Sandbox Archives - Security Affairs

Pierluigi Paganini April 09, 2023

Researchers disclose critical sandbox escape bug in vm2 sandbox library

The development team behind the vm2 JavaScript sandbox library addressed a critical Remote Code Execution vulnerability. The developers behind the vm2 JavaScript sandbox module have addressed a critical vulnerability, tracked as CVE-2023-29017 (CVSS score 9.8), that could be exploited to execute arbitrary shellcode. vm2 is a sandbox that can run untrusted code in an isolated context […]

Pierluigi Paganini July 14, 2022

Microsoft published exploit code for a macOS App sandbox escape flaw

Microsoft published the exploit code for a vulnerability in macOS that can allow an attacker to escape the sandbox. Microsoft publicly disclosed technical details for an access issue vulnerability, tracked as CVE-2022-26706, that resides in the macOS App Sandbox. “Microsoft uncovered a vulnerability in macOS that could allow specially crafted codes to escape the App Sandbox and run unrestricted […]

Pierluigi Paganini February 17, 2020

Launching the First “Yomi Hunting” Challenge!

About a year ago, Yoroi released the Yomi Hunter sandbox, today, they love to challenge the malware community with the first “Yomi Hunting” contest. About a year ago, we publicly released the Yomi Hunter sandbox for a few simple reasons: in Yoroi we believe in the InfoSec community value, we think it plays a central […]

Pierluigi Paganini July 23, 2019

Comodo Antivirus is affected by several vulnerabilities

Experts discovered several flaws in Comodo Antivirus, including a vulnerability that could allow to escape the sandbox and escalate privileges. The Tenable expert David Wells discovered five flaws in the Comodo Antivirus and Comodo Antivirus Advanced. Four of the vulnerabilities affect were version 12.0.0.6810 and one the version 11.0.0.6582. The most severe flaw, tracked as CVE=2019-3969, could […]

Pierluigi Paganini May 08, 2019

Yomi Hunter Joined the VirusTotal Sandbox Program!

We are pleased to announce that Yomi the Malware Hunter has successfully completed the on-boarding in the VirusTotal MultiSandbox Program! Official VirusTotal Announce: https://blog.virustotal.com/2019/05/virustotal-multisandbox-yoroi-yomi.html Yoroi can now contribute to the fight against malware threats sharing its analysis with Chronicle Security, the Alphabet’s subsidiary author of the notorious VirusTotal Threat Intelligence platform: one of the most widely used community platforms all around the […]

Pierluigi Paganini October 30, 2018

Windows Defender is the first antivirus solution that can run in a sandbox

Windows Defender, the Windows built-in anti-malware tool, implemented the ability to run in a secure sandbox mode. The mechanisms allow detonating an application in a safe environment that is isolated from the operating system and other applications. This means that even if the application is compromised it will not affect the overall system if it […]

Pierluigi Paganini October 19, 2017

Microsoft provides details of a code execution vulnerability in Chrome

Microsoft’s Offensive Security Research (OSR) team disclosed a remote code execution vulnerability in the Chrome web browser. Microsoft’s Offensive Security Research (OSR) team has disclosed a remote code execution vulnerability in the Chrome web browser that was discovered by its experts. The flaw, tracked as CVE-2017-5121, was addressed by Google last month with the release of Chrome 61, but […]

Pierluigi Paganini May 08, 2017

Malwaresearch – A command line tool to find malware on Openmalware.org

Malwaresearch is a command line tool to find malware on Openmalware.org, it was developed to facilitate and speed up the process of finding and downloading malware samples. The tool was developed to facilitate and speed up the process of finding and downloading malware samples via the command line interface. We’ve made use of the API provided by […]

Pierluigi Paganini May 16, 2015

Polish firm disclosed PoC code for security issues in Google App Engine

Security researchers at Security Explorations firm have published PoCs code for some of security issues in the Google App Engine. The Polish firm Security Explorations has published online the technical details and a proof-of-concept code for security flaws affecting the Google App Engine (GAE) for Java. “Security Explorations decided to release technical details as well as […]

Pierluigi Paganini November 30, 2014

Acrobat Reader Windows sandbox is affected by critical flaw

A researcher at Google discovered a critical flaw in Windows Acrobat Reader 11 Sandbox that could be exploited to access a system and gain higher privileges Google security researcher James Forshaw claims that the Acrobat Reader Windows sandbox is affected by critical vulnerability that could allow attackers to compromise a system and gain higher privileges. “The […]

Sandbox

Researchers disclose critical sandbox escape bug in vm2 sandbox library

Microsoft published exploit code for a macOS App sandbox escape flaw

Launching the First “Yomi Hunting” Challenge!

Comodo Antivirus is affected by several vulnerabilities

Yomi Hunter Joined the VirusTotal Sandbox Program!

Windows Defender is the first antivirus solution that can run in a sandbox

Microsoft provides details of a code execution vulnerability in Chrome

Malwaresearch – A command line tool to find malware on Openmalware.org

Polish firm disclosed PoC code for security issues in Google App Engine

Acrobat Reader Windows sandbox is affected by critical flaw

newsletter

Subscribe to my email list and stay
up-to-date!

recent articles

Google fined $314M for misusing idle Android users' data

A flaw in Catwatchful spyware exposed logins of +62,000 users

China-linked group Houken hit French organizations using zero-days

Cybercriminals Target Brazil: 248,725 Exposed in CIEE One Data Breach

Europol shuts down Archetyp Market, longest-running dark web drug marketplace

QUICK LINKS

Sandbox

newsletter

Subscribe to my email list and stay up-to-date!

recent articles

Subscribe to my email list and stay
up-to-date!