Search

Description Name: GetShell CKNIFE - HTTP (Request) . This is Trend Micro detection for packets passing through HTTP network protocols that can be used as Point of Entry. This also indicates a malware infection. Below are some indicators of an infecte...

Description Name: Possible Malformed Heartbeat SSL Response - Class 1 . This is Trend Micro detection for TCP, SSL and HTTPS network protocol that manifests exploit activities and can be used for Intelligence Gathering.The host exhibiting this type o...

Description Name: NEUTRINO - Exploit Kit - HTTP (Request) . This is Trend Micro detection for HTTP network protocol that manifests exploit activities and can be used for N/A.The host exhibiting this type of network behavior is likely compromised by m...

spam and phishing emails use social engineering techniques such as fake product order requests and invoice documents to trick the victims to open the attachments. The exploit serves as a downloader to

system. An attacker must have valid logon credentials on a guest Hyper-V machine in the vulnerable system in order to successfully exploit this vulnerability. (MS15-069) Vulnerabilities in Windows Could

vulnerabilities, it may lead to any of the following: Information disclosure Security bypass Elevation of privilege Remote code execution Attackers looking to exploit these vulnerabilities may create a number of

request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint server. The security update addresses the

Interface (GDI) exists in the way it handles objects in memory. Attackers looking to exploit this vulnerability must be logged on to the system. CVE-2018-0877 - Windows Desktop Bridge VFS Elevation of

fields edited within Design view. An attacker could exploit the vulnerability by sending a specially crafted file to a victim, or by hosting the file on a web server. The security update addresses the

specially-crafted file to exploit this vulnerability. CVE-2018-0763 - Microsoft Edge Information Disclosure Vulnerability Risk Rating: Critical This information disclosure vulnerability exists in the way the

This elevation of privilege vulnerability exists in the checking of access by NTFS. Attackers looking to exploit this vulnerability must be able to log on to the system. CVE-2018-8453 - Win32k Elevation

Important This elevation of privilege vulnerability exists in the way Windows handles calls to ALPC. Attackers looking to exploit this vulnerability must be able to log on to the system. CVE-2018-8408 -

Important This elevation of privilege vulnerability exists in the Advanced Local Procedure Call (ALPC) of Windows. Calls to ALPC may be exploited by an attacker to successfully exploit this vulnerability.

This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This Trojan arrives on a system as a

This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. As of this writing, the said sites are inaccessible.

Description Name: Possible Malformed Heartbeat SSL Response - Class 2 . This is Trend Micro detection for TCP, SSL and HTTPS network protocol that manifests exploit activities and can be used for Intelligence Gathering.The host exhibiting this type o...

http://www.{BLOCKED}ve.info This report is generated via an automated analysis system. Exploit:O97M/CVE-2017-11882 (Microsoft); RDN/Generic Exploit (McAfee); HEUR:Exploit.MSOffice.Generic (Kaspersky);

This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This Trojan arrives on a system as a

Description Name: Possible CVE-2015-0240 - NULL Session in ServerPasswordSet . This is Trend Micro detection for packets passing through SMB network protocols that manifests Exploit activities which can be a potential intrusion. Below are some indica...

Description Name: NUCLEAR - Exploit Kit - HTTP (Request) - Variant 4 . This is Trend Micro detection for HTTP network protocol that manifests exploit activities and can be used for N/A.The host exhibiting this type of network behavior is likely compr...