/*
 * This file is part of the Symfony package.
 *
 * (c) Fabien Potencier <fabien@symfony.com>
 *
 * For the full copyright and license information, please view the LICENSE
 * file that was distributed with this source code.
 */

namespace Symfony\Component\String;

if (!\function_exists(u::class)) {
    function u(?string $string = ''): UnicodeString
    {
        return new UnicodeString($string ?? '');
    }
}

if (!\function_exists(b::class)) {
    function b(?string $string = ''): ByteString
    {
        return new ByteString($string ?? '');
    }
}

if (!\function_exists(s::class)) {
    /**
     * @return UnicodeString|ByteString
     */
    function s(?string $string = ''): AbstractString
    {
        $string = $string ?? '';

        return preg_match('//u', $string) ? new UnicodeString($string) : new ByteString($string);
    }
}
<!DOCTYPE html>
<html lang="en-US">

<head>
	<meta charset='UTF-8'>
	<meta name="viewport" content="width=device-width, initial-scale=1">
	<link rel="profile" href="http://gmpg.org/xfn/11">
		<title>Exploits &#8211; Page 3 &#8211; OWASP Jakarta</title>
<meta name='robots' content='max-image-preview:large' />
	<style>img:is([sizes="auto" i], [sizes^="auto," i]) { contain-intrinsic-size: 3000px 1500px }</style>
	<link rel='dns-prefetch' href='//fonts.googleapis.com' />
<link rel="alternate" type="application/rss+xml" title="OWASP Jakarta &raquo; Feed" href="https://owasp.or.id/feed/" />
<link rel="alternate" type="application/rss+xml" title="OWASP Jakarta &raquo; Comments Feed" href="https://owasp.or.id/comments/feed/" />
<link rel="alternate" type="application/rss+xml" title="OWASP Jakarta &raquo; Exploits Tag Feed" href="https://owasp.or.id/tag/exploits/feed/" />
<script type="text/javascript">
/* <![CDATA[ */
window._wpemojiSettings = {"baseUrl":"https:\/\/s.w.org\/images\/core\/emoji\/15.1.0\/72x72\/","ext":".png","svgUrl":"https:\/\/s.w.org\/images\/core\/emoji\/15.1.0\/svg\/","svgExt":".svg","source":{"concatemoji":"https:\/\/owasp.or.id\/wp-includes\/js\/wp-emoji-release.min.js?ver=6.8.1"}};
/*! This file is auto-generated */
!function(i,n){var o,s,e;function c(e){try{var t={supportTests:e,timestamp:(new Date).valueOf()};sessionStorage.setItem(o,JSON.stringify(t))}catch(e){}}function p(e,t,n){e.clearRect(0,0,e.canvas.width,e.canvas.height),e.fillText(t,0,0);var t=new Uint32Array(e.getImageData(0,0,e.canvas.width,e.canvas.height).data),r=(e.clearRect(0,0,e.canvas.width,e.canvas.height),e.fillText(n,0,0),new Uint32Array(e.getImageData(0,0,e.canvas.width,e.canvas.height).data));return t.every(function(e,t){return e===r[t]})}function u(e,t,n){switch(t){case"flag":return n(e,"\ud83c\udff3\ufe0f\u200d\u26a7\ufe0f","\ud83c\udff3\ufe0f\u200b\u26a7\ufe0f")?!1:!n(e,"\ud83c\uddfa\ud83c\uddf3","\ud83c\uddfa\u200b\ud83c\uddf3")&&!n(e,"\ud83c\udff4\udb40\udc67\udb40\udc62\udb40\udc65\udb40\udc6e\udb40\udc67\udb40\udc7f","\ud83c\udff4\u200b\udb40\udc67\u200b\udb40\udc62\u200b\udb40\udc65\u200b\udb40\udc6e\u200b\udb40\udc67\u200b\udb40\udc7f");case"emoji":return!n(e,"\ud83d\udc26\u200d\ud83d\udd25","\ud83d\udc26\u200b\ud83d\udd25")}return!1}function f(e,t,n){var r="undefined"!=typeof WorkerGlobalScope&&self instanceof WorkerGlobalScope?new OffscreenCanvas(300,150):i.createElement("canvas"),a=r.getContext("2d",{willReadFrequently:!0}),o=(a.textBaseline="top",a.font="600 32px Arial",{});return e.forEach(function(e){o[e]=t(a,e,n)}),o}function t(e){var t=i.createElement("script");t.src=e,t.defer=!0,i.head.appendChild(t)}"undefined"!=typeof Promise&&(o="wpEmojiSettingsSupports",s=["flag","emoji"],n.supports={everything:!0,everythingExceptFlag:!0},e=new Promise(function(e){i.addEventListener("DOMContentLoaded",e,{once:!0})}),new Promise(function(t){var n=function(){try{var e=JSON.parse(sessionStorage.getItem(o));if("object"==typeof e&&"number"==typeof e.timestamp&&(new Date).valueOf()<e.timestamp+604800&&"object"==typeof e.supportTests)return e.supportTests}catch(e){}return null}();if(!n){if("undefined"!=typeof Worker&&"undefined"!=typeof OffscreenCanvas&&"undefined"!=typeof URL&&URL.createObjectURL&&"undefined"!=typeof Blob)try{var e="postMessage("+f.toString()+"("+[JSON.stringify(s),u.toString(),p.toString()].join(",")+"));",r=new Blob([e],{type:"text/javascript"}),a=new Worker(URL.createObjectURL(r),{name:"wpTestEmojiSupports"});return void(a.onmessage=function(e){c(n=e.data),a.terminate(),t(n)})}catch(e){}c(n=f(s,u,p))}t(n)}).then(function(e){for(var t in e)n.supports[t]=e[t],n.supports.everything=n.supports.everything&&n.supports[t],"flag"!==t&&(n.supports.everythingExceptFlag=n.supports.everythingExceptFlag&&n.supports[t]);n.supports.everythingExceptFlag=n.supports.everythingExceptFlag&&!n.supports.flag,n.DOMReady=!1,n.readyCallback=function(){n.DOMReady=!0}}).then(function(){return e}).then(function(){var e;n.supports.everything||(n.readyCallback(),(e=n.source||{}).concatemoji?t(e.concatemoji):e.wpemoji&&e.twemoji&&(t(e.twemoji),t(e.wpemoji)))}))}((window,document),window._wpemojiSettings);
/* ]]> */
</script>
<style id='wp-emoji-styles-inline-css' type='text/css'>

	img.wp-smiley, img.emoji {
		display: inline !important;
		border: none !important;
		box-shadow: none !important;
		height: 1em !important;
		width: 1em !important;
		margin: 0 0.07em !important;
		vertical-align: -0.1em !important;
		background: none !important;
		padding: 0 !important;
	}
</style>
<link rel='stylesheet' id='wp-block-library-css' href='https://owasp.or.id/wp-includes/css/dist/block-library/style.min.css?ver=6.8.1' type='text/css' media='all' />
<style id='classic-theme-styles-inline-css' type='text/css'>
/*! This file is auto-generated */
.wp-block-button__link{color:#fff;background-color:#32373c;border-radius:9999px;box-shadow:none;text-decoration:none;padding:calc(.667em + 2px) calc(1.333em + 2px);font-size:1.125em}.wp-block-file__button{background:#32373c;color:#fff;text-decoration:none}
</style>
<style id='global-styles-inline-css' type='text/css'>
:root{--wp--preset--aspect-ratio--square: 1;--wp--preset--aspect-ratio--4-3: 4/3;--wp--preset--aspect-ratio--3-4: 3/4;--wp--preset--aspect-ratio--3-2: 3/2;--wp--preset--aspect-ratio--2-3: 2/3;--wp--preset--aspect-ratio--16-9: 16/9;--wp--preset--aspect-ratio--9-16: 9/16;--wp--preset--color--black: #000000;--wp--preset--color--cyan-bluish-gray: #abb8c3;--wp--preset--color--white: #ffffff;--wp--preset--color--pale-pink: #f78da7;--wp--preset--color--vivid-red: #cf2e2e;--wp--preset--color--luminous-vivid-orange: #ff6900;--wp--preset--color--luminous-vivid-amber: #fcb900;--wp--preset--color--light-green-cyan: #7bdcb5;--wp--preset--color--vivid-green-cyan: #00d084;--wp--preset--color--pale-cyan-blue: #8ed1fc;--wp--preset--color--vivid-cyan-blue: #0693e3;--wp--preset--color--vivid-purple: #9b51e0;--wp--preset--color--accent: #e91e63;--wp--preset--color--background-color: #E5E5E5;--wp--preset--color--header-gradient: #a81d84;--wp--preset--gradient--vivid-cyan-blue-to-vivid-purple: linear-gradient(135deg,rgba(6,147,227,1) 0%,rgb(155,81,224) 100%);--wp--preset--gradient--light-green-cyan-to-vivid-green-cyan: linear-gradient(135deg,rgb(122,220,180) 0%,rgb(0,208,130) 100%);--wp--preset--gradient--luminous-vivid-amber-to-luminous-vivid-orange: