English
English Indonesia Türkçe Deutsch Español Português Pусский Français Italiano Nederlands Polski العربية ไทย Tiếng Việt 繁體中文 简体中文 日本語 한국어

#mshtml search results

Max_Mal_'s profile picture. Threat Researcher, Blue Team, DFIR, Malware Analysis, and Reverse Engineering. “⚔️What do we say to God of malware, Not today⚔️”
Max_Malyutin
 @Max_Mal_
Sep 13, 2021

#MSHTML RCE Vulnerability #CVE-2021-40444 (#CVE202140444) #DFIR #BlueTeam - Not only Control - CPL‼️ Potentially the exploit could run: #LOLBins 🔥🔥🔥🔥 MSHTA - HTA ✅ WSCRIPT - JS, JSE, VBA, WSF...✅ JAVAW - JAR ✅ MSIEXEC - MSI ✅ RegEdit - REG ✅ And MORE (?)

Max_Mal_'s tweet image. #MSHTML RCE Vulnerability #CVE-2021-40444 (#CVE202140444) #DFIR #BlueTeam - Not only Control - CPL‼️ Potentially the exploit could run: #LOLBins 🔥🔥🔥🔥 MSHTA - HTA ✅ WSCRIPT - JS, JSE, VBA, WSF...✅ JAVAW - JAR ✅ MSIEXEC - MSI ✅ RegEdit - REG ✅ And MORE (?)
Max_Mal_'s tweet image. #MSHTML RCE Vulnerability #CVE-2021-40444 (#CVE202140444) #DFIR #BlueTeam - Not only Control - CPL‼️ Potentially the exploit could run: #LOLBins 🔥🔥🔥🔥 MSHTA - HTA ✅ WSCRIPT - JS, JSE, VBA, WSF...✅ JAVAW - JAR ✅ MSIEXEC - MSI ✅ RegEdit - REG ✅ And MORE (?)
Max_Mal_'s tweet image. #MSHTML RCE Vulnerability #CVE-2021-40444 (#CVE202140444) #DFIR #BlueTeam - Not only Control - CPL‼️ Potentially the exploit could run: #LOLBins 🔥🔥🔥🔥 MSHTA - HTA ✅ WSCRIPT - JS, JSE, VBA, WSF...✅ JAVAW - JAR ✅ MSIEXEC - MSI ✅ RegEdit - REG ✅ And MORE (?)
Max_Mal_'s tweet image. #MSHTML RCE Vulnerability #CVE-2021-40444 (#CVE202140444) #DFIR #BlueTeam - Not only Control - CPL‼️ Potentially the exploit could run: #LOLBins 🔥🔥🔥🔥 MSHTA - HTA ✅ WSCRIPT - JS, JSE, VBA, WSF...✅ JAVAW - JAR ✅ MSIEXEC - MSI ✅ RegEdit - REG ✅ And MORE (?)
10
138
322
37
0
Yeti_Sec's profile picture. Sr. Malware Reverse Engineer & Threat Researcher, Unit 42 Threat Intelligence @unit42_intel | Ex-Incident Response. Opinions are my own.
Yeti
 @Yeti_Sec
Sep 9, 2021

#MSHTML CVE-2021-40444 VirusTotal Detonations

Yeti_Sec's tweet image. #MSHTML CVE-2021-40444 VirusTotal Detonations
0
8
27
4
0
elhackernet's profile picture. Recibiendo ataques DDoS desde 2001. RIP wolfbcn. Telgram https://t.co/QSdxPId0ZH - Tecnología, seguridad, informática
elhacker.NET
 @elhackernet
Sep 11, 2021

Se recomienda deshabilitar la función del Panel de "Vista Previa" en el explorador de Windows para evitar ser víctima de la nueva vulnerabilidad ficheros maliciosos Office - Vulnerabilidad CVE-2021-40444 RCE #MSHTML #ActiveX

elhackernet's tweet image. Se recomienda deshabilitar la función del Panel de "Vista Previa" en el explorador de Windows para evitar ser víctima de la nueva vulnerabilidad ficheros maliciosos Office - Vulnerabilidad CVE-2021-40444 RCE #MSHTML #ActiveX
elhackernet's tweet image. Se recomienda deshabilitar la función del Panel de "Vista Previa" en el explorador de Windows para evitar ser víctima de la nueva vulnerabilidad ficheros maliciosos Office - Vulnerabilidad CVE-2021-40444 RCE #MSHTML #ActiveX
elhackernet's tweet image. Se recomienda deshabilitar la función del Panel de "Vista Previa" en el explorador de Windows para evitar ser víctima de la nueva vulnerabilidad ficheros maliciosos Office - Vulnerabilidad CVE-2021-40444 RCE #MSHTML #ActiveX
5
139
224
20
0
_CobaltStrike's profile picture. Official account for Cobalt Strike. Benchmark red teaming tool known for its flexibility and powerful user community. Follow for new releases and other updates.
Cobalt Strike
 @_CobaltStrike
Sep 29, 2021

The latest version of Core Impact now includes the #MSHTML CVE-2021-40444 exploit. See it working!

