Malware (Page 68)

Malware News | Infosec Blog | Information Security Tutorials

BitErrant attack

On: March 6, 2017

The BitErrant attack is a fun little exploit that shows what can go wrong in the BitTorrent protocol when SHA1 collisions become reality. SHA1 collisions resulting in chunks of theRead More →

Malware Leveraging PowerSploit

On: March 3, 2017

In: Malware

Hi again, this is Shusei Tomonaga from the Analysis Center. In this article, I’d like to share some of our findings about ChChes (which we introduced in a previous article)Read More →

Researchers uncover PowerShell Trojan that uses DNS queries to get its orders

On: March 3, 2017

In: Important, Incidents, Malware, Vulnerabilities

Delivered by “secure” Word doc, pure PowerShell malware fetches commands from DNS TXT records. Researchers at Cisco’s Talos threat research group are publishing research today on a targeted attack deliveredRead More →

Hidden backdoor discovered in Chinese IoT devices

On: March 2, 2017

In: Malware

Researchers at Trustwave have uncovered a backdoor in IoT devices from a Chinese manufacturer that could leave them open to exploitation. The backdoor is present in almost all devices producedRead More →

Online shops plundered by bank card-stealing malware after bungling backend Aptos hacked

On: March 2, 2017

In: Incidents, Malware

We were silenced by the Feds!’. Shoppers of 40 online stores have had their bank card numbers and addresses slurped by a malware infection at backend provider Aptos. The securityRead More →

Two new Mac backdoors discovered

On: March 1, 2017

In: Malware, Vulnerabilities

On Valentine’s Day, Mac users got a special “treat” in the form of new malware. Then, later that same week, there were signs of yet another piece of malware looming. These threatsRead More →

XSS flaws in Zscaler Cloud management software allow logged attackers to hack coworkers

On: March 1, 2017

In: Important, Incidents, Malware, Vulnerabilities

Zscaler has fixed persistent XSS vulnerabilities affecting Zscaler Cloud management software that allow logged attackers to hack coworkers. Serious cross-site scripting (XSS) flaws in the Zscaler Cloud management software could be exploitedRead More →

DRIDEX TROJAN GETS A MAJOR ‘ATOMBOMBING’ UPDATE

On: March 1, 2017

In: Malware

The Dridex banking Trojan has been updated and now sports a new injection method for evading detection based on the technique known as AtomBombing. Researchers with IBM X-Force identified the newRead More →

Web Cache Deception Attack

On: February 28, 2017

In: Important, Incidents, Malware, Vulnerabilities

A few words about caching and reactions Websites often tend to use web cache functionality (for example over a CDN, a load balancer, or simply a reverse proxy). The purposeRead More →

The Necurs botnet is evolving, now includes a DDoS module

On: February 28, 2017

In: Incidents, Malware

The Necurs botnet is evolving and recently the experts at BitSight’s Anubis Labs discovered that it was improved to launch DDoS attacks. The Necurs botnet continues to evolve and recentlyRead More →

Malware (Page 68)

BitErrant attack

Malware Leveraging PowerSploit

Researchers uncover PowerShell Trojan that uses DNS queries to get its orders

Hidden backdoor discovered in Chinese IoT devices

Online shops plundered by bank card-stealing malware after bungling backend Aptos hacked

Two new Mac backdoors discovered

DRIDEX TROJAN GETS A MAJOR ‘ATOMBOMBING’ UPDATE

Web Cache Deception Attack

The Necurs botnet is evolving, now includes a DDoS module

TunnelCrack: Two serious vulnerabilities in VPNs discovered, had been dormant since 1996

How to easily hack TP-Link Archer AX21 Wi-Fi router

US Govt wants new label on secure IoT devices or wants to discourage use of Chinese IoT gadgets

24,649,096,027 (24.65 billion) account usernames and passwords have been leaked by cyber criminals till now in 2022

How Chinese APT hackers stole Lockheed Martin F-35 fighter plane to develop its own J-20 stealth fighter aircraft [VIDEO]

Hacking with MagicDots: Exploiting Dots & Spaces in Filenames/Pathnames for Permanent Admin Rights

Compromising Cryptographic Key Security Through PuTTY: A Deep Dive into CVE-2024-31497

How to hack a LG Smart TV via vulnerabilities in LG WebOS?

How to Check if a Linux Distribution is Compromised by the XZ Utils Backdoor in 6 Steps

CVE-2023-5528: Kubernetes Flaw Jeopardizing Windows Node That Can’t Be Ignored

The 11 Essential Falco Cloud Security Rules for Securing Containerized Applications at No Cost

Hack-Proof Your Cloud: The Step-by-Step Continuous Threat Exposure Management CTEM Strategy for AWS & AZURE

Web-Based PLC Malware: A New Technique to Hack Industrial Control Systems

The API Security Checklist: 10 strategies to keep API integrations secure

11 ways of hacking into ChatGpt like Generative AI systems

How to send spoof emails from domains that have SPF and DKIM protections?

Silent Email Attack CVE-2023-35628 : How to Hack Without an Email Click in Outlook

How to Bypass EDRs, AV with Ease using 8 New Process Injection Attacks

Is Your etcd an Open Door for Cyber Attacks? How to Secure Your Kubernetes Clusters & Nodes

CVSS 4.0 Explained: From Complexity to Clarity in Vulnerability Assessment

Major Python Infrastructure Breach – Over 170K Users Compromised. How Safe Is Your Code?

How to exploit Windows Defender Antivirus to infect a device with malware

Inside the Scam: How Ransomware Gangs Fool You with Data Deletion Lies!

How to Bypass EDRs, AV with Ease using 8 New Process Injection Attacks

How hrserver.dll stealthy webshell can mimic Google’s Web Traffic to hide and compromise networks

Cyber Security Channel

US Govt wants new label on secure IoT devices or wants to discourage use of Chinese IoT gadgets

24,649,096,027 (24.65 billion) account usernames and passwords have been leaked by cyber criminals till now in 2022

How Chinese APT hackers stole Lockheed Martin F-35 fighter plane to develop its own J-20 stealth fighter aircraft [VIDEO]