Security
Headlines
HeadlinesLatestCVEs

Tag

#redis

Backdoor.Win32.Hellza.120 MVID-2022-0641 Remote Command Execution

Backdoor.Win32.Hellza.120 malware suffers from a remote command execution vulnerability.

Packet Storm
Open in Source
#vulnerability#web#redis#backdoor#auth
Backdoor.Win32.Hellza.120 MVID-2022-0642 Authentication Bypass

Backdoor.Win32.Hellza.120 malware suffers from an authentication bypass vulnerability.

Trojan.Ransom.Ryuk.A MVID-2022-0640 Code Execution

Trojan.Ransom.Ryuk.A ransomware looks for and executes DLLs in its current directory. Therefore, we can potentially hijack a DLL, execute our own code, and control and terminate the malware pre-encryption. Once loaded the exploit dll will check if the current directory is "C:\Windows\System32" and if not, we grab our process ID and terminate. All basic tests were conducted successfully in a virtual machine environment.

Trojan-Dropper.Win32.Corty.10 MVID-2022-0639 Insecure Credential Storage

Trojan-Dropper.Win32.Corty.10 malware suffers from an insecure credential storage vulnerability.

CVE-2022-40980

A potential unathenticated file deletion vulnerabilty on Trend Micro Mobile Security for Enterprise 9.8 SP5 could allow an attacker with access to the Management Server to delete files. This issue was resolved in 9.8 SP5 Critical Patch 2.

CVE-2022-40757: mTower/tee_api_operations.c at efd36709306a9afcca5b4782499d01be0c7a02a5 · Samsung/mTower

A Buffer Access with Incorrect Length Value vulnerablity in the TEE_MACComputeFinal function in Samsung mTower through 0.3.0 allows a trusted application to trigger a Denial of Service (DoS) by invoking the function TEE_MACComputeFinal with an excessive size value of messageLen.

CVE-2022-40758: mTower/tee_api_operations.c at efd36709306a9afcca5b4782499d01be0c7a02a5 · Samsung/mTower

A Buffer Access with Incorrect Length Value vulnerablity in the TEE_CipherUpdate function in Samsung mTower through 0.3.0 allows a trusted application to trigger a Denial of Service (DoS) by invoking the function TEE_CipherUpdate with an excessive size value of srcLen.

CVE-2022-40760: mTower/tee_api_operations.c at efd36709306a9afcca5b4782499d01be0c7a02a5 · Samsung/mTower

A Buffer Access with Incorrect Length Value vulnerablity in the TEE_MACUpdate function in Samsung mTower through 0.3.0 allows a trusted application to trigger a Denial of Service (DoS) by invoking the function TEE_MACUpdate with an excessive size value of chunkSize.

CVE-2022-40761: mTower/tee_svc_cryp.c at efd36709306a9afcca5b4782499d01be0c7a02a5 · Samsung/mTower

The function tee_obj_free in Samsung mTower through 0.3.0 allows a trusted application to trigger a Denial of Service (DoS) by invoking the function TEE_AllocateOperation with a disturbed heap layout, related to utee_cryp_obj_alloc.

Hackers Targeting WebLogic Servers and Docker APIs for Mining Cryptocurrencies

Malicious actors such as Kinsing are taking advantage of both recently disclosed and older security flaws in Oracle WebLogic Server to deliver cryptocurrency-mining malware. Cybersecurity company Trend Micro said it found the financially-motivated group leveraging the vulnerability to drop Python scripts with capabilities to disable operating system (OS) security features such as