Search

This malware is seen being distributed by the Magnitude Exploit Kit. It exploits a vulnerability in the Windows kernel (CVE-2015-1701) to download a LOCKY ransomware.To get a one-glance comprehensive view of the behavior of this Trojan, refer to the ...

* indicates a new version of an existing ruleDeep Packet Inspection Rules:Directory Server LDAP1011039 - Identified Domain Trust Discovery Request Over LDAP (ATT&CK T1482)Redis Server1011555 - Redis Integer Overflow Vulnerab...

This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites.

This update resolves a privately reported vulnerability in Active Directory Certificate Services Web Enrollment. The vulnera...

This security update addresses a privately reported vulnerability in Microsoft XML Core Services, which could allow remote code execution if a user vi...

* indicates a new version of an existing ruleDeep Packet Inspection Rules:DNS Server1010511* - ISC BIND TCP Receive Buffer Length Assertion Denial Of Service Vulnerability (CVE-2020-8620)Database IBM DB21010537 - IBM DB2 Univ...

This security update resolves one publicly disclosed and twenty-five privately reported vulnerabilities in Internet Explorer. The most severe of these vulnerabilities could allow r...

This security update addresses vulnerabilities found in Microsoft Windows. Once successfully exploited, it could allow elevation of privilege once ...

This Trojan arrives as an attachment to email messages spammed by other malware/grayware or malicious users.It takes advantage of software vulnerabilities to allow a remote user or malware/grayware to download files. It executes the downloaded files...

This Trojan arrives as an attachment to email messages spammed by other malware/grayware or malicious users.It takes advantage of software vulnerabilities to allow a remote user or malware/grayware to download files. It executes the downloaded files...

This Trojan arrives as an attachment to email messages spammed by other malware/grayware or malicious users.As of this writing, the said sites are inaccessible.

Microsoft addresses the following vulnerabilities in its June batch of patches: (MS13-047) Cumulative Security Update for Internet Explorer (2838727) Risk Rating: Critical This patch address...

Microsoft addresses the following vulnerabilities in its July batch of patches: (MS12-043) Vulnerability in Microsoft XML Core Services Could Allow Remote Code Execution (2722479) Risk Rating: Cr...

Microsoft addresses the following vulnerabilities in its August batch of patches: (MS10-046) Vulnerability in Windows Shell Could Allow Remote Code Execution (2286198) Risk Rating: Critical ...

This Trojan may be dropped by other malware.

This Trojan may be dropped by other malware.

* indicates a new version of an existing ruleDeep Packet Inspection Rules:DCERPC Services1008119* - Microsoft Windows Local Security Authority Subsystem Service (LSASS) Denial Of Service Vulnerability (CVE-2017-0004)100812...

This worm arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites.It gathers target email addresses from the Windows Address Book (WAB). It takes advantage of software vulnera...

PRORAT is a family of backdoors that serves as a remote administration tool (RAT). Variants of this malware family first appeared in 2005.It opens random ports to establish connection with a remote attacker. Once a connection is established, the remo...

PRORAT is a family of backdoors that serves as a remote administration tool (RAT). Variants of this malware family first appeared in 2005.It opens random ports to establish connection with a remote attacker. Once a connection is established, the remo...