3
31
105
9
0
BuguardLLC's profile picture. Buguard, LLC. is a Cairo-based cybersecurity startup, Offering Cyber Security Consultations, Application Security, and Security Outsourcing to major firms.
Buguard
 @BuguardLLC
Sep 10, 2021

Buguard Security Consultancy Team has managed to reproduce and write an Exploit for #Microsoft #MSHTML RCE Vulnerability #Office365 #0Day (CVE-2021-40444). If your organization needs immediate assistance for a possible security incident. Please call us now at (702) 381-9571.

0
6
18
2
0
SeguInfo's profile picture. Lic. Cristian Borghello CISSP-CCSK-CSFPC - Director de Segu-Info, ODILA, Segu-Kids y Antiphishing-la - Educación y Consultoría en Seguridad de la Información
Cristian Borghello
 @SeguInfo
Sep 13, 2021

Así funciona el exploit de la vulnerabilidad CVE-2021-40444 #MSHTML (aún sin parche). 1. Docx modificado con URL a exploit 2. DLL con el payload (calc) 3. Carga de HTML con el exploit y carga de DLL 4. Al abrir office (doc/ppt) se ejecuta la Calc

SeguInfo's tweet image. Así funciona el exploit de la vulnerabilidad CVE-2021-40444 #MSHTML (aún sin parche). 1. Docx modificado con URL a exploit 2. DLL con el payload (calc) 3. Carga de HTML con el exploit y carga de DLL 4. Al abrir office (doc/ppt) se ejecuta la Calc
SeguInfo's tweet image. Así funciona el exploit de la vulnerabilidad CVE-2021-40444 #MSHTML (aún sin parche). 1. Docx modificado con URL a exploit 2. DLL con el payload (calc) 3. Carga de HTML con el exploit y carga de DLL 4. Al abrir office (doc/ppt) se ejecuta la Calc
SeguInfo's tweet image. Así funciona el exploit de la vulnerabilidad CVE-2021-40444 #MSHTML (aún sin parche). 1. Docx modificado con URL a exploit 2. DLL con el payload (calc) 3. Carga de HTML con el exploit y carga de DLL 4. Al abrir office (doc/ppt) se ejecuta la Calc
SeguInfo's tweet image. Así funciona el exploit de la vulnerabilidad CVE-2021-40444 #MSHTML (aún sin parche). 1. Docx modificado con URL a exploit 2. DLL con el payload (calc) 3. Carga de HTML con el exploit y carga de DLL 4. Al abrir office (doc/ppt) se ejecuta la Calc
0
25
49
1
0
Max_Mal_'s profile picture. Threat Researcher, Blue Team, DFIR, Malware Analysis, and Reverse Engineering. “⚔️What do we say to God of malware, Not today⚔️”
Max_Malyutin
 @Max_Mal_
Sep 8, 2021

Microsoft #MSHTML Remote Code Execution Vulnerability #CVE202140444 hidusi[.]com 🔥 23[.]106[.]160[.]25 🔥 msrc.microsoft.com/update-guide/v… virustotal.com/gui/domain/hid…

Max_Mal_'s tweet image. Microsoft #MSHTML Remote Code Execution Vulnerability #CVE202140444 hidusi[.]com 🔥 23[.]106[.]160[.]25 🔥 msrc.microsoft.com/update-guide/v… virustotal.com/gui/domain/hid…
1
8
30
4
0
Max_Mal_'s profile picture. Threat Researcher, Blue Team, DFIR, Malware Analysis, and Reverse Engineering. “⚔️What do we say to God of malware, Not today⚔️”
Max_Malyutin
 @Max_Mal_
Sep 9, 2021

#MSHTML RCE Vulnerability #CVE-2021-40444 #DFIR How to find mhtml object: 1) Unzip the MalDoc 2) Navigate to *\word\_rels\* 3) open document.xml.rels 4) Screech for: Target="mhtml: Sample: bazaar.abuse.ch/sample/d0e1f97…

Max_Mal_'s tweet image. #MSHTML RCE Vulnerability #CVE-2021-40444 #DFIR How to find mhtml object: 1) Unzip the MalDoc 2) Navigate to *\word\_rels\* 3) open document.xml.rels 4) Screech for: Target="mhtml: Sample: bazaar.abuse.ch/sample/d0e1f97…
4
56
149
24
0
snort's profile picture. SNORT®: The standard in IDS and IPS. Download Snort3 today! https://t.co/HlFUvLOk02
Snort 🐷
 @snort
Sep 9, 2021

