as a rather unpleasant year. In the field of cybersecurity, the collective hurt mostly crystallized around the increasing prevalence of targeted ransomware attacks. By investigating a number of these incidents...

7.2AI score
Exploits0
ThreatPost
ThreatPost
added 2020/07/22 4:43 p.m.294 views

Lazarus Group Surfaces with Advanced Malware Framework

The North Korea-linked APT known as Lazarus Group has debuted an advanced, multipurpose malware framework, called MATA, to target Windows, Linux and macOS operating systems. Kaspersky researchers uncovered a series of attacks utilizing MATA so-called because the malware authors themselves call...

10CVSS9.4AI score0.99913EPSS
Exploits20References12
MSRC
MSRC
added 2019/09/03 7:30 p.m.70 views

Acquiring a VHD to Investigate

In a previous post we described some of the differences between on-premises/physical forensics and cyber investigations and those performed in the cloud, and how this can make cloud forensics challenging. That blog post described a method of creating and maintaining a VM image which can be...

1.8AI score
Exploits0
MSRC
MSRC
added 2019/09/03 7:0 a.m.13 views

Acquiring a VHD to Investigate

In a previous post we described some of the differences between on-premises/physical forensics and cyber investigations and those performed in the cloud, and how this can make cloud forensics challenging. That blog post described a method of creating and maintaining a VM image which can be...

2.1AI score
Exploits0
MSRC
MSRC
added 2019/09/03 7:0 a.m.14 views

Acquiring a VHD to Investigate

In a previous post we described some of the differences between on-premises/physical forensics and cyber investigations and those performed in the cloud, and how this can make cloud forensics challenging. That blog post described a method of creating and maintaining a VM image which can be...

6.9AI score
Exploits0
Citrix
Citrix
added 2019/04/15 12:0 a.m.8 views

Citrix Provisioning Console Error: 0x00000057 - Invalid Parameter

Citrix Provisioning does not support VHD based vDisks on 4K storage in any Citrix Provisioning product version. Microsoft's VHD file specification only supports a disk logical sector size of 512 bytes. A read/write access VHD on 4K disk will trigger read-modify-write emulation, which results in...

7.1AI score
Exploits0
Veeam
Veeam
added 2018/08/22 12:0 a.m.25 views

Backing Up Hyper-V Guest Cluster Based on VHD Set

Challenge VHD Set is a new shared Virtual Disk model for guest clusters in Windows Server 2016 and later. VHD Set files can be included in application-consistent checkpoints and backed up, but there are some limitations. Cause Please make sure the following requirements are met: Each guest VM...

5.8AI score
Exploits0
Microsoft KB
Microsoft KB
added 2017/10/27 12:0 a.m.5 views

Update Rollup 13 for System Center 2012 R2 Virtual Machine Manager

Update Rollup 13 for System Center 2012 R2 Virtual Machine Manager Introduction This article describes the issues that are fixed in Update Rollup 13 for Microsoft System Center 2012 R2 Virtual Machine Manager. There are two updates available for Virtual Machine Manager, one for the Virtual Machin...

6.8AI score
Exploits0
Microsoft KB
Microsoft KB
added 2017/01/07 12:0 a.m.32 views

Update Rollup 4 for System Center 2012 R2 Virtual Machine Manager

Update Rollup 4 for System Center 2012 R2 Virtual Machine Manager Introduction This article describes the issues that are fixed in Update Rollup 4 for Microsoft System Center 2012 R2 Virtual Machine Manager VMM. There are two updates available for System Center 2012 R2 Virtual Machine Manager. On...

7.1AI score
Exploits0
Microsoft KB
Microsoft KB
added 2017/01/07 12:0 a.m.38 views

Update Rollup 3 for System Center 2012 R2 Virtual Machine Manager

Update Rollup 3 for System Center 2012 R2 Virtual Machine Manager Introduction This article describes the issues that are fixed in Update Rollup 3 for Microsoft System Center 2012 R2 Virtual Machine Manager. Two updates are available for System Center 2012 R2 Virtual Machine Manager. One update i...

