SmartScreen Vulnerability: CVE-2024-21412 Facts and Fixes
On Feb. 13, 2024, Microsoft issued a patch for CVE-2024-21412, a Microsoft Defender SmartScreen zero-day vulnerability revolving around internet shortcuts....
On Feb. 13, 2024, Microsoft issued a patch for CVE-2024-21412, a Microsoft Defender SmartScreen zero-day vulnerability revolving around internet shortcuts....
Once the malware registers its victim, it then initiates a listener for incoming TCP connections, waiting to receive commands from...
Object-Graph Navigation Language (OGNL) is an open-source component of many web applications, known for its role in the infamous Equifax...
Introduction Pawn Storm (also known as APT28 and Forest Blizzard) is an advanced persistent threat (APT) actor that shows incessant...
Ransomware In this blog, we detail our investigation of the Kasseika ransomware and the indicators we found suggesting that the...
Defense evasion by exploiting CVE-2023-36025 Once the malicious .url file exploiting CVE-2023-36025 is executed, it connects to an attacker-controlled server...
Pikabot seems to have a binary version and a campaign ID. The keys 0fwlm4g and v2HLF5WIO are present in the...
Decoding CVE-2023-50164: Unveiling the Apache Struts File Upload Exploit Content has been added to your Folio Go to Folio (0)...
AsyncRAT scans specific folders within the application directory, browser extensions, and user data to identify folder names associated with particular...
RRHs are usually located close to antennas, often mounted on the cell tower. The BBUs used to be co-located with...
Our investigations on potential security threats uncovered a malicious Google Chrome extension that we named “ParaSiteSnatcher.” The ParaSiteSnatcher framework allows...
The next part of the infection chain involved the installation of an old but legitimate Node.js with a valid and...
We uncovered the active exploitation of the Apache ActiveMQ vulnerability CVE-2023-46604 to download and infect Linux systems with the Kinsing...
In addition to the previously mentioned challenges, ChatGPT cannot generate custom paths, file names, IP addresses, or command and control...
Assessing the impact of a phishing attack holds critical importance in incident response. This provides valuable insight into the extent...