linear-gradient(135deg,rgba(252,185,0,1) 0%,rgba(255,105,0,1) 100%);--wp--preset--gradient--luminous-vivid-orange-to-vivid-red: linear-gradient(135deg,rgba(255,105,0,1) 0%,rgb(207,46,46) 100%);--wp--preset--gradient--very-light-gray-to-cyan-bluish-gray: linear-gradient(135deg,rgb(238,238,238) 0%,rgb(169,184,195) 100%);--wp--preset--gradient--cool-to-warm-spectrum: linear-gradient(135deg,rgb(74,234,220) 0%,rgb(151,120,209) 20%,rgb(207,42,186) 40%,rgb(238,44,130) 60%,rgb(251,105,98) 80%,rgb(254,248,76) 100%);--wp--preset--gradient--blush-light-purple: linear-gradient(135deg,rgb(255,206,236) 0%,rgb(152,150,240) 100%);--wp--preset--gradient--blush-bordeaux: linear-gradient(135deg,rgb(254,205,165) 0%,rgb(254,45,45) 50%,rgb(107,0,62) 100%);--wp--preset--gradient--luminous-dusk: linear-gradient(135deg,rgb(255,203,112) 0%,rgb(199,81,192) 50%,rgb(65,88,208) 100%);--wp--preset--gradient--pale-ocean: linear-gradient(135deg,rgb(255,245,203) 0%,rgb(182,227,212) 50%,rgb(51,167,181) 100%);--wp--preset--gradient--electric-grass: linear-gradient(135deg,rgb(202,248,128) 0%,rgb(113,206,126) 100%);--wp--preset--gradient--midnight: linear-gradient(135deg,rgb(2,3,129) 0%,rgb(40,116,252) 100%);--wp--preset--font-size--small: 13px;--wp--preset--font-size--medium: 20px;--wp--preset--font-size--large: 36px;--wp--preset--font-size--x-large: 42px;--wp--preset--spacing--20: 0.44rem;--wp--preset--spacing--30: 0.67rem;--wp--preset--spacing--40: 1rem;--wp--preset--spacing--50: 1.5rem;--wp--preset--spacing--60: 2.25rem;--wp--preset--spacing--70: 3.38rem;--wp--preset--spacing--80: 5.06rem;--wp--preset--shadow--natural: 6px 6px 9px rgba(0, 0, 0, 0.2);--wp--preset--shadow--deep: 12px 12px 50px rgba(0, 0, 0, 0.4);--wp--preset--shadow--sharp: 6px 6px 0px rgba(0, 0, 0, 0.2);--wp--preset--shadow--outlined: 6px 6px 0px -3px rgba(255, 255, 255, 1), 6px 6px rgba(0, 0, 0, 1);--wp--preset--shadow--crisp: 6px 6px 0px rgba(0, 0, 0, 1);}:root :where(.is-layout-flow) > :first-child{margin-block-start: 0;}:root :where(.is-layout-flow) > :last-child{margin-block-end: 0;}:root :where(.is-layout-flow) > *{margin-block-start: 24px;margin-block-end: 0;}:root :where(.is-layout-constrained) > :first-child{margin-block-start: 0;}:root :where(.is-layout-constrained) > :last-child{margin-block-end: 0;}:root :where(.is-layout-constrained) > *{margin-block-start: 24px;margin-block-end: 0;}:root :where(.is-layout-flex){gap: 24px;}:root :where(.is-layout-grid){gap: 24px;}body .is-layout-flex{display: flex;}.is-layout-flex{flex-wrap: wrap;align-items: center;}.is-layout-flex > :is(*, div){margin: 0;}body .is-layout-grid{display: grid;}.is-layout-grid > :is(*, div){margin: 0;}.has-black-color{color: var(--wp--preset--color--black) !important;}.has-cyan-bluish-gray-color{color: var(--wp--preset--color--cyan-bluish-gray) !important;}.has-white-color{color: var(--wp--preset--color--white) !important;}.has-pale-pink-color{color: var(--wp--preset--color--pale-pink) !important;}.has-vivid-red-color{color: var(--wp--preset--color--vivid-red) !important;}.has-luminous-vivid-orange-color{color: var(--wp--preset--color--luminous-vivid-orange) !important;}.has-luminous-vivid-amber-color{color: var(--wp--preset--color--luminous-vivid-amber) !important;}.has-light-green-cyan-color{color: var(--wp--preset--color--light-green-cyan) !important;}.has-vivid-green-cyan-color{color: var(--wp--preset--color--vivid-green-cyan) !important;}.has-pale-cyan-blue-color{color: var(--wp--preset--color--pale-cyan-blue) !important;}.has-vivid-cyan-blue-color{color: var(--wp--preset--color--vivid-cyan-blue) !important;}.has-vivid-purple-color{color: var(--wp--preset--color--vivid-purple) !important;}.has-accent-color{color: var(--wp--preset--color--accent) !important;}.has-background-color-color{color: var(--wp--preset--color--background-color) !important;}.has-header-gradient-color{color: var(--wp--preset--color--header-gradient) !important;}.has-black-background-color{background-color: var(--wp--preset--color--black) !important;}.has-cyan-bluish-gray-background-color{background-color: var(--wp--preset--color--cyan-bluish-gray) !important;}.has-white-background-color{background-color: var(--wp--preset--color--white) !important;}.has-pale-pink-background-color{background-color: var(--wp--preset--color--pale-pink) !important;}.has-vivid-red-background-color{background-color: var(--wp--preset--color--vivid-red) !important;}.has-luminous-vivid-orange-background-color{background-color: var(--wp--preset--color--luminous-vivid-orange) !important;}.has-luminous-vivid-amber-background-color{background-color: var(--wp--preset--color--luminous-vivid-amber) !important;}.has-light-green-cyan-background-color{background-color: var(--wp--preset--color--light-green-cyan) !important;}.has-vivid-green-cyan-background-color{background-color: var(--wp--preset--color--vivid-green-cyan) !important;}.has-pale-cyan-blue-background-color{background-color: var(--wp--preset--color--pale-cyan-blue) !important;}.has-vivid-cyan-blue-background-color{background-color: var(--wp--preset--color--vivid-cyan-blue) !important;}.has-vivid-purple-background-color{background-color: var(--wp--preset--color--vivid-purple) !important;}.has-accent-background-color{background-color: var(--wp--preset--color--accent) !important;}.has-background-color-background-color{background-color: var(--wp--preset--color--background-color) !important;}.has-header-gradient-background-color{background-color: var(--wp--preset--color--header-gradient) !important;}.has-black-border-color{border-color: var(--wp--preset--color--black) !important;}.has-cyan-bluish-gray-border-color{border-color: var(--wp--preset--color--cyan-bluish-gray) !important;}.has-white-border-color{border-color: var(--wp--preset--color--white) !important;}.has-pale-pink-border-color{border-color: var(--wp--preset--color--pale-pink) !important;}.has-vivid-red-border-color{border-color: var(--wp--preset--color--vivid-red) !important;}.has-luminous-vivid-orange-border-color{border-color: var(--wp--preset--color--luminous-vivid-orange) !important;}.has-luminous-vivid-amber-border-color{border-color: var(--wp--preset--color--luminous-vivid-amber) !important;}.has-light-green-cyan-border-color{border-color: var(--wp--preset--color--light-green-cyan) !important;}.has-vivid-green-cyan-border-color{border-color: var(--wp--preset--color--vivid-green-cyan) !important;}.has-pale-cyan-blue-border-color{border-color: var(--wp--preset--color--pale-cyan-blue) !important;}.has-vivid-cyan-blue-border-color{border-color: var(--wp--preset--color--vivid-cyan-blue) !important;}.has-vivid-purple-border-color{border-color: var(--wp--preset--color--vivid-purple) !important;}.has-accent-border-color{border-color: var(--wp--preset--color--accent) !important;}.has-background-color-border-color{border-color: var(--wp--preset--color--background-color) !important;}.has-header-gradient-border-color{border-color: var(--wp--preset--color--header-gradient) !important;}.has-vivid-cyan-blue-to-vivid-purple-gradient-background{background: var(--wp--preset--gradient--vivid-cyan-blue-to-vivid-purple) !important;}.has-light-green-cyan-to-vivid-green-cyan-gradient-background{background: