In light of COVID-19 precaution measures, we remind that all ImmuniWeb products can be easily configured and safely paid online without any human contact or paperwork.

nav #navigation ul.menu li:hover .dropmenu {display:block;} .head-menu nav .sub-menu-wrapper { top: 28px; } .head-menu nav .menu-item:hover .sub-menu-wrapper { display: block; }

6 Reasons Why AI is Important in 2020

March 25, 2020

5 Reasons Why COVID-19 Will Bolster the Cybersecurity Industry

March 10, 2020

A Portrait of a Modern Cybercriminal

February 28, 2020

State of Cybersecurity at Top 100 Global Airports

January 29, 2020

AI: Is the Hype Over or Is it Just the Solow Paradox?

January 17, 2020

News and press releases

ImmuniWeb Enables Secure Digital Transformation for Coronavirus-Affected Business

March 23, 2020

ImmuniWeb Releases Major Update for ImmuniWeb® Discovery

March 19, 2020

BDO to Partner with ImmuniWeb to Reduce Complexity and Costs of Cybersecurity

March 18, 2020

New Features of ImmuniWeb MobileSuite

February 28, 2020

ImmuniWeb to Partner with Appdome in Mobile Application Security

February 13, 2020

OWASP Top 10

OWASP’s #1 Web Application Risk - the Threat of and Solution to Web Application Injection Attacks

June 14, 2018

OWASP’s #2 Web Application Risk – the Threat of and Solution to Broken Authentication

June 21, 2018

OWASP’s #3 Web Application Risk – the Threat of and Solution to Sensitive Data Exposure

June 28, 2018

XML External Entities (XXE): the Threat of and Solution

July 5, 2018

OWASP Top 10: Broken Access Control, the risks and solutions

July 12, 2018

Security Misconfiguration, a conscious element of OWASP Top 10, the risks and solutions

July 19, 2018

XSS, a notable OWASP Top 10 old-timer, still brings up to $7,500 to researchers

July 26, 2018

Insecure Deserialization: OWASP Top 10 element of arduous exploitation but leading to system takeover

August 2, 2018

Components with Known Vulnerabilities - a major OWASP Top 10 Risk

August 21, 2018

Last but not least: OWASP Top Ten #10 - Insufficient Logging and Monitoring

August 14, 2018

Search Blog

#infosec #OWASP
#Risk Management #microservices
#Application Security #Cybersecurity #AI #DevSecOps

ImmuniWeb > Security Blog

Become fully aware of the potential dangers of ActiveX attacks

997
144
13
12
2
More
8
16
6

Thursday, May 12, 2011 By Brian Mariani Read Time: 4 min.

Exploiting ActiveX components vulnerabilities in Windows has become a favored method of attackers aiming to compromise specific computers. Such targeted attacks have increasingly become a threat to companies and government agencies. This talk will explain this kind of attack and show how this flaw could be discovered while going through exploitation.

Author: Brian Mariani, Senior Security Auditor at High-Tech Bridge SA

Exploiting ActiveX components vulnerabilities in Windows has become a favored method of attackers aiming to compromise specific computers. Such targeted attacks have increasingly become a threat to companies and government agencies. This talk will explain this kind of attack and show how this flaw could be discovered while going through exploitation.

Become fully aware of the potential dangers of ActiveX attacks

PDF: Become fully aware of the potential dangers of ActiveX attacks (1,4 MB)

Become fully aware of the potential dangers of ActiveX attacks

Video: Tracing The Exploit
Become fully aware of the potential dangers of ActiveX attacks

Become fully aware of the potential dangers of ActiveX attacks

Video: Executing The Exploit

Tags: ActiveX Exploiting

Previous Blog Posts:

Client-side threats - Anatomy of Reverse Trojan attacks

997
144
13
12
2
More
8
16
6

User Comments