CVE-2018-8440 – Task Scheduler ALPC Zero-Day Exploit in the Wild

Credit to Author: Sameer Patil| Date: Wed, 12 Sep 2018 13:30:14 +0000

The recent zero-day vulnerability CVE-2018-8440 in Windows Task Scheduler enables attackers to perform a privilege elevation on targeted machines. Microsoft has released a security advisory CVE-2018-8440 on September 11, 2018 to address this issue. According to Microsoft, successful exploitation of this vulnerability could run arbitrary code in the security context…

Read more

Intercept X vi difende contro l’abuso SettingsContent-ms

Credit to Author: Sophos Italia| Date: Fri, 07 Sep 2018 05:25:33 +0000

Anche l’utilizzo di una versione precedente della nostra tecnologia anti-exploit vi proteggerà se aprite un documento dannoso che contiene l’exploit CVE-2018-8414<img src=”http://feeds.feedburner.com/~r/sophos/dgdY/~4/_KRXG6HUMaI” height=”1″ width=”1″ alt=””/>

Read more

‘Hidden Bee’ miner delivered via improved drive-by download toolkit

Credit to Author: Malwarebytes Labs| Date: Thu, 26 Jul 2018 21:00:22 +0000

Threat actors switch to the Hidden Bee miner as a payload for this unusual and complex drive-by download campaign.

Categories:

Tags:

()

The post ‘Hidden Bee’ miner delivered via improved drive-by download toolkit appeared first on Malwarebytes Labs.

Read more

Taking apart a double zero-day sample discovered in joint hunt with ESET

Credit to Author: Windows Defender ATP| Date: Mon, 02 Jul 2018 15:00:00 +0000

In late March 2018, I analyzed an interesting PDF sample found by ESET senior malware researcher Anton Cherpanov. The sample was initially reported to Microsoft as a potential exploit for an unknown Windows kernel vulnerability. During my investigation in parallel with ESET researchers, I was surprised to discover two new zero-day exploits in the same

Read more

Read more

CVE-2018-8174: Windows VBScript Engine Remote Code Execution Vulnerability – An advisory by Quick Heal Security Labs

Credit to Author: Prashant Kadam| Date: Thu, 10 May 2018 11:50:17 +0000

The recent zero-day vulnerability in Windows VBScript Engine (CVE-2018-8174), enables attackers to perform a remote code execution on targeted machines. Microsoft has released a security advisory CVE-2018-8174 on May 8, 2018, to address this issue. According to Microsoft, it impacts most of the Windows Operating Systems. Vulnerable versions Windows 7 x86 and x64 versions Windows…

Read more

CVE-2018-8174 : Windows VBScript Engine Remote Code Execution Vulnerability – An advisory by Quick Heal Security Labs

Credit to Author: Prashant Kadam| Date: Thu, 10 May 2018 11:50:17 +0000

The recent zero-day vulnerability in Windows VBScript Engine (CVE-2018-8174), enables attackers to perform a remote code execution on targeted machines. Microsoft has released a security advisory CVE-2018-8174 on May 8, 2018, to address this issue. According to Microsoft, it impacts most of the Windows Operating Systems. Vulnerable versions Windows 7 x86 and x64 versions Windows…

Read more

Chinese, Russian hackers counting on Apache Struts vulnerabilities – a report by Quick Heal Security Labs

Credit to Author: Sameer Patil| Date: Wed, 07 Mar 2018 10:32:57 +0000

Apache Struts is an open-source CMS based on MVC framework for developing Java EE Web Applications. Apache Struts has been widely used by many Fortune 100 companies and government agencies over the years for developing web applications. But, websites built using a CMS constantly need to upgrade the CMS versions in their web application servers, because vulnerabilities…

Read more

Malspam campaigns exploiting recent MS Office vulnerability ‘CVE-2017-11882’ – An Analysis by Quick Heal Security Labs

Credit to Author: Aniruddha Dolas| Date: Mon, 05 Feb 2018 10:12:34 +0000

No wonder malspam campaigns are a major medium to spread malware. Previously, we have written about such campaigns making use of MS Office malware such as malicious macro, CVE-2017-0199, CVE-2017-8759 and DDE-based attack. Recently, we have started observing various malspam campaigns exploiting the latest MS Office vulnerability CVE-2018-11882. Let’s take a look…

Read more

Malspam campaigns exploiting recent MS Office vulnerability ‘CVE-2017-11882’

Credit to Author: Aniruddha Dolas| Date: Mon, 05 Feb 2018 10:12:34 +0000

No wonder malspam campaigns are a major medium to spread malware. Previously, we have written about such campaigns making use of MS Office malware such as malicious macro CVE-2017-0199, CVE-2017-8759 and DDE-based attack. Recently, we have started observing various malspam campaigns exploiting the latest MS Office vulnerability CVE-2018-11882. Let’s take a…

Read more