Our latest rule update is out now, and includes coverage for the #Microsoft #MSHTML zero-day that's actively being exploited in the wild cs.co/6014yFeMA

1
8
14
1
0
SeguInfo's profile picture. Lic. Cristian Borghello CISSP-CCSK-CSFPC - Director de Segu-Info, ODILA, Segu-Kids y Antiphishing-la - Educación y Consultoría en Seguridad de la Información
Cristian Borghello
 @SeguInfo
Sep 13, 2021

Deshabilitar la instalación de todos los controles ActiveX en Internet Explorer mitiga la vulnerabilidad CVE-2021-40444 #MSHTML (aún sin parche). Se puede hacer para todos los sitios configurando la política de grupo o actualizando el registro. Más info: blog.segu-info.com.ar/2021/09/zero-d…

SeguInfo's tweet image. Deshabilitar la instalación de todos los controles ActiveX en Internet Explorer mitiga la vulnerabilidad CVE-2021-40444 #MSHTML (aún sin parche). Se puede hacer para todos los sitios configurando la política de grupo o actualizando el registro. Más info: blog.segu-info.com.ar/2021/09/zero-d…
1
19
26
3
0
Max_Mal_'s profile picture. Threat Researcher, Blue Team, DFIR, Malware Analysis, and Reverse Engineering. “⚔️What do we say to God of malware, Not today⚔️”
Max_Malyutin
 @Max_Mal_
Sep 10, 2021

Seems like new #CVE-2021-40444 #MSHTML RCE Vulnerability C2 server: 175[.]24[.1]90[.]249 🔥 hxxp://175[.]24[.1]90[.]24/note[.]html virustotal.com/gui/ip-address… @malwrhunterteam - artifact.exe #CobaltStrike beacon (?)😉 #BlueTeam #DFIR

Max_Mal_'s tweet image. Seems like new #CVE-2021-40444 #MSHTML RCE Vulnerability C2 server: 175[.]24[.1]90[.]249 🔥 hxxp://175[.]24[.1]90[.]24/note[.]html virustotal.com/gui/ip-address… @malwrhunterteam - artifact.exe #CobaltStrike beacon (?)😉 #BlueTeam #DFIR
2
25
80
2
0
TalosSecurity's profile picture. Cisco Talos defends Cisco customers with trusted global cybersecurity intelligence. Support requests: https://t.co/LGrHyYbolX
Cisco Talos Intelligence Group
 @TalosSecurity
Sep 14, 2021

#PatchTuesday is live now — users should update all of their Microsoft products to protect against the #MSHTML #vulnerability and 85 other bugs disclosed today cs.co/6012y4Pxm

1
14
12
0
0
JustRogDigiTec's profile picture. Senior Technical Leadership for AR/VR Product focused on core system software, Quest 2/Pro/3 & future devices. D&I is my habit & hobby.
Justin Rogers
 @JustRogDigiTec
Apr 25, 2015

IE vendor prefixes graph up to 10049 (10061 incoming shortly) for IE 11 #MSHTML then over to #EdgeHTML in Win10

JustRogDigiTec's tweet image. IE vendor prefixes graph up to 10049 (10061 incoming shortly) for IE 11 #MSHTML then over to #EdgeHTML in Win10
0
0
0
0
0
sans_isc's profile picture. @sans_isc@infosec.exchange - https://t.co/8IgCGtJnZd - Global Network Security Information Sharing Community -
SANS.edu Internet Storm Center
@sans_isc
Sep 14, 2021

Microsoft September 2021 Patch Tuesday (MSHTML Vulnerability Patch Included) #MSFT #MSHTML #Patches i5c.us/d27834

sans_isc's tweet image. Microsoft September 2021 Patch Tuesday (MSHTML Vulnerability Patch Included) #MSFT #MSHTML #Patches i5c.us/d27834
0
5
6
1
0
TalosSecurity's profile picture. Cisco Talos defends Cisco customers with trusted global cybersecurity intelligence. Support requests: https://t.co/LGrHyYbolX
Cisco Talos Intelligence Group
 @TalosSecurity
Sep 9, 2021

There are Snort rules available now to protect against the #Microsoft #MSHTML 0-day. We've observed malware samples attempting to exploit this vulnerability being uploaded to public repositories dating back to mid-August, users should take action asap cs.co/6015yF9sD

TalosSecurity's tweet image. There are Snort rules available now to protect against the #Microsoft #MSHTML 0-day. We've observed malware samples attempting to exploit this vulnerability being uploaded to public repositories dating back to mid-August, users should take action asap cs.co/6015yF9sD
0
8
14
0
0
deb_infosec's profile picture. 📕Author l CEO TrustedCISO l #Cybersecurity Pundit https://t.co/Bgt9YGctQY
Debra Baker, CISSP CCSP
@deb_infosec
Sep 8, 2021

