Exploit Archives - Page 2 of 4 - HackerSecret.com - The Most Authoritative Site in the World on the Hacking Tools and Techniques, Penetration Testing and CyberSecurity

CVE-2018-8174 (VBScript Engine) and Exploit Kits

The CVE-2018-8174 is a bug that allows remote code execution in the VBScript Engine. Found exploited in the wild as a 0day via Word documents, announced by Qihoo360 on April 20, 2018, patched by Microsoft on May 8, 2018 and explained in details by Kaspersky the day after. A Proof of Concept for Internet Explorer […]

CVE-2018-15982 (Flash Player up to 31.0.0.153) and Exploit Kits

The CVE-2018-15982 is a bug that allows remote code execution in Flash Player up to 31.0.0.153, spotted in the wild as a 0day. Patched on December 05, 2018 with APSB18-42. Underminer: Underminer exploit kit improves in its latest iteration – 2018-12-21 – Malwarebytes Fallout: 2019-01-16 Figure 4: Fallout exploiting CVE-2018-15982 on Windows 7 – 2019-01-16 […]

Capesand is a new Exploit Kit that appeared in the threat landscape

A recently discovered exploit kit dubbed Capesand is being involved in live attacks despite the fact that it’s still under development. In October 2019, researchers at TrendMicro discovered a new exploit kit dubbed Capesand that is being involved in live attacks. The tool was discovered while analyzing a malvertising campaign employing the RIG EK to […]

Microsoft: BlueKeep Exploit Will Likely Deliver More Damaging Payloads

After news broke that cybercriminals have started leveraging the BlueKeep vulnerability to deliver cryptocurrency miners, Microsoft has warned that the exploit will likely also be used to deliver more “impactful and damaging” payloads. read more SecurityWeek RSS Feed

Crooks exploit exposed Docker APIs to build AESDDoS botnet

Cybercriminals are attempting to exploit an API misconfiguration in Docker containers to infiltrate them and run the Linux bot AESDDoS. Hackers are attempting to exploit an API misconfiguration in the open-source version of the popular DevOps tool Docker Engine-Community to infiltrate containers and run the Linux bot AESDDoS (Backdoor.Linux.DOFLOO.AA). Threat actors are actively scanning the Internet for exposed […]