Tag
#windows
SOUND4 LinkAndShare Transmitter version 1.1.2 suffers from a format string memory leak and stack buffer overflow vulnerability because it fails to properly sanitize user supplied input when calling the getenv() function from MSVCR120.DLL resulting in a crash overflowing the memory stack and leaking sensitive information. The attacker can abuse the username environment variable to trigger and potentially execute code on the affected system.
This Metasploit module exploits an unauthenticated remote code execution vulnerability that affects Zoho ManageEngine Endpoint Central and MSP versions 10.1.2228.10 and below (CVE-2022-47966). Due to a dependency to an outdated library (Apache Santuario version 1.4.1), it is possible to execute arbitrary code by providing a crafted samlResponse XML to the Endpoint Central SAML endpoint. Note that the target is only vulnerable if it is configured with SAML-based SSO, and the service should be active.
The Microsoft Windows kernel suffers from a use-after-free vulnerability due to a dangling registry link node under paged pool memory pressure.
Categories: Business Application Block helps organizations easily thwart unwanted applications from launching on Windows endpoints. (Read more...) The post Introducing Malwarebytes Application Block: How to block unauthorized software from executing on Windows endpoints appeared first on Malwarebytes Labs.
A previously unknown threat actor dubbed NewsPenguin has been linked to a phishing campaign targeting Pakistani entities by leveraging the upcoming international maritime expo as a lure. "The attacker sent out targeted phishing emails with a weaponized document attached that purports to be an exhibitor manual for PIMEC-23," the BlackBerry Research and Intelligence Team said. PIMEC, short for
Categories: News Tags: ryuk Tags: ransomware Tags: guilty Tags: encrypt Tags: ransom Tags: cryptocurrency Tags: bitcoin We take a look at a guilty plea made in relation to Ryuk ransomware proceeds, and how you can best protect yourself from the threat of ransomware. (Read more...) The post Ryuk ransomware laundering leads to guilty plea appeared first on Malwarebytes Labs.
Biden’s speech calling for better data protections got a standing ovation from both sides of the aisle. So, where’s a federal privacy law?
The application suffers from a format string memory leak and stack buffer overflow vulnerability because it fails to properly sanitize user supplied input when calling the getenv() function from MSVCR120.DLL resulting in a crash overflowing the memory stack and leaking sensitive information. The attacker can abuse the username environment variable to trigger and potentially execute code on the affected system.
IBM Sterling External Authentication Server 6.1.0 and IBM Sterling Secure Proxy 6.0.3 uses weaker than expected cryptographic algorithms during installation that could allow a local attacker to decrypt sensitive information. IBM X-Force ID: 231373.
File upload vulnerability in Future-Depth Institutional Management Website (IMS) 1.0, allows unauthorized attackers to directly upload malicious files to the courseimg directory.