[webapps] SolarView Compact 6.00 – ‘pow’ Cross-Site Scripting (XSS)
SolarView Compact 6.00 – ‘pow’ Cross-Site Scripting (XSS)
SolarView Compact 6.00 – ‘pow’ Cross-Site Scripting (XSS)
SolarView Compact 6.00 – ‘time_begin’ Cross-Site Scripting (XSS)
Real Player v.20.0.8.310 G2 Control – ‘DoGoToURL()’ Remote Code Execution (RCE)
Persistence by writing/reading shellcode from Event Log. Usage The SharpEventPersist tool takes 4 case-sensitive parameters: -file “C:\path\to\shellcode.bin” -instanceid 1337 -source Persistence -eventlog “Key Management Service”. The shel…
Tech support scams follow a simple business model that has not changed much over the years. After all, why change a recipe that continues to yield large profits. We see countless such campaigns and block them indiscriminately to protect our customers from being defrauded by a fraudulent tech support agent over the phone. Every now…
The post Taking down the IP2Scam tech support campaign appeared first on Malwarebytes Labs.
We take a look at the latest batch of vulnerabilities in Chrome requiring an update.
The post Update Chrome now: Four high risk vulnerabilities found appeared first on Malwarebytes Labs.
A technically sophisticated threat actor known as SeaFlower has been targeting Android and iOS users as part of an extensive campaign that mimics official cryptocurrency wallet websites intending to distribute backdoored apps that drain victims’ funds…
Building on the existing reporting of the TPM status and certificates, WLS now has the ability to report the Windows Boot Configuration Log, also known as the Trusted Computing Group (TCG) measured boot logs. This is the same information u…
A Chinese advanced persistent threat (APT) known as Gallium has been observed using a previously undocumented remote access trojan in its espionage attacks targeting companies operating in Southeast Asia, Europe, and Africa.
Called PingPull, the “diff…
ConfluencePot is a simple honeypot for the Atlassian Confluence unauthenticated and remote OGNL injection vulnerability (CVE-2022-26134). About the vulnerability You can find the official advisory by Atlassian to this vulerability here. For detai…