#Windows zero-day #MSHTML attack – how not to get booby trapped!: Zero-day bug in #MSHTML, the… dlvr.it/S7BRqv @RedSeal_co

deb_infosec's tweet image. #Windows zero-day #MSHTML attack – how not to get booby trapped!: Zero-day bug in #MSHTML, the… dlvr.it/S7BRqv @RedSeal_co
0
1
2
0
0
TalosSecurity's profile picture. Cisco Talos defends Cisco customers with trusted global cybersecurity intelligence. Support requests: https://t.co/LGrHyYbolX
Cisco Talos Intelligence Group
 @TalosSecurity
Sep 12, 2021

If you haven't already, users should implement these workarounds and new Talos coverage to defend against the #MSHTML zero-day #Microsoft vulnerability disclosed this week cs.co/6014y2Hda

TalosSecurity's tweet image. If you haven't already, users should implement these workarounds and new Talos coverage to defend against the #MSHTML zero-day #Microsoft vulnerability disclosed this week cs.co/6014y2Hda
0
4
6
0
0
elhackernet's profile picture. Recibiendo ataques DDoS desde 2001. RIP wolfbcn. Telgram https://t.co/QSdxPId0ZH - Tecnología, seguridad, informática
elhacker.NET
 @elhackernet
Sep 17, 2021

Microsoft confirma que la vulnerabilidad en documentos Office está siendo aprovechada por grupos de ransomware - CVE-2021-40444 #MSHTML #Maldoc microsoft.com/security/blog/…

1
79
89
7
0
leonov_av's profile picture. Vulnerability assessment, *nix security, compliance management, security automation
Alexander Leonov
 @leonov_av
Oct 30, 2024

What is known about the Spoofing - #Windows #MSHTML Platform (CVE-2024-43573) vulnerability from the October Microsoft Patch Tuesday? In fact, just that it is being exploited in the wild. #Microsoft #ZDI #VoidBanshee #AtlantidaStealer ➡️ t.me/avleonovcom/14…

leonov_av's tweet image. What is known about the Spoofing - #Windows #MSHTML Platform (CVE-2024-43573) vulnerability from the October Microsoft Patch Tuesday? In fact, just that it is being exploited in the wild. #Microsoft #ZDI #VoidBanshee #AtlantidaStealer ➡️ t.me/avleonovcom/14…
0
0
0
1
73
threatintel's profile picture. Symantec and Carbon Black's threat hunters bring you the latest threat intelligence from the IT security world.
Threat Intelligence
 @threatintel
Oct 14, 2024

#ThreatProtection #CVE-2024-43573 - Microsoft Windows #MSHTML Platform #Spoofing #vulnerability, read more about Symantec's protection: broadcom.com/support/securi…

0
0
2
0
1K
TrendingNewsBot's profile picture. Trending Tech Nieuws. Alles over cybersecurity, datalekken, games, IT, AI, technology, gadgets enz. Zonder reclame! https://t.co/JRZj4WQZQK
Trending Tech Nieuws (bot)
 @TrendingNewsBot
Oct 13, 2024

Belangrijk beveiligingslek in microsoft windows mshtml platform ontdekt trendingtech.news/trending-news/… #CVE-2024-43573 #Microsoft Windows beveiligingslek #MSHTML Platform kwetsbaarheid #Windows update vereist #Microsoft beveiligingsadvies #Trending #Tech #Nieuws

0
0
1
0
54
TrendingNewsBot's profile picture. Trending Tech Nieuws. Alles over cybersecurity, datalekken, games, IT, AI, technology, gadgets enz. Zonder reclame! https://t.co/JRZj4WQZQK
Trending Tech Nieuws (bot)
 @TrendingNewsBot
Oct 13, 2024

Ontdek de spoofing kwetsbaarheid in windows mshtml: cve-2024-43573 trendingtech.news/trending-news/… #CVE-2024-43573 #MSHTML Spoofing Kwetsbaarheid #Windows Beveiligingsupdate #Microsoft Kwetsbaarheid #Spoofing Aanval Preventie #Trending #Tech #Nieuws

0
0
1
0
42
threatintel's profile picture. Symantec and Carbon Black's threat hunters bring you the latest threat intelligence from the IT security world.
Threat Intelligence
 @threatintel
Sep 30, 2024

#ThreatProtection #CVE-2024-43461 - Windows #MSHTML Platform Spoofing #vulnerability exploited in the wild, read more about Symantec's protection: broadcom.com/support/securi…

0
0
4
0
1K
leonov_av's profile picture. Vulnerability assessment, *nix security, compliance management, security automation
Alexander Leonov
 @leonov_av
Sep 18, 2024

