Read Time:3 Second
Threat actor bombarded Uber contractor with 2FA requests
Yearly Archives: 2022
ZDI-22-1293: FreeBSD Kernel MPT Heap-based Buffer Overflow Privilege Escalation Vulnerability
Read Time:11 Second
This vulnerability allows local attackers to escalate privileges on affected installations of FreeBSD Kernel. An attacker must first obtain the ability to execute high-privileged code on the target system in order to exploit this vulnerability.
ZDI-22-1294: FreeBSD Kernel MPT Heap-based Buffer Overflow Privilege Escalation Vulnerability
Read Time:11 Second
This vulnerability allows local attackers to escalate privileges on affected installations of FreeBSD Kernel. An attacker must first obtain the ability to execute high-privileged code on the target system in order to exploit this vulnerability.
ZDI-22-1290: D-Link Multiple Routers lighttpd Stack-based Buffer Overflow Remote Code Execution Vulnerability
Read Time:8 Second
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of multiple D-Link routers. Authentication is not required to exploit this vulnerability.
ZDI-22-1291: FreeBSD Kernel Netmap Time-Of-Check Time-Of-Use Privilege Escalation Vulnerability
Read Time:11 Second
This vulnerability allows local attackers to escalate privileges on affected installations of FreeBSD Kernel. An attacker must first obtain the ability to execute high-privileged code on the target system in order to exploit this vulnerability.
ZDI-22-1292: FreeBSD Kernel Netmap Integer Overflow Privilege Escalation Vulnerability
Read Time:11 Second
This vulnerability allows local attackers to escalate privileges on affected installations of FreeBSD Kernel. An attacker must first obtain the ability to execute high-privileged code on the target system in order to exploit this vulnerability.
Backdoor.Win32.Hellza.120 / Authentication Bypass
Read Time:19 Second
Posted by malvuln on Sep 19
Discovery / credits: Malvuln (John Page aka hyp3rlinx) (c) 2022
Original source:
https://malvuln.com/advisory/2cbd0fcf4d5fd5fb6c8014390efb0b21_B.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln
Threat: Backdoor.Win32.Hellza.120
Vulnerability: Authentication Bypass
Description: The malware listens on TCP ports 12122, 21. Third-party
adversarys who can reach infected systems can logon using any
username/password combination….
Backdoor.Win32.Hellza.120 / Unauthorized Remote Command Execution
Read Time:20 Second
Posted by malvuln on Sep 19
Discovery / credits: Malvuln (John Page aka hyp3rlinx) (c) 2022
Original source:
https://malvuln.com/advisory/2cbd0fcf4d5fd5fb6c8014390efb0b21.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln
Threat: Backdoor.Win32.Hellza.120
Vulnerability: Unauthorized Remote Command Execution
Description: The malware listens on TCP ports 12122, 21. Third-party
adversarys who can reach infected systems can issue commands made available
by the…
Trojan.Ransom.Ryuk.A / Arbitrary Code Execution
Read Time:20 Second
Posted by malvuln on Sep 19
Discovery / credits: Malvuln (John Page aka hyp3rlinx) (c) 2022
Original source:
https://malvuln.com/advisory/5ac0f050f93f86e69026faea1fbb4450.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln
Threat: Trojan.Ransom.Ryuk.A
Vulnerability: Arbitrary Code Execution
Description: The ransomware looks for and executes DLLs in its current
directory. Therefore, we can potentially hijack a vuln DLL execute our own
code, control and terminate…
Trojan-Dropper.Win32.Corty.10 / Insecure Credential Storage
Read Time:18 Second
Posted by malvuln on Sep 19
Discovery / credits: Malvuln (John Page aka hyp3rlinx) (c) 2022
Original source:
https://malvuln.com/advisory/f72138e574743640bdcdb9f102dff0a5.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln
Threat: Trojan-Dropper.Win32.Corty.10
Vulnerability: Insecure Credential Storage
Description: The malware stores its credentials in cleartext within the
Windows registry.
Family: Corty
Type: PE32
MD5: f72138e574743640bdcdb9f102dff0a5
Vuln ID:…