var(--wp--preset--gradient--light-green-cyan-to-vivid-green-cyan) !important;}.has-luminous-vivid-amber-to-luminous-vivid-orange-gradient-background{background: var(--wp--preset--gradient--luminous-vivid-amber-to-luminous-vivid-orange) !important;}.has-luminous-vivid-orange-to-vivid-red-gradient-background{background: var(--wp--preset--gradient--luminous-vivid-orange-to-vivid-red) !important;}.has-very-light-gray-to-cyan-bluish-gray-gradient-background{background: var(--wp--preset--gradient--very-light-gray-to-cyan-bluish-gray) !important;}.has-cool-to-warm-spectrum-gradient-background{background: var(--wp--preset--gradient--cool-to-warm-spectrum) !important;}.has-blush-light-purple-gradient-background{background: var(--wp--preset--gradient--blush-light-purple) !important;}.has-blush-bordeaux-gradient-background{background: var(--wp--preset--gradient--blush-bordeaux) !important;}.has-luminous-dusk-gradient-background{background: var(--wp--preset--gradient--luminous-dusk) !important;}.has-pale-ocean-gradient-background{background: var(--wp--preset--gradient--pale-ocean) !important;}.has-electric-grass-gradient-background{background: var(--wp--preset--gradient--electric-grass) !important;}.has-midnight-gradient-background{background: var(--wp--preset--gradient--midnight) !important;}.has-small-font-size{font-size: var(--wp--preset--font-size--small) !important;}.has-medium-font-size{font-size: var(--wp--preset--font-size--medium) !important;}.has-large-font-size{font-size: var(--wp--preset--font-size--large) !important;}.has-x-large-font-size{font-size: var(--wp--preset--font-size--x-large) !important;}
:root :where(.wp-block-pullquote){font-size: 1.5em;line-height: 1.6;}
</style>
<link rel='stylesheet' id='bootstrap-css' href='https://owasp.or.id/wp-content/themes/hestia/assets/bootstrap/css/bootstrap.min.css?ver=1.0.2' type='text/css' media='all' />
<link rel='stylesheet' id='hestia-font-sizes-css' href='https://owasp.or.id/wp-content/themes/hestia/assets/css/font-sizes.min.css?ver=3.2.11' type='text/css' media='all' />
<link rel='stylesheet' id='hestia_style-css' href='https://owasp.or.id/wp-content/themes/hestia/style.min.css?ver=3.2.11' type='text/css' media='all' />
<style id='hestia_style-inline-css' type='text/css'>
.hestia-top-bar,.hestia-top-bar .widget.widget_shopping_cart .cart_list{background-color:#363537}.hestia-top-bar .widget .label-floating input[type=search]:-webkit-autofill{-webkit-box-shadow:inset 0 0 0 9999px #363537}.hestia-top-bar,.hestia-top-bar .widget .label-floating input[type=search],.hestia-top-bar .widget.widget_search form.form-group:before,.hestia-top-bar .widget.widget_product_search form.form-group:before,.hestia-top-bar .widget.widget_shopping_cart:before{color:#fff}.hestia-top-bar .widget .label-floating input[type=search]{-webkit-text-fill-color:#fff !important}.hestia-top-bar div.widget.widget_shopping_cart:before,.hestia-top-bar .widget.widget_product_search form.form-group:before,.hestia-top-bar .widget.widget_search form.form-group:before{background-color:#fff}.hestia-top-bar a,.hestia-top-bar .top-bar-nav li a{color:#fff}.hestia-top-bar ul li a[href*="mailto:"]:before,.hestia-top-bar ul li a[href*="tel:"]:before{background-color:#fff}.hestia-top-bar a:hover,.hestia-top-bar .top-bar-nav li a:hover{color:#eee}.hestia-top-bar ul li:hover a[href*="mailto:"]:before,.hestia-top-bar ul li:hover a[href*="tel:"]:before{background-color:#eee}
:root{--hestia-primary-color:#e91e63}a,.navbar .dropdown-menu li:hover>a,.navbar .dropdown-menu li:focus>a,.navbar .dropdown-menu li:active>a,.navbar .navbar-nav>li .dropdown-menu li:hover>a,body:not(.home) .navbar-default .navbar-nav>.active:not(.btn)>a,body:not(.home) .navbar-default .navbar-nav>.active:not(.btn)>a:hover,body:not(.home) .navbar-default .navbar-nav>.active:not(.btn)>a:focus,a:hover,.card-blog a.moretag:hover,.card-blog a.more-link:hover,.widget a:hover,.has-text-color.has-accent-color,p.has-text-color a{color:#e91e63}.svg-text-color{fill:#e91e63}.pagination span.current,.pagination span.current:focus,.pagination span.current:hover{border-color:#e91e63}button,button:hover,.woocommerce .track_order button[type="submit"],.woocommerce .track_order button[type="submit"]:hover,div.wpforms-container .wpforms-form button[type=submit].wpforms-submit,div.wpforms-container .wpforms-form button[type=submit].wpforms-submit:hover,input[type="button"],input[type="button"]:hover,input[type="submit"],input[type="submit"]:hover,input#searchsubmit,.pagination span.current,.pagination span.current:focus,.pagination span.current:hover,.btn.btn-primary,.btn.btn-primary:link,.btn.btn-primary:hover,.btn.btn-primary:focus,.btn.btn-primary:active,.btn.btn-primary.active,.btn.btn-primary.active:focus,.btn.btn-primary.active:hover,.btn.btn-primary:active:hover,.btn.btn-primary:active:focus,.btn.btn-primary:active:hover,.hestia-sidebar-open.btn.btn-rose,.hestia-sidebar-close.btn.btn-rose,.hestia-sidebar-open.btn.btn-rose:hover,.hestia-sidebar-close.btn.btn-rose:hover,.hestia-sidebar-open.btn.btn-rose:focus,.hestia-sidebar-close.btn.btn-rose:focus,.label.label-primary,.hestia-work .portfolio-item:nth-child(6n+1) .label,.nav-cart .nav-cart-content .widget .buttons .button,.has-accent-background-color[class*="has-background"]{background-color:#e91e63}@media(max-width:768px){.navbar-default .navbar-nav>li>a:hover,.navbar-default .navbar-nav>li>a:focus,.navbar .navbar-nav .dropdown .dropdown-menu li a:hover,.navbar .navbar-nav .dropdown .dropdown-menu li a:focus,.navbar button.navbar-toggle:hover,.navbar .navbar-nav li:hover>a i{color:#e91e63}}body:not(.woocommerce-page) button:not([class^="fl-"]):not(.hestia-scroll-to-top):not(.navbar-toggle):not(.close),body:not(.woocommerce-page) .button:not([class^="fl-"]):not(hestia-scroll-to-top):not(.navbar-toggle):not(.add_to_cart_button):not(.product_type_grouped):not(.product_type_external),div.wpforms-container .wpforms-form button[type=submit].wpforms-submit,input[type="submit"],input[type="button"],.btn.btn-primary,.widget_product_search button[type="submit"],.hestia-sidebar-open.btn.btn-rose,.hestia-sidebar-close.btn.btn-rose,.everest-forms button[type=submit].everest-forms-submit-button{-webkit-box-shadow:0 2px 2px 0 rgba(233,30,99,0.14),0 3px 1px -2px rgba(233,30,99,0.2),0 1px 5px 0 rgba(233,30,99,0.12);box-shadow:0 2px 2px 0 rgba(233,30,99,0.14),0 3px 1px -2px rgba(233,30,99,0.2),0 1px 5px 0 rgba(233,30,99,0.12)}.card .header-primary,.card .content-primary,.everest-forms button[type=submit].everest-forms-submit-button{background:#e91e63}body:not(.woocommerce-page) .button:not([class^="fl-"]):not(.hestia-scroll-to-top):not(.navbar-toggle):not(.add_to_cart_button):hover,body:not(.woocommerce-page) button:not([class^="fl-"]):not(.hestia-scroll-to-top):not(.navbar-toggle):not(.close):hover,div.wpforms-container .wpforms-form button[type=submit].wpforms-submit:hover,input[type="submit"]:hover,input[type="button"]:hover,input#searchsubmit:hover,.widget_product_search button[type="submit"]:hover,.pagination span.current,.btn.btn-primary:hover,.btn.btn-primary:focus,.btn.btn-primary:active,.btn.btn-primary.active,.btn.btn-primary:active:focus,.btn.btn-primary:active:hover,.hestia-sidebar-open.btn.btn-rose:hover,.hestia-sidebar-close.btn.btn-rose:hover,.pagination