Trojan.Win32.Cosmu.abix / Insecure Permissions

Read Time:20 Second

Posted by malvuln on Feb 22

Discovery / credits: Malvuln – malvuln.com (c) 2022
Original source:
https://malvuln.com/advisory/b4638a10f7cfdbf39b9fef7539c63852.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln

Threat: Trojan.Win32.Cosmu.abix
Vulnerability: Insecure Permissions
Description: The malware writes several PE files and a dir with insecure
permissions under c drive granting change (C) permissions to the
authenticated user group. Standard users can…

USN-7413-1: Linux kernel (IoT) vulnerabilities

Ziming Zhang discovered that the DRM driver for VMware Virtual GPU did not properly handle certain error conditions, leading to...

April 3, 2025

USN-7406-4: Linux kernel (Azure FIPS) vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This...

April 3, 2025

APPLE-SA-04-01-2025-1 watchOS 11.4

Posted by Apple Product Security via Fulldisclosure on Apr 02 APPLE-SA-04-01-2025-1 watchOS 11.4 watchOS 11.4 addresses the following issues. Information...

April 3, 2025

APPLE-SA-03-31-2025-11 visionOS 2.4

Posted by Apple Product Security via Fulldisclosure on Apr 02 APPLE-SA-03-31-2025-11 visionOS 2.4 visionOS 2.4 addresses the following issues. Information...

April 3, 2025

APPLE-SA-03-31-2025-10 tvOS 18.4

Posted by Apple Product Security via Fulldisclosure on Apr 02 APPLE-SA-03-31-2025-10 tvOS 18.4 tvOS 18.4 addresses the following issues. Information...

April 3, 2025

APPLE-SA-03-31-2025-9 macOS Ventura 13.7.5

Posted by Apple Product Security via Fulldisclosure on Apr 02 APPLE-SA-03-31-2025-9 macOS Ventura 13.7.5 macOS Ventura 13.7.5 addresses the following...

April 3, 2025

Amateur Hacker Leverages Russian Bulletproof Hosting Server to Spread Malware

Web 3.0 Requires Data Integrity

Sensitive Data Breached in Highline Schools Ransomware Incident

Over Half of Attacks on Electricity and Water Firms Are Destructive

Nearly 600 Phishing Domains Emerge Following Bybit Heist

CISO: Chief Cybersecurity Warrior Leader

Smashing Security podcast #411: The fall of Troy, and whisky barrel scammers

Stripe API Skimming Campaign Unveils New Techniques for Theft

Royal Mail Investigates Data Breach Affecting Supplier

Trojan.Win32.Cosmu.abix / Insecure Permissions

USN-7413-1: Linux kernel (IoT) vulnerabilities

USN-7406-4: Linux kernel (Azure FIPS) vulnerabilities

APPLE-SA-04-01-2025-1 watchOS 11.4

APPLE-SA-03-31-2025-11 visionOS 2.4

APPLE-SA-03-31-2025-10 tvOS 18.4

APPLE-SA-03-31-2025-9 macOS Ventura 13.7.5