Malicious RTF File Exploiting Equation Editor (CVE-2017-11882) Pushing Agent Tesla Malware
Malicious PHP Upload Attempts
Malicious PHP upload attempts have been ramping up over the past week. I am beginning to wonder if we are starting to see some more activity from botnets, possibly related to recent DSL & GPON exploit attempts (D-Link & DSL-2750B).
Exploits in the Wild 8/12/2018
I thought about writing up a short article on exploitation attempts I have been seeing in the wild. This website, services.vcodispot.com, and associated .onion versions sit behind Suricata IPS. Suricata is an open source Network Intrusion Detection System (IDS) or
Accessing Windows Workstations (Updated 6/4/2018)
Accessing Vulnerable Windows Workstations on Network. (Updated 6/4/2018) Microsoft has taken preventative measures against vulnerabilities that exist with SMBv1 by no longer including the network protocol after the Windows 10 Fall Creators Update and Windows Server, version 1709