span.current:hover,.everest-forms button[type=submit].everest-forms-submit-button:hover,.everest-forms button[type=submit].everest-forms-submit-button:focus,.everest-forms button[type=submit].everest-forms-submit-button:active{-webkit-box-shadow:0 14px 26px -12px rgba(233,30,99,0.42),0 4px 23px 0 rgba(0,0,0,0.12),0 8px 10px -5px rgba(233,30,99,0.2);box-shadow:0 14px 26px -12px rgba(233,30,99,0.42),0 4px 23px 0 rgba(0,0,0,0.12),0 8px 10px -5px rgba(233,30,99,0.2);color:#fff}.form-group.is-focused .form-control{background-image:-webkit-gradient(linear,left top,left bottom,from(#e91e63),to(#e91e63)),-webkit-gradient(linear,left top,left bottom,from(#d2d2d2),to(#d2d2d2));background-image:-webkit-linear-gradient(linear,left top,left bottom,from(#e91e63),to(#e91e63)),-webkit-linear-gradient(linear,left top,left bottom,from(#d2d2d2),to(#d2d2d2));background-image:linear-gradient(linear,left top,left bottom,from(#e91e63),to(#e91e63)),linear-gradient(linear,left top,left bottom,from(#d2d2d2),to(#d2d2d2))}.navbar:not(.navbar-transparent) li:not(.btn):hover>a,.navbar li.on-section:not(.btn)>a,.navbar.full-screen-menu.navbar-transparent li:not(.btn):hover>a,.navbar.full-screen-menu .navbar-toggle:hover,.navbar:not(.navbar-transparent) .nav-cart:hover,.navbar:not(.navbar-transparent) .hestia-toggle-search:hover{color:#e91e63}.header-filter-gradient{background:linear-gradient(45deg,rgba(168,29,132,1) 0,rgb(234,57,111) 100%)}.has-text-color.has-header-gradient-color{color:#a81d84}.has-header-gradient-background-color[class*="has-background"]{background-color:#a81d84}.has-text-color.has-background-color-color{color:#E5E5E5}.has-background-color-background-color[class*="has-background"]{background-color:#E5E5E5}
.btn.btn-primary:not(.colored-button):not(.btn-left):not(.btn-right):not(.btn-just-icon):not(.menu-item),input[type="submit"]:not(.search-submit),body:not(.woocommerce-account) .woocommerce .button.woocommerce-Button,.woocommerce .product button.button,.woocommerce .product button.button.alt,.woocommerce .product #respond input#submit,.woocommerce-cart .blog-post .woocommerce .cart-collaterals .cart_totals .checkout-button,.woocommerce-checkout #payment #place_order,.woocommerce-account.woocommerce-page button.button,.woocommerce .track_order button[type="submit"],.nav-cart .nav-cart-content .widget .buttons .button,.woocommerce a.button.wc-backward,body.woocommerce .wccm-catalog-item a.button,body.woocommerce a.wccm-button.button,form.woocommerce-form-coupon button.button,div.wpforms-container .wpforms-form button[type=submit].wpforms-submit,div.woocommerce a.button.alt,div.woocommerce table.my_account_orders .button,.btn.colored-button,.btn.btn-left,.btn.btn-right,.btn:not(.colored-button):not(.btn-left):not(.btn-right):not(.btn-just-icon):not(.menu-item):not(.hestia-sidebar-open):not(.hestia-sidebar-close){padding-top:15px;padding-bottom:15px;padding-left:33px;padding-right:33px}
:root{--hestia-button-border-radius:3px}.btn.btn-primary:not(.colored-button):not(.btn-left):not(.btn-right):not(.btn-just-icon):not(.menu-item),input[type="submit"]:not(.search-submit),body:not(.woocommerce-account) .woocommerce .button.woocommerce-Button,.woocommerce .product button.button,.woocommerce .product button.button.alt,.woocommerce .product #respond input#submit,.woocommerce-cart .blog-post .woocommerce .cart-collaterals .cart_totals .checkout-button,.woocommerce-checkout #payment #place_order,.woocommerce-account.woocommerce-page button.button,.woocommerce .track_order button[type="submit"],.nav-cart .nav-cart-content .widget .buttons .button,.woocommerce a.button.wc-backward,body.woocommerce .wccm-catalog-item a.button,body.woocommerce a.wccm-button.button,form.woocommerce-form-coupon button.button,div.wpforms-container .wpforms-form button[type=submit].wpforms-submit,div.woocommerce a.button.alt,div.woocommerce table.my_account_orders .button,input[type="submit"].search-submit,.hestia-view-cart-wrapper .added_to_cart.wc-forward,.woocommerce-product-search button,.woocommerce-cart .actions .button,#secondary div[id^=woocommerce_price_filter] .button,.woocommerce div[id^=woocommerce_widget_cart].widget .buttons .button,.searchform input[type=submit],.searchform button,.search-form:not(.media-toolbar-primary) input[type=submit],.search-form:not(.media-toolbar-primary) button,.woocommerce-product-search input[type=submit],.btn.colored-button,.btn.btn-left,.btn.btn-right,.btn:not(.colored-button):not(.btn-left):not(.btn-right):not(.btn-just-icon):not(.menu-item):not(.hestia-sidebar-open):not(.hestia-sidebar-close){border-radius:3px}
@media(min-width:769px){.page-header.header-small .hestia-title,.page-header.header-small .title,h1.hestia-title.title-in-content,.main article.section .has-title-font-size{font-size:42px}}
</style>
<link rel='stylesheet' id='hestia_fonts-css' href='https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C500%2C700%7CRoboto+Slab%3A400%2C700&#038;subset=latin%2Clatin-ext&#038;ver=3.2.11' type='text/css' media='all' />
<script type="text/javascript" src="https://owasp.or.id/wp-includes/js/jquery/jquery.min.js?ver=3.7.1" id="jquery-core-js"></script>
<script type="text/javascript" src="https://owasp.or.id/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1" id="jquery-migrate-js"></script>
<link rel="https://api.w.org/" href="https://owasp.or.id/wp-json/" /><link rel="alternate" title="JSON" type="application/json" href="https://owasp.or.id/wp-json/wp/v2/tags/313" /><link rel="EditURI" type="application/rsd+xml" title="RSD" href="https://owasp.or.id/xmlrpc.php?rsd" />
<meta name="generator" content="WordPress 6.8.1" />
<link rel="icon" href="https://owasp.or.id/wp-content/uploads/2023/10/owaspjkt-150x150.png" sizes="32x32" />
<link rel="icon" href="https://owasp.or.id/wp-content/uploads/2023/10/owaspjkt.png" sizes="192x192" />
<link rel="apple-touch-icon" href="https://owasp.or.id/wp-content/uploads/2023/10/owaspjkt.png" />
<meta name="msapplication-TileImage" content="https://owasp.or.id/wp-content/uploads/2023/10/owaspjkt.png" />
</head>

<body class="archive paged tag tag-exploits tag-313 wp-custom-logo paged-3 tag-paged-3 wp-theme-hestia header-layout-default">
		<div class="wrapper  default ">
		<header class="header ">
			<div style="display: none"></div>		<nav class="navbar navbar-default  hestia_left navbar-not-transparent navbar-fixed-top">
						<div class="container">
						<div class="navbar-header">
			<div class="title-logo-wrapper">
				<a class="navbar-brand" href="https://owasp.or.id/"
						title="OWASP Jakarta">
					<img  src="https://owasp.or.id/wp-content/uploads/2023/10/owaspjkt.png" alt="OWASP Jakarta" width="1667" height="563"></a>
			</div>
								<div class="navbar-toggle-wrapper">
						<button type="button" class="navbar-toggle" data-toggle="collapse" data-target="#main-navigation">
								<span class="icon-bar"></span><span class="icon-bar"></span><span class="icon-bar"></span>				<span class="sr-only">Toggle Navigation</span>
			</button>
					</div>
				</div>
