Tag: buffer overflow

2 Attack Reports | 0 Vulnerabilities

Attack reports

Suspected China-Nexus Threat Actor Actively Exploiting Critical Ivanti Connect Secure Vulnerability (CVE-2025-22457)

A critical security vulnerability, CVE-2025-22457, affecting Ivanti Connect Secure VPN appliances has been actively exploited since mid-March 2025. The vulnerability allows remote code execution through a buffer overflow. Two new malware families, TRAILBLAZE and BRUSHFIRE, have been deployed along …
espionage
zero-day
vpn
remote code execution
edge devices
buffer overflow
china-nexus
spawnsloth
CVE-2025-22457
2025-04-04
brushfire
spawnsnare
trailblaze
ivanti connect secure
spawnwave
Published: April 4, 2025
Downloadable IOCs: 0

Kernel shellcode persistence technique in APT attacks and CTF challenge

A security flaw in Windows 7 and Server 2008 R2 allows kernel shellcode to be hidden in the registry and executed during boot, despite patches. This vulnerability was exploited in a 2018 targeted attack. The SAS CTF challenge involved analyzing this technique, which uses buffer overflows in DirectX…
windows
persistence
shellcode
2024-10-17
drivers
ctf
buffer overflow
CVE-2010-4398
directx
kernel
registry
Published: October 17, 2024
Downloadable IOCs: 0
Click here to see more Attack Reports