Mastodawn

🔒 CVE-2025-9267: HIGH-severity flaw in Seagate Toolkit for Windows. Vulnerable installer can load malicious DLLs from the working dir—risking arbitrary code execution. Upgrade to 2.35.0.6+ & restrict install sources. https://radar.offseq.com/threat/cve-2025-9267-cwe-427-uncontrolled-search-path-ele-22a1d274 #OffSeq #Vulnerability #Seagate #DLLHijack

Crazypedia⍼Apr 5, 2024

Anyone have eyes on this report of NotePad++ compromise via default plugin?
#NotePadPP #mineTools #DLLHijack #WikiLoader

https://asec.ahnlab.com/ko/63738/

"니가 왜 거기서 나와" Notepad++ plugin을 변조한 package 악성코드 (WikiLoader) - ASEC BLOG

AhnLab Security Emergency response Center

ASEC BLOG

WILL i AM🍌Nov 17, 2022

Walkthrough of a DLL hijacking technique known as "DLL proxying" from start to finish. This technique hijacks execution of an EXE and proxies exported functions from the crafted malicious DLL to a legitimate DLL on disk.

This example uses MsMpEng.exe (WinDefender) with the hijacked DLL mpclient.dll

Link: https://wsummerhill.github.io/redteam/2022/10/02/DLL-sideloading.html
#dllhijack #redteam #malware

Malware Development: DLL Sideloading Exploit via ‘DLL Proxying’

I’m going to cover an example of how to perform a DLL sideload from start to finish using a C++ payload and a legitimate DLL commonly found on disk. The specific technique covered is known as “DLL proxying” where we use the legitimate DLL along with a malicious DLL which exports all the functions that the legit DLL to execute properly.

Will Summerhill

RSS Feeeder/LTL News Mar 21, 2019

Using Frequency Analysis to Defend Office 365 https://blogs.technet.microsoft.com/office365security/using-frequency-analysis-to-defend-office-365/ #anomalybaseddetection #intrusiondetection #systemperformance #InsideOffice365 #registryhijack #DLLhijack #Howto