Backdoor.Win32.Amatu.a / Remote Arbitrary File Write (RCE)

Read Time:17 Second

Posted by malvuln on Sep 28

Discovery / credits: Malvuln (John Page aka hyp3rlinx) (c) 2024
Original source:
https://malvuln.com/advisory/1e2d0b90ffc23e00b743c41064bdcc6b.txt
Contact: malvuln13 () gmail com
Media: x.com/malvuln

Threat: Backdoor.Win32.Amatu.a
Vulnerability: Remote Arbitrary File Write (RCE)
Family: Amatu
Type: PE32
MD5: 1e2d0b90ffc23e00b743c41064bdcc6b
SHA256: 77fff9931013ab4de6d4be66ca4fda47be37b6f706a7062430ee8133c7521297
Vuln ID: MVID-2024-0698
Dropped…

Defense in depth — the Microsoft way (part 88): a SINGLE command line shows about 20, 000 instances of CWE-73

Posted by Stefan Kanthak on Sep 28 Hi @ll, <https://cwe.mitre.org/data/definitions/73.html> CWE-73: External Control of File Name or Path is a...

September 29, 2024

SEC Consult SA-20240925-0 :: Uninstall Password Bypass in BlackBerry CylanceOPTICS Windows Installer Package (CVE-2024-35214)

Posted by SEC Consult Vulnerability Lab via Fulldisclosure on Sep 28 SEC Consult Vulnerability Lab Security Advisory < 20240925-0 >...

September 29, 2024

Squid Fishing in Japan

Deepfake Ukrainian diplomat targeted US senator on Zoom call

Governments Urge Improved Security and Resilience for Undersea Cables

Ireland’s DPC Hits Meta with €91 Million Penalty for GDPR Violation

US Sanctions Crypto Exchanges for Facilitating Russian Cybercrime

NIST Recommends Some Common-Sense Password Rules

Man Arrested Over UK Railway Station Wi-Fi Hack

Russian Hackers Target Ukrainian Servicemen via Messaging Apps

Data Breach at MC2 Data Leaves 100 Million at Risk of Fraud

Backdoor.Win32.Amatu.a / Remote Arbitrary File Write (RCE)

Backdoor.Win32.Benju.a / Unauthenticated Remote Command Execution

Backdoor.Win32.Prorat.jz / Remote Stack Buffer Overflow (SEH)

Backdoor.Win32.Agent.pw / Remote Stack Buffer Overflow (SEH)

Backdoor.Win32.Boiling / Remote Command Execution

Defense in depth — the Microsoft way (part 88): a SINGLE command line shows about 20, 000 instances of CWE-73

SEC Consult SA-20240925-0 :: Uninstall Password Bypass in BlackBerry CylanceOPTICS Windows Installer Package (CVE-2024-35214)