The severity of the Spoofing - Windows #MSHTML Platform (CVE-2024-43461) has increased. The #VoidBanshee APT attackers hid the extension of the malicious HTA file being opened by adding 26 Braille space characters to its name. #Microsoft #ZDI t.me/avleonovcom/14…

leonov_av's tweet image. The severity of the Spoofing - Windows #MSHTML Platform (CVE-2024-43461) has increased. The #VoidBanshee APT attackers hid the extension of the malicious HTA file being opened by adding 26 Braille space characters to its name. #Microsoft #ZDI t.me/avleonovcom/14…
0
0
0
0
7K
leonov_av's profile picture. Vulnerability assessment, *nix security, compliance management, security automation
Alexander Leonov
 @leonov_av
Aug 20, 2024

Trending vulnerabilities of July according to #PositiveTechnologies. 🔻 Spoofing - #Windows #MSHTML Platform (CVE-2024-38112) 🔻 RCE - #Ghostscript (CVE-2024-29510) 🔻 RCE - #Acronis Cyber Infrastructure (CVE-2023-45249) #TrendVulns youtube.com/watch?v=JKDqI-…

leonov_av's tweet card. In the Trend of VM #6: 3 July CVEs in Windows, Ghostscript, and...

youtube.com

YouTube

In the Trend of VM #6: 3 July CVEs in Windows, Ghostscript, and...

Source: youtube.com
1
0
0
0
102
threatintel's profile picture. Symantec and Carbon Black's threat hunters bring you the latest threat intelligence from the IT security world.
Threat Intelligence
 @threatintel
Jul 26, 2024

#ThreatProtection Threat Actor dubbed #VoidBanshee is exploiting an #MSHTML vulnerability to distribute the #Atlantida #InfoStealer via .URL files. Read more about Symantec's protection: broadcom.com/support/securi… #CyberSecurity #APT #CVE202438112

0
0
3
1
2K
leonov_av's profile picture. Vulnerability assessment, *nix security, compliance management, security automation
Alexander Leonov
 @leonov_av
Jul 18, 2024

What is known about Spoofing - Windows MSHTML Platform (CVE-2024-38112) from the July Microsoft Patch Tuesday? "The vulnerability is exploited by the APT group Void Banshee" #Microsoft #MSHTML #CheckPoint #TrendMicro #VoidBanshee #AtlantidaStealer ➡️ t.me/avleonovcom/13…

leonov_av's tweet image. What is known about Spoofing - Windows MSHTML Platform (CVE-2024-38112) from the July Microsoft Patch Tuesday? "The vulnerability is exploited by the APT group Void Banshee" #Microsoft #MSHTML #CheckPoint #TrendMicro #VoidBanshee #AtlantidaStealer ➡️ t.me/avleonovcom/13…
0
0
0
0
139
Max_Mal_'s profile picture. Threat Researcher, Blue Team, DFIR, Malware Analysis, and Reverse Engineering. “⚔️What do we say to God of malware, Not today⚔️”
Max_Malyutin
 @Max_Mal_
Sep 13, 2021

#MSHTML RCE Vulnerability #CVE-2021-40444 (#CVE202140444) #DFIR #BlueTeam - Not only Control - CPL‼️ Potentially the exploit could run: #LOLBins 🔥🔥🔥🔥 MSHTA - HTA ✅ WSCRIPT - JS, JSE, VBA, WSF...✅ JAVAW - JAR ✅ MSIEXEC - MSI ✅ RegEdit - REG ✅ And MORE (?)

Max_Mal_'s tweet image. #MSHTML RCE Vulnerability #CVE-2021-40444 (#CVE202140444) #DFIR #BlueTeam - Not only Control - CPL‼️ Potentially the exploit could run: #LOLBins 🔥🔥🔥🔥 MSHTA - HTA ✅ WSCRIPT - JS, JSE, VBA, WSF...✅ JAVAW - JAR ✅ MSIEXEC - MSI ✅ RegEdit - REG ✅ And MORE (?)
Max_Mal_'s tweet image. #MSHTML RCE Vulnerability #CVE-2021-40444 (#CVE202140444) #DFIR #BlueTeam - Not only Control - CPL‼️ Potentially the exploit could run: #LOLBins 🔥🔥🔥🔥 MSHTA - HTA ✅ WSCRIPT - JS, JSE, VBA, WSF...✅ JAVAW - JAR ✅ MSIEXEC - MSI ✅ RegEdit - REG ✅ And MORE (?)
Max_Mal_'s tweet image. #MSHTML RCE Vulnerability #CVE-2021-40444 (#CVE202140444) #DFIR #BlueTeam - Not only Control - CPL‼️ Potentially the exploit could run: #LOLBins 🔥🔥🔥🔥 MSHTA - HTA ✅ WSCRIPT - JS, JSE, VBA, WSF...✅ JAVAW - JAR ✅ MSIEXEC - MSI ✅ RegEdit - REG ✅ And MORE (?)
Max_Mal_'s tweet image. #MSHTML RCE Vulnerability #CVE-2021-40444 (#CVE202140444) #DFIR #BlueTeam - Not only Control - CPL‼️ Potentially the exploit could run: #LOLBins 🔥🔥🔥🔥 MSHTA - HTA ✅ WSCRIPT - JS, JSE, VBA, WSF...✅ JAVAW - JAR ✅ MSIEXEC - MSI ✅ RegEdit - REG ✅ And MORE (?)
10
138
322
37
0
Yeti_Sec's profile picture. Sr. Malware Reverse Engineer & Threat Researcher, Unit 42 Threat Intelligence @unit42_intel | Ex-Incident Response. Opinions are my own.
Yeti
 @Yeti_Sec
Sep 9, 2021

