You might be interested in …

[SANS ISC] From RunDLL32 to JavaScript then PowerShell, (Tue, May 18th)

All posts, Sans-ISC

I spotted an interesting script on VT a few days ago and it deserves a quick diary because it uses a nice way to execute JavaScript on the targeted system. The technique used in this case is based on very common LOLbin: RunDLL32.exe. The goal of the tool is, as the name says, to load […]

Read More

[ThreatPost] WooCommerce Pricing Plugin Allows Malicious Code-Injection

All posts, ThreatPost

The popular Dynamic Pricing and Discounts plugin from Envato can be exploited by unauthenticated attackers. Source: Read More (Threatpost)

Read More

[ThreatPost] Podcast: Why Securing Active Directory Is a Nightmare

All posts, ThreatPost

Researchers preview work to be presented at Black Hat on how AD “misconfiguration debt” lays out a dizzying array of attack paths, such as in PetitPotam. Source: Read More (Threatpost)

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.