>> ARCHIVE: 2022-06

Confluence suffers from a pre-authentication remote code execution vulnerability that is leveraged via OGNL injection. All 7.4.17 versions before 7.18.1 are affected.

Through the Wire is a proof of concept exploit for CVE-2022-26134, an OGNL injection vulnerability affecting Atlassian Confluence Server and Data Center versions 7.13.6 LTS and below and versions 7.18.0…

Proof of concept script that exploits the remote code execution vulnerability affecting Atlassian Confluence versions 7.18 and below. The OGNL injection vulnerability allows an unauthenticated user to execute arbitrary code…

Trojan-Banker.Win32.Banker.agzg malware suffers from an insecure permissions vulnerability.

Trojan-Banker.Win32.Banbra.cyt malware suffers from an insecure permissions vulnerability.

Trojan-Proxy.Win32.Symbab.o malware suffers from a heap corruption vulnerability.

Haron ransomware looks for and executes DLLs in its current directory. Therefore, we can potentially hijack a DLL to execute our own code and control and terminate the malware pre-encryption….

Backdoor.Win32.Cabrotor.10.d malware suffers from an unauthenticated remote command execution vulnerability.

This Metasploit module generates a malicious Microsoft Word document that when loaded, will leverage the remote template feature to fetch an HTML document and then use the ms-msdt scheme to…

This Metasploit module generates a malicious Microsoft Word document that when loaded, will leverage the remote template feature to fetch an HTML document and then use the ms-msdt scheme to…