45 matches found
EUVD-2018-14304
Malware in sbrugna...
EUVD-2021-0563
Malware in sbrugna...
EUVD-2017-4588
Malware in sbrugna...
EUVD-1999-0444
Malware in sbrugna...
EUVD-2022-7010
Malicious code in bioql PyPI...
CVE-1999-0444
Remote attackers can perform a denial of service in Windows machines using malicious ARP packets, forcing a message box display for each packet or filling up log files...
Microsoft Azure Connected Machine Agent 后置链接漏洞
Microsoft Azure Connected Machine Agent is a U.S.-based Microsoft company's ability to manage Windows and Linux computers hosted outside of Azure on a corporate network or other cloud provider. A backlink vulnerability exists in Microsoft Azure Connected Machine Agent. An attacker could exploit t...
New Bandook RAT Variant Resurfaces, Targeting Windows Machines
A new variant of remote access trojan called Bandook has been observed being propagated via phishing attacks with an aim to infiltrate Windows machines, underscoring the continuous evolution of the malware. Fortinet FortiGuard Labs, which identified the activity in October 2023, said the malware ...
Sophisticated Phishing Campaign Deploying Agent Tesla, OriginBotnet, and RedLine Clipper
A sophisticated phishing campaign is using a Microsoft Word document lure to distribute a trifecta of threats, namely Agent Tesla, OriginBotnet, and RedLine Clipper, to gather a wide range of information from compromised Windows machines. "A phishing email delivers the Word document as an...
New Attack Drops LokiBot Malware Via Malicious Macros in Word Docs
By Waqas LokiBot, a notorious Trojan active since 2015, specializes in stealing sensitive information from Windows machines, posing a significant threat to user data. This is a post from HackRead.com Read the original post: New Attack Drops LokiBot Malware Via Malicious Macros in Word Docs...
CVE-2022-39327 Improper Control of Generation of Code ('Code Injection') in Azure CLI
Azure CLI is the command-line interface for Microsoft Azure. In versions previous to 2.40.0, Azure CLI contains a vulnerability for potential code injection. Critical scenarios are where a hosting machine runs an Azure CLI command where parameter values have been provided by an external source. T...
PersistenceSniper - Powershell Script That Can Be Used By Blue Teams, Incident Responders And System Administrators To Hunt Persistences Implanted In Windows Machines
PersistenceSniper is a Powershell script that can be used by Blue Teams, Incident Responders and System Administrators to hunt persistences implanted in Windows machines. The script is also available on Powershell Gallery. --- The Why Why writing such a tool, you might ask. Well, for starters, I...
Malicious Ads Target Cryptocurrency Users With Cinobi Banking Trojan
A new social engineering-based malvertising campaign targeting Japan has been found to deliver a malicious application that deploys a banking trojan on compromised Windows machines to steal credentials associated with cryptocurrency accounts. The application masquerades as an animated porn game, ...
Hackers Using Fake Foundations to Target Uyghur Minority in China
The Uyghur community located in China and Pakistan has been the subject of an ongoing espionage campaign aiming to trick the targets into downloading a Windows backdoor to amass sensitive information from their systems. "Considerable effort was put into disguising the payloads, whether by creatin...
Purple Fox Malware Targets Windows Machines With New Worm Capabilities
A malware that has historically targeted exposed Windows machines through phishing and exploit kits has been retooled to add new “worm” capabilities. Purple Fox, which first appeared in 2018, is an active malware campaign that until recently required user interaction or some kind of third-party...
HackerOne: CSV injection in the credentials export
Summary: Hello team! We have found out that a hacker can inject malicious excel formulas into the credentials details which will be executed when program user exports the credentials details via https://hackerone.com/hackeroneh1pbbp3/credentials - export credentials and opens this CSV using MS...
Directory Traversal
Overview Impact Clients of FTP servers utilizing ftp-srv hosted on Windows machines can escape the FTP user's defined root folder using the expected FTP commands, for example, CWD and UPDR. Background When windows separators exist within the path , path.resolve leaves the upper pointers intact an...
CVE-2020-26299
ftp-srv is an open-source FTP server designed to be simple yet configurable. In ftp-srv before version 4.4.0 there is a path-traversal vulnerability. Clients of FTP servers utilizing ftp-srv hosted on Windows machines can escape the FTP user's defined root folder using the expected FTP commands,...
Important: Red Hat Security Advisory: freerdp security update
An update for freerdp is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from t...
ManageEngine Asset Explorer Windows Agent Remote Code Execution
XL-2020-003 - Asset Explorer Windows Agent - Remote Code Execution =============================================================================== Identifiers ------------------------------------------------- CVE-2020-8838 XL-20-003 CVSSv3 score ------------------------------------------------- 7...