#MSHTML CVE-2021-40444 VirusTotal Detonations

Yeti_Sec's tweet image. #MSHTML CVE-2021-40444 VirusTotal Detonations
0
8
27
4
0
elhackernet's profile picture. Recibiendo ataques DDoS desde 2001. RIP wolfbcn. Telgram https://t.co/QSdxPId0ZH - Tecnología, seguridad, informática
elhacker.NET
 @elhackernet
Sep 11, 2021

Se recomienda deshabilitar la función del Panel de "Vista Previa" en el explorador de Windows para evitar ser víctima de la nueva vulnerabilidad ficheros maliciosos Office - Vulnerabilidad CVE-2021-40444 RCE #MSHTML #ActiveX

elhackernet's tweet image. Se recomienda deshabilitar la función del Panel de "Vista Previa" en el explorador de Windows para evitar ser víctima de la nueva vulnerabilidad ficheros maliciosos Office - Vulnerabilidad CVE-2021-40444 RCE #MSHTML #ActiveX
elhackernet's tweet image. Se recomienda deshabilitar la función del Panel de "Vista Previa" en el explorador de Windows para evitar ser víctima de la nueva vulnerabilidad ficheros maliciosos Office - Vulnerabilidad CVE-2021-40444 RCE #MSHTML #ActiveX
elhackernet's tweet image. Se recomienda deshabilitar la función del Panel de "Vista Previa" en el explorador de Windows para evitar ser víctima de la nueva vulnerabilidad ficheros maliciosos Office - Vulnerabilidad CVE-2021-40444 RCE #MSHTML #ActiveX
5
139
224
20
0
SeguInfo's profile picture. Lic. Cristian Borghello CISSP-CCSK-CSFPC - Director de Segu-Info, ODILA, Segu-Kids y Antiphishing-la - Educación y Consultoría en Seguridad de la Información
Cristian Borghello
 @SeguInfo
Sep 13, 2021

Así funciona el exploit de la vulnerabilidad CVE-2021-40444 #MSHTML (aún sin parche). 1. Docx modificado con URL a exploit 2. DLL con el payload (calc) 3. Carga de HTML con el exploit y carga de DLL 4. Al abrir office (doc/ppt) se ejecuta la Calc

SeguInfo's tweet image. Así funciona el exploit de la vulnerabilidad CVE-2021-40444 #MSHTML (aún sin parche). 1. Docx modificado con URL a exploit 2. DLL con el payload (calc) 3. Carga de HTML con el exploit y carga de DLL 4. Al abrir office (doc/ppt) se ejecuta la Calc
SeguInfo's tweet image. Así funciona el exploit de la vulnerabilidad CVE-2021-40444 #MSHTML (aún sin parche). 1. Docx modificado con URL a exploit 2. DLL con el payload (calc) 3. Carga de HTML con el exploit y carga de DLL 4. Al abrir office (doc/ppt) se ejecuta la Calc
SeguInfo's tweet image. Así funciona el exploit de la vulnerabilidad CVE-2021-40444 #MSHTML (aún sin parche). 1. Docx modificado con URL a exploit 2. DLL con el payload (calc) 3. Carga de HTML con el exploit y carga de DLL 4. Al abrir office (doc/ppt) se ejecuta la Calc
SeguInfo's tweet image. Así funciona el exploit de la vulnerabilidad CVE-2021-40444 #MSHTML (aún sin parche). 1. Docx modificado con URL a exploit 2. DLL con el payload (calc) 3. Carga de HTML con el exploit y carga de DLL 4. Al abrir office (doc/ppt) se ejecuta la Calc
0
25
49
1
0
Max_Mal_'s profile picture. Threat Researcher, Blue Team, DFIR, Malware Analysis, and Reverse Engineering. “⚔️What do we say to God of malware, Not today⚔️”
Max_Malyutin
 @Max_Mal_
Sep 8, 2021

