Cryptowall ransomware looks for and executes DLLs in its current directory. Therefore, we can hijack a DLL, execute our own code, and control and terminate the malware pre-encryption. The exploit…
ChatBot Application with a Suggestion Feature version 1.0 suffers from a remote blind SQL injection vulnerability.
LockerGoga ransomware looks for and loads a DLL named “wow64log.dll” in WindowsSystem32. Therefore, we can drop our own DLL to intercept and terminate the malware pre-encryption. Four processes are created….
Cerber ransomware looks for and executes DLLs in its current directory. Therefore, we can hijack a DLL, execute our own code, and control and terminate the malware pre-encryption. The exploit…
CTBLocker ransomware looks for and executes DLLs in its current directory. Therefore, we can hijack a DLL, execute our own code, and control and terminate the malware pre-encryption. The exploit…
Craft CMS version 3.7.36 suffers from a password reset poisoning vulnerability. An unauthenticated attacker who knows valid email addresses or account names of Craft CMS backend users is able to…
Cryptolocker ransomware drops a PE file in the AppDataRoaming directory which then tries to load a DLL named “netapi32.dll”. Therefore, we can drop our own DLL to intercept and terminate…
Radamant ransomware tries to load a DLL named “PROPSYS.dll” and execute a hidden PE file “DirectX.exe” from the AppDataRoaming directory. Therefore, we can drop our own DLL to intercept and…
http://ret2.go.th/readme.htm notified by AnonCoders
Craft CMS version 3.7.36 suffers from a password reset poisoning vulnerability. An unauthenticated attacker who knows valid email addresses or account names of Craft CMS backend users is able to…