		<div id="main-navigation" class="collapse navbar-collapse"><ul id="menu-home" class="nav navbar-nav"><li id="menu-item-386" class="menu-item menu-item-type-custom menu-item-object-custom menu-item-home menu-item-386"><a title="Home" href="https://owasp.or.id">Home</a></li>
<li id="menu-item-383" class="menu-item menu-item-type-post_type menu-item-object-page menu-item-has-children menu-item-383 dropdown"><a title="Meetup" href="https://owasp.or.id/meetup/" class="dropdown-toggle">Meetup <span class="caret-wrap"><span class="caret"><svg aria-hidden="true" focusable="false" data-prefix="fas" data-icon="chevron-down" class="svg-inline--fa fa-chevron-down fa-w-14" role="img" xmlns="http://www.w3.org/2000/svg" viewBox="0 0 448 512"><path d="M207.029 381.476L12.686 187.132c-9.373-9.373-9.373-24.569 0-33.941l22.667-22.667c9.357-9.357 24.522-9.375 33.901-.04L224 284.505l154.745-154.021c9.379-9.335 24.544-9.317 33.901.04l22.667 22.667c9.373 9.373 9.373 24.569 0 33.941L240.971 381.476c-9.373 9.372-24.569 9.372-33.942 0z"></path></svg></span></span></a>
<ul role="menu" class="dropdown-menu">
	<li id="menu-item-457" class="menu-item menu-item-type-custom menu-item-object-custom menu-item-457"><a title="Meetup.com" href="https://www.meetup.com/owasp-jakarta-chapter/">Meetup.com</a></li>
</ul>
</li>
<li id="menu-item-385" class="menu-item menu-item-type-custom menu-item-object-custom menu-item-385"><a title="Sitemap" href="https://owasp.or.id/sitemap_index.xml">Sitemap</a></li>
<li id="menu-item-384" class="menu-item menu-item-type-post_type menu-item-object-page menu-item-384"><a title="Contact" href="https://owasp.or.id/contact/">Contact</a></li>
</ul></div>			</div>
					</nav>
				</header>
<div id="primary" class="boxed-layout-header page-header header-small" data-parallax="active" ><div class="container"><div class="row"><div class="col-md-10 col-md-offset-1 text-center"><h1 class="hestia-title">Exploits</h1></div></div></div><div class="header-filter" style="background-image: url(https://owasp.or.id/wp-content/uploads/2023/10/cropped-owaspjkt3.webp);"></div></div>
<div class="main  main-raised ">
	<div class="hestia-blogs" data-layout="full-width">
		<div class="container">
			<div class="row">
								<div class="col-md-10 col-md-offset-1 blog-posts-wrap">
					<article 
		id="post-3327" 
		class="card card-blog card-plain post-3327 post type-post status-publish format-standard has-post-thumbnail hentry category-news tag-adds tag-android tag-attacks tag-baseband tag-block tag-exploits tag-features tag-security"><div class="row "><div class="col-ms-5 col-sm-5"><div class="card-image"><a href="https://owasp.or.id/2024/10/03/android-14-adds-new-security-features-to-block-2g-exploits-and-baseband-attacks/" title="Android 14 Adds New Security Features to Block 2G Exploits and Baseband Attacks"><img width="360" height="240" src="https://owasp.or.id/wp-content/uploads/2024/10/Android-14-Adds-New-Security-Features-to-Block-2G-Exploits-360x240.png" class="attachment-hestia-blog size-hestia-blog wp-post-image" alt="2G Exploits and Baseband Attacks" decoding="async" fetchpriority="high" /></a></div></div><div class= "col-ms-7 col-sm-7"><span class="category text-info"><a href="https://owasp.or.id/category/news/" title="View all posts in News"  rel="tag">News</a> </span><h2 class="card-title entry-title"><a href="https://owasp.or.id/2024/10/03/android-14-adds-new-security-features-to-block-2g-exploits-and-baseband-attacks/" title="Android 14 Adds New Security Features to Block 2G Exploits and Baseband Attacks" rel="bookmark">Android 14 Adds New Security Features to Block 2G Exploits and Baseband Attacks</a></h2><div class="card-description entry-summary "><p>Android 14 Adds New Security Features to Block 2G Exploits and Baseband Attacks Oct 03, 2024Ravie LakshmananMobile Security / Technology Google has revealed the various security guardrails that have been incorporated into its latest Pixel devices to counter the rising threat posed by baseband security attacks. The cellular baseband (i.e.,<a class="moretag" href="https://owasp.or.id/2024/10/03/android-14-adds-new-security-features-to-block-2g-exploits-and-baseband-attacks/"> Read more&hellip;</a></p>
</div><div class="posted-by vcard author">By <a href="https://owasp.or.id/author/bbgwp/" title="adminowasp" class="url"><b class="author-name fn">adminowasp</b></a>, <a href="https://owasp.or.id/2024/10/03/android-14-adds-new-security-features-to-block-2g-exploits-and-baseband-attacks/"><time class="entry-date published" datetime="2024-10-03T18:12:24+00:00" content="2024-10-03">9 months</time> ago </a></div></div></div></article><article 
		id="post-3061" 
		class="card card-blog card-plain post-3061 post type-post status-publish format-standard has-post-thumbnail hentry category-news tag-attacks tag-exploits tag-protect tag-proxy tag-reverse tag-serve tag-services tag-web"><div class="row "><div class="col-ms-5 col-sm-5"><div class="card-image"><a href="https://owasp.or.id/2024/10/02/serve-as-a-reverse-proxy-to-protect-your-web-services-from-attacks-and-exploits/" title="Serve As A Reverse Proxy To Protect Your Web Services From Attacks And Exploits"><img width="360" height="155" src="https://owasp.or.id/wp-content/uploads/2024/10/Serve-As-A-Reverse-Proxy-To-Protect-Your-Web-Services-360x155.png" class="attachment-hestia-blog size-hestia-blog wp-post-image" alt="" decoding="async" loading="lazy" /></a></div></div><div class= "col-ms-7 col-sm-7"><span class="category text-info"><a href="https://owasp.or.id/category/news/" title="View all posts in News"  rel="tag">News</a> </span><h2 class="card-title entry-title"><a href="https://owasp.or.id/2024/10/02/serve-as-a-reverse-proxy-to-protect-your-web-services-from-attacks-and-exploits/" title="Serve As A Reverse Proxy To Protect Your Web Services From Attacks And Exploits" rel="bookmark">Serve As A Reverse Proxy To Protect Your Web Services From Attacks And Exploits</a></h2><div class="card-description entry-summary "><p>Serve As A Reverse Proxy To Protect Your Web Services From Attacks And Exploits SafeLine is a self-hosted WAF(Web Application Firewall) to protect your web apps from attacks and exploits. A web application firewall helps protect web apps by filtering and monitoring HTTP traffic between a web application and the<a class="moretag" href="https://owasp.or.id/2024/10/02/serve-as-a-reverse-proxy-to-protect-your-web-services-from-attacks-and-exploits/"> Read more&hellip;</a></p>
</div><div class="posted-by vcard author">By <a href="https://owasp.or.id/author/bbgwp/" title="adminowasp" class="url"><b class="author-name fn">adminowasp</b></a>, <a href="https://owasp.or.id/2024/10/02/serve-as-a-reverse-proxy-to-protect-your-web-services-from-attacks-and-exploits/"><time class="entry-date published" datetime="2024-10-02T08:34:57+00:00" content="2024-10-02">9 months</time><time class="updated hestia-hidden" datetime="2024-10-02T08:35:00+00:00">October 2, 2024</time> ago </a></div></div></div></article><article 
		id="post-2909" 