Microsoft #MSHTML Remote Code Execution Vulnerability #CVE202140444 hidusi[.]com 🔥 23[.]106[.]160[.]25 🔥 msrc.microsoft.com/update-guide/v… virustotal.com/gui/domain/hid…

Max_Mal_'s tweet image. Microsoft #MSHTML Remote Code Execution Vulnerability #CVE202140444 hidusi[.]com 🔥 23[.]106[.]160[.]25 🔥 msrc.microsoft.com/update-guide/v… virustotal.com/gui/domain/hid…
1
8
30
4
0
Max_Mal_'s profile picture. Threat Researcher, Blue Team, DFIR, Malware Analysis, and Reverse Engineering. “⚔️What do we say to God of malware, Not today⚔️”
Max_Malyutin
 @Max_Mal_
Sep 10, 2021

Seems like new #CVE-2021-40444 #MSHTML RCE Vulnerability C2 server: 175[.]24[.1]90[.]249 🔥 hxxp://175[.]24[.1]90[.]24/note[.]html virustotal.com/gui/ip-address… @malwrhunterteam - artifact.exe #CobaltStrike beacon (?)😉 #BlueTeam #DFIR

Max_Mal_'s tweet image. Seems like new #CVE-2021-40444 #MSHTML RCE Vulnerability C2 server: 175[.]24[.1]90[.]249 🔥 hxxp://175[.]24[.1]90[.]24/note[.]html virustotal.com/gui/ip-address… @malwrhunterteam - artifact.exe #CobaltStrike beacon (?)😉 #BlueTeam #DFIR
2
25
80
2
0
Max_Mal_'s profile picture. Threat Researcher, Blue Team, DFIR, Malware Analysis, and Reverse Engineering. “⚔️What do we say to God of malware, Not today⚔️”
Max_Malyutin
 @Max_Mal_
Sep 9, 2021

#MSHTML RCE Vulnerability #CVE-2021-40444 #DFIR How to find mhtml object: 1) Unzip the MalDoc 2) Navigate to *\word\_rels\* 3) open document.xml.rels 4) Screech for: Target="mhtml: Sample: bazaar.abuse.ch/sample/d0e1f97…

Max_Mal_'s tweet image. #MSHTML RCE Vulnerability #CVE-2021-40444 #DFIR How to find mhtml object: 1) Unzip the MalDoc 2) Navigate to *\word\_rels\* 3) open document.xml.rels 4) Screech for: Target="mhtml: Sample: bazaar.abuse.ch/sample/d0e1f97…
4
56
149
24
0
secure_blink's profile picture. #Developers First #AI-powered Application #Security Management Platform | Security By Design
Secure Blink
@secure_blink
Sep 16, 2021

Windows MSHTML Patched RCE vulnerability CVE-2021-40444 yet again under active exploitation. Details: ow.ly/lQh430rUcSK #Microsoft #Windows #MSHTML #Vulnerability #infosec #Threatfeeds #SecureBlink

secure_blink's tweet image. Windows MSHTML Patched RCE vulnerability CVE-2021-40444 yet again under active exploitation. Details: ow.ly/lQh430rUcSK #Microsoft #Windows #MSHTML #Vulnerability #infosec #Threatfeeds #SecureBlink
0
1
3
0
0
SeguInfo's profile picture. Lic. Cristian Borghello CISSP-CCSK-CSFPC - Director de Segu-Info, ODILA, Segu-Kids y Antiphishing-la - Educación y Consultoría en Seguridad de la Información
Cristian Borghello
 @SeguInfo
Sep 13, 2021

Deshabilitar la instalación de todos los controles ActiveX en Internet Explorer mitiga la vulnerabilidad CVE-2021-40444 #MSHTML (aún sin parche). Se puede hacer para todos los sitios configurando la política de grupo o actualizando el registro. Más info: blog.segu-info.com.ar/2021/09/zero-d…

SeguInfo's tweet image. Deshabilitar la instalación de todos los controles ActiveX en Internet Explorer mitiga la vulnerabilidad CVE-2021-40444 #MSHTML (aún sin parche). Se puede hacer para todos los sitios configurando la política de grupo o actualizando el registro. Más info: blog.segu-info.com.ar/2021/09/zero-d…
1
19
26
3
0
JustRogDigiTec's profile picture. Senior Technical Leadership for AR/VR Product focused on core system software, Quest 2/Pro/3 & future devices. D&I is my habit & hobby.
Justin Rogers
 @JustRogDigiTec
Apr 25, 2015

IE vendor prefixes graph up to 10049 (10061 incoming shortly) for IE 11 #MSHTML then over to #EdgeHTML in Win10

