Vulnerability Reports

Meltdown and Spectre: Processor Level Vulnerabilities

Major vulnerabilities in computer processors melt the gap between privileged kernel memory and userland applications. Intel, AMD, and ARM are working with OS and software vendors to create patches.

Microsoft Malware Protection Engine Remote Code Execution Vulnerability – CVE-2017-11937

A remote code execution vulnerability exists in the Microsoft Malware Protection Engine(MMPE) and Windows Defender which fails to properly scan a crafted file. This leads to a memory corruption allowing the crafted file to run code as the system user. This enables the attacker to install or remove programs; view, change, or delete data; or…

Reaper IoT Botnet

A new botnet is on the rise using IoT vulnerabilities. It has alrady surpassed the size and capability of the Mirai Botnet that took down half of major internet infrastructure in late 2016.

Unauthorized Cryptocurrency Miner Delivery using Steganography

Any Linux based HTTP server with a shell accessible from the internet is vulnerable to a command injection attack. The attack uses CURL to download an image which contains hidden shell code to mine for cryptocurrencies.

Microsoft Office Memory Corruption Vulnerability CVE-2017-11882

A remote code execution vulnerability exists in Microsoft Office where the software will handle memory improperly, allowing for arbitrary code execution. An attacker can craft a modified rich text file (RTF) and run code in the context of the current user. If the user is logged in with administrator credentials, an attacker could take control…

North Korean Malware: Remote Access Tool FallChill

The US Computer Emergency Readiness Team and the FBI released a joint statement detailing the use of malware named “FallChill”, and detailing its use in attacking targets in the aerospace, telecommunications, and finance industries since 2016. FallChill is a remote access tool used to maintain a presence in compromised networks and monitor endpoints for opportunities…

Arbitrary Code Execution Using Microsoft Word Macros

A vulnerability exists in Microsoft Word that allows arbitrary code execution for specially crafted macros within files. An attacker could potentially install or remove programs, change or delete data, or modify user accounts.

Key Reinstallation Attacks: Breaking Wi-Fi with WPA2 nonce reuse

A weakness in WPA2, a protocol that secures modern protected Wi-Finetworks, has been discovered. An attacker in range of a WPA2 protected wireless network can use Key Reinstallation Attacks (KRACKs) to read information that is assumed to be safely encrypted in transit. The attack works against ALL modern protected Wi-Fi networks. It may also be…

Signup for Vulnerability Reports