25 matches found
CRESCENTHARVEST Campaign Targets Iran Protest Supporters With RAT Malware
Cybersecurity researchers have disclosed details of a new campaign dubbed CRESCENTHARVEST , likely targeting supporters of Iran's ongoing protests to conduct information theft and long-term espionage. The Acronis Threat Research Unit TRU said it observed the activity after January 9, with the...
New Attack Uses Windows Shortcut Files to Install REMCOS Backdoor
Security firm Point Wild has exposed a new malware campaign using malicious LNK files to install the REMCOS backdoor. This report details how attackers disguise files to gain full system control...
OneDrive Phishing Scam Tricks Users into Running Malicious PowerShell Script
Cybersecurity researchers are warning about a new phishing campaign that targets Microsoft OneDrive users with the aim of executing a malicious PowerShell script. "This campaign heavily relies on social engineering tactics to deceive users into executing a PowerShell script, thereby compromising...
New 'Quantum' Builder Lets Attackers Easily Create Malicious Windows Shortcuts
A new malware tool that enables cybercriminal actors to build malicious Windows shortcut .LNK files has been spotted for sale on cybercrime forums. Dubbed Quantum Lnk Builder, the software makes it possible to spoof any extension and choose from over 300 icons, not to mention support UAC and...
Mozilla Firefox Security Advisory (MFSA2012-37) - Linux
This host is missing a security update for Mozilla Firefox. Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; y...
Denial Of Service (DoS) Or Remote Code Execution (RCE)
Mozilla Firefox is an open source web browser. XULRunner provides the XUL Runtime environment for Mozilla Firefox. Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with...
Cross Site Scripting (XSS)
Mozilla Firefox is an open source web browser. XULRunner provides the XUL Runtime environment for Mozilla Firefox. Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with...
Microsoft Windows - .LNK Shortcut File Code Execution (Metasploit)
Microsoft Windows - .LNK Shortcut File Code Execution Metasploit This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'LNK Remote Code Execution Vulnerability', 'Description' = %q This module exploits...
[CVE-2 0 1 5-0 0 9 6]Microsoft Windows Shell SMB LNK Code Execution Exploit-vulnerability warning-the black bar safety net
require 'msf/core' class Metasploit3 Msf::Exploit::Remote Rank = ExcellentRanking include Msf::Exploit::EXE include Msf::Exploit::FILEFORMAT include Msf::Exploit::Remote::SMB::Server::Share attraccessor :exploitdllname def initializeinfo = superupdateinfoinfo, 'Name' = 'Microsoft Windows Shell LN...
Microsoft Windows Shell LNK Code Execution
This module exploits a vulnerability in the handling of Windows Shortcut files .LNK that contain an icon resource pointing to a malicious DLL. This creates an SMB resource to provide the payload inside a DLL, and generates a LNK file which must be sent to the target. This module requires...
SuSE 11.1 Security Update : Mozilla Firefox (SAT Patch Number 6425)
Mozilla Firefox has been updated to 10.0.5ESR fixing various bugs and security issues. - Mozilla developers identified and fixed several memory safety bugs in the browser engine used in Firefox and other Mozilla-based products. Some of these bugs showed evidence of memory corruption under certain...
Scientific Linux Security Update : firefox on SL5.x, SL6.x i386/x86_64 (20120605)
Mozilla Firefox is an open source web browser. XULRunner provides the XUL Runtime environment for Mozilla Firefox. Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with...
Ubuntu: Security Advisory (USN-1463-6)
The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Ubuntu Update for thunderbird USN-1463-4
Ubuntu Update for Linux kernel vulnerabilities USN-1463-4 OpenVAS Vulnerability Test $Id: gbubuntuUSN14634.nasl 7960 2017-12-01 06:58:16Z santu $ Ubuntu Update for thunderbird USN-1463-4 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net...
Ubuntu 10.04 LTS / 11.04 / 11.10 / 12.04 LTS : firefox regressions (USN-1463-3)
USN-1463-1 fixed vulnerabilities in Firefox. The new package caused a regression in the rendering of Hebrew text and the ability of the Hotmail inbox to auto-update. This update fixes the problem. Jesse Ruderman, Igor Bukanov, Bill McCloskey, Christian Holler, Andrew McCreight, Olli Pettay, Boris...
USN-1463-3: Firefox regressions
USN-1463-1 fixed vulnerabilities in Firefox. The new package caused a regression in the rendering of Hebrew text and the ability of the Hotmail inbox to auto-update. This update fixes the problem. Original advisory details: Jesse Ruderman, Igor Bukanov, Bill McCloskey, Christian Holler, Andrew...
Ubuntu Update for firefox USN-1463-1
Ubuntu Update for Linux kernel vulnerabilities USN-1463-1 OpenVAS Vulnerability Test $Id: gbubuntuUSN14631.nasl 7960 2017-12-01 06:58:16Z santu $ Ubuntu Update for firefox USN-1463-1 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This...
RedHat Update for thunderbird RHSA-2012:0715-01
The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...
Ubuntu: Security Advisory (USN-1463-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Ubuntu 10.04 LTS / 11.04 / 11.10 / 12.04 LTS : firefox vulnerabilities (USN-1463-1)
Jesse Ruderman, Igor Bukanov, Bill McCloskey, Christian Holler, Andrew McCreight, Olli Pettay, Boris Zbarsky, and Brian Bondy discovered memory safety issues affecting Firefox. If the user were tricked into opening a specially crafted page, an attacker could possibly exploit these to cause a deni...