Purple Fox Exploit Kit added exploit for CVE-2020-0674 and CVE-2019-1458 in his repository

Purple Fox EK is now equipped with two new exploit and it indicate the continues development of Purple Fox EK. Purple Fox EK  is developed to deliver his original malware Purple Fox malware and before the release of this kit the Purple Fox malware was delivered by the Rig EK . After that to save the extra cost paid to Rig EK Purple Fox EK was launched.
CVE-2020-0674 is a scripting engine memory corruption vulnerability in Internet Explorer announced by Microsoft in out of band security advisory ADV200001 on 2020-01-18 and fixed as part of the February 2020 Patch Tuesday release. Since then, some detailed explanations of the vulnerability have been published and some proof of concept (PoC) code has been released.
CVE-2019-1458 is a local privilege elevation (LPE) vulnerability that was used in Operation WizardOpium and fixed by Microsoft as part of the December 2019 Patch Tuesday release.

Read Full Report

No comments:

Canada Bans TikTok: Exploring the National Security Risks Behind the Shutdown

Canada’s Decision to Dissolve TikTok Technology Canada In a landmark decision, the Canadian government has ordered the shutdown of TikTok Te...