7.1AI score
Exploits0
Microsoft KB
Microsoft KB
added 2017/01/07 12:0 a.m.26 views

Description of Update Rollup 2 for System Center 2012 R2 Service Provider Foundation

Description of Update Rollup 2 for System Center 2012 R2 Service Provider Foundation Summary This article describes the issues that are fixed in Update Rollup 2 for Microsoft System Center 2012 R2 Service Provider Foundation SPF. Additionally, this article contains the installation instructions f...

6.9AI score
Exploits0
exploitpack
exploitpack
added 2016/11/15 12:0 a.m.18 views

Microsoft Windows - VHDMP ZwDeleteFile Arbitrary File Deletion Privilege Escalation (MS16-138)

Microsoft Windows - VHDMP ZwDeleteFile Arbitrary File Deletion Privilege Escalation MS16-138 / Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=915 Windows: VHDMP ZwDeleteFile Arbitrary File Deletion EoP Platform: Windows 10 10586 and 14393. No idea about 7 or 8.1 versions. Class...

0.5AI score
Exploits0
NVD
NVD
added 2016/11/10 6:59 a.m.23 views

CVE-2016-7226

Virtual Hard Disk Driver in Windows 10 Gold, 1511, and 1607 and Windows Server 2016 does not properly restrict access to files, which allows local users to gain privileges via a crafted application, aka "VHD Driver Elevation of Privilege Vulnerability."...

6.1CVSS6.3AI score0.04105EPSS
Exploits1References4
OSV
OSV
added 2016/11/10 6:59 a.m.3 views

CVE-2016-7226

Virtual Hard Disk Driver in Windows 10 Gold, 1511, and 1607 and Windows Server 2016 does not properly restrict access to files, which allows local users to gain privileges via a crafted application, aka "VHD Driver Elevation of Privilege Vulnerability."...

6.1CVSS5.8AI score0.04105EPSS
Exploits1References4
NVD
NVD
added 2016/11/10 6:59 a.m.22 views

CVE-2016-7225

Virtual Hard Disk Driver in Windows 10 Gold, 1511, and 1607 and Windows Server 2016 does not properly restrict access to files, which allows local users to gain privileges via a crafted application, aka "VHD Driver Elevation of Privilege Vulnerability."...

6.1CVSS6.3AI score0.04105EPSS
Exploits1References4
NVD
NVD
added 2016/11/10 6:59 a.m.26 views

CVE-2016-7223

Virtual Hard Disk Driver in Microsoft Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, and 1607, and Windows Server 2016 does not properly restrict access to files, which allows local users to gain privileges via a crafted application, aka "VHD Driver Elevation...

6.1CVSS6.2AI score0.01401EPSS
Exploits0References3
OSV
OSV
added 2016/11/10 6:59 a.m.6 views

CVE-2016-7223

Virtual Hard Disk Driver in Microsoft Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, and 1607, and Windows Server 2016 does not properly restrict access to files, which allows local users to gain privileges via a crafted application, aka "VHD Driver Elevation...

6.1CVSS5.8AI score0.01401EPSS
Exploits0References3
Prion
Prion
added 2016/11/10 6:59 a.m.24 views

Privilege escalation

Virtual Hard Disk Driver in Microsoft Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, and 1607, and Windows Server 2016 does not properly restrict access to files, which allows local users to gain privileges via a crafted application, aka "VHD Driver Elevation...

3.6CVSS6.9AI score0.01401EPSS
Exploits0References3Affected Software2
Cvelist
Cvelist
added 2016/11/10 6:16 a.m.29 views

CVE-2016-7225

Virtual Hard Disk Driver in Windows 10 Gold, 1511, and 1607 and Windows Server 2016 does not properly restrict access to files, which allows local users to gain privileges via a crafted application, aka "VHD Driver Elevation of Privilege Vulnerability."...

6.4AI score0.04105EPSS
Exploits1References4
Rows per page
Query Builder