Credit to Author: Jérôme Segura| Date: Fri, 21 Dec 2018 21:34:24 +0000
 | |
| We take a look at some recent changes with the elusive Underminer exploit kit. Categories: Tags: CVE-2018-15982CVE-2018-4878CVE-2018-8174EKexploit kitshiddenbeeUnderminer |
The post Underminer exploit kit improves in its latest iteration appeared first on Malwarebytes Labs.
Read moreCredit to Author: Jérôme Segura| Date: Wed, 26 Sep 2018 17:13:26 +0000
 | |
| A threat actor implements a newer vulnerability exploited in Internet Explorer to serve up the Quasar RAT and diversify the portfolio of attacks. Categories: Tags: anti exploitCVE-2018-8174CVE-2018-8373exploitIndicators of compromiseIOCIOCspastebinpatchQuasarratremote administration toolvirustotalvulnerabilitiesvulnerability |
The post Buggy implementation of CVE-2018-8373 vulnerability used to deliver Quasar RAT appeared first on Malwarebytes Labs.
Read moreCredit to Author: Jérôme Segura| Date: Thu, 10 May 2018 19:58:00 +0000
 | |
| Internet Explorer is yet again leveraged for a zero-day exploit delivered via Office document—the first zero-day observed for IE in over two years. Categories: Tags: 0dayCVE-2018-8174zero day |
The post Internet Explorer zero-day: browser is once again under attack appeared first on Malwarebytes Labs.
Read moreCredit to Author: Prashant Kadam| Date: Thu, 10 May 2018 11:50:17 +0000
The recent zero-day vulnerability in Windows VBScript Engine (CVE-2018-8174), enables attackers to perform a remote code execution on targeted machines. Microsoft has released a security advisory CVE-2018-8174 on May 8, 2018, to address this issue. According to Microsoft, it impacts most of the Windows Operating Systems. Vulnerable versions Windows 7 x86 and x64 versions Windows…
Read moreCredit to Author: Prashant Kadam| Date: Thu, 10 May 2018 11:50:17 +0000
The recent zero-day vulnerability in Windows VBScript Engine (CVE-2018-8174), enables attackers to perform a remote code execution on targeted machines. Microsoft has released a security advisory CVE-2018-8174 on May 8, 2018, to address this issue. According to Microsoft, it impacts most of the Windows Operating Systems. Vulnerable versions Windows 7 x86 and x64 versions Windows…
Read more
Credit to Author: BrianKrebs| Date: Tue, 08 May 2018 20:38:16 +0000
Microsoft today released a bundle of security updates to fix at least 67 holes in its various Windows operating systems and related software, including one dangerous flaw that Microsoft warns is actively being exploited. Meanwhile, as it usually does on Microsoft’s Patch Tuesday — the second Tuesday of each month — Adobe has a new Flash Player update that addresses a single but critical security weakness. First, the Flash Tuesday update, which brings Flash Player to v. 29.0.0.171. Some (present company included) would argue that Flash Player is in itself “a single but critical security weakness.” Nevertheless, Google Chrome and Internet Explorer/Edge ship with their own versions of Flash, which get updated automatically when new versions of these browsers are made available.
Read more