malware 썸네일형 리스트형 64-bit Version of HAVEX Spotted The remote access tool (RAT) HAVEX became the focus of the security industry after it was discovered to have played a major role in a campaign targeting industrial control systems (ICS). While observing HAVEX detections (known by different vendors as Dragonfly, Energetic Bear, and Crouching Yeti), we noticed something interesting.The Dragonfly campaign was previously believed to be compatible wi.. 더보기 Facebook Users Targeted By Android Same Origin Policy Exploit A few months back, we discussed the Android Same Origin Policy (SOP) vulnerability, which we later found to have a wider reach than first thought. Now, under the collaboration of Trend Micro and Facebook, attacks are found which actively attempt to exploit this particular vulnerability, whose code we believe was based in publicly available Metasploit code.This attack targets Facebook users via a.. 더보기 Patches Not Cure-all for Shellshock Earlier this year, Linux system administrators all over the world had to deal with the Shellshock vulnerability, which could lead to malicious code being run on Linux systems. Servers running various web services were at particular risk.By now, most major distributions have been able to release patches that upgraded the vulnerable bash shell to versions not affected by Shellshock. Enough time ha.. 더보기 Bash Vulnerability (Shellshock) Exploit Emerges in the Wild, Leads to BASHLITE Malware Just several hours after the news on the bash vulnerability (covered under CVE-2014-7169) broke out, it was reportedly being exploited in the wild already. This vulnerability can allow execution of arbitrary code, thus compromising the security of systems. Some of the possible scenarios that attackers can do range from changing the contents of web server and website code to defacing the website .. 더보기 MBR Wiper Attacks Strike Korean Power Plant In recent weeks, a major Korean electric utility has been affected by destructive malware, which was designed to wipe the master boot records (MBRs) of affected systems. It is believed that this MBR wiper arrived at the target systems in part via a vulnerability in the Hangul Word Processor (HWP), a commonly used application in South Korea. A variety of social engineering lures were used to get .. 더보기 CVE-2014-6332 SWF Exploit Continuing a recent trend in which Internet Explorer vulnerabilities are exploited using Flash, samples of an SWF purportedly used in conjunction with CVE-2014-6332 have appeared in several places. The most famous examples of this trend are the exploits for CVE-2014-0322and CVE-2014-1776.We have yet to encounter the SWF sample with its original exploit attached, but by looking at the SWF, it is .. 더보기 What’s New in Exploit Kits in 2014 Around this time in 2013, the most commonly used exploit kit – the Blackhole Exploit Kit – was shut down after its creator, Paunch, was arrested by law enforcement. Since then, a variety of exploit kits has emerged and have been used by cybercriminals.The emergence of so many replacements has also meant that there are now some key technical differences between these various exploit kits. In this.. 더보기 Archie and Astrum: New Players in the Exploit Kit Market Exploit kits continue to be a critical tool for the propagation of crimeware. New exploit kits have appeared this year, and this post will discuss two of them — Archie and Astrum. Archie EK was first described in August as a basic exploit kit, as it uses exploit modules copied from the Metasploit Framework. We detect the exploits used by Archie EK, and so upon review of our telemetry, we can see.. 더보기 CVE-2014-4936: Malwarebytes Anti-Malware and Anti-Exploit upgrade hijacking In June of this year I was playing around with Malwarebytes’s products. I blogged about one of their products, Malwarebytes Anti-Malware, before when it had some issues; you can read that blog entry [ here ].While playing around with Anti-Malware I discovered you could easily hijack the upgrade mechanism. After figuring out the protocol I could push my own upgrades. I reported this to Malwarebyt.. 더보기 Egress-Assess – Testing your Egress Data Detection Capabilities Github Link: https://github.com/ChrisTruncer/Egress-AssessOn a variety of occasions, our team will attempt to extract data from the network we are operating in and move it to another location for offline analysis. Ideally, the customer that is being assessed will detect the data being extracted from their network and take preventive measures to stop further data loss.When looking to copy data of.. 더보기 이전 1 ··· 36 37 38 39 40 41 42 ··· 57 다음