[remote] Sourcegraph Gitserver 3.36.3 – Remote Code Execution (RCE)
Sourcegraph Gitserver 3.36.3 – Remote Code Execution (RCE)
Sourcegraph Gitserver 3.36.3 – Remote Code Execution (RCE)
Avantune Genialcloud ProJ 10 – Cross-Site Scripting (XSS)
HP LaserJet Professional M1210 MFP Series Receive Fax Service – Unquoted Service Path
Old Age Home Management System 1.0 – SQLi Authentication Bypass
SolarView Compact 6.00 – ‘pow’ Cross-Site Scripting (XSS)
SolarView Compact 6.00 – ‘time_begin’ Cross-Site Scripting (XSS)
Real Player v.20.0.8.310 G2 Control – ‘DoGoToURL()’ Remote Code Execution (RCE)
Persistence by writing/reading shellcode from Event Log. Usage The SharpEventPersist tool takes 4 case-sensitive parameters: -file “C:\path\to\shellcode.bin” -instanceid 1337 -source Persistence -eventlog “Key Management Service”. The shel…
Tech support scams follow a simple business model that has not changed much over the years. After all, why change a recipe that continues to yield large profits. We see countless such campaigns and block them indiscriminately to protect our customers from being defrauded by a fraudulent tech support agent over the phone. Every now…
The post Taking down the IP2Scam tech support campaign appeared first on Malwarebytes Labs.