Category Archives: Advisories

Advisories

Oracle Critical Patch Update Advisory – April 2022

April 19, 2022

Read Time:1 Second

Post Content

Advisories

[R1] Tenable.sc 5.21.0 Fixes Fix Multiple Third-Party Vulnerabilities

April 19, 2022

Read Time:27 Second

Tenable.sc leverages third-party software to help provide underlying functionality. Several of the third-party components were found to contain vulnerabilities, and updated versions have been made available by the providers.

Out of caution, and in line with best practice, Tenable has upgraded the bundled components to address the potential impact of these issues. Tenable.sc 5.21.0 updates the following components to address the identified vulnerabilities:

jQuery UI upgraded from 1.12.0 to 1.13.1
MomentJS upgraded from 2.29.1 to 2.29.2

Advisories

Backdoor.Win32.GateHell.21 / Port Bounce Scan

April 19, 2022

Read Time:21 Second

Posted by malvuln on Apr 18

Discovery / credits: Malvuln – malvuln.com (c) 2022
Original source:
https://malvuln.com/advisory/5aa81ddc996be64116754efac0e4f55d_B.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln

Threat: Backdoor.Win32.GateHell.21
Vulnerability: Port Bounce Scan
Description: The malware runs an FTP server on TCP ports
5301,5432,5300,5299,5298,5297,5296 and 5295. Third-party adversaries who
successfully logon can abuse the backdoor FTP server as…

Advisories

Backdoor.Win32.GateHell.21 / Authentication Bypass

April 19, 2022

Read Time:21 Second

Posted by malvuln on Apr 18

Discovery / credits: Malvuln – malvuln.com (c) 2022
Original source:
https://malvuln.com/advisory/5aa81ddc996be64116754efac0e4f55d.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln

Threat: Backdoor.Win32.GateHell.21
Vulnerability: Authentication Bypass
Description: The malware runs an FTP server on TCP ports
5301,5432,5300,5299,5298,5297,5296 and 5295. Third-party attackers who can
reach infected systems can logon using any…

Advisories

Backdoor.Win32.Delf.zn / Insecure Credential Storage

April 19, 2022

Read Time:18 Second

Posted by malvuln on Apr 18

Discovery / credits: Malvuln – malvuln.com (c) 2022
Original source:
https://malvuln.com/advisory/9acdbfc9f7c1f6e589485b30aa91bfd2.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln

Threat: Backdoor.Win32.Delf.zn
Vulnerability: Insecure Credential Storage
Description: The default credentials for the backdoor are stored in
cleartext within the “Firefly.ini” file.
Family: Delf
Type: PE32
MD5: 9acdbfc9f7c1f6e589485b30aa91bfd2…

Advisories

Backdoor.Win32.Psychward.03.a / Weak Hardcoded Password

April 19, 2022

Read Time:19 Second

Posted by malvuln on Apr 18

Discovery / credits: Malvuln – malvuln.com (c) 2022
Original source:
https://malvuln.com/advisory/4b9a42ca1e65cf0a7febbe18f397ef24.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln

Threat: Backdoor.Win32.Psychward.03.a
Vulnerability: Weak Hardcoded Password
Description: The malware listens on TCP port 13013. Authentication is
required, however the password “m4sturb4t10n” is weak and hardcoded in
cleartext within the PE…

Advisories

Backdoor.Win32.Hupigon.haqj / Insecure Service Path

April 19, 2022

Read Time:20 Second

Posted by malvuln on Apr 18

Discovery / credits: Malvuln – malvuln.com (c) 2022
Original source:
https://malvuln.com/advisory/d9542df20f8df457747451dd9e16d1c0.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln

Threat: Backdoor.Win32.Hupigon.haqj
Vulnerability: Insecure Service Path
Description: The malware creates a service with an unquoted path. Third
party attackers who can place an arbitrary executable under c: drive can
potentially undermine the integrity…

Advisories

Trojan.Win32.TScash.c / Insecure Permissions

April 19, 2022

Read Time:20 Second

Posted by malvuln on Apr 18

Discovery / credits: Malvuln – malvuln.com (c) 2022
Original source:
https://malvuln.com/advisory/9d18d318e017b513b9c6cd193ccdc6ff.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln

Threat: Trojan.Win32.TScash.c
Vulnerability: Insecure Permissions
Description: The malware writes a PE file with insecure permissions to c
drive granting change (C) permissions to the authenticated user group.
Standard users can rename the executable…

Advisories

Backdoor.Win32.Loselove / Denial of Service

April 19, 2022

Read Time:21 Second

Posted by malvuln on Apr 18

Discovery / credits: Malvuln – malvuln.com (c) 2022
Original source:
https://malvuln.com/advisory/9a8150938bff3a17fa0169c3dc6dae85.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln

Threat: Backdoor.Win32.Loselove
Vulnerability: Denial of Service
Description: The malware listens on UDP ports 9329, 8329, 8322, 8131 and
8130. Attackers can send a large junk payload to UDP port 8131 causing it
to crash.
Family: Loselove
Type: PE32
MD5:…

Advisories

HackTool.Win32.Delf.vs / Insecure Credential Storage

April 19, 2022

Read Time:19 Second

Posted by malvuln on Apr 18

Discovery / credits: Malvuln – malvuln.com (c) 2022
Original source:
https://malvuln.com/advisory/92f7f9495ffd56d05a5acf395c9e0097.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln

Threat: HackTool.Win32.Delf.vs
Vulnerability: Insecure Credential Storage
Description: The malware credentials are stored in cleartext within the
sysinfo.ini file.
Family: Delf
Type: PE32
MD5: 92f7f9495ffd56d05a5acf395c9e0097
Vuln ID: MVID-2022-0553…

News, Advisories and much more

Exit mobile version