0x00 Overview PowerShell has been a focus of concern for network defense. The fileless PowerShell, featuring LotL and excellent ease of use, is widely used in various attack scenarios. In order to capture PowerShell-based attacks, an increasing number of security professionals tend to, through PowerShell event log analysis, extract attack...
Categoria: Emergency Response
WinRAR Code Execution Vulnerability Threat Alert
1 Vulnerability Overview Recently, a security researcher found a logical bug in WinRAR using the WinAFL fuzzer and exploited it to gain full control over a victim's computer. An attacker could exploit this vulnerability by crafting an archive and then tricking victims into downloading it by means of a phishing...
Microsoft Security Bulletin for February 2019 Patches That Fix 79 Security Vulnerabilities
Overview Microsoft released the January 2019 security patch on Tuesday that fixes 79 vulnerabilities ranging from simple spoofing attacks to remote code execution in various products, including .NET Framework, Adobe Flash Player, Azure, Internet Explorer, Microsoft Browsers, Microsoft Edge, Microsoft Exchange Server, Microsoft Graphics Component, Microsoft JET Database Engine, Microsoft...
Adobe Security Advisory for February 2019 Security Updates
Overview On February 12, local time, Adobe officially released security bulletins and advisories to announce security updates to patch multiple vulnerabilities in such products as Adobe Flash Player, Adobe Creative Cloud Desktop Application, ColdFusion, and Adobe Acrobat and Reader. (mais…)
Critical runC Container Escape Vulnerability (CVE-2019-5736) Threat Alert
Overview RUNC is a CLI tool for spawning and running containers according to the Open Container Initiative (OCI) specification. As the core of the Docker, runC can be called for creating, running, and destructing containers. (mais…)
APT/APT-GET RCE Vulnerability (CVE-2019-3462) Handling Guide
1 Vulnerability Overview Recently, a security researcher discovered a critical vulnerability in the Advanced Packaging Tool (APT) of Linux. This vulnerability stems from the APT's failure to properly handle redirects, which can be triggered via a man-in-the-middle attack or a malicious package mirror, resulting in remote code execution. (mais…)