JustRogDigiTec's tweet image. IE vendor prefixes graph up to 10049 (10061 incoming shortly) for IE 11 #MSHTML then over to #EdgeHTML in Win10
0
0
0
0
0
snort's profile picture. SNORT®: The standard in IDS and IPS. Download Snort3 today! https://t.co/HlFUvLOk02
Snort 🐷
 @snort
Sep 9, 2021

Our latest rule update is out now, and includes coverage for the #Microsoft #MSHTML zero-day that's actively being exploited in the wild cs.co/6014yFeMA

1
8
14
1
0
sans_isc's profile picture. @sans_isc@infosec.exchange - https://t.co/8IgCGtJnZd - Global Network Security Information Sharing Community -
SANS.edu Internet Storm Center
@sans_isc
Sep 14, 2021

Microsoft September 2021 Patch Tuesday (MSHTML Vulnerability Patch Included) #MSFT #MSHTML #Patches i5c.us/d27834

sans_isc's tweet image. Microsoft September 2021 Patch Tuesday (MSHTML Vulnerability Patch Included) #MSFT #MSHTML #Patches i5c.us/d27834
0
5
6
1
0
TalosSecurity's profile picture. Cisco Talos defends Cisco customers with trusted global cybersecurity intelligence. Support requests: https://t.co/LGrHyYbolX
Cisco Talos Intelligence Group
 @TalosSecurity
Sep 14, 2021

#PatchTuesday is live now — users should update all of their Microsoft products to protect against the #MSHTML #vulnerability and 85 other bugs disclosed today cs.co/6012y4Pxm

1
14
12
0
0
leonov_av's profile picture. Vulnerability assessment, *nix security, compliance management, security automation
Alexander Leonov
 @leonov_av
Sep 18, 2024

The severity of the Spoofing - Windows #MSHTML Platform (CVE-2024-43461) has increased. The #VoidBanshee APT attackers hid the extension of the malicious HTA file being opened by adding 26 Braille space characters to its name. #Microsoft #ZDI t.me/avleonovcom/14…

leonov_av's tweet image. The severity of the Spoofing - Windows #MSHTML Platform (CVE-2024-43461) has increased. The #VoidBanshee APT attackers hid the extension of the malicious HTA file being opened by adding 26 Braille space characters to its name. #Microsoft #ZDI t.me/avleonovcom/14…
0
0
0
0
7K
DubiStowCh's profile picture. 從遙遠的卡利斯托星球而來,學習這裡的一切事物 / Minecraft / React / Python / WebSec 繪師 @NekosimaYui 建模師 @Yasa_661266 / FanArt #DubiArtas / FanName #DubiArcas / Clips #DubiArclips
Dubi 🐻 TW VTuber
 @DubiStowCh
Sep 16, 2021

#NCCST 發布 Windows 更新建議 本週 Windows & iOS/iPadOS 都有安全性更新 有空記得要按更新喔! #NCCST #MSHTML #Microsoft #PatchTuesday #CVE202140444 #CVE202130860 #CVE202130858 #DubiSec

DubiStowCh's tweet image. #NCCST 發布 Windows 更新建議 本週 Windows & iOS/iPadOS 都有安全性更新 有空記得要按更新喔! #NCCST #MSHTML #Microsoft #PatchTuesday #CVE202140444 #CVE202130860 #CVE202130858 #DubiSec
0
0
3
0
0
DigitalGuardian's profile picture. Provider of data protection solutions and services that have secured businesses around the world since 2003. A key part of @FortraOfficial.
Digital Guardian
 @DigitalGuardian
Sep 17, 2021

ICYMI: @Microsoft fixed last week's #MSHTML zero day in this week's #PatchTuesday update: buff.ly/3Ekdlf3

DigitalGuardian's tweet image. ICYMI: @Microsoft fixed last week's #MSHTML zero day in this week's #PatchTuesday update: buff.ly/3Ekdlf3
0
0
0
0
0
TalosSecurity's profile picture. Cisco Talos defends Cisco customers with trusted global cybersecurity intelligence. Support requests: https://t.co/LGrHyYbolX
Cisco Talos Intelligence Group
 @TalosSecurity
Sep 9, 2021

There are Snort rules available now to protect against the #Microsoft #MSHTML 0-day. We've observed malware samples attempting to exploit this vulnerability being uploaded to public repositories dating back to mid-August, users should take action asap cs.co/6015yF9sD

TalosSecurity's tweet image. There are Snort rules available now to protect against the #Microsoft #MSHTML 0-day. We've observed malware samples attempting to exploit this vulnerability being uploaded to public repositories dating back to mid-August, users should take action asap cs.co/6015yF9sD
0
8
14
0
0

Something went wrong.


Something went wrong.


United States Trends