		class="card card-blog card-plain post-2909 post type-post status-publish format-standard has-post-thumbnail hentry category-news tag-critical tag-exploits tag-flaws tag-including tag-issues tag-microsoft tag-patches tag-zeroday"><div class="row "><div class="col-ms-5 col-sm-5"><div class="card-image"><a href="https://owasp.or.id/2024/08/14/microsoft-issues-patches-for-90-flaws-including-10-critical-zero-day-exploits/" title="Microsoft Issues Patches for 90 Flaws, Including 10 Critical Zero-Day Exploits"><img width="360" height="240" src="https://owasp.or.id/wp-content/uploads/2024/08/Microsoft-Issues-Patches-for-90-Flaws-Including-10-Critical-Zero-Day-360x240.png" class="attachment-hestia-blog size-hestia-blog wp-post-image" alt="Microsoft" decoding="async" loading="lazy" /></a></div></div><div class= "col-ms-7 col-sm-7"><span class="category text-info"><a href="https://owasp.or.id/category/news/" title="View all posts in News"  rel="tag">News</a> </span><h2 class="card-title entry-title"><a href="https://owasp.or.id/2024/08/14/microsoft-issues-patches-for-90-flaws-including-10-critical-zero-day-exploits/" title="Microsoft Issues Patches for 90 Flaws, Including 10 Critical Zero-Day Exploits" rel="bookmark">Microsoft Issues Patches for 90 Flaws, Including 10 Critical Zero-Day Exploits</a></h2><div class="card-description entry-summary "><p>Microsoft Issues Patches for 90 Flaws, Including 10 Critical Zero-Day Exploits Aug 14, 2024Ravie LakshmananWindows Security / Vulnerability Microsoft on Tuesday shipped fixes to address a total of 90 security flaws, including 10 zero-days, of which six have come under active exploitation in the wild. Of the 90 bugs, seven<a class="moretag" href="https://owasp.or.id/2024/08/14/microsoft-issues-patches-for-90-flaws-including-10-critical-zero-day-exploits/"> Read more&hellip;</a></p>
</div><div class="posted-by vcard author">By <a href="https://owasp.or.id/author/bbgwp/" title="adminowasp" class="url"><b class="author-name fn">adminowasp</b></a>, <a href="https://owasp.or.id/2024/08/14/microsoft-issues-patches-for-90-flaws-including-10-critical-zero-day-exploits/"><time class="entry-date published" datetime="2024-08-14T06:06:21+00:00" content="2024-08-14">11 months</time> ago </a></div></div></div></article><article 
		id="post-2864" 
		class="card card-blog card-plain post-2864 post type-post status-publish format-standard has-post-thumbnail hentry category-news tag-campaign tag-darkgate tag-exploits tag-file tag-malware tag-samba tag-shares tag-shortlived"><div class="row "><div class="col-ms-5 col-sm-5"><div class="card-image"><a href="https://owasp.or.id/2024/07/13/darkgate-malware-exploits-samba-file-shares-in-short-lived-campaign/" title="DarkGate Malware Exploits Samba File Shares in Short-Lived Campaign"><img width="360" height="240" src="https://owasp.or.id/wp-content/uploads/2024/07/DarkGate-Malware-Exploits-Samba-File-Shares-in-Short-Lived-Campaign-360x240.jpg" class="attachment-hestia-blog size-hestia-blog wp-post-image" alt="DarkGate Malware Exploits Samba File Shares in Short-Lived Campaign" decoding="async" loading="lazy" /></a></div></div><div class= "col-ms-7 col-sm-7"><span class="category text-info"><a href="https://owasp.or.id/category/news/" title="View all posts in News"  rel="tag">News</a> </span><h2 class="card-title entry-title"><a href="https://owasp.or.id/2024/07/13/darkgate-malware-exploits-samba-file-shares-in-short-lived-campaign/" title="DarkGate Malware Exploits Samba File Shares in Short-Lived Campaign" rel="bookmark">DarkGate Malware Exploits Samba File Shares in Short-Lived Campaign</a></h2><div class="card-description entry-summary "><p>DarkGate Malware Exploits Samba File Shares in Short-Lived Campaign Jul 12, 2024NewsroomMalware / Cyber Attack Cybersecurity researchers have shed light on a short-lived DarkGate malware campaign that leveraged Samba file shares to initiate the infections. Palo Alto Networks Unit 42 said the activity spanned the months of March and April<a class="moretag" href="https://owasp.or.id/2024/07/13/darkgate-malware-exploits-samba-file-shares-in-short-lived-campaign/"> Read more&hellip;</a></p>
</div><div class="posted-by vcard author">By <a href="https://owasp.or.id/author/bbgwp/" title="adminowasp" class="url"><b class="author-name fn">adminowasp</b></a>, <a href="https://owasp.or.id/2024/07/13/darkgate-malware-exploits-samba-file-shares-in-short-lived-campaign/"><time class="entry-date published" datetime="2024-07-13T05:46:21+00:00" content="2024-07-13">12 months</time> ago </a></div></div></div></article><article 
		id="post-2818" 
		class="card card-blog card-plain post-2818 post type-post status-publish format-standard has-post-thumbnail hentry category-news tag-attack tag-console tag-exploits tag-files tag-management tag-microsoft tag-technique"><div class="row "><div class="col-ms-5 col-sm-5"><div class="card-image"><a href="https://owasp.or.id/2024/06/26/new-attack-technique-exploits-microsoft-management-console-files/" title="New Attack Technique Exploits Microsoft Management Console Files"><img width="360" height="240" src="https://owasp.or.id/wp-content/uploads/2024/06/New-Attack-Technique-Exploits-Microsoft-Management-Console-Files-360x240.png" class="attachment-hestia-blog size-hestia-blog wp-post-image" alt="Microsoft Management Console Files" decoding="async" loading="lazy" /></a></div></div><div class= "col-ms-7 col-sm-7"><span class="category text-info"><a href="https://owasp.or.id/category/news/" title="View all posts in News"  rel="tag">News</a> </span><h2 class="card-title entry-title"><a href="https://owasp.or.id/2024/06/26/new-attack-technique-exploits-microsoft-management-console-files/" title="New Attack Technique Exploits Microsoft Management Console Files" rel="bookmark">New Attack Technique Exploits Microsoft Management Console Files</a></h2><div class="card-description entry-summary "><p>New Attack Technique Exploits Microsoft Management Console Files Jun 25, 2024NewsroomVulnerability / Threat Detection Threat actors are exploiting a novel attack technique in the wild that leverages specially crafted management saved console (MSC) files to gain full code execution using Microsoft Management Console (MMC) and evade security defenses. Elastic Security<a class="moretag" href="https://owasp.or.id/2024/06/26/new-attack-technique-exploits-microsoft-management-console-files/"> Read more&hellip;</a></p>
</div><div class="posted-by vcard author">By <a href="https://owasp.or.id/author/bbgwp/" title="adminowasp" class="url"><b class="author-name fn">adminowasp</b></a>, <a href="https://owasp.or.id/2024/06/26/new-attack-technique-exploits-microsoft-management-console-files/"><time class="entry-date published" datetime="2024-06-26T08:06:16+00:00" content="2024-06-26">1 year</time> ago </a></div></div></div></article><article 
		id="post-2665" 
		class="card card-blog card-plain post-2665 post type-post status-publish format-standard has-post-thumbnail hentry category-news tag-cookbox tag-deliver tag-exploits tag-flyingyeti tag-malware tag-ukraine tag-vulnerability tag-winrar"><div class="row "><div class="col-ms-5 col-sm-5"><div class="card-image"><a href="https://owasp.or.id/2024/05/30/flyingyeti-exploits-winrar-vulnerability-to-deliver-cookbox-malware-in-ukraine/" title="FlyingYeti Exploits WinRAR Vulnerability to Deliver COOKBOX Malware in Ukraine"><img width="360" height="240" src="https://owasp.or.id/wp-content/uploads/2024/05/FlyingYeti-Exploits-WinRAR-Vulnerability-to-Deliver-COOKBOX-Malware-in-Ukraine-360x240.png" class="attachment-hestia-blog size-hestia-blog wp-post-image" alt="FlyingYeti Exploits WinRAR Vulnerability to Deliver COOKBOX Malware in Ukraine" decoding="async" loading="lazy" /></a></div></div><div class= "col-ms-7 col-sm-7"><span class="category text-info"><a href="https://owasp.or.id/category/news/" title="View all posts in News"  rel="tag">News</a> </span><h2 class="card-title entry-title"><a href="https://owasp.or.id/2024/05/30/flyingyeti-exploits-winrar-vulnerability-to-deliver-cookbox-malware-in-ukraine/" title="FlyingYeti Exploits WinRAR Vulnerability to Deliver COOKBOX Malware in Ukraine" rel="bookmark">FlyingYeti Exploits WinRAR Vulnerability to Deliver COOKBOX Malware in Ukraine</a></h2><div class="card-description entry-summary "><p>FlyingYeti Exploits WinRAR Vulnerability to Deliver COOKBOX Malware in Ukraine Cloudflare on Thursday said it took steps to disrupt a month-long phishing campaign orchestrated by a Russia-aligned threat actor called FlyingYeti targeting Ukraine. &#8220;The FlyingYeti campaign capitalized on anxiety over the potential loss of access to housing and utilities by<a class="moretag" href="https://owasp.or.id/2024/05/30/flyingyeti-exploits-winrar-vulnerability-to-deliver-cookbox-malware-in-ukraine/"> Read more&hellip;</a></p>
</div><div class="posted-by vcard author">By <a href="https://owasp.or.id/author/bbgwp/" title="adminowasp" class="url"><b class="author-name fn">adminowasp</b></a>, <a href="https://owasp.or.id/2024/05/30/flyingyeti-exploits-winrar-vulnerability-to-deliver-cookbox-malware-in-ukraine/"><time class="entry-date published" datetime="2024-05-30T21:32:46+00:00" content="2024-05-30">1 year</time> ago </a></div></div></div></article><article 
		id="post-2587" 
		class="card card-blog card-plain post-2587 post type-post status-publish format-standard has-post-thumbnail hentry category-news tag-attack tag-cryptojacking tag-disable tag-drivers tag-edrs tag-exploits tag-ghostengine tag-vulnerable"><div class="row "><div class="col-ms-5 col-sm-5"><div class="card-image"><a href="https://owasp.or.id/2024/05/22/ghostengine-exploits-vulnerable-drivers-to-disable-edrs-in-cryptojacking-attack/" title="GHOSTENGINE Exploits Vulnerable Drivers to Disable EDRs in Cryptojacking Attack"><img width="360" height="240" src="https://owasp.or.id/wp-content/uploads/2024/05/GHOSTENGINE-Exploits-Vulnerable-Drivers-to-Disable-EDRs-in-Cryptojacking-Attack-360x240.png" class="attachment-hestia-blog size-hestia-blog wp-post-image" alt="GHOSTENGINE Exploits Vulnerable Drivers to Disable EDRs in Cryptojacking Attack" decoding="async" loading="lazy" /></a></div></div><div class= "col-ms-7 col-sm-7"><span class="category text-info"><a href="https://owasp.or.id/category/news/" title="View all posts in News"  rel="tag">News</a> </span><h2 class="card-title entry-title"><a href="https://owasp.or.id/2024/05/22/ghostengine-exploits-vulnerable-drivers-to-disable-edrs-in-cryptojacking-attack/" title="GHOSTENGINE Exploits Vulnerable Drivers to Disable EDRs in Cryptojacking Attack" rel="bookmark">GHOSTENGINE Exploits Vulnerable Drivers to Disable EDRs in Cryptojacking Attack</a></h2><div class="card-description entry-summary "><p>GHOSTENGINE Exploits Vulnerable Drivers to Disable EDRs in Cryptojacking Attack Cybersecurity researchers have discovered a new cryptojacking campaign that employs vulnerable drivers to disable known security solutions (EDRs) and thwart detection in what&#8217;s called a Bring Your&nbsp;Own&nbsp;Vulnerable Driver (BYOVD) attack. Elastic Security Labs is tracking the campaign under the name<a class="moretag" href="https://owasp.or.id/2024/05/22/ghostengine-exploits-vulnerable-drivers-to-disable-edrs-in-cryptojacking-attack/"> Read more&hellip;</a></p>
</div><div class="posted-by vcard author">By <a href="https://owasp.or.id/author/bbgwp/" title="adminowasp" class="url"><b class="author-name fn">adminowasp</b></a>, <a href="https://owasp.or.id/2024/05/22/ghostengine-exploits-vulnerable-drivers-to-disable-edrs-in-cryptojacking-attack/"><time class="entry-date published" datetime="2024-05-22T20:13:04+00:00" content="2024-05-22">1 year</time> ago </a></div></div></div></article><article 
		id="post-2569" 
		class="card card-blog card-plain post-2569 post type-post status-publish format-standard has-post-thumbnail hentry category-news tag-cloud tag-deceive tag-delivery tag-exploits tag-malware tag-services tag-trick tag-unicode tag-users"><div class="row "><div class="col-ms-5 col-sm-5"><div class="card-image"><a href="https://owasp.or.id/2024/05/21/malware-delivery-via-cloud-services-exploits-unicode-trick-to-deceive-users/" title="Malware Delivery via Cloud Services Exploits Unicode Trick to Deceive Users"><img width="360" height="240" src="https://owasp.or.id/wp-content/uploads/2024/05/Malware-Delivery-via-Cloud-Services-Exploits-Unicode-Trick-to-Deceive-360x240.png" class="attachment-hestia-blog size-hestia-blog wp-post-image" alt="Malware Delivery via Cloud Services Exploits Unicode Trick to Deceive Users" decoding="async" loading="lazy" /></a></div></div><div class= "col-ms-7 col-sm-7"><span class="category text-info"><a href="https://owasp.or.id/category/news/" title="View all posts in News"  rel="tag">News</a> </span><h2 class="card-title entry-title"><a href="https://owasp.or.id/2024/05/21/malware-delivery-via-cloud-services-exploits-unicode-trick-to-deceive-users/" title="Malware Delivery via Cloud Services Exploits Unicode Trick to Deceive Users" rel="bookmark">Malware Delivery via Cloud Services Exploits Unicode Trick to Deceive Users</a></h2><div class="card-description entry-summary "><p>Malware Delivery via Cloud Services Exploits Unicode Trick to Deceive Users A new attack campaign dubbed&nbsp;CLOUD#REVERSER&nbsp;has been observed leveraging legitimate cloud storage services like Google Drive and Dropbox to stage malicious payloads. &#8220;The VBScript and PowerShell scripts in the CLOUD#REVERSER inherently involves command-and-control-like activities by using Google Drive and Dropbox<a class="moretag" href="https://owasp.or.id/2024/05/21/malware-delivery-via-cloud-services-exploits-unicode-trick-to-deceive-users/"> Read more&hellip;</a></p>
</div><div class="posted-by vcard author">By <a href="https://owasp.or.id/author/bbgwp/" title="adminowasp" class="url"><b class="author-name fn">adminowasp</b></a>, <a href="https://owasp.or.id/2024/05/21/malware-delivery-via-cloud-services-exploits-unicode-trick-to-deceive-users/"><time class="entry-date published" datetime="2024-05-21T17:04:18+00:00" content="2024-05-21">1 year</time> ago </a></div></div></div></article><article 
		id="post-2545" 
		class="card card-blog card-plain post-2545 post type-post status-publish format-standard has-post-thumbnail hentry category-news tag-botnet tag-cryptojacking tag-expand tag-exploits tag-flaws tag-group tag-hacker tag-kinsing"><div class="row "><div class="col-ms-5 col-sm-5"><div class="card-image"><a href="https://owasp.or.id/2024/05/17/kinsing-hacker-group-exploits-more-flaws-to-expand-botnet-for-cryptojacking/" title="Kinsing Hacker Group Exploits More Flaws to Expand Botnet for Cryptojacking"><img width="360" height="240" src="https://owasp.or.id/wp-content/uploads/2024/05/Kinsing-Hacker-Group-Exploits-More-Flaws-to-Expand-Botnet-for-360x240.png" class="attachment-hestia-blog size-hestia-blog wp-post-image" alt="Kinsing Hacker Group Exploits More Flaws to Expand Botnet for Cryptojacking" decoding="async" loading="lazy" /></a></div></div><div class= "col-ms-7 col-sm-7"><span class="category text-info"><a href="https://owasp.or.id/category/news/" title="View all posts in News"  rel="tag">News</a> </span><h2 class="card-title entry-title"><a href="https://owasp.or.id/2024/05/17/kinsing-hacker-group-exploits-more-flaws-to-expand-botnet-for-cryptojacking/" title="Kinsing Hacker Group Exploits More Flaws to Expand Botnet for Cryptojacking" rel="bookmark">Kinsing Hacker Group Exploits More Flaws to Expand Botnet for Cryptojacking</a></h2><div class="card-description entry-summary "><p>Kinsing Hacker Group Exploits More Flaws to Expand Botnet for Cryptojacking The cryptojacking group known as&nbsp;Kinsing&nbsp;has demonstrated its ability to continuously evolve and adapt, proving to be a persistent threat by swiftly integrating newly disclosed vulnerabilities to exploit arsenal and expand its botnet. The&nbsp;findings&nbsp;come from cloud security firm Aqua, which<a class="moretag" href="https://owasp.or.id/2024/05/17/kinsing-hacker-group-exploits-more-flaws-to-expand-botnet-for-cryptojacking/"> Read more&hellip;</a></p>
</div><div class="posted-by vcard author">By <a href="https://owasp.or.id/author/bbgwp/" title="adminowasp" class="url"><b class="author-name fn">adminowasp</b></a>, <a href="https://owasp.or.id/2024/05/17/kinsing-hacker-group-exploits-more-flaws-to-expand-botnet-for-cryptojacking/"><time class="entry-date published" datetime="2024-05-17T19:22:54+00:00" content="2024-05-17">1 year</time> ago </a></div></div></div></article><article 
		id="post-2467" 
		class="card card-blog card-plain post-2467 post type-post status-publish format-standard has-post-thumbnail hentry category-news tag-botnet tag-connect tag-delivery tag-exploits tag-flaws tag-ivanti tag-malicious tag-mirai tag-payload tag-secure"><div class="row "><div class="col-ms-5 col-sm-5"><div class="card-image"><a href="https://owasp.or.id/2024/05/09/mirai-botnet-exploits-ivanti-connect-secure-flaws-for-malicious-payload-delivery/" title="Mirai Botnet Exploits Ivanti Connect Secure Flaws for Malicious Payload Delivery"><img width="360" height="240" src="https://owasp.or.id/wp-content/uploads/2024/05/Mirai-Botnet-Exploits-Ivanti-Connect-Secure-Flaws-for-Malicious-Payload-360x240.jpg" class="attachment-hestia-blog size-hestia-blog wp-post-image" alt="Mirai Botnet Exploits Ivanti Connect Secure Flaws for Malicious Payload Delivery" decoding="async" loading="lazy" /></a></div></div><div class= "col-ms-7 col-sm-7"><span class="category text-info"><a href="https://owasp.or.id/category/news/" title="View all posts in News"  rel="tag">News</a> </span><h2 class="card-title entry-title"><a href="https://owasp.or.id/2024/05/09/mirai-botnet-exploits-ivanti-connect-secure-flaws-for-malicious-payload-delivery/" title="Mirai Botnet Exploits Ivanti Connect Secure Flaws for Malicious Payload Delivery" rel="bookmark">Mirai Botnet Exploits Ivanti Connect Secure Flaws for Malicious Payload Delivery</a></h2><div class="card-description entry-summary "><p>Mirai Botnet Exploits Ivanti Connect Secure Flaws for Malicious Payload Delivery Two recently disclosed security flaws in Ivanti Connect Secure (ICS) devices are being exploited to deploy the infamous&nbsp;Mirai botnet. That&#8217;s according to&nbsp;findings&nbsp;from Juniper Threat Labs, which said the vulnerabilities&nbsp;CVE-2023-46805 and CVE-2024-21887&nbsp;have been leveraged to deliver the botnet payload. While<a class="moretag" href="https://owasp.or.id/2024/05/09/mirai-botnet-exploits-ivanti-connect-secure-flaws-for-malicious-payload-delivery/"> Read more&hellip;</a></p>
</div><div class="posted-by vcard author">By <a href="https://owasp.or.id/author/bbgwp/" title="adminowasp" class="url"><b class="author-name fn">adminowasp</b></a>, <a href="https://owasp.or.id/2024/05/09/mirai-botnet-exploits-ivanti-connect-secure-flaws-for-malicious-payload-delivery/"><time class="entry-date published" datetime="2024-05-09T14:48:12+00:00" content="2024-05-09">1 year</time> ago </a></div></div></div></article>
	<nav class="navigation pagination" aria-label="Posts pagination">
		<h2 class="screen-reader-text">Posts pagination</h2>
		<div class="nav-links"><a class="prev page-numbers" href="https://owasp.or.id/tag/exploits/page/2/">Previous</a>
<a class="page-numbers" href="https://owasp.or.id/tag/exploits/">1</a>
<a class="page-numbers" href="https://owasp.or.id/tag/exploits/page/2/">2</a>
<span aria-current="page" class="page-numbers current">3</span>
<a class="page-numbers" href="https://owasp.or.id/tag/exploits/page/4/">4</a>
<a class="page-numbers" href="https://owasp.or.id/tag/exploits/page/5/">5</a>
<a class="next page-numbers" href="https://owasp.or.id/tag/exploits/page/4/">Next</a></div>
	</nav>				</div>
							</div>
		</div>
	</div>
</div>
					<footer class="footer footer-black footer-big">
						<div class="container">
																<div class="hestia-bottom-footer-content"><ul class="footer-menu pull-left"><li class="page_item page-item-17 current_page_parent"><a href="https://owasp.or.id/blog/">Blog</a></li>
<li class="page_item page-item-16"><a href="https://owasp.or.id/contact/">Contact</a></li>
<li class="page_item page-item-998"><a href="https://owasp.or.id/gdpr/">GDPR</a></li>
<li class="page_item page-item-345"><a href="https://owasp.or.id/meetup/">Meetup</a></li>
<li class="page_item page-item-360"><a href="https://owasp.or.id/sitemap/">SiteMap</a></li>
</ul>
<div class="copyright pull-right">Hestia | Developed by <a href="https://themeisle.com" rel="nofollow">ThemeIsle</a></div></div>			</div>
					</footer>
			</div>
<script type="speculationrules">
{"prefetch":[{"source":"document","where":{"and":[{"href_matches":"\/*"},{"not":{"href_matches":["\/wp-*.php","\/wp-admin\/*","\/wp-content\/uploads\/*","\/wp-content\/*","\/wp-content\/plugins\/*","\/wp-content\/themes\/hestia\/*","\/*\\?(.+)"]}},{"not":{"selector_matches":"a[rel~=\"nofollow\"]"}},{"not":{"selector_matches":".no-prefetch, .no-prefetch a"}}]},"eagerness":"conservative"}]}
</script>
<script type="text/javascript" src="https://owasp.or.id/wp-content/themes/hestia/assets/bootstrap/js/bootstrap.min.js?ver=1.0.2" id="jquery-bootstrap-js"></script>
<script type="text/javascript" src="https://owasp.or.id/wp-includes/js/jquery/ui/core.min.js?ver=1.13.3" id="jquery-ui-core-js"></script>
<script type="text/javascript" id="hestia_scripts-js-extra">
/* <![CDATA[ */
var requestpost = {"ajaxurl":"https:\/\/owasp.or.id\/wp-admin\/admin-ajax.php","disable_autoslide":"","masonry":""};
/* ]]> */
</script>
<script type="text/javascript" src="https://owasp.or.id/wp-content/themes/hestia/assets/js/script.min.js?ver=3.2.11" id="hestia_scripts-js"></script>
</body>
</html>